./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor521591107 <...> [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6210] write(3, "1000", 4 [pid 6208] <... mount resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6210] <... write resumed>) = 4 [pid 6209] munmap(0x7f1864095000, 138412032 [pid 5865] close(3 [pid 6210] close(3 [pid 6208] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [pid 6210] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6210] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6211 attached ) = 0 [pid 6209] <... munmap resumed>) = 0 [pid 6208] <... openat resumed>) = 3 [pid 6211] set_robust_list(0x5555593cd660, 24 [pid 6208] chdir("./file1" [pid 6211] <... set_robust_list resumed>) = 0 executing program [pid 6210] write(1, "executing program\n", 18 [pid 6209] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6208] <... chdir resumed>) = 0 [pid 6207] <... close resumed>) = 0 [pid 6211] chdir("./67" [pid 6208] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6211 [pid 6211] <... chdir resumed>) = 0 [pid 6210] <... write resumed>) = 18 [pid 6209] <... openat resumed>) = 4 [pid 6208] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6207] close(3 [pid 6211] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6210] memfd_create("syzkaller", 0 [pid 6208] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6211] <... prctl resumed>) = 0 [pid 6209] ioctl(4, LOOP_SET_FD, 3 [pid 6211] setpgid(0, 0 [pid 6210] <... memfd_create resumed>) = 3 [pid 6209] <... ioctl resumed>) = 0 [pid 6211] <... setpgid resumed>) = 0 [pid 6211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6209] close(3 [pid 6207] <... close resumed>) = 0 [pid 6210] <... mmap resumed>) = 0x7f1864095000 [pid 6209] <... close resumed>) = 0 [pid 6207] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6211] <... openat resumed>) = 3 [pid 6210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6209] close(4 [pid 6207] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6209] <... close resumed>) = 0 [pid 6207] sync( [pid 6211] write(3, "1000", 4) = 4 [pid 6209] mkdir("./file1", 0777 [pid 6211] close(3) = 0 [pid 6211] symlink("/dev/binderfs", "./binderfs" [pid 6208] <... link resumed>) = 0 [ 174.498698][ T6209] loop2: detected capacity change from 0 to 1024 [pid 6208] sync( [pid 6210] <... write resumed>) = 524288 [pid 6209] <... mkdir resumed>) = 0 [pid 6211] <... symlink resumed>) = 0 executing program [pid 6211] write(1, "executing program\n", 18 [pid 6209] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6211] <... write resumed>) = 18 [pid 6211] memfd_create("syzkaller", 0) = 3 [pid 6211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6210] munmap(0x7f1864095000, 138412032 [pid 6211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6210] <... munmap resumed>) = 0 [pid 6210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6210] close(3 [pid 6209] <... mount resumed>) = 0 [pid 6210] <... close resumed>) = 0 [pid 6209] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6210] close(4 [pid 6208] <... sync resumed>) = 0 [pid 6207] <... sync resumed>) = 0 [pid 6211] <... write resumed>) = 524288 [pid 6210] <... close resumed>) = 0 [pid 6208] exit_group(0 [pid 6211] munmap(0x7f1864095000, 138412032 [pid 6210] mkdir("./file1", 0777 [pid 6208] <... exit_group resumed>) = ? [pid 6207] exit_group(0 [pid 6211] <... munmap resumed>) = 0 [pid 6210] <... mkdir resumed>) = 0 [pid 6209] <... openat resumed>) = 3 [pid 6207] <... exit_group resumed>) = ? [pid 6211] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6210] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6209] chdir("./file1" [pid 6208] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6208, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6209] <... chdir resumed>) = 0 [pid 6207] +++ exited with 0 +++ [pid 6209] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6209] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6207, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6209] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] restart_syscall(<... resuming interrupted clone ...> [ 174.599088][ T6210] loop0: detected capacity change from 0 to 1024 [pid 5867] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6210] <... mount resumed>) = 0 [pid 5867] umount2("./66/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6210] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6209] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6210] <... openat resumed>) = 3 [pid 6209] sync( [pid 5868] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6210] chdir("./file1" [pid 5868] <... openat resumed>) = 3 [pid 6211] <... openat resumed>) = 4 [pid 5868] newfstatat(3, "", [pid 6211] ioctl(4, LOOP_SET_FD, 3 [pid 6210] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 6211] <... ioctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6211] close(3 [pid 6210] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6211] <... close resumed>) = 0 [pid 6210] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6211] close(4 [pid 6210] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6211] <... close resumed>) = 0 [pid 5868] unlink("./67/binderfs" [pid 6211] mkdir("./file1", 0777 [pid 5868] <... unlink resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 6211] <... mkdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5868] rmdir("./67") = 0 [pid 5868] mkdir("./68", 0777) = 0 [pid 6211] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6210] <... link resumed>) = 0 [pid 5867] umount2("./66/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6210] sync( [pid 6209] <... sync resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./66/file1", [pid 6209] exit_group(0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6209] <... exit_group resumed>) = ? [pid 5868] <... openat resumed>) = 3 [ 174.700416][ T6211] loop1: detected capacity change from 0 to 1024 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] umount2("./66/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6209] +++ exited with 0 +++ [pid 5868] close(3 [pid 5867] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6209, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 6212 attached [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] <... restart_syscall resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6212 [pid 6212] set_robust_list(0x5555593cd660, 24 [pid 6211] <... mount resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./66/file1" [pid 6212] <... set_robust_list resumed>) = 0 [pid 6211] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6212] chdir("./68" [pid 6211] <... openat resumed>) = 3 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6212] <... chdir resumed>) = 0 [pid 6211] chdir("./file1" [pid 5867] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6212] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6211] <... chdir resumed>) = 0 [pid 6210] <... sync resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6211] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6210] exit_group(0 [pid 6211] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6212] <... prctl resumed>) = 0 [pid 6211] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6210] <... exit_group resumed>) = ? [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(3, "", [pid 6212] setpgid(0, 0 [pid 5867] newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6212] <... setpgid resumed>) = 0 [pid 6210] +++ exited with 0 +++ [pid 5867] unlink("./66/binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... unlink resumed>) = 0 [pid 5866] getdents64(3, [pid 6212] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6210, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] umount2("./65/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] getdents64(3, [pid 6212] write(3, "1000", 4 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6212] <... write resumed>) = 4 [pid 5867] close(3 [pid 6212] close(3executing program ) = 0 [pid 5867] <... close resumed>) = 0 [pid 6212] symlink("/dev/binderfs", "./binderfs" [pid 5867] rmdir("./66" [pid 6212] <... symlink resumed>) = 0 [pid 6211] <... link resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6212] write(1, "executing program\n", 18 [pid 6211] sync( [pid 5867] mkdir("./67", 0777 [pid 6212] <... write resumed>) = 18 [pid 6212] memfd_create("syzkaller", 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6212] <... memfd_create resumed>) = 3 [pid 6212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] close(3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6211] <... sync resumed>) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6211] exit_group(0) = ? [pid 5867] <... close resumed>) = 0 [pid 6211] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6211, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6213 attached ) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 6213] set_robust_list(0x5555593cd660, 24 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6213] <... set_robust_list resumed>) = 0 [pid 6212] <... write resumed>) = 524288 [pid 5866] umount2("./65/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6213] chdir("./67" [pid 6212] munmap(0x7f1864095000, 138412032 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6213] <... chdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./65/file1", [pid 6213] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6213 [pid 6213] <... prctl resumed>) = 0 [pid 6213] setpgid(0, 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6213] <... setpgid resumed>) = 0 [pid 6212] <... munmap resumed>) = 0 [pid 5866] umount2("./65/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6213] write(3, "1000", 4 [pid 6212] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6213] <... write resumed>) = 4 [pid 6212] <... openat resumed>) = 4 [pid 5866] openat(AT_FDCWD, "./65/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6212] ioctl(4, LOOP_SET_FD, 3 [pid 6213] close(3 [pid 5866] <... openat resumed>) = 4 [pid 5864] newfstatat(AT_FDCWD, "./67/file1", [pid 6212] <... ioctl resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 6212] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6213] <... close resumed>) = 0 [pid 6212] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6213] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5866] getdents64(4, executing program 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6213] write(1, "executing program\n", 18 [pid 5866] getdents64(4, [pid 6213] <... write resumed>) = 18 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6213] memfd_create("syzkaller", 0 [pid 5866] close(4 [pid 6213] <... memfd_create resumed>) = 3 [pid 6212] close(4 [pid 5866] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./65/file1" [pid 5864] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6212] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6212] mkdir("./file1", 0777 [pid 5866] <... rmdir resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(4, [pid 6213] <... mmap resumed>) = 0x7f1864095000 [pid 6212] <... mkdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6212] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5864] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] unlink("./65/binderfs" [pid 5864] close(4 [pid 5866] <... unlink resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6213] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] rmdir("./67/file1" [pid 5865] <... umount2 resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [ 174.923595][ T6212] loop4: detected capacity change from 0 to 1024 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./65" [pid 5865] newfstatat(AT_FDCWD, "./67/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6213] <... write resumed>) = 524288 [pid 6212] <... mount resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./67/binderfs", [pid 6212] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] mkdir("./66", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6212] <... openat resumed>) = 3 [pid 6213] munmap(0x7f1864095000, 138412032 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6212] chdir("./file1" [pid 5864] unlink("./67/binderfs" [pid 6213] <... munmap resumed>) = 0 [pid 6212] <... chdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6213] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6212] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... openat resumed>) = 3 [pid 5864] <... unlink resumed>) = 0 [pid 6213] <... openat resumed>) = 4 [pid 6212] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... openat resumed>) = 4 [pid 5864] getdents64(3, [pid 6213] ioctl(4, LOOP_SET_FD, 3 [pid 6212] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... ioctl resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6213] <... ioctl resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6213] close(3 [pid 5865] getdents64(4, [pid 6213] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6213] close(4) = 0 [pid 5865] getdents64(4, [pid 5866] close(3 [pid 5864] close(3 [pid 6213] mkdir("./file1", 0777 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 6213] <... mkdir resumed>) = 0 [pid 5865] close(4 [pid 5864] rmdir("./67") = 0 [pid 5865] <... close resumed>) = 0 [pid 6213] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] rmdir("./67/file1" [pid 5864] mkdir("./68", 0777 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5865] unlink("./67/binderfs" [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6214 attached [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6214] set_robust_list(0x5555593cd660, 24 [pid 5864] close(3 [pid 6214] <... set_robust_list resumed>) = 0 [pid 6212] <... link resumed>) = 0 [pid 5865] close(3) = 0 [pid 6214] chdir("./66" [pid 5865] rmdir("./67" [pid 6214] <... chdir resumed>) = 0 [pid 6212] sync( [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6214 [pid 5865] <... rmdir resumed>) = 0 [pid 6214] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 175.018733][ T6213] loop3: detected capacity change from 0 to 1024 [pid 5865] mkdir("./68", 0777 [pid 6214] setpgid(0, 0 [pid 6213] <... mount resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6214] <... setpgid resumed>) = 0 [pid 6213] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6213] <... openat resumed>) = 3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6215 attached [pid 6214] <... openat resumed>) = 3 [pid 6213] chdir("./file1" [pid 6215] set_robust_list(0x5555593cd660, 24 [pid 6213] <... chdir resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6215 [pid 6215] <... set_robust_list resumed>) = 0 [pid 6213] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6215] chdir("./68" [pid 6214] write(3, "1000", 4 [pid 5865] <... openat resumed>) = 3 [pid 6215] <... chdir resumed>) = 0 [pid 6214] <... write resumed>) = 4 [pid 6213] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6214] close(3 [pid 5865] <... ioctl resumed>) = 0 [pid 6215] setpgid(0, 0 [pid 6214] <... close resumed>) = 0 [pid 6213] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6212] <... sync resumed>) = 0 [pid 5865] close(3 [pid 6215] <... setpgid resumed>) = 0 [pid 6214] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... close resumed>) = 0 [pid 6212] exit_group(0 [pid 6215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6214] <... symlink resumed>) = 0 [pid 6212] <... exit_group resumed>) = ? [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6216 attached executing program [pid 6215] <... openat resumed>) = 3 [pid 6214] write(1, "executing program\n", 18) = 18 [pid 6216] set_robust_list(0x5555593cd660, 24 [pid 6215] write(3, "1000", 4 [pid 6214] memfd_create("syzkaller", 0 [pid 6212] +++ exited with 0 +++ [pid 6216] <... set_robust_list resumed>) = 0 [pid 6215] <... write resumed>) = 4 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6212, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6216] chdir("./68" [pid 6215] close(3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6216 [pid 6215] <... close resumed>) = 0 [pid 6216] <... chdir resumed>) = 0 [pid 6215] symlink("/dev/binderfs", "./binderfs" [pid 6216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6216] setpgid(0, 0) = 0 [pid 5868] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... openat resumed>) = 3 [pid 6216] <... openat resumed>) = 3 [pid 6215] <... symlink resumed>) = 0 [pid 6214] <... memfd_create resumed>) = 3 [pid 6213] <... link resumed>) = 0 [pid 5868] newfstatat(3, "", executing program [pid 6216] write(3, "1000", 4 [pid 6215] write(1, "executing program\n", 18 [pid 6214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6213] sync( [pid 6216] <... write resumed>) = 4 [pid 6215] <... write resumed>) = 18 [pid 6216] close(3 [pid 6215] memfd_create("syzkaller", 0 [pid 6214] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6215] <... memfd_create resumed>) = 3 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6216] <... close resumed>) = 0 [pid 6215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6216] symlink("/dev/binderfs", "./binderfs" [pid 6215] <... mmap resumed>) = 0x7f1864095000 [pid 6216] <... symlink resumed>) = 0 executing program [pid 6213] <... sync resumed>) = 0 [pid 6216] write(1, "executing program\n", 18) = 18 [pid 6213] exit_group(0 [pid 6216] memfd_create("syzkaller", 0) = 3 [pid 6213] <... exit_group resumed>) = ? [pid 6215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6213] +++ exited with 0 +++ [pid 6216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6214] <... write resumed>) = 524288 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6213, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6215] <... write resumed>) = 524288 [pid 6214] munmap(0x7f1864095000, 138412032 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6215] munmap(0x7f1864095000, 138412032 [pid 6214] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 5868] <... openat resumed>) = 4 [pid 6215] <... munmap resumed>) = 0 [pid 6214] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 6214] <... openat resumed>) = 4 [pid 6214] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6215] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6214] <... ioctl resumed>) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4) = 0 [pid 5867] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6215] <... openat resumed>) = 4 [pid 5868] rmdir("./68/file1" [pid 6216] <... write resumed>) = 524288 [pid 6215] ioctl(4, LOOP_SET_FD, 3 [pid 6214] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 5868] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6214] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6215] <... ioctl resumed>) = 0 [pid 6214] close(4 [pid 5868] newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./68/binderfs" [pid 6214] <... close resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 6216] munmap(0x7f1864095000, 138412032 [pid 6215] close(3 [pid 6214] mkdir("./file1", 0777 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./68" [pid 6216] <... munmap resumed>) = 0 [pid 6215] <... close resumed>) = 0 [pid 6214] <... mkdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5868] mkdir("./69", 0777 [pid 6215] close(4) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6215] mkdir("./file1", 0777 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6214] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6216] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6215] <... mkdir resumed>) = 0 [pid 6216] <... openat resumed>) = 4 [pid 6215] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3) = 0 [pid 6216] ioctl(4, LOOP_SET_FD, 3 [ 175.252604][ T6214] loop2: detected capacity change from 0 to 1024 [ 175.272669][ T6215] loop0: detected capacity change from 0 to 1024 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6216] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6217 attached [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6217 [pid 5867] <... umount2 resumed>) = 0 [pid 6217] set_robust_list(0x5555593cd660, 24 [pid 6216] close(3) = 0 [pid 6217] <... set_robust_list resumed>) = 0 [pid 6216] close(4 [pid 6217] chdir("./69") = 0 [pid 6217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6217] setpgid(0, 0) = 0 [pid 5867] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6217] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./67/file1", [pid 6217] write(3, "1000", 4) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6217] close(3) = 0 [pid 5867] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6217] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6214] <... mount resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6217] <... symlink resumed>) = 0 [pid 6214] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6214] <... openat resumed>) = 3 [pid 6217] write(1, "executing program\n", 18 [pid 6214] chdir("./file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6216] <... close resumed>) = 0 [pid 6214] <... chdir resumed>) = 0 executing program [pid 6217] <... write resumed>) = 18 [pid 6216] mkdir("./file1", 0777 [pid 6214] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] getdents64(4, [pid 6217] memfd_create("syzkaller", 0 [pid 6214] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6216] <... mkdir resumed>) = 0 [pid 6214] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 6217] <... memfd_create resumed>) = 3 [pid 6215] <... mount resumed>) = 0 [pid 5867] rmdir("./67/file1") = 0 [pid 6217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 175.324349][ T6216] loop1: detected capacity change from 0 to 1024 [pid 6215] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6216] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6217] <... mmap resumed>) = 0x7f1864095000 [pid 6215] <... openat resumed>) = 3 [pid 5867] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6214] <... link resumed>) = 0 [pid 6217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6215] chdir("./file1" [pid 6214] sync( [pid 5867] newfstatat(AT_FDCWD, "./67/binderfs", [pid 6215] <... chdir resumed>) = 0 [pid 6215] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./67/binderfs" [pid 6215] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... unlink resumed>) = 0 [pid 5867] getdents64(3, [pid 6215] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./67" [pid 6216] <... mount resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6216] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] mkdir("./68", 0777 [pid 6216] <... openat resumed>) = 3 [pid 6216] chdir("./file1" [pid 5867] <... mkdir resumed>) = 0 [pid 6217] <... write resumed>) = 524288 [pid 6216] <... chdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6216] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... openat resumed>) = 3 [pid 6216] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6216] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... ioctl resumed>) = 0 [pid 6215] <... link resumed>) = 0 [pid 5867] close(3) = 0 [pid 6217] munmap(0x7f1864095000, 138412032 [pid 6215] sync( [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6217] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6218 attached [pid 6218] set_robust_list(0x5555593cd660, 24) = 0 [pid 6217] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6214] <... sync resumed>) = 0 [pid 6216] <... link resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6218 [pid 6217] <... openat resumed>) = 4 [pid 6217] ioctl(4, LOOP_SET_FD, 3 [pid 6216] sync( [pid 6214] exit_group(0 [pid 6217] <... ioctl resumed>) = 0 [pid 6214] <... exit_group resumed>) = ? [pid 6218] chdir("./68") = 0 [pid 6218] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6217] close(3 [pid 6218] <... prctl resumed>) = 0 [pid 6217] <... close resumed>) = 0 [pid 6218] setpgid(0, 0 [pid 6217] close(4 [pid 6218] <... setpgid resumed>) = 0 [pid 6217] <... close resumed>) = 0 [pid 6214] +++ exited with 0 +++ [pid 6218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6217] mkdir("./file1", 0777 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6214, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6218] <... openat resumed>) = 3 [pid 6218] write(3, "1000", 4 [pid 5866] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6218] <... write resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6218] close(3 [pid 5866] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6218] <... close resumed>) = 0 [pid 6218] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 6217] <... mkdir resumed>) = 0 [pid 6217] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6218] <... symlink resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6218] write(1, "executing program\n", 18 [pid 5866] umount2("./66/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6218] <... write resumed>) = 18 [pid 6218] memfd_create("syzkaller", 0) = 3 [pid 6218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [ 175.503571][ T6217] loop4: detected capacity change from 0 to 1024 [pid 6218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6218] munmap(0x7f1864095000, 138412032) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6218] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] umount2("./66/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6218] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./66/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6218] ioctl(4, LOOP_SET_FD, 3 [pid 6217] <... mount resumed>) = 0 [pid 6216] <... sync resumed>) = 0 [pid 6215] <... sync resumed>) = 0 [pid 5866] umount2("./66/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6218] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6216] exit_group(0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6218] ioctl(4, LOOP_CLR_FD [pid 5866] openat(AT_FDCWD, "./66/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6216] <... exit_group resumed>) = ? [pid 6218] <... ioctl resumed>) = 0 [pid 6217] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6216] +++ exited with 0 +++ [pid 6215] exit_group(0 [pid 5866] <... openat resumed>) = 4 [pid 6215] <... exit_group resumed>) = ? [pid 5866] newfstatat(4, "", [pid 6217] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6218] ioctl(4, LOOP_SET_FD, 3 [pid 5866] getdents64(4, [pid 6217] chdir("./file1" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6216, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6218] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6217] <... chdir resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6218] close(4 [pid 6217] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6218] <... close resumed>) = 0 [pid 6217] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6215] +++ exited with 0 +++ [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6217] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6215, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] close(4 [pid 5865] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 6218] close(3 [pid 5866] rmdir("./66/file1" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6218] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5864] newfstatat(3, "", [pid 6218] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6217] <... link resumed>) = 0 [pid 6218] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6217] sync( [pid 6218] sync( [pid 5864] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] unlink("./66/binderfs" [pid 5864] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5866] rmdir("./66") = 0 [pid 6218] <... sync resumed>) = 0 [pid 5866] mkdir("./67", 0777) = 0 [pid 6218] exit_group(0 [pid 6217] <... sync resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6218] <... exit_group resumed>) = ? [pid 6217] exit_group(0) = ? [pid 5866] <... openat resumed>) = 3 [pid 6218] +++ exited with 0 +++ [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... umount2 resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6218, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... ioctl resumed>) = 0 [pid 5865] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] close(3) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] newfstatat(AT_FDCWD, "./68/file1", ./strace-static-x86_64: Process 6219 attached [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] set_robust_list(0x5555593cd660, 24 [pid 6217] +++ exited with 0 +++ [pid 5867] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6219] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6219 [pid 5867] <... openat resumed>) = 3 [pid 6219] chdir("./67" [pid 5865] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6219] <... chdir resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6217, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] newfstatat(3, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = 0 [pid 6219] setpgid(0, 0 [pid 5867] getdents64(3, [pid 5865] <... openat resumed>) = 4 [pid 6219] <... setpgid resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5865] newfstatat(4, "", [pid 6219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] <... openat resumed>) = 3 [pid 5868] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5865] getdents64(4, [pid 5868] newfstatat(3, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6219] write(3, "1000", 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] unlink("./68/binderfs" [pid 6219] <... write resumed>) = 4 [pid 5868] getdents64(3, [pid 5865] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./68/file1", [pid 5867] <... unlink resumed>) = 0 [pid 6219] close(3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6219] <... close resumed>) = 0 [pid 5868] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(4executing program [pid 6219] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... close resumed>) = 0 [pid 6219] <... symlink resumed>) = 0 [pid 5865] rmdir("./68/file1" [pid 6219] write(1, "executing program\n", 18 [pid 5867] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] rmdir("./68" [pid 6219] <... write resumed>) = 18 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 4 [pid 6219] memfd_create("syzkaller", 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] <... memfd_create resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./68/binderfs", [pid 6219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6219] <... mmap resumed>) = 0x7f1864095000 [pid 5867] mkdir("./69", 0777 [pid 5865] unlink("./68/binderfs" [pid 5864] newfstatat(4, "", [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 6219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] getdents64(4, [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... openat resumed>) = 3 [pid 5865] close(3 [pid 5864] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./68") = 0 [pid 5865] mkdir("./69", 0777) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] close(4 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] close(3 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 6219] <... write resumed>) = 524288 [pid 5864] rmdir("./68/file1" [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] close(3 [pid 6219] munmap(0x7f1864095000, 138412032 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6220 attached [pid 6219] <... munmap resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6220] set_robust_list(0x5555593cd660, 24 [pid 6219] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6220 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(AT_FDCWD, "./68/binderfs", [pid 6220] <... set_robust_list resumed>) = 0 [pid 6220] chdir("./69" [pid 5868] newfstatat(AT_FDCWD, "./69/file1", [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6219] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./68/binderfs" [pid 6219] <... ioctl resumed>) = 0 [pid 5868] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... unlink resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(3, [pid 5868] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6220] <... chdir resumed>) = 0 [pid 5864] close(3 [pid 6220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6219] close(3 [pid 5868] <... openat resumed>) = 4 [pid 5864] <... close resumed>) = 0 [pid 6220] setpgid(0, 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6221 [pid 5864] rmdir("./68" [pid 6220] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 6221 attached [pid 6220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6219] <... close resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 6220] <... openat resumed>) = 3 [pid 6219] close(4) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6221] set_robust_list(0x5555593cd660, 24 [pid 6220] write(3, "1000", 4 [pid 5864] <... rmdir resumed>) = 0 [pid 6220] <... write resumed>) = 4 [pid 6220] close(3 [pid 5864] mkdir("./69", 0777 [pid 6220] <... close resumed>) = 0 [pid 6221] <... set_robust_list resumed>) = 0 [pid 6220] symlink("/dev/binderfs", "./binderfs" [pid 6219] mkdir("./file1", 0777 [pid 5868] getdents64(4, [pid 5864] <... mkdir resumed>) = 0 executing program [pid 6221] chdir("./69" [pid 6220] <... symlink resumed>) = 0 [pid 6219] <... mkdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6220] write(1, "executing program\n", 18 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6220] <... write resumed>) = 18 [pid 6221] <... chdir resumed>) = 0 [pid 6219] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] getdents64(4, [pid 5864] <... openat resumed>) = 3 [pid 6220] memfd_create("syzkaller", 0 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 6221] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6220] <... memfd_create resumed>) = 3 [pid 6219] <... mount resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 6220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6221] <... prctl resumed>) = 0 [pid 5868] close(4 [pid 6221] setpgid(0, 0 [pid 5868] <... close resumed>) = 0 [pid 6221] <... setpgid resumed>) = 0 [pid 5868] rmdir("./69/file1" [pid 6221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6220] <... mmap resumed>) = 0x7f1864095000 [pid 6219] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6221] <... openat resumed>) = 3 [pid 6219] <... openat resumed>) = 3 [pid 5868] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6221] write(3, "1000", 4 [pid 6219] chdir("./file1" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6222 attached [pid 6221] <... write resumed>) = 4 [pid 6219] <... chdir resumed>) = 0 [pid 6222] set_robust_list(0x5555593cd660, 24 [pid 6221] close(3 [pid 6219] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 175.862728][ T6219] loop2: detected capacity change from 0 to 1024 [pid 5868] newfstatat(AT_FDCWD, "./69/binderfs", [pid 6222] <... set_robust_list resumed>) = 0 [pid 6221] <... close resumed>) = 0 [pid 6220] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6219] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6222 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6222] chdir("./69" [pid 6221] symlink("/dev/binderfs", "./binderfs" [pid 6219] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] unlink("./69/binderfs" [pid 6221] <... symlink resumed>) = 0 [pid 6221] write(1, "executing program\n", 18 [pid 5868] <... unlink resumed>) = 0 executing program [pid 6221] <... write resumed>) = 18 [pid 6222] <... chdir resumed>) = 0 [pid 6221] memfd_create("syzkaller", 0 [pid 5868] getdents64(3, [pid 6222] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6222] <... prctl resumed>) = 0 [pid 6221] <... memfd_create resumed>) = 3 [pid 5868] close(3 [pid 6222] setpgid(0, 0 [pid 6221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6222] <... setpgid resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6221] <... mmap resumed>) = 0x7f1864095000 [pid 5868] rmdir("./69" [pid 6222] <... openat resumed>) = 3 [pid 6221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6220] <... write resumed>) = 524288 [pid 5868] <... rmdir resumed>) = 0 [pid 6222] write(3, "1000", 4) = 4 [pid 5868] mkdir("./70", 0777 [pid 6222] close(3 [pid 6219] <... link resumed>) = 0 [pid 6222] <... close resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 6219] sync( [pid 6220] munmap(0x7f1864095000, 138412032 [pid 6222] symlink("/dev/binderfs", "./binderfs" [pid 6221] <... write resumed>) = 524288 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6222] <... symlink resumed>) = 0 [pid 6221] munmap(0x7f1864095000, 138412032 [pid 6220] <... munmap resumed>) = 0 [pid 5868] <... openat resumed>) = 3 executing program [pid 6222] write(1, "executing program\n", 18 [pid 6221] <... munmap resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6222] <... write resumed>) = 18 [pid 5868] <... ioctl resumed>) = 0 [pid 6222] memfd_create("syzkaller", 0 [pid 5868] close(3 [pid 6222] <... memfd_create resumed>) = 3 [pid 6221] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6220] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6221] <... openat resumed>) = 4 [pid 6220] <... openat resumed>) = 4 [pid 6222] <... mmap resumed>) = 0x7f1864095000 [pid 6220] ioctl(4, LOOP_SET_FD, 3 [pid 6221] ioctl(4, LOOP_SET_FD, 3 [pid 6220] <... ioctl resumed>) = 0 [pid 6221] <... ioctl resumed>) = 0 [pid 6221] close(3 [pid 6220] close(3 [pid 6219] <... sync resumed>) = 0 [pid 6221] <... close resumed>) = 0 [pid 6220] <... close resumed>) = 0 [pid 6221] close(4 [pid 6220] close(4 [pid 6219] exit_group(0 [pid 5868] <... close resumed>) = 0 [pid 6219] <... exit_group resumed>) = ? [pid 6221] <... close resumed>) = 0 [pid 6220] <... close resumed>) = 0 [pid 6221] mkdir("./file1", 0777 [pid 6220] mkdir("./file1", 0777 [pid 6222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6221] <... mkdir resumed>) = 0 [pid 6219] +++ exited with 0 +++ [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6221] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6220] <... mkdir resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6219, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6220] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6223 attached ) = 0 [pid 6223] set_robust_list(0x5555593cd660, 24 [pid 6220] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6223] <... set_robust_list resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6223] chdir("./70" [pid 6221] <... mount resumed>) = 0 [pid 6220] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6222] <... write resumed>) = 524288 [pid 6221] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6220] chdir("./file1" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6223 [pid 5866] <... openat resumed>) = 3 [pid 6223] <... chdir resumed>) = 0 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6222] munmap(0x7f1864095000, 138412032 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6223] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6221] <... openat resumed>) = 3 [pid 6220] <... chdir resumed>) = 0 [pid 5866] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6222] <... munmap resumed>) = 0 [pid 6223] <... prctl resumed>) = 0 [pid 6222] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6221] chdir("./file1" [pid 6220] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6223] setpgid(0, 0 [pid 6222] <... openat resumed>) = 4 [pid 6220] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6221] <... chdir resumed>) = 0 [pid 6223] <... setpgid resumed>) = 0 [pid 6222] ioctl(4, LOOP_SET_FD, 3 [pid 6221] openat(AT_FDCWD, "/dev/loop1", O_RDWR [ 176.002936][ T6220] loop3: detected capacity change from 0 to 1024 [ 176.003992][ T6221] loop1: detected capacity change from 0 to 1024 [pid 6223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6221] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6220] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6222] <... ioctl resumed>) = 0 [pid 6223] <... openat resumed>) = 3 [pid 6221] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6223] write(3, "1000", 4 [pid 6222] close(3 [pid 6223] <... write resumed>) = 4 [pid 6222] <... close resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6222] close(4 [pid 6223] close(3) = 0 [pid 6222] <... close resumed>) = 0 [pid 6223] symlink("/dev/binderfs", "./binderfs" [pid 6222] mkdir("./file1", 0777 [pid 6223] <... symlink resumed>) = 0 [pid 6222] <... mkdir resumed>) = 0 executing program [pid 6223] write(1, "executing program\n", 18 [pid 6222] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6223] <... write resumed>) = 18 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6223] memfd_create("syzkaller", 0 [pid 5866] newfstatat(AT_FDCWD, "./67/file1", [pid 6223] <... memfd_create resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6221] <... link resumed>) = 0 [pid 6220] <... link resumed>) = 0 [pid 6223] <... mmap resumed>) = 0x7f1864095000 [pid 6221] sync( [pid 6220] sync( [pid 5866] umount2("./67/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 176.069496][ T6222] loop0: detected capacity change from 0 to 1024 [pid 5866] openat(AT_FDCWD, "./67/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 6223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./67/file1") = 0 [pid 5866] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./67/binderfs" [pid 6222] <... mount resumed>) = 0 [pid 6222] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6223] <... write resumed>) = 524288 [pid 6223] munmap(0x7f1864095000, 138412032) = 0 [pid 6223] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6222] <... openat resumed>) = 3 [pid 6223] <... openat resumed>) = 4 [pid 6222] chdir("./file1" [pid 5866] <... unlink resumed>) = 0 [pid 6223] ioctl(4, LOOP_SET_FD, 3 [pid 6222] <... chdir resumed>) = 0 [pid 5866] getdents64(3, [pid 6223] <... ioctl resumed>) = 0 [pid 6222] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6222] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] close(3) = 0 [pid 6223] close(3 [pid 5866] rmdir("./67" [pid 6223] <... close resumed>) = 0 [pid 6222] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... rmdir resumed>) = 0 [pid 6223] close(4 [pid 6221] <... sync resumed>) = 0 [pid 6220] <... sync resumed>) = 0 [pid 6223] <... close resumed>) = 0 [pid 6221] exit_group(0 [pid 6220] exit_group(0 [pid 5866] mkdir("./68", 0777 [pid 6223] mkdir("./file1", 0777 [pid 6221] <... exit_group resumed>) = ? [pid 6220] <... exit_group resumed>) = ? [pid 5866] <... mkdir resumed>) = 0 [pid 6223] <... mkdir resumed>) = 0 [pid 6221] +++ exited with 0 +++ [pid 6220] +++ exited with 0 +++ [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6223] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6220, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6221, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6222] <... link resumed>) = 0 [ 176.206433][ T6223] loop4: detected capacity change from 0 to 1024 [pid 5866] close(3 [pid 6222] sync( [pid 5867] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 5867] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6224 attached [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5867] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6223] <... mount resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6224] set_robust_list(0x5555593cd660, 24 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6224 [pid 5867] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6224] <... set_robust_list resumed>) = 0 [pid 6223] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6224] chdir("./68" [pid 6223] <... openat resumed>) = 3 [pid 6224] <... chdir resumed>) = 0 [pid 6223] chdir("./file1") = 0 [pid 6224] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6223] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6224] <... prctl resumed>) = 0 [pid 6223] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6224] setpgid(0, 0 [pid 6223] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6224] <... setpgid resumed>) = 0 [pid 6224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6224] write(3, "1000", 4) = 4 executing program [pid 6224] close(3) = 0 [pid 6224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6224] write(1, "executing program\n", 18) = 18 [pid 6224] memfd_create("syzkaller", 0) = 3 [pid 6224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6223] <... link resumed>) = 0 [pid 6223] sync( [pid 6222] <... sync resumed>) = 0 [pid 6222] exit_group(0) = ? [pid 6224] <... write resumed>) = 524288 [pid 6222] +++ exited with 0 +++ [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6223] <... sync resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6222, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6223] exit_group(0 [pid 5865] newfstatat(AT_FDCWD, "./69/file1", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6223] <... exit_group resumed>) = ? [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6223] +++ exited with 0 +++ [pid 5867] newfstatat(AT_FDCWD, "./69/file1", [pid 5865] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6224] munmap(0x7f1864095000, 138412032 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6223, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6224] <... munmap resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6224] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 6224] <... openat resumed>) = 4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6224] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 4 [pid 5864] newfstatat(3, "", [pid 5867] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", [pid 5865] newfstatat(4, "", [pid 5864] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] getdents64(4, [pid 5868] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(4 [pid 5864] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] rmdir("./69/file1" [pid 5868] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] getdents64(4, [pid 5865] <... rmdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6224] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] close(4 [pid 5865] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(3, "", [pid 5867] rmdir("./69/file1" [pid 5865] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] unlink("./69/binderfs" [pid 6224] close(3 [pid 5868] getdents64(3, [pid 5867] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... unlink resumed>) = 0 [pid 6224] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5868] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6224] close(4 [pid 5865] <... close resumed>) = 0 [pid 6224] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [ 176.434672][ T6224] loop2: detected capacity change from 0 to 1024 [pid 6224] mkdir("./file1", 0777) = 0 [pid 5867] unlink("./69/binderfs" [pid 5865] rmdir("./69" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... unlink resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] mkdir("./70", 0777 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6224] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] getdents64(3, [pid 5865] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] close(3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] getdents64(4, [pid 5867] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5867] rmdir("./69" [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5865] close(3 [pid 5864] getdents64(4, [pid 5867] mkdir("./70", 0777 [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] close(4./strace-static-x86_64: Process 6225 attached [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5864] rmdir("./69/file1" [pid 6225] set_robust_list(0x5555593cd660, 24 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6225 [pid 5864] <... rmdir resumed>) = 0 [pid 6225] <... set_robust_list resumed>) = 0 [pid 6225] chdir("./70" [pid 5867] <... ioctl resumed>) = 0 [pid 5864] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6225] <... chdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6225] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... umount2 resumed>) = 0 [pid 5867] close(3 [pid 5864] newfstatat(AT_FDCWD, "./69/binderfs", [pid 6225] <... prctl resumed>) = 0 [pid 6224] <... mount resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./69/binderfs" [pid 6225] setpgid(0, 0 [pid 5864] <... unlink resumed>) = 0 [pid 6224] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6225] <... setpgid resumed>) = 0 [pid 5864] getdents64(3, [pid 6224] chdir("./file1" [pid 5868] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6224] <... chdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6225] <... openat resumed>) = 3 [pid 5864] close(3 [pid 6224] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] newfstatat(AT_FDCWD, "./70/file1", [pid 6224] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... close resumed>) = 0 [pid 6224] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] rmdir("./69" [pid 5868] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6225] write(3, "1000", 4 [pid 5867] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6225] <... write resumed>) = 4 [pid 5868] <... openat resumed>) = 4 [pid 6225] close(3 [pid 5868] newfstatat(4, "", [pid 6225] <... close resumed>) = 0 [pid 6225] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] mkdir("./70", 0777 [pid 5868] getdents64(4, [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 6225] <... symlink resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./70/file1"./strace-static-x86_64: Process 6226 attached executing program [pid 6225] write(1, "executing program\n", 18 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6225] <... write resumed>) = 18 [pid 6224] <... link resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6226 [pid 5864] <... openat resumed>) = 3 [pid 6226] set_robust_list(0x5555593cd660, 24 [pid 6225] memfd_create("syzkaller", 0 [pid 6224] sync( [pid 5868] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6225] <... memfd_create resumed>) = 3 [pid 5864] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6226] <... set_robust_list resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./70/binderfs", [pid 6225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] close(3 [pid 6226] chdir("./70" [pid 6225] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... close resumed>) = 0 [pid 6226] <... chdir resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6226] setpgid(0, 0) = 0 [pid 6226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./70/binderfs" [pid 6226] <... openat resumed>) = 3 [pid 5868] <... unlink resumed>) = 0 [pid 6225] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288./strace-static-x86_64: Process 6227 attached [pid 6226] write(3, "1000", 4 [pid 5868] getdents64(3, [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6227 [pid 6226] <... write resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6226] close(3 [pid 5868] close(3 [pid 6226] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6227] set_robust_list(0x5555593cd660, 24) = 0 [pid 6226] symlink("/dev/binderfs", "./binderfs" [pid 5868] rmdir("./70" [pid 6227] chdir("./70" [pid 6226] <... symlink resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 executing program [pid 6226] write(1, "executing program\n", 18 [pid 6227] <... chdir resumed>) = 0 [pid 6226] <... write resumed>) = 18 [pid 5868] mkdir("./71", 0777 [pid 6227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6226] memfd_create("syzkaller", 0 [pid 5868] <... mkdir resumed>) = 0 [pid 6227] setpgid(0, 0 [pid 6226] <... memfd_create resumed>) = 3 [pid 6227] <... setpgid resumed>) = 0 [pid 6227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6227] <... openat resumed>) = 3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6227] write(3, "1000", 4) = 4 [pid 6226] <... mmap resumed>) = 0x7f1864095000 [pid 6227] close(3 [pid 6224] <... sync resumed>) = 0 [pid 6227] <... close resumed>) = 0 [pid 6224] exit_group(0 [pid 6227] symlink("/dev/binderfs", "./binderfs" [pid 6224] <... exit_group resumed>) = ? [pid 6227] <... symlink resumed>) = 0 [pid 5868] <... openat resumed>) = 3 executing program [pid 6227] write(1, "executing program\n", 18 [pid 6226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6225] <... write resumed>) = 524288 [pid 6224] +++ exited with 0 +++ [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6227] <... write resumed>) = 18 [pid 6225] munmap(0x7f1864095000, 138412032 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6224, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6227] memfd_create("syzkaller", 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3) = 0 [pid 6227] <... memfd_create resumed>) = 3 [pid 6225] <... munmap resumed>) = 0 [pid 6227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6228 attached [pid 6227] <... mmap resumed>) = 0x7f1864095000 [pid 6225] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6228] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6228 [pid 6228] <... set_robust_list resumed>) = 0 [pid 6228] chdir("./71" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6228] <... chdir resumed>) = 0 [pid 6225] <... openat resumed>) = 4 [pid 5866] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... openat resumed>) = 3 [pid 6228] <... prctl resumed>) = 0 [pid 6225] ioctl(4, LOOP_SET_FD, 3 [pid 5866] newfstatat(3, "", [pid 6228] setpgid(0, 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6228] <... setpgid resumed>) = 0 [pid 6228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6225] <... ioctl resumed>) = 0 [pid 5866] getdents64(3, [pid 6228] <... openat resumed>) = 3 [pid 6228] write(3, "1000", 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6228] <... write resumed>) = 4 [pid 6227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6226] <... write resumed>) = 524288 [pid 6225] close(3 [pid 5866] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6228] close(3) = 0 [pid 6225] <... close resumed>) = 0 [pid 6228] symlink("/dev/binderfs", "./binderfs" [pid 6227] <... write resumed>) = 524288 [pid 6226] munmap(0x7f1864095000, 138412032 [pid 6225] close(4 [pid 6228] <... symlink resumed>) = 0 [pid 6226] <... munmap resumed>) = 0 [pid 6225] <... close resumed>) = 0 [pid 6225] mkdir("./file1", 0777 [pid 6226] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6225] <... mkdir resumed>) = 0 [pid 6226] <... openat resumed>) = 4 [pid 6225] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""executing program [pid 6228] write(1, "executing program\n", 18 [ 176.701092][ T6225] loop1: detected capacity change from 0 to 1024 [pid 6226] ioctl(4, LOOP_SET_FD, 3 [pid 6228] <... write resumed>) = 18 [pid 6226] <... ioctl resumed>) = 0 [pid 6228] memfd_create("syzkaller", 0) = 3 [pid 6226] close(3 [pid 6228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6226] <... close resumed>) = 0 [pid 6226] close(4 [pid 6228] <... mmap resumed>) = 0x7f1864095000 [pid 6226] <... close resumed>) = 0 [pid 6225] <... mount resumed>) = 0 [pid 6228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6226] mkdir("./file1", 0777 [pid 6225] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6227] munmap(0x7f1864095000, 138412032 [pid 6226] <... mkdir resumed>) = 0 [pid 6225] <... openat resumed>) = 3 [pid 6225] chdir("./file1" [pid 6227] <... munmap resumed>) = 0 [pid 6225] <... chdir resumed>) = 0 [pid 6227] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6225] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6226] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 176.754137][ T6226] loop3: detected capacity change from 0 to 1024 [pid 6225] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6228] <... write resumed>) = 524288 [pid 6227] <... openat resumed>) = 4 [pid 6228] munmap(0x7f1864095000, 138412032) = 0 [pid 6227] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... umount2 resumed>) = 0 [pid 6228] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6228] ioctl(4, LOOP_SET_FD, 3 [pid 6227] <... ioctl resumed>) = 0 [pid 6227] close(3) = 0 [pid 6226] <... mount resumed>) = 0 [pid 5866] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6227] close(4 [pid 5866] newfstatat(AT_FDCWD, "./68/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6228] <... ioctl resumed>) = 0 [pid 6227] <... close resumed>) = 0 [pid 5866] umount2("./68/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6228] close(3 [pid 6227] mkdir("./file1", 0777 [pid 6226] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6228] <... close resumed>) = 0 [pid 6228] close(4 [pid 6227] <... mkdir resumed>) = 0 [pid 6226] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6228] <... close resumed>) = 0 [pid 6226] chdir("./file1" [pid 6228] mkdir("./file1", 0777) = 0 [pid 6227] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6226] <... chdir resumed>) = 0 [pid 6225] <... link resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./68/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6228] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 176.837274][ T6227] loop0: detected capacity change from 0 to 1024 [ 176.840008][ T6228] loop4: detected capacity change from 0 to 1024 [pid 6226] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6225] sync( [pid 5866] <... openat resumed>) = 4 [pid 6226] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] newfstatat(4, "", [pid 6226] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 6228] <... mount resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6228] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] getdents64(4, [pid 6228] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6228] chdir("./file1" [pid 5866] close(4 [pid 6228] <... chdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6228] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] rmdir("./68/file1" [pid 6228] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6227] <... mount resumed>) = 0 [pid 6228] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6227] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5866] <... rmdir resumed>) = 0 [pid 6227] chdir("./file1" [pid 6226] <... link resumed>) = 0 [pid 5866] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6227] <... chdir resumed>) = 0 [pid 6226] sync( [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./68/binderfs", [pid 6227] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./68/binderfs") = 0 [pid 6227] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] getdents64(3, [pid 6227] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6228] <... link resumed>) = 0 [pid 5866] close(3 [pid 6228] sync( [pid 6225] <... sync resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./68") = 0 [pid 6225] exit_group(0 [pid 5866] mkdir("./69", 0777 [pid 6225] <... exit_group resumed>) = ? [pid 5866] <... mkdir resumed>) = 0 [pid 6225] +++ exited with 0 +++ [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6225, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... openat resumed>) = 3 [pid 6227] <... link resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 6227] sync( [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6226] <... sync resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6226] exit_group(0 [pid 5865] newfstatat(3, "", ./strace-static-x86_64: Process 6229 attached [pid 6226] <... exit_group resumed>) = ? [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6229] set_robust_list(0x5555593cd660, 24 [pid 6226] +++ exited with 0 +++ [pid 5865] getdents64(3, [pid 6229] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6229 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6229] chdir("./69" [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6226, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6229] <... chdir resumed>) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6229] setpgid(0, 0 [pid 5867] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] <... setpgid resumed>) = 0 [pid 6229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6228] <... sync resumed>) = 0 [pid 6227] <... sync resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6227] exit_group(0 [pid 6228] exit_group(0 [pid 6227] <... exit_group resumed>) = ? [pid 5867] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6229] <... openat resumed>) = 3 [pid 6228] <... exit_group resumed>) = ? [pid 6227] +++ exited with 0 +++ [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6227, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] write(3, "1000", 4 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6229] <... write resumed>) = 4 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6229] close(3 [pid 6228] +++ exited with 0 +++ [pid 6229] <... close resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6228, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6229] symlink("/dev/binderfs", "./binderfs"executing program [pid 5864] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] <... symlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6229] write(1, "executing program\n", 18) = 18 [pid 5864] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6229] memfd_create("syzkaller", 0 [pid 5868] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 3 [pid 6229] <... memfd_create resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 6229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] newfstatat(3, "", [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./70/file1", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, [pid 5867] newfstatat(AT_FDCWD, "./70/file1", [pid 5865] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(3, [pid 5867] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5865] <... openat resumed>) = 4 [pid 5868] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5867] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6229] <... write resumed>) = 524288 [pid 5864] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(4 [pid 5865] rmdir("./70/file1" [pid 5867] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] rmdir("./70/file1") = 0 [pid 5865] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5865] unlink("./70/binderfs" [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5867] unlink("./70/binderfs" [pid 5865] getdents64(3, [pid 5867] <... unlink resumed>) = 0 [pid 5867] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6229] munmap(0x7f1864095000, 138412032 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5867] close(3 [pid 5865] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] rmdir("./70") = 0 [pid 5867] rmdir("./70" [pid 6229] <... munmap resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] mkdir("./71", 0777 [pid 6229] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... umount2 resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5867] mkdir("./71", 0777 [pid 6229] <... openat resumed>) = 4 [pid 5867] <... mkdir resumed>) = 0 [pid 6229] ioctl(4, LOOP_SET_FD, 3 [pid 5868] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6229] <... ioctl resumed>) = 0 [pid 6229] close(3 [pid 5868] newfstatat(AT_FDCWD, "./71/file1", [pid 5867] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6229] <... close resumed>) = 0 [pid 5868] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... ioctl resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./70/file1", [pid 6229] close(4) = 0 [pid 6229] mkdir("./file1", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] close(3 [pid 5864] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(3 [pid 5865] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6229] <... mkdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6230 attached ) = 4 [pid 6230] set_robust_list(0x5555593cd660, 24 [pid 6229] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6230] <... set_robust_list resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6230] chdir("./71" [pid 5868] <... openat resumed>) = 4 [pid 5864] getdents64(4, [pid 6230] <... chdir resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6230 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6230] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6230] <... prctl resumed>) = 0 [pid 5868] getdents64(4, [pid 6230] setpgid(0, 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6230] <... setpgid resumed>) = 0 [pid 5868] getdents64(4, [pid 5864] getdents64(4, [pid 6230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6230] <... openat resumed>) = 3 [pid 5868] close(4 [pid 5864] close(4 [pid 5868] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./70/file1") = 0 [pid 5868] rmdir("./71/file1" [pid 6229] <... mount resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6230] write(3, "1000", 4 [pid 6229] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6231 attached [pid 6230] <... write resumed>) = 4 [pid 6229] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 177.194572][ T6229] loop2: detected capacity change from 0 to 1024 [pid 6230] close(3 [pid 5868] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./70/binderfs", [pid 6230] <... close resumed>) = 0 [pid 6229] chdir("./file1" [pid 6231] set_robust_list(0x5555593cd660, 24 [pid 6230] symlink("/dev/binderfs", "./binderfs" [pid 6229] <... chdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6231] <... set_robust_list resumed>) = 0 [pid 6230] <... symlink resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./71/binderfs", [pid 6231] chdir("./71" [pid 6229] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./70/binderfs" [pid 6231] <... chdir resumed>) = 0 [pid 6230] write(1, "executing program\n", 18executing program [pid 6229] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] unlink("./71/binderfs" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6231 [pid 5864] <... unlink resumed>) = 0 [pid 6231] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6230] <... write resumed>) = 18 [pid 6229] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... unlink resumed>) = 0 [pid 6231] <... prctl resumed>) = 0 [pid 6230] memfd_create("syzkaller", 0 [pid 5868] getdents64(3, [pid 6231] setpgid(0, 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, [pid 6230] <... memfd_create resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6231] <... setpgid resumed>) = 0 [pid 6230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] close(3 [pid 5864] close(3 [pid 6231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6230] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6231] <... openat resumed>) = 3 [pid 5868] rmdir("./71" [pid 5864] rmdir("./70" [pid 5868] <... rmdir resumed>) = 0 [pid 5868] mkdir("./72", 0777 [pid 5864] <... rmdir resumed>) = 0 [pid 6231] write(3, "1000", 4) = 4 [pid 5868] <... mkdir resumed>) = 0 [pid 6231] close(3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] mkdir("./71", 0777 [pid 6231] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6231] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5868] <... openat resumed>) = 3 [pid 6231] write(1, "executing program\n", 18executing program [pid 6230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6231] <... write resumed>) = 18 [pid 6231] memfd_create("syzkaller", 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6231] <... memfd_create resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] close(3 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6231] <... mmap resumed>) = 0x7f1864095000 [pid 6229] <... link resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6229] sync( [pid 5864] <... close resumed>) = 0 [pid 6231] <... write resumed>) = 524288 [pid 6230] <... write resumed>) = 524288 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6232 attached [pid 6232] set_robust_list(0x5555593cd660, 24) = 0 [pid 6231] munmap(0x7f1864095000, 138412032 [pid 6230] munmap(0x7f1864095000, 138412032 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6232 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6232] chdir("./72" [pid 6231] <... munmap resumed>) = 0 [pid 6230] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6233 attached [pid 6229] <... sync resumed>) = 0 [pid 6231] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6230] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6232] <... chdir resumed>) = 0 [pid 6231] <... openat resumed>) = 4 [pid 6233] set_robust_list(0x5555593cd660, 24 [pid 6232] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6230] <... openat resumed>) = 4 [pid 6229] exit_group(0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6233 [pid 6233] <... set_robust_list resumed>) = 0 [pid 6232] <... prctl resumed>) = 0 [pid 6229] <... exit_group resumed>) = ? [pid 6231] ioctl(4, LOOP_SET_FD, 3 [pid 6230] ioctl(4, LOOP_SET_FD, 3 [pid 6232] setpgid(0, 0 [pid 6231] <... ioctl resumed>) = 0 [pid 6230] <... ioctl resumed>) = 0 [pid 6229] +++ exited with 0 +++ [pid 6233] chdir("./71" [pid 6232] <... setpgid resumed>) = 0 [pid 6230] close(3 [pid 6233] <... chdir resumed>) = 0 [pid 6232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6230] <... close resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6229, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6233] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6231] close(3 [pid 6230] close(4 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6233] <... prctl resumed>) = 0 [pid 6231] <... close resumed>) = 0 [pid 6230] <... close resumed>) = 0 [pid 6233] setpgid(0, 0 [pid 6231] close(4 [pid 6230] mkdir("./file1", 0777 [pid 6231] <... close resumed>) = 0 [pid 6230] <... mkdir resumed>) = 0 [pid 6232] <... openat resumed>) = 3 [pid 6231] mkdir("./file1", 0777 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6231] <... mkdir resumed>) = 0 [pid 6233] <... setpgid resumed>) = 0 [pid 6232] write(3, "1000", 4 [pid 6230] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6232] <... write resumed>) = 4 [pid 6231] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6233] <... openat resumed>) = 3 [pid 6232] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 6233] write(3, "1000", 4 [pid 6232] <... close resumed>) = 0 [pid 6233] <... write resumed>) = 4 [pid 6232] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6233] close(3 [pid 6230] <... mount resumed>) = 0 [pid 6233] <... close resumed>) = 0 [pid 6232] <... symlink resumed>) = 0 [pid 6230] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] getdents64(3, [pid 6233] symlink("/dev/binderfs", "./binderfs" [pid 6232] write(1, "executing program\n", 18 [pid 6230] <... openat resumed>) = 3 [ 177.383916][ T6231] loop3: detected capacity change from 0 to 1024 [ 177.384800][ T6230] loop1: detected capacity change from 0 to 1024 executing program [pid 6230] chdir("./file1" [pid 6232] <... write resumed>) = 18 [pid 6230] <... chdir resumed>) = 0 [pid 6233] <... symlink resumed>) = 0 [pid 6232] memfd_create("syzkaller", 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6232] <... memfd_create resumed>) = 3 [pid 6232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6230] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] <... mmap resumed>) = 0x7f1864095000 executing program [pid 6233] write(1, "executing program\n", 18 [pid 6230] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6233] <... write resumed>) = 18 [pid 6232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6230] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6233] memfd_create("syzkaller", 0 [pid 6231] <... mount resumed>) = 0 [pid 6233] <... memfd_create resumed>) = 3 [pid 6231] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6231] <... openat resumed>) = 3 [pid 6233] <... mmap resumed>) = 0x7f1864095000 [pid 6231] chdir("./file1" [pid 6233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6231] <... chdir resumed>) = 0 [pid 6231] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6232] <... write resumed>) = 524288 [pid 6231] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6231] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... umount2 resumed>) = 0 [pid 6232] munmap(0x7f1864095000, 138412032 [pid 5866] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] <... munmap resumed>) = 0 [pid 6232] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6232] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6231] <... link resumed>) = 0 [pid 6230] <... link resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6231] sync( [pid 5866] newfstatat(AT_FDCWD, "./69/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6230] sync( [pid 5866] umount2("./69/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./69/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 6232] close(3 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 6232] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6233] <... write resumed>) = 524288 [pid 6232] close(4 [pid 5866] close(4 [pid 6233] munmap(0x7f1864095000, 138412032 [pid 5866] <... close resumed>) = 0 [pid 6233] <... munmap resumed>) = 0 [pid 5866] rmdir("./69/file1" [pid 6232] <... close resumed>) = 0 [pid 6232] mkdir("./file1", 0777 [pid 5866] <... rmdir resumed>) = 0 [pid 6233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6232] <... mkdir resumed>) = 0 [pid 5866] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6233] ioctl(4, LOOP_SET_FD, 3 [pid 5866] newfstatat(AT_FDCWD, "./69/binderfs", [pid 6233] <... ioctl resumed>) = 0 [pid 6230] <... sync resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6233] close(3 [pid 6230] exit_group(0 [pid 5866] unlink("./69/binderfs" [pid 6233] <... close resumed>) = 0 [pid 6233] close(4 [pid 6230] <... exit_group resumed>) = ? [pid 6233] <... close resumed>) = 0 [pid 6230] +++ exited with 0 +++ [pid 6233] mkdir("./file1", 0777 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6230, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6233] <... mkdir resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [ 177.514793][ T6232] loop4: detected capacity change from 0 to 1024 [ 177.558102][ T6233] loop0: detected capacity change from 0 to 1024 [pid 6233] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] close(3 [pid 5865] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 6232] <... mount resumed>) = 0 [pid 5866] rmdir("./69" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6232] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5866] <... rmdir resumed>) = 0 [pid 6232] chdir("./file1" [pid 5865] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6232] <... chdir resumed>) = 0 [pid 6232] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6232] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] newfstatat(3, "", [pid 5866] mkdir("./70", 0777 [pid 6233] <... mount resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6233] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6232] <... link resumed>) = 0 [pid 5865] getdents64(3, [pid 6233] <... openat resumed>) = 3 [pid 6232] sync( [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6233] chdir("./file1") = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6233] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6231] <... sync resumed>) = 0 [pid 6233] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6231] exit_group(0 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3 [pid 6231] <... exit_group resumed>) = ? [pid 6233] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6232] <... sync resumed>) = 0 [pid 6231] +++ exited with 0 +++ [pid 5866] <... close resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6231, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6233] <... link resumed>) = 0 [pid 6232] exit_group(0 [pid 5867] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6234 attached [pid 6233] sync( [pid 6234] set_robust_list(0x5555593cd660, 24 [pid 6232] <... exit_group resumed>) = ? [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6234 [pid 6234] <... set_robust_list resumed>) = 0 [pid 6234] chdir("./70" [pid 6232] +++ exited with 0 +++ [pid 5867] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6232, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 6234] <... chdir resumed>) = 0 [pid 6233] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... umount2 resumed>) = 0 [pid 6233] exit_group(0 [pid 5868] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6233] <... exit_group resumed>) = ? [pid 5868] <... openat resumed>) = 3 [pid 6234] <... prctl resumed>) = 0 [pid 6233] +++ exited with 0 +++ [pid 6234] setpgid(0, 0 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6233, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6234] <... setpgid resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] newfstatat(AT_FDCWD, "./71/file1", [pid 5864] <... restart_syscall resumed>) = 0 [pid 5868] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6234] <... openat resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] write(3, "1000", 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] <... write resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6234] close(3 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6234] <... close resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5864] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6234] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6234] <... symlink resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] <... openat resumed>) = 3 [pid 6234] write(1, "executing program\n", 18 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 executing program [pid 5864] newfstatat(3, "", [pid 6234] <... write resumed>) = 18 [pid 5865] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] memfd_create("syzkaller", 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, [pid 5865] close(4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 6234] <... memfd_create resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] rmdir("./71/file1" [pid 6234] <... mmap resumed>) = 0x7f1864095000 [pid 5867] newfstatat(AT_FDCWD, "./71/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./71/binderfs") = 0 [pid 6234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5865] getdents64(3, [pid 5867] newfstatat(4, "", [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] close(3 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(4, [pid 5868] newfstatat(AT_FDCWD, "./72/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] rmdir("./71/file1" [pid 5868] <... openat resumed>) = 4 [pid 5867] <... rmdir resumed>) = 0 [pid 5867] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 5867] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(4, [pid 5867] unlink("./71/binderfs" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5868] close(4 [pid 5867] getdents64(3, [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./72/file1" [pid 5867] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./71") = 0 [pid 5868] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] <... write resumed>) = 524288 [pid 5865] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] mkdir("./72", 0777 [pid 5868] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5867] <... mkdir resumed>) = 0 [pid 5865] rmdir("./71" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] unlink("./72/binderfs" [pid 5867] <... openat resumed>) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] mkdir("./72", 0777 [pid 5867] <... ioctl resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] close(3 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./72") = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6234] munmap(0x7f1864095000, 138412032 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] mkdir("./73", 0777 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./71/file1", [pid 6234] <... munmap resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5865] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6235 attached [pid 6234] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6235 [pid 5865] <... close resumed>) = 0 [pid 6234] <... openat resumed>) = 4 [pid 5868] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6234] ioctl(4, LOOP_SET_FD, 3 [pid 5864] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6235] set_robust_list(0x5555593cd660, 24 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6235] <... set_robust_list resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 6234] <... ioctl resumed>) = 0 [pid 6235] chdir("./72" [pid 5868] close(3 [pid 5864] <... openat resumed>) = 4 [pid 6235] <... chdir resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6235] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... close resumed>) = 0 [pid 6235] <... prctl resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6235] setpgid(0, 0 [pid 6234] close(3 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] getdents64(4, [pid 6235] <... setpgid resumed>) = 0 [pid 6235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6236 attached [pid 6234] <... close resumed>) = 0 ./strace-static-x86_64: Process 6237 attached executing program [pid 6236] set_robust_list(0x5555593cd660, 24 [pid 6235] <... openat resumed>) = 3 [pid 6234] close(4 [pid 5864] getdents64(4, [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6236 [pid 6237] set_robust_list(0x5555593cd660, 24) = 0 [pid 6237] chdir("./72") = 0 [pid 6237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6235] write(3, "1000", 4 [pid 6237] setpgid(0, 0 [pid 6235] <... write resumed>) = 4 [pid 6237] <... setpgid resumed>) = 0 [pid 6235] close(3 [pid 6237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6235] <... close resumed>) = 0 [pid 6237] <... openat resumed>) = 3 [pid 6235] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6237] write(3, "1000", 4 [pid 6235] write(1, "executing program\n", 18 [pid 6237] <... write resumed>) = 4 [pid 6235] <... write resumed>) = 18 [pid 6237] close(3 [pid 6235] memfd_create("syzkaller", 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6237 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6237] <... close resumed>) = 0 [pid 6235] <... memfd_create resumed>) = 3 [pid 6237] symlink("/dev/binderfs", "./binderfs" [pid 6235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6237] <... symlink resumed>) = 0 [pid 6236] <... set_robust_list resumed>) = 0 [pid 6235] <... mmap resumed>) = 0x7f1864095000 [pid 6234] <... close resumed>) = 0 [pid 5864] close(4 [pid 6236] chdir("./73" [pid 6234] mkdir("./file1", 0777 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./71/file1" [pid 6236] <... chdir resumed>) = 0 [pid 6236] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6234] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6236] <... prctl resumed>) = 0 [pid 6234] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] write(1, "executing program\n", 18executing program [pid 6236] setpgid(0, 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6237] <... write resumed>) = 18 [pid 6236] <... setpgid resumed>) = 0 [pid 6234] <... mount resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./71/binderfs", [pid 6237] memfd_create("syzkaller", 0) = 3 [pid 6236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6234] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6236] <... openat resumed>) = 3 [ 177.885698][ T6234] loop2: detected capacity change from 0 to 1024 [pid 5864] unlink("./71/binderfs" [pid 6237] <... mmap resumed>) = 0x7f1864095000 [pid 6236] write(3, "1000", 4 [pid 6235] <... write resumed>) = 524288 [pid 6234] <... openat resumed>) = 3 [pid 5864] <... unlink resumed>) = 0 [pid 6236] <... write resumed>) = 4 [pid 5864] getdents64(3, [pid 6236] close(3 [pid 6237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6236] <... close resumed>) = 0 [pid 6234] chdir("./file1" [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6236] symlink("/dev/binderfs", "./binderfs" [pid 6234] <... chdir resumed>) = 0 [pid 5864] close(3 [pid 6236] <... symlink resumed>) = 0 [pid 6234] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./71" [pid 6234] <... openat resumed>) = -1 EBUSY (Device or resource busy) executing program [pid 6236] write(1, "executing program\n", 18 [pid 6234] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... rmdir resumed>) = 0 [pid 6236] <... write resumed>) = 18 [pid 5864] mkdir("./72", 0777 [pid 6236] memfd_create("syzkaller", 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6236] <... memfd_create resumed>) = 3 [pid 6235] munmap(0x7f1864095000, 138412032 [pid 5864] <... openat resumed>) = 3 [pid 6236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6235] <... munmap resumed>) = 0 [pid 6236] <... mmap resumed>) = 0x7f1864095000 [pid 6236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6235] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6235] <... openat resumed>) = 4 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6235] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6237] <... write resumed>) = 524288 [pid 6237] munmap(0x7f1864095000, 138412032 [pid 6235] close(3 [pid 6237] <... munmap resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6237] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6235] <... close resumed>) = 0 [pid 6235] close(4) = 0 [pid 6234] <... link resumed>) = 0 ./strace-static-x86_64: Process 6238 attached [pid 6235] mkdir("./file1", 0777 [pid 6234] sync( [pid 6235] <... mkdir resumed>) = 0 [pid 6237] <... openat resumed>) = 4 [pid 6235] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6238] set_robust_list(0x5555593cd660, 24 [pid 6237] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6238 [pid 6237] <... ioctl resumed>) = 0 [pid 6238] <... set_robust_list resumed>) = 0 [pid 6237] close(3 [pid 6236] <... write resumed>) = 524288 [pid 6238] chdir("./72") = 0 [pid 6237] <... close resumed>) = 0 [pid 6238] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6237] close(4 [pid 6238] <... prctl resumed>) = 0 [pid 6238] setpgid(0, 0 [pid 6237] <... close resumed>) = 0 [pid 6235] <... mount resumed>) = 0 [pid 6238] <... setpgid resumed>) = 0 [pid 6238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6237] mkdir("./file1", 0777 [pid 6235] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6237] <... mkdir resumed>) = 0 [pid 6235] chdir("./file1" [pid 6238] <... openat resumed>) = 3 [pid 6235] <... chdir resumed>) = 0 [pid 6234] <... sync resumed>) = 0 [pid 6237] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6238] write(3, "1000", 4 [pid 6236] munmap(0x7f1864095000, 138412032 [pid 6235] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6234] exit_group(0 [pid 6238] <... write resumed>) = 4 [pid 6238] close(3 [pid 6236] <... munmap resumed>) = 0 [pid 6235] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6238] <... close resumed>) = 0 [pid 6234] <... exit_group resumed>) = ? [ 178.011849][ T6235] loop3: detected capacity change from 0 to 1024 [ 178.042045][ T6237] loop1: detected capacity change from 0 to 1024 [pid 6238] symlink("/dev/binderfs", "./binderfs" [pid 6235] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6237] <... mount resumed>) = 0 [pid 6236] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6237] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6238] <... symlink resumed>) = 0 [pid 6237] <... openat resumed>) = 3 [pid 6236] <... openat resumed>) = 4 [pid 6234] +++ exited with 0 +++ [pid 6238] write(1, "executing program\n", 18 [pid 6236] ioctl(4, LOOP_SET_FD, 3 [pid 6237] chdir("./file1"executing program [pid 6238] <... write resumed>) = 18 [pid 6237] <... chdir resumed>) = 0 [pid 6236] <... ioctl resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6234, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6238] memfd_create("syzkaller", 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6237] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6238] <... memfd_create resumed>) = 3 [pid 6236] close(3 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6237] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6236] <... close resumed>) = 0 [pid 6238] <... mmap resumed>) = 0x7f1864095000 [pid 6237] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6236] close(4 [pid 6238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6236] <... close resumed>) = 0 [pid 5866] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] <... link resumed>) = 0 [pid 6237] sync( [pid 6236] mkdir("./file1", 0777 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6236] <... mkdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6235] <... link resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6236] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6235] sync( [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 178.137230][ T6236] loop4: detected capacity change from 0 to 1024 [pid 5866] getdents64(3, [pid 6236] <... mount resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6236] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6238] <... write resumed>) = 524288 [pid 6236] <... openat resumed>) = 3 [pid 6235] <... sync resumed>) = 0 [pid 6237] <... sync resumed>) = 0 [pid 6237] exit_group(0 [pid 6236] chdir("./file1" [pid 6238] munmap(0x7f1864095000, 138412032 [pid 6237] <... exit_group resumed>) = ? [pid 6235] exit_group(0 [pid 6238] <... munmap resumed>) = 0 [pid 6236] <... chdir resumed>) = 0 [pid 6237] +++ exited with 0 +++ [pid 6235] <... exit_group resumed>) = ? [pid 6238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6238] ioctl(4, LOOP_SET_FD, 3 [pid 6235] +++ exited with 0 +++ [pid 6236] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6237, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6238] <... ioctl resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6238] close(3 [pid 6236] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6235, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6238] <... close resumed>) = 0 [pid 6236] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] close(4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] <... close resumed>) = 0 [pid 5867] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./70/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6238] mkdir("./file1", 0777 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6238] <... mkdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./70/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(3, "", [pid 5867] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./70/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6238] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] getdents64(3, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] getdents64(3, [pid 5865] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(4, [pid 6236] <... link resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6236] sync( [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [ 178.261024][ T6238] loop0: detected capacity change from 0 to 1024 [pid 5866] rmdir("./70/file1" [pid 6238] <... mount resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5866] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./70/binderfs" [pid 6238] <... openat resumed>) = 3 [pid 6238] chdir("./file1") = 0 [pid 6238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6238] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5867] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./72/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(AT_FDCWD, "./72/file1", [pid 5867] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(4, "", [pid 5865] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(4, [pid 5865] openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6238] <... link resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6238] sync( [pid 5865] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(3, [pid 5867] close(4 [pid 5865] getdents64(4, [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] rmdir("./72/file1" [pid 5866] close(3 [pid 5865] close(4 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6236] <... sync resumed>) = 0 [pid 5866] rmdir("./70" [pid 6236] exit_group(0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] rmdir("./72/file1" [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6236] <... exit_group resumed>) = ? [pid 5867] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] mkdir("./71", 0777 [pid 6238] <... sync resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... mkdir resumed>) = 0 [pid 6238] exit_group(0 [pid 5867] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6238] <... exit_group resumed>) = ? [pid 5867] unlink("./72/binderfs" [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6238] +++ exited with 0 +++ [pid 6236] +++ exited with 0 +++ [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6238, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6236, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./72/binderfs" [pid 5864] <... restart_syscall resumed>) = 0 [pid 5868] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... unlink resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5867] rmdir("./72" [pid 5865] getdents64(3, [pid 5864] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] mkdir("./73", 0777) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 ./strace-static-x86_64: Process 6239 attached [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6239] set_robust_list(0x5555593cd660, 24 [pid 5865] rmdir("./72" [pid 5864] <... openat resumed>) = 3 [pid 6239] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6239 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6239] chdir("./71" [pid 5864] getdents64(3, [pid 6239] <... chdir resumed>) = 0 [pid 6239] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6240 attached [pid 5865] mkdir("./73", 0777 [pid 6239] <... prctl resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6240 [pid 5864] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6239] setpgid(0, 0) = 0 [pid 6239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6240] set_robust_list(0x5555593cd660, 24 [pid 6239] <... openat resumed>) = 3 [pid 5865] <... mkdir resumed>) = 0 [pid 6240] <... set_robust_list resumed>) = 0 [pid 6239] write(3, "1000", 4) = 4 [pid 6240] chdir("./73" [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6240] <... chdir resumed>) = 0 [pid 6239] close(3 [pid 6240] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6239] <... close resumed>) = 0 [pid 6239] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6239] write(1, "executing program\n", 18 [pid 6240] <... prctl resumed>) = 0 executing program [pid 5868] <... umount2 resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6240] setpgid(0, 0 [pid 6239] <... write resumed>) = 18 [pid 5868] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6240] <... setpgid resumed>) = 0 [pid 6240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6240] <... openat resumed>) = 3 [pid 6239] memfd_create("syzkaller", 0 [pid 5868] newfstatat(AT_FDCWD, "./73/file1", [pid 5865] <... ioctl resumed>) = 0 [pid 6239] <... memfd_create resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] close(3 [pid 5868] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6240] write(3, "1000", 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6240] <... write resumed>) = 4 [pid 5868] openat(AT_FDCWD, "./73/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6240] close(3) = 0 [pid 6239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6239] <... mmap resumed>) = 0x7f1864095000 [pid 6239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... openat resumed>) = 4 executing program [pid 6240] write(1, "executing program\n", 18) = 18 [pid 6240] memfd_create("syzkaller", 0 [pid 5868] newfstatat(4, "", [pid 6240] <... memfd_create resumed>) = 3 [pid 6240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] getdents64(4, [pid 5864] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6239] <... write resumed>) = 524288 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./72/file1", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6241 attached [pid 6240] <... write resumed>) = 524288 [pid 5868] close(4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] rmdir("./73/file1" [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6241 [pid 5864] openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6241] set_robust_list(0x5555593cd660, 24 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6241] <... set_robust_list resumed>) = 0 [pid 5868] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6241] chdir("./73" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 6241] <... chdir resumed>) = 0 [pid 6239] munmap(0x7f1864095000, 138412032 [pid 5868] newfstatat(AT_FDCWD, "./73/binderfs", [pid 6241] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6239] <... munmap resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6241] <... prctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6241] setpgid(0, 0 [pid 6239] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] unlink("./73/binderfs" [pid 5864] getdents64(4, [pid 6241] <... setpgid resumed>) = 0 [pid 6241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6240] munmap(0x7f1864095000, 138412032 [pid 6239] <... openat resumed>) = 4 [pid 5868] <... unlink resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6241] <... openat resumed>) = 3 [pid 6240] <... munmap resumed>) = 0 [pid 5864] close(4) = 0 [pid 6239] ioctl(4, LOOP_SET_FD, 3 [pid 5864] rmdir("./72/file1" [pid 6239] <... ioctl resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6241] write(3, "1000", 4 [pid 5868] getdents64(3, [pid 6241] <... write resumed>) = 4 [pid 6240] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6239] close(3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6240] <... openat resumed>) = 4 [pid 6239] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6239] close(4) = 0 [pid 5864] newfstatat(AT_FDCWD, "./72/binderfs", [pid 6239] mkdir("./file1", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6240] ioctl(4, LOOP_SET_FD, 3 [pid 6239] <... mkdir resumed>) = 0 [pid 5864] unlink("./72/binderfs" [pid 6240] <... ioctl resumed>) = 0 [pid 6239] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... unlink resumed>) = 0 [pid 6240] close(3 [pid 5868] close(3 [pid 6241] close(3 [pid 5864] getdents64(3, [pid 6241] <... close resumed>) = 0 [pid 6240] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6241] symlink("/dev/binderfs", "./binderfs" [pid 6240] close(4 [pid 5868] rmdir("./73" [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6241] <... symlink resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] close(3 [pid 6241] write(1, "executing program\n", 18 [pid 5868] mkdir("./74", 0777executing program [pid 6241] <... write resumed>) = 18 [pid 6240] <... close resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6241] memfd_create("syzkaller", 0 [pid 6239] <... mount resumed>) = 0 [pid 6239] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] rmdir("./72" [pid 6241] <... memfd_create resumed>) = 3 [pid 6239] <... openat resumed>) = 3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... rmdir resumed>) = 0 [pid 6241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6240] mkdir("./file1", 0777 [pid 5868] <... openat resumed>) = 3 [pid 6240] <... mkdir resumed>) = 0 [pid 6239] chdir("./file1" [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] mkdir("./73", 0777 [pid 6239] <... chdir resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6240] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6239] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] close(3 [ 178.584756][ T6239] loop2: detected capacity change from 0 to 1024 [ 178.594527][ T6240] loop3: detected capacity change from 0 to 1024 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6239] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6239] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6241] <... write resumed>) = 524288 [pid 5868] <... close resumed>) = 0 [pid 6241] munmap(0x7f1864095000, 138412032) = 0 [pid 6241] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6241] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6241] close(3) = 0 [pid 6241] close(4) = 0 [pid 6240] <... mount resumed>) = 0 [pid 6241] mkdir("./file1", 0777 [pid 6240] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6241] <... mkdir resumed>) = 0 [pid 6240] chdir("./file1" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6242 attached [pid 6241] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6240] <... chdir resumed>) = 0 [pid 6242] set_robust_list(0x5555593cd660, 24 [pid 6240] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 6242] <... set_robust_list resumed>) = 0 [pid 6240] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6242] chdir("./74" [pid 6240] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6242] <... chdir resumed>) = 0 [pid 6242] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6239] <... link resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6242 ./strace-static-x86_64: Process 6243 attached [pid 6242] <... prctl resumed>) = 0 [pid 6239] sync( [pid 6242] setpgid(0, 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6243 [pid 6243] set_robust_list(0x5555593cd660, 24 [pid 6242] <... setpgid resumed>) = 0 [pid 6241] <... mount resumed>) = 0 [ 178.676920][ T6241] loop1: detected capacity change from 0 to 1024 [pid 6243] <... set_robust_list resumed>) = 0 [pid 6242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6241] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6243] chdir("./73" [pid 6241] <... openat resumed>) = 3 [pid 6243] <... chdir resumed>) = 0 [pid 6241] chdir("./file1" [pid 6243] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6242] <... openat resumed>) = 3 [pid 6241] <... chdir resumed>) = 0 [pid 6243] <... prctl resumed>) = 0 [pid 6243] setpgid(0, 0 [pid 6242] write(3, "1000", 4 [pid 6241] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6242] <... write resumed>) = 4 [pid 6243] <... setpgid resumed>) = 0 [pid 6242] close(3 [pid 6241] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6242] <... close resumed>) = 0 [pid 6240] <... link resumed>) = 0 [pid 6242] symlink("/dev/binderfs", "./binderfs" [pid 6243] <... openat resumed>) = 3 [pid 6240] sync( [pid 6243] write(3, "1000", 4 [pid 6242] <... symlink resumed>) = 0 [pid 6241] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"executing program [pid 6243] <... write resumed>) = 4 [pid 6242] write(1, "executing program\n", 18) = 18 [pid 6243] close(3) = 0 [pid 6242] memfd_create("syzkaller", 0 [pid 6243] symlink("/dev/binderfs", "./binderfs" [pid 6242] <... memfd_create resumed>) = 3 executing program [pid 6243] <... symlink resumed>) = 0 [pid 6242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6243] write(1, "executing program\n", 18) = 18 [pid 6243] memfd_create("syzkaller", 0 [pid 6242] <... mmap resumed>) = 0x7f1864095000 [pid 6243] <... memfd_create resumed>) = 3 [pid 6243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6243] <... mmap resumed>) = 0x7f1864095000 [pid 6243] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6241] <... link resumed>) = 0 [pid 6242] <... write resumed>) = 524288 [pid 6241] sync( [pid 6243] <... write resumed>) = 524288 [pid 6243] munmap(0x7f1864095000, 138412032) = 0 [pid 6242] munmap(0x7f1864095000, 138412032) = 0 [pid 6243] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6242] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6243] <... openat resumed>) = 4 [pid 6243] ioctl(4, LOOP_SET_FD, 3 [pid 6242] <... openat resumed>) = 4 [pid 6240] <... sync resumed>) = 0 [pid 6239] <... sync resumed>) = 0 [pid 6242] ioctl(4, LOOP_SET_FD, 3 [pid 6240] exit_group(0 [pid 6239] exit_group(0 [pid 6243] <... ioctl resumed>) = 0 [pid 6242] <... ioctl resumed>) = 0 [pid 6241] <... sync resumed>) = 0 [pid 6240] <... exit_group resumed>) = ? [pid 6239] <... exit_group resumed>) = ? [pid 6240] +++ exited with 0 +++ [pid 6242] close(3 [pid 6239] +++ exited with 0 +++ [pid 6243] close(3 [pid 6242] <... close resumed>) = 0 [pid 6241] exit_group(0 [pid 6243] <... close resumed>) = 0 [pid 6242] close(4 [pid 6241] <... exit_group resumed>) = ? [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6240, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6239, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6243] close(4 [pid 6242] <... close resumed>) = 0 [pid 6241] +++ exited with 0 +++ [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6243] <... close resumed>) = 0 [pid 6242] mkdir("./file1", 0777 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6241, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6243] mkdir("./file1", 0777 [pid 6242] <... mkdir resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6243] <... mkdir resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6242] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6243] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 178.863302][ T6243] loop0: detected capacity change from 0 to 1024 [ 178.867442][ T6242] loop4: detected capacity change from 0 to 1024 [pid 5867] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 5867] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5867] newfstatat(3, "", [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 6242] <... mount resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6242] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5867] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6242] chdir("./file1") = 0 [pid 6242] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6242] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6243] <... mount resumed>) = 0 [pid 6243] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6243] chdir("./file1") = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5867] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 5865] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6243] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6243] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] newfstatat(AT_FDCWD, "./73/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./73/file1", [pid 5867] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] openat(AT_FDCWD, "./73/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(4, "", [pid 5865] openat(AT_FDCWD, "./73/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 4 [pid 5867] getdents64(4, [pid 5865] newfstatat(4, "", [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5867] getdents64(4, [pid 5866] newfstatat(AT_FDCWD, "./71/file1", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 5867] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6242] <... link resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] close(4 [pid 5866] umount2("./71/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 6242] sync( [pid 5867] rmdir("./73/file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] rmdir("./73/file1" [pid 6243] <... link resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./71/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... rmdir resumed>) = 0 [pid 6243] sync( [pid 5867] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 4 [pid 5865] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./71/file1" [pid 5867] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6243] <... sync resumed>) = 0 [pid 6242] <... sync resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5867] unlink("./73/binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... unlink resumed>) = 0 [pid 5865] unlink("./73/binderfs" [pid 5867] getdents64(3, [pid 6243] exit_group(0 [pid 6242] exit_group(0 [pid 5866] newfstatat(AT_FDCWD, "./71/binderfs", [pid 6243] <... exit_group resumed>) = ? [pid 6242] <... exit_group resumed>) = ? [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 6243] +++ exited with 0 +++ [pid 6242] +++ exited with 0 +++ [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] unlink("./71/binderfs" [pid 5865] getdents64(3, [pid 5867] close(3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6242, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] <... close resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6243, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] rmdir("./73" [pid 5865] close(3 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5866] getdents64(3, [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] mkdir("./74", 0777 [pid 5866] close(3) = 0 [pid 5865] rmdir("./73" [pid 5866] rmdir("./71" [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5866] mkdir("./72", 0777 [pid 5868] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5865] mkdir("./74", 0777 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] newfstatat(3, "", [pid 5867] <... ioctl resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 5865] <... openat resumed>) = 3 [pid 5867] close(3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] getdents64(3, [pid 5864] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6244 attached [pid 5867] <... close resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6244] set_robust_list(0x5555593cd660, 24 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6244 [pid 6244] <... set_robust_list resumed>) = 0 [pid 6244] chdir("./72") = 0 [pid 6244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6244] setpgid(0, 0) = 0 [pid 6244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6244] write(3, "1000", 4) = 4 [pid 6244] close(3) = 0 [pid 6244] symlink("/dev/binderfs", "./binderfs" [pid 5865] close(3 [pid 6244] <... symlink resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6244] write(1, "executing program\n", 18executing program ./strace-static-x86_64: Process 6245 attached ) = 18 [pid 5868] <... umount2 resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6244] memfd_create("syzkaller", 0 [pid 5864] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6244] <... memfd_create resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5864] newfstatat(AT_FDCWD, "./73/file1", ./strace-static-x86_64: Process 6246 attached [pid 6245] set_robust_list(0x5555593cd660, 24 [pid 6244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6245 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6246 [pid 6245] <... set_robust_list resumed>) = 0 [pid 5864] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6245] chdir("./74" [pid 5864] openat(AT_FDCWD, "./73/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6245] <... chdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./74/file1", [pid 6245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6245] <... prctl resumed>) = 0 [pid 5868] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6246] set_robust_list(0x5555593cd660, 24 [pid 6245] setpgid(0, 0 [pid 6246] <... set_robust_list resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6245] <... setpgid resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./74/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6246] chdir("./74" [pid 6245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... openat resumed>) = 4 [pid 5864] <... openat resumed>) = 4 [pid 6246] <... chdir resumed>) = 0 [pid 6245] <... openat resumed>) = 3 [pid 6246] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] newfstatat(4, "", [pid 6245] write(3, "1000", 4 [pid 6244] <... write resumed>) = 524288 [pid 5864] newfstatat(4, "", [pid 6246] <... prctl resumed>) = 0 [pid 6245] <... write resumed>) = 4 [pid 6246] setpgid(0, 0 [pid 6245] close(3) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6245] symlink("/dev/binderfs", "./binderfs" [pid 6246] <... setpgid resumed>) = 0 [pid 6244] munmap(0x7f1864095000, 138412032 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, [pid 6246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6245] <... symlink resumed>) = 0 [pid 6244] <... munmap resumed>) = 0 [pid 5868] getdents64(4, [pid 6244] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6246] <... openat resumed>) = 3 [pid 6245] write(1, "executing program\n", 18 [pid 6244] <... openat resumed>) = 4 executing program [pid 5868] getdents64(4, [pid 5864] getdents64(4, [pid 6246] write(3, "1000", 4 [pid 6245] <... write resumed>) = 18 [pid 6244] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6246] <... write resumed>) = 4 [pid 6245] memfd_create("syzkaller", 0 [pid 6244] <... ioctl resumed>) = 0 [pid 5868] close(4 [pid 5864] close(4 [pid 6244] close(3 [pid 5868] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6246] close(3 [pid 6245] <... memfd_create resumed>) = 3 [pid 6244] <... close resumed>) = 0 [pid 5868] rmdir("./74/file1" [pid 5864] rmdir("./73/file1" [pid 6246] <... close resumed>) = 0 [pid 6245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6244] close(4 [pid 5868] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5864] newfstatat(AT_FDCWD, "./73/binderfs", [pid 6244] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6244] mkdir("./file1", 0777 [pid 5868] unlink("./74/binderfs" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6244] <... mkdir resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5864] unlink("./73/binderfs" [pid 6246] symlink("/dev/binderfs", "./binderfs" [pid 6245] <... mmap resumed>) = 0x7f1864095000 [pid 6244] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] getdents64(3, [pid 5864] <... unlink resumed>) = 0 [pid 6246] <... symlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 5868] close(3 [pid 5864] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5864] rmdir("./73"executing program [pid 6246] write(1, "executing program\n", 18 [pid 5868] rmdir("./74" [pid 5864] <... rmdir resumed>) = 0 [pid 6246] <... write resumed>) = 18 [pid 6245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... rmdir resumed>) = 0 [pid 6246] memfd_create("syzkaller", 0) = 3 [pid 5868] mkdir("./75", 0777 [pid 5864] mkdir("./74", 0777 [pid 6246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6246] <... mmap resumed>) = 0x7f1864095000 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] <... ioctl resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 5868] close(3) = 0 [ 179.251552][ T6244] loop2: detected capacity change from 0 to 1024 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6247 attached [pid 6244] <... mount resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6244] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6247 [pid 6244] chdir("./file1" [pid 6245] <... write resumed>) = 524288 [pid 6244] <... chdir resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6247] set_robust_list(0x5555593cd660, 24 [pid 6244] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6247] <... set_robust_list resumed>) = 0 [pid 6245] munmap(0x7f1864095000, 138412032 [pid 6244] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6248 attached [pid 6247] chdir("./75" [pid 6246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6245] <... munmap resumed>) = 0 [pid 6244] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6248 [pid 6247] <... chdir resumed>) = 0 [pid 6247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6248] set_robust_list(0x5555593cd660, 24 [pid 6247] setpgid(0, 0 [pid 6245] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6245] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6245] close(3) = 0 [pid 6245] close(4) = 0 [pid 6245] mkdir("./file1", 0777) = 0 [pid 6248] <... set_robust_list resumed>) = 0 [pid 6247] <... setpgid resumed>) = 0 [pid 6247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6248] chdir("./74" [pid 6247] <... openat resumed>) = 3 [pid 6248] <... chdir resumed>) = 0 [pid 6245] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6247] write(3, "1000", 4 [pid 6246] <... write resumed>) = 524288 [pid 6248] <... prctl resumed>) = 0 [pid 6247] <... write resumed>) = 4 [pid 6248] setpgid(0, 0 [pid 6247] close(3 [pid 6246] munmap(0x7f1864095000, 138412032 [pid 6248] <... setpgid resumed>) = 0 [pid 6247] <... close resumed>) = 0 [pid 6246] <... munmap resumed>) = 0 [pid 6244] <... link resumed>) = 0 [pid 6248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6244] sync( [pid 6247] symlink("/dev/binderfs", "./binderfs" [pid 6248] <... openat resumed>) = 3 [pid 6247] <... symlink resumed>) = 0 [pid 6248] write(3, "1000", 4) = 4 [pid 6247] write(1, "executing program\n", 18 [pid 6248] close(3 [pid 6246] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6248] <... close resumed>) = 0 [pid 6246] <... openat resumed>) = 4 [pid 6248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6248] write(1, "executing program\n", 18 [pid 6246] close(3executing program executing program [pid 6248] <... write resumed>) = 18 [pid 6247] <... write resumed>) = 18 [pid 6246] <... close resumed>) = 0 [pid 6248] memfd_create("syzkaller", 0) = 3 [pid 6247] memfd_create("syzkaller", 0 [pid 6246] close(4 [pid 6248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6247] <... memfd_create resumed>) = 3 [pid 6246] <... close resumed>) = 0 [pid 6248] <... mmap resumed>) = 0x7f1864095000 [pid 6247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6246] mkdir("./file1", 0777 [pid 6247] <... mmap resumed>) = 0x7f1864095000 [pid 6248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6246] <... mkdir resumed>) = 0 [pid 6247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6246] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6245] <... mount resumed>) = 0 [ 179.366106][ T6245] loop3: detected capacity change from 0 to 1024 [ 179.407477][ T6246] loop1: detected capacity change from 0 to 1024 [pid 6245] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6245] chdir("./file1") = 0 [pid 6245] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6245] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6247] <... write resumed>) = 524288 [pid 6248] <... write resumed>) = 524288 [pid 6248] munmap(0x7f1864095000, 138412032 [pid 6247] munmap(0x7f1864095000, 138412032 [pid 6246] <... mount resumed>) = 0 [pid 6245] <... link resumed>) = 0 [pid 6248] <... munmap resumed>) = 0 [pid 6247] <... munmap resumed>) = 0 [pid 6246] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6245] sync( [pid 6244] <... sync resumed>) = 0 [pid 6244] exit_group(0 [pid 6248] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6246] <... openat resumed>) = 3 [pid 6248] <... openat resumed>) = 4 [pid 6246] chdir("./file1" [pid 6245] <... sync resumed>) = 0 [pid 6247] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6244] <... exit_group resumed>) = ? [pid 6248] ioctl(4, LOOP_SET_FD, 3 [pid 6247] <... openat resumed>) = 4 [pid 6246] <... chdir resumed>) = 0 [pid 6248] <... ioctl resumed>) = 0 [pid 6247] ioctl(4, LOOP_SET_FD, 3 [pid 6246] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6248] close(3 [pid 6247] <... ioctl resumed>) = 0 [pid 6248] <... close resumed>) = 0 [pid 6247] close(3 [pid 6248] close(4 [pid 6247] <... close resumed>) = 0 [pid 6248] <... close resumed>) = 0 [pid 6247] close(4 [pid 6248] mkdir("./file1", 0777 [pid 6247] <... close resumed>) = 0 [pid 6247] mkdir("./file1", 0777 [pid 6248] <... mkdir resumed>) = 0 [pid 6247] <... mkdir resumed>) = 0 [pid 6248] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6247] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6245] exit_group(0) = ? [pid 6246] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6244] +++ exited with 0 +++ [pid 6246] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6245] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6245, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6244, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5867] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 6248] <... mount resumed>) = 0 [pid 6247] <... mount resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6248] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6247] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... openat resumed>) = 3 [pid 5866] getdents64(3, [pid 5867] newfstatat(3, "", [pid 6248] <... openat resumed>) = 3 [pid 6247] <... openat resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6248] chdir("./file1" [pid 6247] chdir("./file1" [pid 6248] <... chdir resumed>) = 0 [pid 6247] <... chdir resumed>) = 0 [pid 5866] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [ 179.529094][ T6248] loop0: detected capacity change from 0 to 1024 [ 179.534646][ T6247] loop4: detected capacity change from 0 to 1024 [pid 6248] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6247] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6248] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6247] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6248] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6247] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6246] <... link resumed>) = 0 [pid 6246] sync( [pid 5867] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6248] <... link resumed>) = 0 [pid 6247] <... link resumed>) = 0 [pid 6247] sync( [pid 6248] sync( [pid 5867] <... umount2 resumed>) = 0 [pid 5867] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./74/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./72/file1", [pid 5867] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./74/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./72/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./72/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5866] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 6248] <... sync resumed>) = 0 [pid 6247] <... sync resumed>) = 0 [pid 6246] <... sync resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6247] exit_group(0 [pid 6246] exit_group(0 [pid 6247] <... exit_group resumed>) = ? [pid 6246] <... exit_group resumed>) = ? [pid 6248] exit_group(0 [pid 6247] +++ exited with 0 +++ [pid 6246] +++ exited with 0 +++ [pid 5867] close(4 [pid 5866] getdents64(4, [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6247, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] <... close resumed>) = 0 [pid 6248] <... exit_group resumed>) = ? [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] rmdir("./74/file1" [pid 6248] +++ exited with 0 +++ [pid 5867] <... rmdir resumed>) = 0 [pid 5866] close(4 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6246, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6248, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./72/file1" [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5866] <... rmdir resumed>) = 0 [pid 5865] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] unlink("./74/binderfs") = 0 [pid 5866] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", [pid 5868] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5864] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(3, "", [pid 5867] <... close resumed>) = 0 [pid 5865] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] rmdir("./74" [pid 5866] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5864] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] mkdir("./75", 0777 [pid 5866] unlink("./72/binderfs" [pid 5864] newfstatat(3, "", [pid 5868] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 5866] getdents64(3, [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] close(3) = 0 [pid 5866] rmdir("./72") = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] mkdir("./73", 0777) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3 [pid 5865] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./74/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./74/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6249 [pid 5865] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6249 attached [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./74/file1" [pid 6249] set_robust_list(0x5555593cd660, 24 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6249] <... set_robust_list resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./74/binderfs", [pid 6249] chdir("./75" [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6249] <... chdir resumed>) = 0 [pid 5865] unlink("./74/binderfs" [pid 6249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6250 attached [pid 6249] setpgid(0, 0 [pid 5865] getdents64(3, [pid 6249] <... setpgid resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6250 [pid 5865] close(3 [pid 6250] set_robust_list(0x5555593cd660, 24 [pid 6249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... close resumed>) = 0 [pid 6250] <... set_robust_list resumed>) = 0 [pid 5865] rmdir("./74" [pid 6250] chdir("./73" [pid 5865] <... rmdir resumed>) = 0 [pid 6249] <... openat resumed>) = 3 [pid 6250] <... chdir resumed>) = 0 [pid 6250] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6249] write(3, "1000", 4 [pid 6250] <... prctl resumed>) = 0 [pid 6249] <... write resumed>) = 4 [pid 5865] mkdir("./75", 0777 [pid 6249] close(3 [pid 6250] setpgid(0, 0 [pid 6249] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 6249] symlink("/dev/binderfs", "./binderfs" [pid 6250] <... setpgid resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6249] <... symlink resumed>) = 0 [pid 5865] <... openat resumed>) = 3 executing program [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6250] <... openat resumed>) = 3 [pid 6249] write(1, "executing program\n", 18 [pid 5865] <... ioctl resumed>) = 0 [pid 6249] <... write resumed>) = 18 [pid 5865] close(3 [pid 6250] write(3, "1000", 4 [pid 6249] memfd_create("syzkaller", 0 [pid 6250] <... write resumed>) = 4 [pid 6250] close(3 [pid 5865] <... close resumed>) = 0 [pid 6250] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6251 attached [pid 6250] symlink("/dev/binderfs", "./binderfs" [pid 6249] <... memfd_create resumed>) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6250] <... symlink resumed>) = 0 [pid 6249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 6250] write(1, "executing program\n", 18 [pid 6249] <... mmap resumed>) = 0x7f1864095000 [pid 5868] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6250] <... write resumed>) = 18 [pid 6251] set_robust_list(0x5555593cd660, 24 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6250] memfd_create("syzkaller", 0 [pid 5864] newfstatat(AT_FDCWD, "./74/file1", [pid 6251] <... set_robust_list resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6251 [pid 6251] chdir("./75") = 0 [pid 6251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6251] setpgid(0, 0) = 0 [pid 6249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6251] write(3, "1000", 4 [pid 6250] <... memfd_create resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./75/file1", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6251] <... write resumed>) = 4 [pid 6250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6251] close(3 [pid 6250] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./74/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6251] <... close resumed>) = 0 [pid 6250] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] openat(AT_FDCWD, "./75/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 5868] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6251] symlink("/dev/binderfs", "./binderfs" [pid 5864] getdents64(4, executing program 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6251] <... symlink resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5864] close(4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] getdents64(4, [pid 5864] rmdir("./74/file1" [pid 6251] write(1, "executing program\n", 18) = 18 [pid 6251] memfd_create("syzkaller", 0) = 3 [pid 6251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] getdents64(4, [pid 5864] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6250] <... write resumed>) = 524288 [pid 6249] <... write resumed>) = 524288 [pid 5868] close(4 [pid 5864] newfstatat(AT_FDCWD, "./74/binderfs", [pid 6251] <... write resumed>) = 524288 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... close resumed>) = 0 [pid 5864] unlink("./74/binderfs" [pid 5868] rmdir("./75/file1" [pid 5864] <... unlink resumed>) = 0 [pid 6249] munmap(0x7f1864095000, 138412032 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] getdents64(3, [pid 6249] <... munmap resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6251] munmap(0x7f1864095000, 138412032 [pid 6250] munmap(0x7f1864095000, 138412032 [pid 6249] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./75/binderfs", [pid 6251] <... munmap resumed>) = 0 [pid 6250] <... munmap resumed>) = 0 [pid 6249] <... openat resumed>) = 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] rmdir("./74" [pid 6251] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6250] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6249] ioctl(4, LOOP_SET_FD, 3 [pid 5868] unlink("./75/binderfs" [pid 6250] <... openat resumed>) = 4 [pid 5868] <... unlink resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6251] <... openat resumed>) = 4 [pid 5864] mkdir("./75", 0777 [pid 6250] ioctl(4, LOOP_SET_FD, 3 [pid 5868] getdents64(3, [pid 6251] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] close(3) = 0 [pid 6249] <... ioctl resumed>) = 0 [pid 5868] rmdir("./75" [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6251] <... ioctl resumed>) = 0 [pid 6250] <... ioctl resumed>) = 0 [pid 6249] close(3 [pid 5864] <... openat resumed>) = 3 [pid 6250] close(3 [pid 6249] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6250] <... close resumed>) = 0 [pid 6249] close(4 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6251] close(3 [pid 6250] close(4 [pid 6249] <... close resumed>) = 0 [pid 6251] <... close resumed>) = 0 [pid 5868] mkdir("./76", 0777 [pid 6251] close(4 [pid 6250] <... close resumed>) = 0 [pid 6249] mkdir("./file1", 0777 [pid 5864] close(3 [pid 6251] <... close resumed>) = 0 [pid 6250] mkdir("./file1", 0777 [pid 6249] <... mkdir resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 6251] mkdir("./file1", 0777 [pid 6250] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6250] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... close resumed>) = 0 [pid 6251] <... mkdir resumed>) = 0 [pid 6249] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... openat resumed>) = 3 [ 179.957526][ T6249] loop3: detected capacity change from 0 to 1024 [ 179.962065][ T6251] loop1: detected capacity change from 0 to 1024 [ 179.967311][ T6250] loop2: detected capacity change from 0 to 1024 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6251] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6250] <... mount resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6250] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 6250] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6252 attached [pid 6250] chdir("./file1" [pid 6249] <... mount resumed>) = 0 [pid 6252] set_robust_list(0x5555593cd660, 24 [pid 6249] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6250] <... chdir resumed>) = 0 [pid 6249] <... openat resumed>) = 3 [pid 6250] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6249] chdir("./file1" [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6252 [pid 6250] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6250] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6249] <... chdir resumed>) = 0 [pid 6249] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6252] <... set_robust_list resumed>) = 0 [pid 6249] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6252] chdir("./75" [pid 6249] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... close resumed>) = 0 [pid 6251] <... mount resumed>) = 0 [pid 6252] <... chdir resumed>) = 0 [pid 6251] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6251] chdir("./file1" [pid 6252] setpgid(0, 0 [pid 6251] <... chdir resumed>) = 0 [pid 6252] <... setpgid resumed>) = 0 [pid 6252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6251] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6251] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6252] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6253 attached [pid 6253] set_robust_list(0x5555593cd660, 24 [pid 6252] write(3, "1000", 4 [pid 6253] <... set_robust_list resumed>) = 0 [pid 6253] chdir("./76") = 0 [pid 6253] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6252] <... write resumed>) = 4 [pid 6250] <... link resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6253 [pid 6252] close(3) = 0 [pid 6252] symlink("/dev/binderfs", "./binderfs" [pid 6250] sync( [pid 6249] <... link resumed>) = 0 [pid 6253] <... prctl resumed>) = 0 [pid 6252] <... symlink resumed>) = 0 [pid 6253] setpgid(0, 0) = 0 [pid 6253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 6252] write(1, "executing program\n", 18 [pid 6249] sync( [pid 6252] <... write resumed>) = 18 [pid 6253] <... openat resumed>) = 3 [pid 6251] <... link resumed>) = 0 [pid 6252] memfd_create("syzkaller", 0 [pid 6253] write(3, "1000", 4 [pid 6252] <... memfd_create resumed>) = 3 [pid 6253] <... write resumed>) = 4 [pid 6252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6253] close(3 [pid 6252] <... mmap resumed>) = 0x7f1864095000 [pid 6251] sync( [pid 6253] <... close resumed>) = 0 [pid 6253] symlink("/dev/binderfs", "./binderfs" [pid 6252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6253] <... symlink resumed>) = 0 [pid 6253] write(1, "executing program\n", 18executing program ) = 18 [pid 6253] memfd_create("syzkaller", 0) = 3 [pid 6253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6253] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6252] <... write resumed>) = 524288 [pid 6252] munmap(0x7f1864095000, 138412032) = 0 [pid 6251] <... sync resumed>) = 0 [pid 6250] <... sync resumed>) = 0 [pid 6249] <... sync resumed>) = 0 [pid 6250] exit_group(0 [pid 6252] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6250] <... exit_group resumed>) = ? [pid 6251] exit_group(0 [pid 6249] exit_group(0 [pid 6251] <... exit_group resumed>) = ? [pid 6249] <... exit_group resumed>) = ? [pid 6253] <... write resumed>) = 524288 [pid 6252] <... openat resumed>) = 4 [pid 6253] munmap(0x7f1864095000, 138412032 [pid 6252] ioctl(4, LOOP_SET_FD, 3 [pid 6253] <... munmap resumed>) = 0 [pid 6252] <... ioctl resumed>) = 0 [pid 6251] +++ exited with 0 +++ [pid 6250] +++ exited with 0 +++ [pid 6249] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6249, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6251, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6250, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6253] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6252] close(3 [pid 5866] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6253] <... openat resumed>) = 4 [pid 6252] <... close resumed>) = 0 [pid 5867] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6253] ioctl(4, LOOP_SET_FD, 3 [pid 6252] close(4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6253] <... ioctl resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6252] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6252] mkdir("./file1", 0777 [pid 5867] <... openat resumed>) = 3 [pid 6253] close(3 [pid 6252] <... mkdir resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 6253] <... close resumed>) = 0 [pid 6253] close(4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(3, "", [pid 6252] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", [pid 6253] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6253] mkdir("./file1", 0777) = 0 [pid 6252] <... mount resumed>) = 0 [pid 5866] getdents64(3, [pid 6253] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [ 180.198629][ T6252] loop0: detected capacity change from 0 to 1024 [ 180.221248][ T6253] loop4: detected capacity change from 0 to 1024 [pid 6252] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5865] <... umount2 resumed>) = 0 [pid 6252] chdir("./file1" [pid 5867] <... umount2 resumed>) = 0 [pid 6252] <... chdir resumed>) = 0 [pid 5867] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6252] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] newfstatat(AT_FDCWD, "./75/file1", [pid 5865] newfstatat(AT_FDCWD, "./75/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6252] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./75/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./75/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6252] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 4 [pid 5865] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 5865] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5865] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6252] <... link resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] <... umount2 resumed>) = 0 [pid 5865] getdents64(4, [pid 6252] sync( [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(4 [pid 5867] rmdir("./75/file1" [pid 5865] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] rmdir("./75/file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 5867] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./73/file1", [pid 5865] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./73/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6253] <... mount resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5866] openat(AT_FDCWD, "./73/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6253] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 5867] unlink("./75/binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6253] <... openat resumed>) = 3 [pid 5867] <... unlink resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] unlink("./75/binderfs" [pid 6253] chdir("./file1" [pid 5867] getdents64(3, [pid 6253] <... chdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... unlink resumed>) = 0 [pid 5867] close(3 [pid 5865] getdents64(3, [pid 6253] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6253] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] rmdir("./75" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6253] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6252] <... sync resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] close(4 [pid 5865] close(3 [pid 5866] <... close resumed>) = 0 [pid 6252] exit_group(0 [pid 5867] mkdir("./76", 0777 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./75" [pid 5867] <... mkdir resumed>) = 0 [pid 5866] rmdir("./73/file1" [pid 6252] <... exit_group resumed>) = ? [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5866] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6253] <... link resumed>) = 0 [pid 6252] +++ exited with 0 +++ [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] mkdir("./76", 0777 [pid 5867] <... openat resumed>) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6252, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5865] <... mkdir resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6253] sync( [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5866] unlink("./73/binderfs" [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] close(3 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] getdents64(3, [pid 5865] <... ioctl resumed>) = 0 [pid 5864] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5866] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6254 attached [pid 5864] newfstatat(3, "", [pid 5866] rmdir("./73") = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] mkdir("./74", 0777 [pid 5864] getdents64(3, [pid 5866] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6254 [pid 6254] set_robust_list(0x5555593cd660, 24 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... close resumed>) = 0 [pid 6254] <... set_robust_list resumed>) = 0 [pid 6254] chdir("./76" [pid 5866] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3 [pid 6254] <... chdir resumed>) = 0 [pid 6254] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6253] <... sync resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6254] <... prctl resumed>) = 0 [pid 6254] setpgid(0, 0./strace-static-x86_64: Process 6255 attached ) = 0 [pid 6253] exit_group(0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6255 [pid 6254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6253] <... exit_group resumed>) = ? [pid 6255] set_robust_list(0x5555593cd660, 24) = 0 [pid 6255] chdir("./76") = 0 [pid 6255] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6255] setpgid(0, 0) = 0 [pid 6255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6254] <... openat resumed>) = 3 [pid 6254] write(3, "1000", 4executing program [pid 6255] write(3, "1000", 4 [pid 6254] <... write resumed>) = 4 [pid 6253] +++ exited with 0 +++ ./strace-static-x86_64: Process 6256 attached [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6253, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6254] close(3 [pid 6256] set_robust_list(0x5555593cd660, 24 [pid 6255] <... write resumed>) = 4 [pid 6254] <... close resumed>) = 0 [pid 6254] symlink("/dev/binderfs", "./binderfs" [pid 6256] <... set_robust_list resumed>) = 0 [pid 6255] close(3 [pid 6256] chdir("./74" [pid 6255] <... close resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6256 [pid 6255] symlink("/dev/binderfs", "./binderfs" [pid 6256] <... chdir resumed>) = 0 [pid 6255] <... symlink resumed>) = 0 [pid 6256] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6255] write(1, "executing program\n", 18 [pid 6256] <... prctl resumed>) = 0 [pid 6255] <... write resumed>) = 18 [pid 6256] setpgid(0, 0 [pid 6255] memfd_create("syzkaller", 0 [pid 6256] <... setpgid resumed>) = 0 [pid 6255] <... memfd_create resumed>) = 3 [pid 6256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6254] <... symlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 executing program [pid 6255] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6254] write(1, "executing program\n", 18 [pid 6256] write(3, "1000", 4 [pid 6254] <... write resumed>) = 18 [pid 5864] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6254] memfd_create("syzkaller", 0 [pid 5868] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6256] <... write resumed>) = 4 [pid 5864] newfstatat(AT_FDCWD, "./75/file1", [pid 6256] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6256] <... close resumed>) = 0 [pid 5864] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6256] symlink("/dev/binderfs", "./binderfs" [pid 6254] <... memfd_create resumed>) = 3 [pid 5868] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6256] <... symlink resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./75/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6256] write(1, "executing program\n", 18 [pid 6254] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 4 [pid 6256] <... write resumed>) = 18 [pid 6256] memfd_create("syzkaller", 0 [pid 5868] newfstatat(3, "", [pid 5864] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6256] <... memfd_create resumed>) = 3 [pid 5868] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] getdents64(4, [pid 6256] <... mmap resumed>) = 0x7f1864095000 [pid 6255] <... write resumed>) = 524288 [pid 5868] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./75/file1") = 0 [pid 6256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6255] munmap(0x7f1864095000, 138412032 [pid 6254] <... write resumed>) = 524288 [pid 5864] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6255] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6255] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] newfstatat(AT_FDCWD, "./75/binderfs", [pid 6256] <... write resumed>) = 524288 [pid 6255] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6255] ioctl(4, LOOP_SET_FD, 3 [pid 5864] unlink("./75/binderfs" [pid 6255] <... ioctl resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6255] close(3) = 0 [pid 5864] close(3 [pid 6255] close(4 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./75" [pid 6255] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6255] mkdir("./file1", 0777) = 0 [pid 5864] mkdir("./76", 0777) = 0 [pid 6255] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6254] munmap(0x7f1864095000, 138412032 [pid 5864] <... openat resumed>) = 3 [pid 6254] <... munmap resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6256] munmap(0x7f1864095000, 138412032 [pid 5864] <... ioctl resumed>) = 0 [pid 6256] <... munmap resumed>) = 0 [pid 6254] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6254] <... openat resumed>) = 4 [pid 5868] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6257 attached [pid 6256] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6254] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6256] <... openat resumed>) = 4 [pid 5868] newfstatat(AT_FDCWD, "./76/file1", [pid 6257] set_robust_list(0x5555593cd660, 24 [pid 6256] ioctl(4, LOOP_SET_FD, 3 [pid 6254] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6257] <... set_robust_list resumed>) = 0 [pid 6256] <... ioctl resumed>) = 0 [pid 5868] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6257 [pid 6256] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6257] chdir("./76" [pid 6256] <... close resumed>) = 0 [pid 6254] close(3 [pid 5868] openat(AT_FDCWD, "./76/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6257] <... chdir resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 6257] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6254] <... close resumed>) = 0 [pid 6257] <... prctl resumed>) = 0 [pid 6254] close(4 [pid 6257] setpgid(0, 0 [pid 6256] close(4 [pid 6255] <... mount resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 6257] <... setpgid resumed>) = 0 [pid 6254] <... close resumed>) = 0 [pid 6255] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6255] chdir("./file1") = 0 [pid 6255] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6255] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6254] mkdir("./file1", 0777 [pid 6255] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6254] <... mkdir resumed>) = 0 [ 180.583019][ T6255] loop1: detected capacity change from 0 to 1024 [ 180.609148][ T6254] loop3: detected capacity change from 0 to 1024 [ 180.619983][ T6256] loop2: detected capacity change from 0 to 1024 [pid 6257] <... openat resumed>) = 3 [pid 6254] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6257] write(3, "1000", 4 [pid 6256] <... close resumed>) = 0 [pid 6255] <... link resumed>) = 0 [pid 5868] getdents64(4, [pid 6256] mkdir("./file1", 0777 [pid 6255] sync( [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6257] <... write resumed>) = 4 [pid 6257] close(3 [pid 6256] <... mkdir resumed>) = 0 [pid 5868] getdents64(4, [pid 6257] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 6257] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... close resumed>) = 0 [pid 6257] <... symlink resumed>) = 0 [pid 5868] rmdir("./76/file1") = 0 executing program [pid 6254] <... mount resumed>) = 0 [pid 6257] write(1, "executing program\n", 18 [pid 6256] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6257] <... write resumed>) = 18 [pid 6254] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6257] memfd_create("syzkaller", 0 [pid 6254] <... openat resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./76/binderfs", [pid 6254] chdir("./file1" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6257] <... memfd_create resumed>) = 3 [pid 6254] <... chdir resumed>) = 0 [pid 6254] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6254] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] unlink("./76/binderfs" [pid 6254] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6257] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... unlink resumed>) = 0 [pid 6257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 6254] <... link resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6254] sync( [pid 5868] rmdir("./76") = 0 [pid 5868] mkdir("./77", 0777 [pid 6256] <... mount resumed>) = 0 [pid 6255] <... sync resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 6256] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6255] exit_group(0 [pid 6256] <... openat resumed>) = 3 [pid 6255] <... exit_group resumed>) = ? [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6256] chdir("./file1" [pid 6255] +++ exited with 0 +++ [pid 5868] <... openat resumed>) = 3 [pid 6256] <... chdir resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6255, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6256] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... ioctl resumed>) = 0 [pid 6256] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] close(3 [pid 6256] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6258 attached [pid 6258] set_robust_list(0x5555593cd660, 24) = 0 [pid 6258] chdir("./77" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6258 [pid 6258] <... chdir resumed>) = 0 [pid 6258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6258] setpgid(0, 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6258] <... setpgid resumed>) = 0 [pid 6258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6257] <... write resumed>) = 524288 [pid 5865] <... openat resumed>) = 3 [pid 6258] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 6258] write(3, "1000", 4 [pid 6257] munmap(0x7f1864095000, 138412032 [pid 6254] <... sync resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6258] <... write resumed>) = 4 [pid 6257] <... munmap resumed>) = 0 [pid 6256] <... link resumed>) = 0 [pid 6254] exit_group(0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6258] close(3 [pid 6257] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6256] sync( [pid 6254] <... exit_group resumed>) = ? [pid 5865] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6258] <... close resumed>) = 0 [pid 6254] +++ exited with 0 +++ [pid 6257] <... openat resumed>) = 4 [pid 6258] symlink("/dev/binderfs", "./binderfs" [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6254, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- executing program [pid 6258] <... symlink resumed>) = 0 [pid 6257] ioctl(4, LOOP_SET_FD, 3 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6258] write(1, "executing program\n", 18) = 18 [pid 6258] memfd_create("syzkaller", 0) = 3 [pid 5867] <... restart_syscall resumed>) = 0 [pid 6258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6257] <... ioctl resumed>) = 0 [pid 6257] close(3 [pid 5867] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6256] <... sync resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6257] <... close resumed>) = 0 [pid 6256] exit_group(0 [pid 5867] <... openat resumed>) = 3 [pid 6258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5867] newfstatat(3, "", [pid 6257] close(4 [pid 5865] <... umount2 resumed>) = 0 [pid 6257] <... close resumed>) = 0 [pid 6257] mkdir("./file1", 0777) = 0 [pid 6256] <... exit_group resumed>) = ? [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 180.845945][ T6257] loop0: detected capacity change from 0 to 1024 [pid 5867] getdents64(3, [pid 6258] munmap(0x7f1864095000, 138412032 [pid 6257] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6256] +++ exited with 0 +++ [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6256, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6258] <... munmap resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5867] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(3, "", [pid 5865] newfstatat(AT_FDCWD, "./76/file1", [pid 6258] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] getdents64(3, [pid 5865] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6258] <... openat resumed>) = 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6258] ioctl(4, LOOP_SET_FD, 3 [pid 5866] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./76/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6258] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6258] ioctl(4, LOOP_CLR_FD [pid 5865] <... openat resumed>) = 4 [pid 6258] <... ioctl resumed>) = 0 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 6258] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6258] close(4 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6258] <... close resumed>) = 0 [pid 5865] close(4 [pid 6258] close(3 [pid 5865] <... close resumed>) = 0 [pid 6258] <... close resumed>) = 0 [pid 5865] rmdir("./76/file1") = 0 [pid 6258] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 5865] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6258] sync( [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./76/binderfs") = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6257] <... mount resumed>) = 0 [pid 5865] close(3 [pid 5866] <... umount2 resumed>) = 0 [pid 6257] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6257] <... openat resumed>) = 3 [pid 5867] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./76" [pid 5866] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6257] chdir("./file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./74/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./76/file1", [pid 6257] <... chdir resumed>) = 0 [pid 5865] mkdir("./77", 0777 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6257] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6258] <... sync resumed>) = 0 [pid 5866] umount2("./74/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6258] exit_group(0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... mkdir resumed>) = 0 [pid 6257] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6258] <... exit_group resumed>) = ? [pid 6257] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./74/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] openat(AT_FDCWD, "./76/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] <... openat resumed>) = 4 [pid 5866] newfstatat(4, "", [pid 5867] newfstatat(4, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 6258] +++ exited with 0 +++ [pid 5866] <... close resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6258, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] rmdir("./74/file1" [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./74/binderfs") = 0 [pid 5867] getdents64(4, [pid 5866] getdents64(3, [pid 5868] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(4, [pid 5865] <... ioctl resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 5866] close(3 [pid 5865] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5867] rmdir("./76/file1") = 0 [pid 5866] rmdir("./74" [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6259 attached [pid 6257] <... link resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 6257] sync( [pid 5868] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5866] mkdir("./75", 0777 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6259 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6259] set_robust_list(0x5555593cd660, 24) = 0 [pid 6259] chdir("./77" [pid 5867] unlink("./76/binderfs" [pid 6259] <... chdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6259] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6259] setpgid(0, 0 [pid 5868] newfstatat(3, "", [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6259] <... setpgid resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 6259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] getdents64(3, [pid 6259] <... openat resumed>) = 3 [pid 5866] close(3 [pid 6259] write(3, "1000", 4) = 4 [pid 6259] close(3) = 0 [pid 6259] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5867] <... unlink resumed>) = 0 [pid 6259] write(1, "executing program\n", 18executing program [pid 5868] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 6259] <... write resumed>) = 18 [pid 5866] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6259] memfd_create("syzkaller", 0 [pid 5868] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6259] <... memfd_create resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6260 attached [pid 6259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] unlink("./77/binderfs" [pid 5867] close(3 [pid 6259] <... mmap resumed>) = 0x7f1864095000 [pid 6257] <... sync resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6257] exit_group(0 [pid 5867] rmdir("./76" [pid 6260] set_robust_list(0x5555593cd660, 24 [pid 6257] <... exit_group resumed>) = ? [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6260 [pid 6260] <... set_robust_list resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] mkdir("./77", 0777 [pid 6260] chdir("./75" [pid 5867] <... mkdir resumed>) = 0 [pid 6260] <... chdir resumed>) = 0 [pid 6260] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6257] +++ exited with 0 +++ [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] getdents64(3, [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6257, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6260] <... prctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6260] setpgid(0, 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6260] <... setpgid resumed>) = 0 [pid 5864] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6260] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6261 attached [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] close(3 [pid 5864] getdents64(3, [pid 5868] <... close resumed>) = 0 [pid 6260] write(3, "1000", 4 [pid 6259] <... write resumed>) = 524288 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6261] set_robust_list(0x5555593cd660, 24 [pid 6260] <... write resumed>) = 4 [pid 5868] rmdir("./77" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6261 [pid 5864] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6260] close(3) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6261] <... set_robust_list resumed>) = 0 [pid 6260] symlink("/dev/binderfs", "./binderfs" [pid 5868] mkdir("./78", 0777 [pid 6261] chdir("./77" [pid 6259] munmap(0x7f1864095000, 138412032 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6260] <... symlink resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6261] <... chdir resumed>) = 0 [pid 6261] prctl(PR_SET_PDEATHSIG, SIGKILL executing program [pid 6260] write(1, "executing program\n", 18 [pid 6259] <... munmap resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6261] <... prctl resumed>) = 0 [pid 6260] <... write resumed>) = 18 [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6261] setpgid(0, 0 [pid 6260] memfd_create("syzkaller", 0 [pid 6259] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6261] <... setpgid resumed>) = 0 [pid 6260] <... memfd_create resumed>) = 3 [pid 6259] <... openat resumed>) = 4 [pid 6261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6259] ioctl(4, LOOP_SET_FD, 3 [pid 6260] <... mmap resumed>) = 0x7f1864095000 [pid 6259] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6261] <... openat resumed>) = 3 [pid 6260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6259] ioctl(4, LOOP_CLR_FD [pid 5868] close(3 [pid 6259] <... ioctl resumed>) = 0 [pid 6261] write(3, "1000", 4 [pid 6259] ioctl(4, LOOP_SET_FD, 3 [pid 6261] <... write resumed>) = 4 [pid 6259] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... close resumed>) = 0 [pid 6261] close(3 [pid 6259] close(4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6261] <... close resumed>) = 0 [pid 6259] <... close resumed>) = 0 [pid 6261] symlink("/dev/binderfs", "./binderfs" [pid 6259] close(3 [pid 6261] <... symlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 executing program [pid 6261] write(1, "executing program\n", 18) = 18 [pid 6261] memfd_create("syzkaller", 0 [pid 6259] <... close resumed>) = 0 ./strace-static-x86_64: Process 6262 attached [pid 6261] <... memfd_create resumed>) = 3 [pid 6261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6262 [pid 6262] set_robust_list(0x5555593cd660, 24 [pid 6261] <... mmap resumed>) = 0x7f1864095000 [pid 6262] <... set_robust_list resumed>) = 0 [pid 6262] chdir("./78" [pid 5864] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6262] <... chdir resumed>) = 0 [pid 6259] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6259] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5864] newfstatat(AT_FDCWD, "./76/file1", [pid 6262] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6262] <... prctl resumed>) = 0 [pid 6262] setpgid(0, 0) = 0 [pid 6262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6262] <... openat resumed>) = 3 [pid 6261] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6259] sync( [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6262] write(3, "1000", 4 [pid 6260] <... write resumed>) = 524288 [pid 6262] <... write resumed>) = 4 [pid 6260] munmap(0x7f1864095000, 138412032 [pid 5864] openat(AT_FDCWD, "./76/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6262] close(3 [pid 6260] <... munmap resumed>) = 0 [pid 6262] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6259] <... sync resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6260] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 6262] write(1, "executing program\n", 18 [pid 6260] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6262] <... write resumed>) = 18 [pid 6260] ioctl(4, LOOP_SET_FD, 3 [pid 6262] memfd_create("syzkaller", 0 [pid 6260] <... ioctl resumed>) = 0 [pid 6259] exit_group(0 [pid 5864] getdents64(4, [pid 6262] <... memfd_create resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6261] <... write resumed>) = 524288 [pid 6259] <... exit_group resumed>) = ? [pid 6262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6261] munmap(0x7f1864095000, 138412032 [pid 6262] <... mmap resumed>) = 0x7f1864095000 [pid 6262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6261] <... munmap resumed>) = 0 [pid 6260] close(3 [pid 6259] +++ exited with 0 +++ [pid 5864] getdents64(4, [pid 6260] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6260] close(4 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6259, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5864] close(4 [pid 6261] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6261] <... openat resumed>) = 4 [pid 6260] <... close resumed>) = 0 [pid 5865] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 6261] ioctl(4, LOOP_SET_FD, 3 [pid 6260] mkdir("./file1", 0777 [pid 6261] <... ioctl resumed>) = 0 [pid 6260] <... mkdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] rmdir("./76/file1" [pid 6261] close(3 [pid 6260] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... rmdir resumed>) = 0 [pid 6261] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] close(4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6261] <... close resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 5864] newfstatat(AT_FDCWD, "./76/binderfs", [pid 6261] mkdir("./file1", 0777 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6261] <... mkdir resumed>) = 0 [pid 5865] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] unlink("./76/binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6262] <... write resumed>) = 524288 [pid 5865] newfstatat(AT_FDCWD, "./77/binderfs", [pid 6262] munmap(0x7f1864095000, 138412032 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5865] unlink("./77/binderfs" [pid 6261] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6262] <... munmap resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6262] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 6262] <... openat resumed>) = 4 [ 181.263778][ T6260] loop2: detected capacity change from 0 to 1024 [ 181.291418][ T6261] loop3: detected capacity change from 0 to 1024 [pid 5865] close(3 [pid 5864] <... close resumed>) = 0 [pid 6262] ioctl(4, LOOP_SET_FD, 3 [pid 6260] <... mount resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] rmdir("./76" [pid 6262] <... ioctl resumed>) = 0 [pid 6260] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] rmdir("./77" [pid 6262] close(3 [pid 6260] <... openat resumed>) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] mkdir("./78", 0777 [pid 6262] <... close resumed>) = 0 [pid 6260] chdir("./file1" [pid 5865] <... mkdir resumed>) = 0 [pid 5864] mkdir("./77", 0777 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6262] close(4 [pid 6260] <... chdir resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... mkdir resumed>) = 0 [pid 6262] <... close resumed>) = 0 [pid 6260] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6262] mkdir("./file1", 0777 [pid 6261] <... mount resumed>) = 0 [pid 6260] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6260] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] close(3 [pid 6262] <... mkdir resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6261] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6263 attached [pid 6262] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6261] <... openat resumed>) = 3 [pid 5864] <... ioctl resumed>) = 0 [pid 6261] chdir("./file1") = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6263 [pid 6263] set_robust_list(0x5555593cd660, 24 [pid 6260] <... link resumed>) = 0 [pid 6261] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] close(3 [pid 6261] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6261] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6263] <... set_robust_list resumed>) = 0 [pid 6262] <... mount resumed>) = 0 [pid 6260] sync( [pid 5864] <... close resumed>) = 0 [ 181.361884][ T6262] loop4: detected capacity change from 0 to 1024 [pid 6263] chdir("./78") = 0 [pid 6262] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6263] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6262] <... openat resumed>) = 3 [pid 6263] <... prctl resumed>) = 0 [pid 6262] chdir("./file1") = 0 [pid 6262] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 6264 attached ) = -1 EBUSY (Device or resource busy) [pid 6263] setpgid(0, 0 [pid 6262] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6263] <... setpgid resumed>) = 0 [pid 6263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6264] set_robust_list(0x5555593cd660, 24) = 0 [pid 6263] <... openat resumed>) = 3 [pid 6264] chdir("./77") = 0 [pid 6264] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6264 [pid 6264] <... prctl resumed>) = 0 [pid 6263] write(3, "1000", 4) = 4 [pid 6264] setpgid(0, 0 [pid 6263] close(3) = 0 [pid 6264] <... setpgid resumed>) = 0 [pid 6264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6263] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6264] <... openat resumed>) = 3 [pid 6261] <... link resumed>) = 0 [pid 6263] write(1, "executing program\n", 18) = 18 [pid 6263] memfd_create("syzkaller", 0) = 3 [pid 6264] write(3, "1000", 4 [pid 6263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6261] sync( [pid 6263] <... mmap resumed>) = 0x7f1864095000 [pid 6264] <... write resumed>) = 4 [pid 6264] close(3 [pid 6263] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6264] <... close resumed>) = 0 [pid 6264] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6264] write(1, "executing program\n", 18) = 18 [pid 6262] <... link resumed>) = 0 [pid 6264] memfd_create("syzkaller", 0) = 3 [pid 6262] sync( [pid 6264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6263] <... write resumed>) = 524288 [pid 6264] <... write resumed>) = 524288 [pid 6263] munmap(0x7f1864095000, 138412032) = 0 [pid 6263] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6262] <... sync resumed>) = 0 [pid 6261] <... sync resumed>) = 0 [pid 6260] <... sync resumed>) = 0 [pid 6263] <... openat resumed>) = 4 [pid 6262] exit_group(0 [pid 6260] exit_group(0 [pid 6262] <... exit_group resumed>) = ? [pid 6260] <... exit_group resumed>) = ? [pid 6263] ioctl(4, LOOP_SET_FD, 3 [pid 6261] exit_group(0 [pid 6260] +++ exited with 0 +++ [pid 6261] <... exit_group resumed>) = ? [pid 6263] <... ioctl resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6260, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6264] munmap(0x7f1864095000, 138412032 [pid 6263] close(3) = 0 [pid 6264] <... munmap resumed>) = 0 [pid 6263] close(4) = 0 [pid 6263] mkdir("./file1", 0777 [pid 6264] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6263] <... mkdir resumed>) = 0 [pid 6262] +++ exited with 0 +++ [pid 5866] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6262, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6261] +++ exited with 0 +++ [pid 6264] <... openat resumed>) = 4 [pid 6263] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6261, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6264] close(3 [pid 5867] <... restart_syscall resumed>) = 0 [pid 6264] <... close resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 6264] close(4) = 0 [pid 6264] mkdir("./file1", 0777 [pid 5867] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5868] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(3, "", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] getdents64(3, [pid 6264] <... mkdir resumed>) = 0 [pid 6263] <... mount resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6263] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] newfstatat(3, "", [pid 5867] getdents64(3, [pid 6264] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6263] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] getdents64(3, [pid 6263] chdir("./file1" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./77/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6263] <... chdir resumed>) = 0 [pid 5868] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6263] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6263] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6264] <... mount resumed>) = 0 [ 181.552351][ T6263] loop1: detected capacity change from 0 to 1024 [ 181.563896][ T6264] loop0: detected capacity change from 0 to 1024 [pid 6264] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6264] chdir("./file1") = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6264] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./75/file1", [pid 6263] <... link resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6263] sync( [pid 5868] <... umount2 resumed>) = 0 [pid 5867] umount2("./77/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./75/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./78/file1", [pid 5867] newfstatat(AT_FDCWD, "./77/file1", [pid 5866] openat(AT_FDCWD, "./75/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6264] <... link resumed>) = 0 [pid 5868] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./77/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(4, "", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6264] sync( [pid 5868] openat(AT_FDCWD, "./78/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./77/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(4, [pid 5868] <... openat resumed>) = 4 [pid 5868] newfstatat(4, "", [pid 5867] <... openat resumed>) = 4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5868] getdents64(4, [pid 5867] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5868] close(4) = 0 [pid 5867] close(4 [pid 5866] <... close resumed>) = 0 [pid 5868] rmdir("./78/file1" [pid 5867] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] rmdir("./77/file1" [pid 5866] rmdir("./75/file1" [pid 6264] <... sync resumed>) = 0 [pid 6263] <... sync resumed>) = 0 [pid 5868] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6264] exit_group(0 [pid 6263] exit_group(0 [pid 5868] newfstatat(AT_FDCWD, "./78/binderfs", [pid 6264] <... exit_group resumed>) = ? [pid 6263] <... exit_group resumed>) = ? [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6263] +++ exited with 0 +++ [pid 5868] unlink("./78/binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6263, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] <... unlink resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5866] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6264] +++ exited with 0 +++ [pid 5868] getdents64(3, [pid 5867] unlink("./77/binderfs" [pid 5866] unlink("./75/binderfs" [pid 5865] <... restart_syscall resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./78") = 0 [pid 5865] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6264, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] <... unlink resumed>) = 0 [pid 5868] mkdir("./79", 0777) = 0 [pid 5867] getdents64(3, [pid 5866] getdents64(3, [pid 5864] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(3 [pid 5864] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5865] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] rmdir("./75" [pid 5864] newfstatat(3, "", [pid 5867] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] getdents64(3, [pid 5867] rmdir("./77" [pid 5866] mkdir("./76", 0777 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] mkdir("./78", 0777 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] umount2("./77/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... close resumed>) = 0 [pid 5865] getdents64(3, [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] close(3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6265 attached [pid 5865] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6265] set_robust_list(0x5555593cd660, 24) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 6265] chdir("./76" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6265] <... chdir resumed>) = 0 [pid 5867] close(3 [pid 6265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6265 ./strace-static-x86_64: Process 6266 attached [pid 6265] setpgid(0, 0 [pid 5867] <... close resumed>) = 0 [pid 6266] set_robust_list(0x5555593cd660, 24 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6267 attached [pid 6266] <... set_robust_list resumed>) = 0 [pid 6266] chdir("./79" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6266 [pid 6265] <... setpgid resumed>) = 0 [pid 6267] set_robust_list(0x5555593cd660, 24 [pid 6266] <... chdir resumed>) = 0 [pid 6267] <... set_robust_list resumed>) = 0 [pid 6266] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6267] chdir("./78" [pid 6266] <... prctl resumed>) = 0 [pid 6265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6267 [pid 6266] setpgid(0, 0 [pid 6267] <... chdir resumed>) = 0 [pid 6266] <... setpgid resumed>) = 0 [pid 6267] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6267] <... prctl resumed>) = 0 [pid 6267] setpgid(0, 0 [pid 6266] <... openat resumed>) = 3 [pid 6265] <... openat resumed>) = 3 [pid 6267] <... setpgid resumed>) = 0 [pid 6266] write(3, "1000", 4 [pid 6267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6266] <... write resumed>) = 4 [pid 6267] <... openat resumed>) = 3 [pid 6266] close(3) = 0 [pid 6267] write(3, "1000", 4 [pid 6266] symlink("/dev/binderfs", "./binderfs" [pid 6267] <... write resumed>) = 4 [pid 6266] <... symlink resumed>) = 0 [pid 6265] write(3, "1000", 4 [pid 6267] close(3 [pid 6265] <... write resumed>) = 4 [pid 6267] <... close resumed>) = 0 executing program [pid 6266] write(1, "executing program\n", 18 [pid 5864] <... umount2 resumed>) = 0 [pid 6267] symlink("/dev/binderfs", "./binderfs" [pid 6266] <... write resumed>) = 18 [pid 6266] memfd_create("syzkaller", 0 [pid 6267] <... symlink resumed>) = 0 [pid 6265] close(3executing program [pid 6266] <... memfd_create resumed>) = 3 [pid 6267] write(1, "executing program\n", 18 [pid 6266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6267] <... write resumed>) = 18 [pid 6266] <... mmap resumed>) = 0x7f1864095000 [pid 6267] memfd_create("syzkaller", 0 [pid 5864] umount2("./77/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] <... memfd_create resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./77/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] umount2("./77/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6265] <... close resumed>) = 0 [pid 6267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6265] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... umount2 resumed>) = 0 executing program [pid 6266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6265] <... symlink resumed>) = 0 [pid 5865] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./77/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6265] write(1, "executing program\n", 18) = 18 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 4 [pid 5865] newfstatat(AT_FDCWD, "./78/file1", [pid 6265] memfd_create("syzkaller", 0 [pid 5864] newfstatat(4, "", [pid 6265] <... memfd_create resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6265] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./78/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... openat resumed>) = 4 [pid 5864] getdents64(4, [pid 6266] <... write resumed>) = 524288 [pid 5865] newfstatat(4, "", [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5864] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./77/file1") = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6267] <... write resumed>) = 524288 [pid 5864] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./77/binderfs", [pid 6265] <... write resumed>) = 524288 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] close(4) = 0 [pid 5864] unlink("./77/binderfs" [pid 5865] rmdir("./78/file1" [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6266] munmap(0x7f1864095000, 138412032 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6266] <... munmap resumed>) = 0 [pid 5864] close(3) = 0 [pid 6267] munmap(0x7f1864095000, 138412032 [pid 5864] rmdir("./77" [pid 6267] <... munmap resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6266] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6267] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6266] <... openat resumed>) = 4 [pid 5865] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] <... openat resumed>) = 4 [pid 6266] ioctl(4, LOOP_SET_FD, 3 [pid 6267] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 6266] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5864] mkdir("./78", 0777 [pid 6265] munmap(0x7f1864095000, 138412032 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./78/binderfs" [pid 5864] <... mkdir resumed>) = 0 [pid 6267] <... ioctl resumed>) = 0 [pid 6265] <... munmap resumed>) = 0 [pid 6267] close(3 [pid 6266] ioctl(4, LOOP_CLR_FD [pid 5865] <... unlink resumed>) = 0 [pid 6267] <... close resumed>) = 0 [pid 6266] <... ioctl resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6267] close(4 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6267] <... close resumed>) = 0 [pid 5865] close(3 [pid 6267] mkdir("./file1", 0777) = 0 [pid 5865] <... close resumed>) = 0 [pid 6266] ioctl(4, LOOP_SET_FD, 3 [pid 6265] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] rmdir("./78" [pid 6266] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6265] <... openat resumed>) = 4 [pid 6266] close(4 [pid 6265] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... rmdir resumed>) = 0 [pid 6267] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6266] <... close resumed>) = 0 [pid 6266] close(3 [pid 6265] <... ioctl resumed>) = 0 [pid 5865] mkdir("./79", 0777) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6268 attached [pid 6266] <... close resumed>) = 0 [pid 6265] close(3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6266] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6268] set_robust_list(0x5555593cd660, 24 [pid 6266] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6268] <... set_robust_list resumed>) = 0 [pid 6267] <... mount resumed>) = 0 [pid 6266] sync( [pid 6267] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6265] <... close resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6268] chdir("./78" [pid 6267] <... openat resumed>) = 3 [pid 6265] close(4 [pid 5865] close(3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6268 [pid 6268] <... chdir resumed>) = 0 [pid 6267] chdir("./file1" [pid 6265] <... close resumed>) = 0 [pid 6268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6267] <... chdir resumed>) = 0 [pid 6265] mkdir("./file1", 0777 [pid 5865] <... close resumed>) = 0 [pid 6268] <... prctl resumed>) = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6268] setpgid(0, 0 [pid 6267] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 181.919677][ T6267] loop3: detected capacity change from 0 to 1024 [ 181.935223][ T6265] loop2: detected capacity change from 0 to 1024 [pid 6265] <... mkdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6268] <... setpgid resumed>) = 0 [pid 6265] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6269 attached [pid 6268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6267] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6269] set_robust_list(0x5555593cd660, 24 [pid 6268] <... openat resumed>) = 3 [pid 6266] <... sync resumed>) = 0 [pid 6269] <... set_robust_list resumed>) = 0 [pid 6268] write(3, "1000", 4 [pid 6266] exit_group(0 [pid 6265] <... mount resumed>) = 0 [pid 6265] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6269 [pid 6265] <... openat resumed>) = 3 [pid 6268] <... write resumed>) = 4 [pid 6265] chdir("./file1" [pid 6268] close(3 [pid 6265] <... chdir resumed>) = 0 [pid 6269] chdir("./79" [pid 6266] <... exit_group resumed>) = ? [pid 6269] <... chdir resumed>) = 0 [pid 6268] <... close resumed>) = 0 [pid 6266] +++ exited with 0 +++ [pid 6269] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6268] symlink("/dev/binderfs", "./binderfs"executing program [pid 6269] <... prctl resumed>) = 0 [pid 6268] <... symlink resumed>) = 0 [pid 6267] <... link resumed>) = 0 [pid 6265] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6266, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6267] sync( [pid 6265] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6265] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6269] setpgid(0, 0) = 0 [pid 5868] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6268] write(1, "executing program\n", 18 [pid 5868] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6268] <... write resumed>) = 18 [pid 5868] <... openat resumed>) = 3 [pid 6269] <... openat resumed>) = 3 [pid 6268] memfd_create("syzkaller", 0 [pid 5868] newfstatat(3, "", [pid 6268] <... memfd_create resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6269] write(3, "1000", 4 [pid 6268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] getdents64(3, [pid 6269] <... write resumed>) = 4 [pid 6268] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6269] close(3) = 0 [pid 6269] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6265] <... link resumed>) = 0 [pid 5868] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6267] <... sync resumed>) = 0 [pid 6265] sync( [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./79/binderfs", [pid 6267] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6269] write(1, "executing program\n", 18 [pid 6267] <... exit_group resumed>) = ? [pid 5868] unlink("./79/binderfs" [pid 6269] <... write resumed>) = 18 [pid 6269] memfd_create("syzkaller", 0 [pid 5868] <... unlink resumed>) = 0 [pid 6269] <... memfd_create resumed>) = 3 [pid 6268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] getdents64(3, [pid 6269] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6267] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6267, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5868] close(3 [pid 5867] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] rmdir("./79" [pid 5867] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 5868] mkdir("./80", 0777 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6265] <... sync resumed>) = 0 [pid 6265] exit_group(0 [pid 5868] <... openat resumed>) = 3 [pid 6265] <... exit_group resumed>) = ? [pid 6268] <... write resumed>) = 524288 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6270 attached [pid 6265] +++ exited with 0 +++ [pid 6268] munmap(0x7f1864095000, 138412032) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6265, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6270] set_robust_list(0x5555593cd660, 24 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6270] <... set_robust_list resumed>) = 0 [pid 6270] chdir("./80" [pid 5866] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6270] <... chdir resumed>) = 0 [pid 6268] <... openat resumed>) = 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6270 [pid 5866] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6269] <... write resumed>) = 524288 [pid 6268] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... openat resumed>) = 3 [pid 6270] <... prctl resumed>) = 0 [pid 6270] setpgid(0, 0 [pid 6269] munmap(0x7f1864095000, 138412032 [pid 6268] <... ioctl resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 6270] <... setpgid resumed>) = 0 [pid 6269] <... munmap resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] getdents64(3, [pid 6270] <... openat resumed>) = 3 [pid 6269] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6268] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6269] <... openat resumed>) = 4 [pid 6268] <... close resumed>) = 0 [pid 5866] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6270] write(3, "1000", 4 [pid 6269] ioctl(4, LOOP_SET_FD, 3 [pid 6268] close(4 [pid 6270] <... write resumed>) = 4 [pid 6269] <... ioctl resumed>) = 0 [pid 6268] <... close resumed>) = 0 [pid 6270] close(3) = 0 [pid 6268] mkdir("./file1", 0777 [pid 6270] symlink("/dev/binderfs", "./binderfs"executing program [pid 6268] <... mkdir resumed>) = 0 [pid 6270] <... symlink resumed>) = 0 [pid 6269] close(3) = 0 [pid 6269] close(4) = 0 [pid 6270] write(1, "executing program\n", 18 [pid 6269] mkdir("./file1", 0777 [pid 6270] <... write resumed>) = 18 [pid 6269] <... mkdir resumed>) = 0 [pid 6270] memfd_create("syzkaller", 0 [pid 6268] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6270] <... memfd_create resumed>) = 3 [pid 5867] <... umount2 resumed>) = 0 [pid 6270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6270] <... mmap resumed>) = 0x7f1864095000 [pid 6270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6269] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6268] <... mount resumed>) = 0 [ 182.148830][ T6268] loop0: detected capacity change from 0 to 1024 [ 182.161215][ T6269] loop1: detected capacity change from 0 to 1024 [pid 5867] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./78/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] chdir("./file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6268] <... chdir resumed>) = 0 [pid 5867] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./76/file1", [pid 6268] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6268] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] openat(AT_FDCWD, "./78/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./76/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(4, "", [pid 5866] openat(AT_FDCWD, "./76/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5867] getdents64(4, [pid 5866] newfstatat(4, "", [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6269] <... mount resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] getdents64(4, [pid 6269] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6269] <... openat resumed>) = 3 [pid 5867] close(4 [pid 6270] <... write resumed>) = 524288 [pid 5866] getdents64(4, [pid 6269] chdir("./file1" [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6269] <... chdir resumed>) = 0 [pid 5867] rmdir("./78/file1" [pid 5866] close(4 [pid 6270] munmap(0x7f1864095000, 138412032 [pid 6269] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6270] <... munmap resumed>) = 0 [pid 5866] rmdir("./76/file1" [pid 6270] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6269] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6268] <... link resumed>) = 0 [pid 5867] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 6270] <... openat resumed>) = 4 [pid 6269] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6268] sync( [pid 6270] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5867] unlink("./78/binderfs" [pid 6270] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6270] <... close resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] unlink("./76/binderfs" [pid 6270] close(4 [pid 5867] getdents64(3, [pid 5866] <... unlink resumed>) = 0 [pid 6270] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6270] mkdir("./file1", 0777 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5866] close(3 [pid 6270] <... mkdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6270] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6269] <... link resumed>) = 0 [pid 5867] rmdir("./78" [pid 5866] rmdir("./76" [pid 6269] sync( [pid 5867] <... rmdir resumed>) = 0 [pid 6268] <... sync resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6268] exit_group(0 [pid 6270] <... mount resumed>) = 0 [pid 5867] mkdir("./79", 0777 [pid 5866] mkdir("./77", 0777 [pid 6270] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6268] <... exit_group resumed>) = ? [ 182.283906][ T6270] loop4: detected capacity change from 0 to 1024 [pid 6270] <... openat resumed>) = 3 [pid 6268] +++ exited with 0 +++ [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6270] chdir("./file1") = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6270] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5866] <... openat resumed>) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6268, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6270] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... ioctl resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 5867] close(3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(3, "", ./strace-static-x86_64: Process 6271 attached [pid 6269] <... sync resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6271] set_robust_list(0x5555593cd660, 24 [pid 6269] exit_group(0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6271] <... set_robust_list resumed>) = 0 [pid 6269] <... exit_group resumed>) = ? [pid 5864] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6272 attached [pid 6270] <... link resumed>) = 0 [pid 6272] set_robust_list(0x5555593cd660, 24 [pid 6271] chdir("./77" [pid 6269] +++ exited with 0 +++ [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6271 [pid 6271] <... chdir resumed>) = 0 [pid 6270] sync( [pid 6272] <... set_robust_list resumed>) = 0 [pid 6272] chdir("./79") = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6269, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6272] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6272] <... prctl resumed>) = 0 [pid 6272] setpgid(0, 0) = 0 [pid 6272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6271] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6272 [pid 6271] <... prctl resumed>) = 0 [pid 6272] <... openat resumed>) = 3 [pid 6271] setpgid(0, 0 [pid 6272] write(3, "1000", 4 [pid 6271] <... setpgid resumed>) = 0 [pid 6272] <... write resumed>) = 4 [pid 6272] close(3) = 0 [pid 6271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6272] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... restart_syscall resumed>) = 0 [pid 6271] <... openat resumed>) = 3 [pid 5865] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 6272] <... symlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6271] write(3, "1000", 4 [pid 5865] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6271] <... write resumed>) = 4 executing program [pid 6271] close(3 [pid 6272] write(1, "executing program\n", 18) = 18 [pid 6271] <... close resumed>) = 0 [pid 6272] memfd_create("syzkaller", 0 [pid 6271] symlink("/dev/binderfs", "./binderfs" [pid 6272] <... memfd_create resumed>) = 3 [pid 6271] <... symlink resumed>) = 0 [pid 6270] <... sync resumed>) = 0 [pid 6272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6271] write(1, "executing program\n", 18 [pid 6272] <... mmap resumed>) = 0x7f1864095000 executing program [pid 6271] <... write resumed>) = 18 [pid 6270] exit_group(0 [pid 6271] memfd_create("syzkaller", 0 [pid 6270] <... exit_group resumed>) = ? [pid 6272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6271] <... memfd_create resumed>) = 3 [pid 6270] +++ exited with 0 +++ [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6270, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6271] <... mmap resumed>) = 0x7f1864095000 [pid 5868] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... openat resumed>) = 3 [pid 5865] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(3, "", [pid 5864] newfstatat(AT_FDCWD, "./78/file1", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, [pid 5865] newfstatat(AT_FDCWD, "./79/file1", [pid 5864] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./78/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./79/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] newfstatat(4, "", [pid 6271] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5864] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 6272] <... write resumed>) = 524288 [pid 5864] close(4 [pid 6272] munmap(0x7f1864095000, 138412032 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 5865] close(4) = 0 [pid 5864] rmdir("./78/file1") = 0 [pid 6272] <... munmap resumed>) = 0 [pid 6271] <... write resumed>) = 524288 [pid 5865] rmdir("./79/file1" [pid 6271] munmap(0x7f1864095000, 138412032 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6272] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6271] <... munmap resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6272] <... openat resumed>) = 4 [pid 5865] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6272] ioctl(4, LOOP_SET_FD, 3 [pid 5864] newfstatat(AT_FDCWD, "./78/binderfs", [pid 6271] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6271] ioctl(4, LOOP_SET_FD, 3 [pid 5865] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5864] unlink("./78/binderfs" [pid 5868] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6271] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6271] ioctl(4, LOOP_CLR_FD [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6271] <... ioctl resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./80/file1", [pid 5865] unlink("./79/binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6271] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6271] close(4 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6272] <... ioctl resumed>) = 0 [pid 6271] <... close resumed>) = 0 [pid 5868] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 6272] close(3 [pid 5864] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6272] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./80/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./78" [pid 6272] close(4 [pid 5868] <... openat resumed>) = 4 [pid 5865] close(3 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5865] rmdir("./79" [pid 6271] close(3 [pid 6272] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] mkdir("./79", 0777 [pid 6272] mkdir("./file1", 0777 [pid 5868] getdents64(4, [pid 6272] <... mkdir resumed>) = 0 [pid 6271] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] mkdir("./80", 0777 [pid 5864] <... mkdir resumed>) = 0 [ 182.540697][ T6272] loop3: detected capacity change from 0 to 1024 [pid 6271] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6272] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] getdents64(4, [pid 5865] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6271] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6271] sync( [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5868] close(4) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] rmdir("./80/file1" [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... rmdir resumed>) = 0 [pid 5864] close(3 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5868] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6273 ./strace-static-x86_64: Process 6273 attached [pid 5865] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5865] <... close resumed>) = 0 [pid 6273] set_robust_list(0x5555593cd660, 24 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6272] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6274 attached [pid 6273] <... set_robust_list resumed>) = 0 [pid 5868] unlink("./80/binderfs" [pid 6273] chdir("./79" [pid 6272] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... unlink resumed>) = 0 [pid 6271] <... sync resumed>) = 0 [pid 6272] <... openat resumed>) = 3 [pid 6271] exit_group(0) = ? [pid 6273] <... chdir resumed>) = 0 [pid 6272] chdir("./file1" [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6272] <... chdir resumed>) = 0 [pid 6274] set_robust_list(0x5555593cd660, 24 [pid 6272] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] close(3 [pid 6272] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... close resumed>) = 0 [pid 6272] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6274] <... set_robust_list resumed>) = 0 [pid 6273] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6271] +++ exited with 0 +++ [pid 5868] rmdir("./80" [pid 6274] chdir("./80" [pid 6273] <... prctl resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6274 [pid 6273] setpgid(0, 0) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6271, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6274] <... chdir resumed>) = 0 [pid 5868] mkdir("./81", 0777 [pid 5866] <... restart_syscall resumed>) = 0 [pid 5866] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 6274] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 6274] <... prctl resumed>) = 0 [pid 6273] <... openat resumed>) = 3 [pid 5868] <... mkdir resumed>) = 0 [pid 6274] setpgid(0, 0 [pid 6273] write(3, "1000", 4 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6273] <... write resumed>) = 4 [pid 5868] <... openat resumed>) = 3 [pid 6273] close(3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6273] <... close resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6273] symlink("/dev/binderfs", "./binderfs" [pid 6272] <... link resumed>) = 0 [pid 5868] close(3 [pid 5866] newfstatat(AT_FDCWD, "./77/binderfs", [pid 6273] <... symlink resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6274] <... setpgid resumed>) = 0 [pid 6272] sync( [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC executing program [pid 6273] write(1, "executing program\n", 18 [pid 5866] unlink("./77/binderfs" [pid 6273] <... write resumed>) = 18 ./strace-static-x86_64: Process 6275 attached [pid 6274] <... openat resumed>) = 3 [pid 6273] memfd_create("syzkaller", 0 [pid 5866] <... unlink resumed>) = 0 [pid 6274] write(3, "1000", 4) = 4 [pid 6273] <... memfd_create resumed>) = 3 [pid 5866] getdents64(3, [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6275 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6272] <... sync resumed>) = 0 [pid 5866] close(3 [pid 6275] set_robust_list(0x5555593cd660, 24 [pid 5866] <... close resumed>) = 0 [pid 6275] <... set_robust_list resumed>) = 0 [pid 6274] close(3 [pid 6273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6272] exit_group(0 [pid 5866] rmdir("./77" [pid 6275] chdir("./81" [pid 6274] <... close resumed>) = 0 [pid 6273] <... mmap resumed>) = 0x7f1864095000 [pid 6272] <... exit_group resumed>) = ? [pid 5866] <... rmdir resumed>) = 0 [pid 6274] symlink("/dev/binderfs", "./binderfs" [pid 6275] <... chdir resumed>) = 0 [pid 5866] mkdir("./78", 0777 [pid 6275] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... mkdir resumed>) = 0 [pid 6275] <... prctl resumed>) = 0 [pid 6275] setpgid(0, 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6275] <... setpgid resumed>) = 0 [pid 6274] <... symlink resumed>) = 0 [pid 6275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6272] +++ exited with 0 +++ [pid 5866] <... openat resumed>) = 3 [pid 6275] write(3, "1000", 4 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6275] <... write resumed>) = 4 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6272, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6275] close(3 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] close(3 [pid 6275] <... close resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 6274] write(1, "executing program\n", 18 [pid 5866] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6274] <... write resumed>) = 18 [pid 6275] symlink("/dev/binderfs", "./binderfs" [pid 6274] memfd_create("syzkaller", 0executing program [pid 6275] <... symlink resumed>) = 0 [pid 5867] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6275] write(1, "executing program\n", 18./strace-static-x86_64: Process 6276 attached ) = 18 [pid 5867] getdents64(3, [pid 6275] memfd_create("syzkaller", 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6276 [pid 6275] <... memfd_create resumed>) = 3 [pid 5867] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6274] <... memfd_create resumed>) = 3 [pid 6273] <... write resumed>) = 524288 [pid 6276] set_robust_list(0x5555593cd660, 24 [pid 6275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6276] <... set_robust_list resumed>) = 0 [pid 6275] <... mmap resumed>) = 0x7f1864095000 [pid 6274] <... mmap resumed>) = 0x7f1864095000 [pid 6276] chdir("./78" [pid 6275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6273] munmap(0x7f1864095000, 138412032 [pid 6276] <... chdir resumed>) = 0 [pid 6276] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6276] setpgid(0, 0) = 0 [pid 6276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6273] <... munmap resumed>) = 0 [pid 6276] <... openat resumed>) = 3 [pid 6273] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6276] write(3, "1000", 4 [pid 6273] <... openat resumed>) = 4 [pid 6276] <... write resumed>) = 4 [pid 6273] ioctl(4, LOOP_SET_FD, 3 [pid 6276] close(3) = 0 executing program [pid 6273] <... ioctl resumed>) = 0 [pid 6276] symlink("/dev/binderfs", "./binderfs" [pid 6275] <... write resumed>) = 524288 [pid 6274] <... write resumed>) = 524288 [pid 5867] <... umount2 resumed>) = 0 [pid 6276] <... symlink resumed>) = 0 [pid 6275] munmap(0x7f1864095000, 138412032) = 0 [pid 6274] munmap(0x7f1864095000, 138412032 [pid 6273] close(3 [pid 5867] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6276] write(1, "executing program\n", 18 [pid 6275] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6273] <... close resumed>) = 0 [pid 6276] <... write resumed>) = 18 [pid 6275] <... openat resumed>) = 4 [pid 6274] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6276] memfd_create("syzkaller", 0 [pid 6275] ioctl(4, LOOP_SET_FD, 3 [pid 6274] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6273] close(4 [pid 5867] newfstatat(AT_FDCWD, "./79/file1", [pid 6276] <... memfd_create resumed>) = 3 [pid 6274] <... openat resumed>) = 4 [pid 6273] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6275] <... ioctl resumed>) = 0 [pid 6274] ioctl(4, LOOP_SET_FD, 3 [pid 6273] mkdir("./file1", 0777 [pid 6276] <... mmap resumed>) = 0x7f1864095000 [pid 6275] close(3 [pid 5867] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6275] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6275] close(4 [pid 6274] <... ioctl resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./79/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6275] <... close resumed>) = 0 [pid 6274] close(3 [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6275] mkdir("./file1", 0777) = 0 [pid 6274] <... close resumed>) = 0 [pid 6273] <... mkdir resumed>) = 0 [ 182.796940][ T6273] loop0: detected capacity change from 0 to 1024 [ 182.829417][ T6275] loop4: detected capacity change from 0 to 1024 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6274] close(4 [pid 6273] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6274] <... close resumed>) = 0 [pid 6274] mkdir("./file1", 0777 [pid 5867] getdents64(4, [pid 6275] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6274] <... mkdir resumed>) = 0 [pid 5867] getdents64(4, [pid 6274] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./79/file1") = 0 [pid 5867] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./79/binderfs") = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./79") = 0 [pid 6276] <... write resumed>) = 524288 [pid 6275] <... mount resumed>) = 0 [pid 6273] <... mount resumed>) = 0 [pid 6276] munmap(0x7f1864095000, 138412032 [pid 5867] mkdir("./80", 0777 [pid 6276] <... munmap resumed>) = 0 [pid 6275] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... mkdir resumed>) = 0 [pid 6276] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6275] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6276] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... openat resumed>) = 3 [ 182.841507][ T6274] loop1: detected capacity change from 0 to 1024 [pid 6276] <... ioctl resumed>) = 0 [pid 6275] chdir("./file1" [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6273] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... ioctl resumed>) = 0 [pid 6276] close(3 [pid 6275] <... chdir resumed>) = 0 [pid 6276] <... close resumed>) = 0 [pid 6275] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6273] <... openat resumed>) = 3 [pid 6276] close(4 [pid 6275] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6273] chdir("./file1" [pid 5867] close(3 [pid 6275] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6274] <... mount resumed>) = 0 [pid 6273] <... chdir resumed>) = 0 [pid 6274] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6273] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6276] <... close resumed>) = 0 [pid 6274] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 6273] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6276] mkdir("./file1", 0777 [pid 6273] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6277 attached [pid 6276] <... mkdir resumed>) = 0 [pid 6274] chdir("./file1" [pid 6276] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6277 [pid 6274] <... chdir resumed>) = 0 [pid 6274] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6277] set_robust_list(0x5555593cd660, 24) = 0 [pid 6274] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6277] chdir("./80") = 0 [pid 6277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 182.898856][ T6276] loop2: detected capacity change from 0 to 1024 [pid 6277] setpgid(0, 0) = 0 [pid 6277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6273] <... link resumed>) = 0 [pid 6273] sync( [pid 6277] <... openat resumed>) = 3 [pid 6276] <... mount resumed>) = 0 [pid 6276] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6276] chdir("./file1") = 0 [pid 6277] write(3, "1000", 4) = 4 [pid 6277] close(3) = 0 [pid 6276] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6276] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"executing program [pid 6277] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6277] write(1, "executing program\n", 18 [pid 6274] <... link resumed>) = 0 [pid 6277] <... write resumed>) = 18 [pid 6277] memfd_create("syzkaller", 0 [pid 6275] <... link resumed>) = 0 [pid 6277] <... memfd_create resumed>) = 3 [pid 6277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6275] sync( [pid 6274] sync( [pid 6277] <... mmap resumed>) = 0x7f1864095000 [pid 6277] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6276] <... link resumed>) = 0 [pid 6276] sync() = 0 [pid 6276] exit_group(0) = ? [pid 6277] <... write resumed>) = 524288 [pid 6274] <... sync resumed>) = 0 [pid 6273] <... sync resumed>) = 0 [pid 6273] exit_group(0) = ? [pid 6274] exit_group(0) = ? [pid 6277] munmap(0x7f1864095000, 138412032 [pid 6276] +++ exited with 0 +++ [pid 6275] <... sync resumed>) = 0 [pid 6277] <... munmap resumed>) = 0 [pid 6275] exit_group(0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6276, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6275] <... exit_group resumed>) = ? [pid 6274] +++ exited with 0 +++ [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6273] +++ exited with 0 +++ [pid 5866] <... restart_syscall resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6273, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6274, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... restart_syscall resumed>) = 0 [pid 6277] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6275] +++ exited with 0 +++ [pid 5866] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6277] <... openat resumed>) = 4 [pid 6277] ioctl(4, LOOP_SET_FD, 3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6275, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] <... ioctl resumed>) = 0 [pid 5866] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6277] close(3 [pid 5865] newfstatat(3, "", [pid 5864] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6277] <... close resumed>) = 0 [pid 5868] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] close(4) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6277] mkdir("./file1", 0777 [pid 5868] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] <... openat resumed>) = 3 [pid 6277] <... mkdir resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6277] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(3, "", [pid 5865] getdents64(3, [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 6277] <... mount resumed>) = 0 [pid 5866] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6277] chdir("./file1") = 0 [pid 6277] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [ 183.095842][ T6277] loop3: detected capacity change from 0 to 1024 [pid 6277] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./78/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./78/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./78/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./78/file1") = 0 [pid 6277] <... link resumed>) = 0 [pid 6277] sync( [pid 5866] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./78/binderfs") = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5866] getdents64(3, [pid 5864] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(3 [pid 5864] newfstatat(AT_FDCWD, "./79/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./78" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./79/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(AT_FDCWD, "./81/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./81/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(AT_FDCWD, "./80/file1", [pid 5864] <... openat resumed>) = 4 [pid 5868] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] newfstatat(4, "", [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 5864] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, [pid 5864] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 5868] rmdir("./81/file1") = 0 [pid 5866] mkdir("./79", 0777 [pid 5865] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 5868] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] rmdir("./79/file1" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] unlink("./81/binderfs") = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5865] openat(AT_FDCWD, "./80/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] rmdir("./81") = 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] mkdir("./82", 0777 [pid 6277] <... sync resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5864] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] exit_group(0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5866] <... openat resumed>) = 3 [pid 6277] <... exit_group resumed>) = ? [pid 5868] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6277] +++ exited with 0 +++ [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] <... ioctl resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] unlink("./79/binderfs" [pid 5868] <... ioctl resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6277, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] close(3 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 5865] close(4 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] close(3 [pid 5866] <... close resumed>) = 0 [pid 5865] rmdir("./80/file1" [pid 5864] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 ./strace-static-x86_64: Process 6278 attached [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] rmdir("./79"./strace-static-x86_64: Process 6279 attached [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6278 [pid 5865] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5864] <... rmdir resumed>) = 0 [pid 6278] set_robust_list(0x5555593cd660, 24 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6278] <... set_robust_list resumed>) = 0 [pid 5865] unlink("./80/binderfs" [pid 5864] mkdir("./80", 0777 [pid 5867] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6278] chdir("./79" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6278] <... chdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6279] set_robust_list(0x5555593cd660, 24 [pid 6278] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] getdents64(3, [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6279 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5865] close(3 [pid 5864] <... ioctl resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] close(3) = 0 [pid 5865] rmdir("./80" [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... rmdir resumed>) = 0 [pid 6278] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 6280 attached [pid 6279] <... set_robust_list resumed>) = 0 [pid 6278] setpgid(0, 0 [pid 5867] <... openat resumed>) = 3 [pid 5865] mkdir("./81", 0777 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6280 [pid 6280] set_robust_list(0x5555593cd660, 24 [pid 6279] chdir("./82" [pid 6280] <... set_robust_list resumed>) = 0 [pid 6280] chdir("./80") = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 6278] <... setpgid resumed>) = 0 [pid 6279] <... chdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6280] setpgid(0, 0 [pid 6279] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] getdents64(3, [pid 6280] <... setpgid resumed>) = 0 [pid 6279] <... prctl resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6279] setpgid(0, 0 [pid 5867] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 6279] <... setpgid resumed>) = 0 [pid 6280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6278] <... openat resumed>) = 3 [pid 6280] <... openat resumed>) = 3 [pid 5865] <... ioctl resumed>) = 0 [pid 6279] <... openat resumed>) = 3 [pid 6280] write(3, "1000", 4 [pid 5865] close(3 [pid 6279] write(3, "1000", 4 [pid 6280] <... write resumed>) = 4 [pid 6280] close(3) = 0 [pid 6280] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6280] write(1, "executing program\n", 18 [pid 6279] <... write resumed>) = 4 [pid 6278] write(3, "1000", 4) = 4 [pid 6280] <... write resumed>) = 18 [pid 6280] memfd_create("syzkaller", 0) = 3 [pid 6280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6279] close(3 [pid 6278] close(3) = 0 [pid 6278] symlink("/dev/binderfs", "./binderfs") = 0 executing program executing program [pid 6279] <... close resumed>) = 0 [pid 6279] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6278] write(1, "executing program\n", 18) = 18 [pid 6278] memfd_create("syzkaller", 0 [pid 6279] write(1, "executing program\n", 18) = 18 [pid 6279] memfd_create("syzkaller", 0 [pid 6278] <... memfd_create resumed>) = 3 [pid 6278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6279] <... memfd_create resumed>) = 3 [pid 6279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6278] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6279] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6281 attached [pid 6279] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6281] set_robust_list(0x5555593cd660, 24 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6281 [pid 6281] <... set_robust_list resumed>) = 0 [pid 6281] chdir("./81" [pid 6280] <... write resumed>) = 524288 [pid 5867] <... umount2 resumed>) = 0 [pid 6281] <... chdir resumed>) = 0 [pid 6281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6281] setpgid(0, 0) = 0 [pid 5867] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./80/file1", [pid 6281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6281] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./80/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6281] write(3, "1000", 4 [pid 5867] getdents64(4, [pid 6281] <... write resumed>) = 4 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6281] close(3 [pid 6280] munmap(0x7f1864095000, 138412032 [pid 5867] getdents64(4, [pid 6280] <... munmap resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./80/file1" [pid 6281] <... close resumed>) = 0 [pid 6280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6279] <... write resumed>) = 524288 [pid 6281] symlink("/dev/binderfs", "./binderfs" [pid 6278] <... write resumed>) = 524288 [pid 5867] <... rmdir resumed>) = 0 [pid 6278] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6278] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6281] <... symlink resumed>) = 0 [pid 6280] <... openat resumed>) = 4 [pid 6279] munmap(0x7f1864095000, 138412032 [pid 6280] ioctl(4, LOOP_SET_FD, 3 [pid 5867] newfstatat(AT_FDCWD, "./80/binderfs", [pid 6278] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program [pid 6281] write(1, "executing program\n", 18 [pid 6279] <... munmap resumed>) = 0 [pid 6281] <... write resumed>) = 18 [pid 6278] <... openat resumed>) = 4 [pid 5867] unlink("./80/binderfs" [pid 6280] <... ioctl resumed>) = 0 [pid 6278] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... unlink resumed>) = 0 [pid 6278] <... ioctl resumed>) = 0 [pid 5867] getdents64(3, [pid 6281] memfd_create("syzkaller", 0 [pid 6280] close(3 [pid 6279] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6281] <... memfd_create resumed>) = 3 [pid 6278] close(3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6279] <... openat resumed>) = 4 [pid 6281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6280] <... close resumed>) = 0 [pid 6278] <... close resumed>) = 0 [pid 5867] close(3 [pid 6281] <... mmap resumed>) = 0x7f1864095000 [pid 6280] close(4 [pid 6279] ioctl(4, LOOP_SET_FD, 3 [pid 6278] close(4 [pid 5867] <... close resumed>) = 0 [pid 6281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6280] <... close resumed>) = 0 [pid 6278] <... close resumed>) = 0 [pid 5867] rmdir("./80" [pid 6279] <... ioctl resumed>) = 0 [pid 6280] mkdir("./file1", 0777 [pid 6279] close(3 [pid 6278] mkdir("./file1", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 6280] <... mkdir resumed>) = 0 [pid 6280] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6279] <... close resumed>) = 0 [pid 6278] <... mkdir resumed>) = 0 [pid 5867] mkdir("./81", 0777 [pid 6279] close(4 [pid 6278] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6279] <... close resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6279] mkdir("./file1", 0777) = 0 [pid 6279] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 183.426011][ T6280] loop0: detected capacity change from 0 to 1024 [ 183.427501][ T6278] loop2: detected capacity change from 0 to 1024 [ 183.467341][ T6279] loop4: detected capacity change from 0 to 1024 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 6278] <... mount resumed>) = 0 [pid 6279] <... mount resumed>) = 0 [pid 6278] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] close(3 [pid 6279] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6278] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 6279] <... openat resumed>) = 3 [pid 6278] chdir("./file1" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6281] <... write resumed>) = 524288 ./strace-static-x86_64: Process 6282 attached [pid 6279] chdir("./file1" [pid 6278] <... chdir resumed>) = 0 [pid 6279] <... chdir resumed>) = 0 [pid 6278] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6282 [pid 6282] set_robust_list(0x5555593cd660, 24 [pid 6281] munmap(0x7f1864095000, 138412032 [pid 6279] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6278] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6282] <... set_robust_list resumed>) = 0 [pid 6281] <... munmap resumed>) = 0 [pid 6279] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6278] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6282] chdir("./81" [pid 6281] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6280] <... mount resumed>) = 0 [pid 6279] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6282] <... chdir resumed>) = 0 [pid 6281] <... openat resumed>) = 4 [pid 6280] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6278] <... link resumed>) = 0 [pid 6280] <... openat resumed>) = 3 [pid 6278] sync( [pid 6282] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6281] ioctl(4, LOOP_SET_FD, 3 [pid 6279] <... link resumed>) = 0 [pid 6282] <... prctl resumed>) = 0 [pid 6281] <... ioctl resumed>) = 0 [pid 6280] chdir("./file1" [pid 6279] sync( [pid 6282] setpgid(0, 0 [pid 6280] <... chdir resumed>) = 0 [pid 6282] <... setpgid resumed>) = 0 [pid 6281] close(3 [pid 6280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6281] <... close resumed>) = 0 [pid 6280] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6282] <... openat resumed>) = 3 [pid 6281] close(4 [pid 6280] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6282] write(3, "1000", 4 [pid 6281] <... close resumed>) = 0 [pid 6282] <... write resumed>) = 4 [pid 6281] mkdir("./file1", 0777 [pid 6282] close(3) = 0 [pid 6282] symlink("/dev/binderfs", "./binderfs" [pid 6281] <... mkdir resumed>) = 0 [pid 6279] <... sync resumed>) = 0 [pid 6278] <... sync resumed>) = 0 [pid 6282] <... symlink resumed>) = 0 [pid 6281] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6279] exit_group(0 [pid 6278] exit_group(0executing program [pid 6282] write(1, "executing program\n", 18 [pid 6279] <... exit_group resumed>) = ? [pid 6278] <... exit_group resumed>) = ? [pid 6282] <... write resumed>) = 18 [pid 6278] +++ exited with 0 +++ [pid 6282] memfd_create("syzkaller", 0) = 3 [pid 6282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6278, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6282] <... mmap resumed>) = 0x7f1864095000 [pid 6279] +++ exited with 0 +++ [ 183.584659][ T6281] loop1: detected capacity change from 0 to 1024 [pid 6282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6280] <... link resumed>) = 0 [pid 6282] <... write resumed>) = 524288 [pid 6281] <... mount resumed>) = 0 [pid 6280] sync( [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6279, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6281] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6281] <... openat resumed>) = 3 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6281] chdir("./file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6281] <... chdir resumed>) = 0 [pid 6281] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6281] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6281] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 3 [pid 5868] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(3, "", [pid 5868] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6282] munmap(0x7f1864095000, 138412032) = 0 [pid 5866] getdents64(3, [pid 6282] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] newfstatat(3, "", [pid 5866] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6281] <... link resumed>) = 0 [pid 6281] sync( [pid 6280] <... sync resumed>) = 0 [pid 6280] exit_group(0) = ? [pid 6282] <... openat resumed>) = 4 [pid 6282] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6282] close(3) = 0 [pid 6282] close(4) = 0 [pid 6282] mkdir("./file1", 0777) = 0 [pid 6281] <... sync resumed>) = 0 [pid 6282] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6281] exit_group(0 [pid 6280] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6280, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6281] <... exit_group resumed>) = ? [pid 6281] +++ exited with 0 +++ [pid 5864] <... restart_syscall resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6281, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 6282] <... mount resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5868] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6282] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 183.731221][ T6282] loop3: detected capacity change from 0 to 1024 [pid 6282] <... openat resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./82/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(3, "", [pid 5864] getdents64(3, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./79/file1", [pid 5865] getdents64(3, [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6282] chdir("./file1" [pid 5868] openat(AT_FDCWD, "./82/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6282] <... chdir resumed>) = 0 [pid 5866] umount2("./79/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 4 [pid 6282] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] newfstatat(4, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6282] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./79/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6282] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] getdents64(4, [pid 5866] <... openat resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(4, [pid 5868] close(4) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] rmdir("./82/file1" [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5868] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./79/file1" [pid 5868] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5868] unlink("./82/binderfs") = 0 [pid 5866] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5864] <... umount2 resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6282] <... link resumed>) = 0 [pid 5868] rmdir("./82" [pid 5866] unlink("./79/binderfs" [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5868] mkdir("./83", 0777 [pid 5866] getdents64(3, [pid 6282] sync( [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... mkdir resumed>) = 0 [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./81/file1", [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] newfstatat(AT_FDCWD, "./80/file1", [pid 5868] <... openat resumed>) = 3 [pid 5866] rmdir("./79" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5865] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5866] mkdir("./80", 0777 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./80/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./81/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 5865] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", [pid 5864] newfstatat(4, "", ./strace-static-x86_64: Process 6283 attached [pid 6282] <... sync resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6283] set_robust_list(0x5555593cd660, 24 [pid 5865] getdents64(4, [pid 5864] getdents64(4, [pid 6283] <... set_robust_list resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6283 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6282] exit_group(0 [pid 5864] getdents64(4, [pid 6282] <... exit_group resumed>) = ? [pid 5865] close(4 [pid 6283] chdir("./83" [pid 6282] +++ exited with 0 +++ [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6283] <... chdir resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6282, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5865] rmdir("./81/file1" [pid 5864] close(4 [pid 6283] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... openat resumed>) = 3 [pid 6283] <... prctl resumed>) = 0 [pid 6283] setpgid(0, 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6283] <... setpgid resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5864] rmdir("./80/file1" [pid 6283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] close(3 [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6283] <... openat resumed>) = 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6283] write(3, "1000", 4 [pid 5867] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6284 attached [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6284] set_robust_list(0x5555593cd660, 24 [pid 5867] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6284] <... set_robust_list resumed>) = 0 [pid 6283] <... write resumed>) = 4 [pid 5867] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5864] newfstatat(AT_FDCWD, "./80/binderfs", [pid 6284] chdir("./80" [pid 6283] close(3 [pid 5867] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6284] <... chdir resumed>) = 0 [pid 6283] <... close resumed>) = 0 [pid 5865] unlink("./81/binderfs" [pid 5864] unlink("./80/binderfs" [pid 6284] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6284 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6284] <... prctl resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 6284] setpgid(0, 0 [pid 5867] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6284] <... setpgid resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] close(3 [pid 5864] getdents64(3, [pid 6284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6283] symlink("/dev/binderfs", "./binderfs" [pid 5867] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6284] <... openat resumed>) = 3 [pid 6283] <... symlink resumed>) = 0 [pid 5865] rmdir("./81" [pid 5864] close(3 [pid 6284] write(3, "1000", 4 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6284] <... write resumed>) = 4 executing program [pid 5864] rmdir("./80" [pid 6283] write(1, "executing program\n", 18 [pid 6284] close(3 [pid 5865] mkdir("./82", 0777 [pid 5864] <... rmdir resumed>) = 0 [pid 6283] <... write resumed>) = 18 [pid 6284] <... close resumed>) = 0 [pid 6283] memfd_create("syzkaller", 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] mkdir("./81", 0777 [pid 6283] <... memfd_create resumed>) = 3 [pid 6284] symlink("/dev/binderfs", "./binderfs" [pid 6283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... mkdir resumed>) = 0 [pid 6284] <... symlink resumed>) = 0 [pid 6283] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... openat resumed>) = 3 executing program [pid 6284] write(1, "executing program\n", 18) = 18 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6284] memfd_create("syzkaller", 0 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6284] <... memfd_create resumed>) = 3 [pid 6283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] close(3 [pid 6284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6284] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6285 attached [pid 6284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288./strace-static-x86_64: Process 6286 attached [pid 6285] set_robust_list(0x5555593cd660, 24 [pid 6283] <... write resumed>) = 524288 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6285 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6286 [pid 6286] set_robust_list(0x5555593cd660, 24 [pid 6285] <... set_robust_list resumed>) = 0 [pid 5867] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6286] <... set_robust_list resumed>) = 0 [pid 6286] chdir("./81" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./81/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6286] <... chdir resumed>) = 0 [pid 6285] chdir("./82" [pid 6286] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6283] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... chdir resumed>) = 0 [pid 6286] <... prctl resumed>) = 0 [pid 6285] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6286] setpgid(0, 0 [pid 6285] <... prctl resumed>) = 0 [pid 6283] <... munmap resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./81/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6286] <... setpgid resumed>) = 0 [pid 6285] setpgid(0, 0 [pid 6283] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6285] <... setpgid resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 6283] <... openat resumed>) = 4 [pid 6286] <... openat resumed>) = 3 [pid 6285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6283] ioctl(4, LOOP_SET_FD, 3 [pid 5867] newfstatat(4, "", [pid 6286] write(3, "1000", 4 [pid 6285] <... openat resumed>) = 3 [pid 6284] <... write resumed>) = 524288 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6286] <... write resumed>) = 4 [pid 6285] write(3, "1000", 4 [pid 6283] <... ioctl resumed>) = 0 [pid 5867] getdents64(4, [pid 6286] close(3 [pid 6285] <... write resumed>) = 4 [pid 6284] munmap(0x7f1864095000, 138412032 [pid 6283] close(3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6286] <... close resumed>) = 0 [pid 6285] close(3 [pid 6284] <... munmap resumed>) = 0 [pid 6283] <... close resumed>) = 0 [pid 6286] symlink("/dev/binderfs", "./binderfs" [pid 6285] <... close resumed>) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6285] symlink("/dev/binderfs", "./binderfs" [pid 5867] close(4 [pid 6286] <... symlink resumed>) = 0 [pid 6285] <... symlink resumed>) = 0 [pid 6284] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6283] close(4 [pid 5867] <... close resumed>) = 0 executing program executing program [pid 6286] write(1, "executing program\n", 18 [pid 6285] write(1, "executing program\n", 18 [pid 6284] ioctl(4, LOOP_SET_FD, 3 [pid 6283] <... close resumed>) = 0 [pid 5867] rmdir("./81/file1" [pid 6286] <... write resumed>) = 18 [pid 6285] <... write resumed>) = 18 [pid 6284] <... ioctl resumed>) = 0 [pid 6283] mkdir("./file1", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 6286] memfd_create("syzkaller", 0) = 3 [pid 6285] memfd_create("syzkaller", 0 [pid 6283] <... mkdir resumed>) = 0 [pid 6286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6285] <... memfd_create resumed>) = 3 [pid 6284] close(3 [pid 6283] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6284] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6285] <... mmap resumed>) = 0x7f1864095000 [pid 6284] close(4 [pid 5867] newfstatat(AT_FDCWD, "./81/binderfs", [pid 6286] <... mmap resumed>) = 0x7f1864095000 [pid 6285] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6284] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6284] mkdir("./file1", 0777 [pid 6283] <... mount resumed>) = 0 [pid 5867] unlink("./81/binderfs" [pid 6284] <... mkdir resumed>) = 0 [pid 6283] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... unlink resumed>) = 0 [pid 6283] <... openat resumed>) = 3 [pid 6283] chdir("./file1" [pid 5867] getdents64(3, [pid 6284] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 184.060657][ T6283] loop4: detected capacity change from 0 to 1024 [ 184.083093][ T6284] loop2: detected capacity change from 0 to 1024 [pid 6283] <... chdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6283] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] close(3 [pid 6286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6283] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... close resumed>) = 0 [pid 6286] <... write resumed>) = 524288 [pid 6285] <... write resumed>) = 524288 [pid 6283] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] rmdir("./81" [pid 6285] munmap(0x7f1864095000, 138412032 [pid 5867] <... rmdir resumed>) = 0 [pid 5867] mkdir("./82", 0777) = 0 [pid 6285] <... munmap resumed>) = 0 [pid 6285] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6284] <... mount resumed>) = 0 [pid 6285] <... openat resumed>) = 4 [pid 6284] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6283] <... link resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6286] munmap(0x7f1864095000, 138412032) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6283] sync( [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6285] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... ioctl resumed>) = 0 [pid 6285] <... ioctl resumed>) = 0 [pid 5867] close(3 [pid 6284] chdir("./file1" [pid 6285] close(3 [pid 6284] <... chdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6284] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6286] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6285] <... close resumed>) = 0 [pid 6284] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6286] <... openat resumed>) = 4 [pid 6285] close(4 [pid 6284] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6286] ioctl(4, LOOP_SET_FD, 3 [pid 6285] <... close resumed>) = 0 [pid 6286] <... ioctl resumed>) = 0 [pid 6285] mkdir("./file1", 0777./strace-static-x86_64: Process 6287 attached ) = 0 [pid 6287] set_robust_list(0x5555593cd660, 24 [pid 6286] close(3 [pid 6287] <... set_robust_list resumed>) = 0 [pid 6286] <... close resumed>) = 0 [pid 6287] chdir("./82" [pid 6286] close(4) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6287 [pid 6286] mkdir("./file1", 0777 [pid 6287] <... chdir resumed>) = 0 [pid 6286] <... mkdir resumed>) = 0 [pid 6287] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6285] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6283] <... sync resumed>) = 0 [pid 6287] <... prctl resumed>) = 0 [pid 6286] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6284] <... link resumed>) = 0 [pid 6283] exit_group(0 [pid 6287] setpgid(0, 0 [pid 6284] sync( [pid 6283] <... exit_group resumed>) = ? [pid 6287] <... setpgid resumed>) = 0 [pid 6283] +++ exited with 0 +++ [pid 6287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6283, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6287] <... openat resumed>) = 3 [ 184.201187][ T6285] loop1: detected capacity change from 0 to 1024 [ 184.222958][ T6286] loop0: detected capacity change from 0 to 1024 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5868] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] newfstatat(3, "", [pid 6285] <... mount resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6287] write(3, "1000", 4 [pid 5868] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] <... write resumed>) = 4 [pid 6287] close(3) = 0 [pid 6287] symlink("/dev/binderfs", "./binderfs" [pid 6286] <... mount resumed>) = 0 [pid 6285] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6287] <... symlink resumed>) = 0 [pid 6287] write(1, "executing program\n", 18executing program ) = 18 [pid 6287] memfd_create("syzkaller", 0 [pid 6286] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6287] <... memfd_create resumed>) = 3 [pid 6287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6287] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6285] <... openat resumed>) = 3 [pid 6286] <... openat resumed>) = 3 [pid 6285] chdir("./file1" [pid 6286] chdir("./file1" [pid 6285] <... chdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6287] <... write resumed>) = 524288 [pid 6286] <... chdir resumed>) = 0 [pid 6286] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6285] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6286] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6285] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6286] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./83/file1", [pid 6285] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./83/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6284] <... sync resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5868] newfstatat(4, "", [pid 6284] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 6284] <... exit_group resumed>) = ? [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6284] +++ exited with 0 +++ [pid 5868] getdents64(4, [pid 6287] munmap(0x7f1864095000, 138412032 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6287] <... munmap resumed>) = 0 [pid 5868] close(4 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6284, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] <... close resumed>) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6287] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] rmdir("./83/file1" [pid 5866] <... restart_syscall resumed>) = 0 [pid 6287] <... openat resumed>) = 4 [pid 5866] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] ioctl(4, LOOP_SET_FD, 3 [pid 6286] <... link resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6287] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6287] ioctl(4, LOOP_CLR_FD) = 0 [pid 5868] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6287] ioctl(4, LOOP_SET_FD, 3 [pid 6286] sync( [pid 6285] sync( [pid 5866] <... openat resumed>) = 3 [pid 6287] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] unlink("./83/binderfs" [pid 6287] close(4 [pid 5868] <... unlink resumed>) = 0 [pid 6287] <... close resumed>) = 0 [pid 5868] getdents64(3, [pid 6287] close(3 [pid 5866] newfstatat(3, "", [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./83" [pid 6287] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] getdents64(3, [pid 5868] mkdir("./84", 0777 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6286] <... sync resumed>) = 0 [pid 6285] <... sync resumed>) = 0 [pid 6287] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6286] exit_group(0 [pid 6285] exit_group(0 [pid 5868] <... mkdir resumed>) = 0 [pid 6286] <... exit_group resumed>) = ? [pid 6287] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6286] +++ exited with 0 +++ [pid 6285] <... exit_group resumed>) = ? [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6285] +++ exited with 0 +++ [pid 5868] <... openat resumed>) = 3 [pid 6287] sync( [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6286, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6285, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... ioctl resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] close(3 [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] <... sync resumed>) = 0 [pid 5865] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] exit_group(0) = ? [pid 5868] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] newfstatat(3, "", ./strace-static-x86_64: Process 6288 attached [pid 6287] +++ exited with 0 +++ [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6287, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6288] set_robust_list(0x5555593cd660, 24 [pid 5865] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6288] <... set_robust_list resumed>) = 0 [pid 6288] chdir("./84" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6288 [pid 5867] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 6288] <... chdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6288] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6288] <... prctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 6288] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 6288] <... setpgid resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6288] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./80/file1", [pid 5867] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6288] write(3, "1000", 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./80/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6288] <... write resumed>) = 4 [pid 5867] unlink("./82/binderfs" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6288] close(3 [pid 5866] openat(AT_FDCWD, "./80/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6288] <... close resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6288] symlink("/dev/binderfs", "./binderfs" [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 5866] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6288] <... symlink resumed>) = 0 [pid 5867] close(3 [pid 5866] getdents64(4, [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] rmdir("./82" [pid 5866] close(4 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 executing program [pid 6288] write(1, "executing program\n", 18 [pid 5866] rmdir("./80/file1" [pid 5864] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 6288] <... write resumed>) = 18 [pid 6288] memfd_create("syzkaller", 0) = 3 [pid 5867] mkdir("./83", 0777 [pid 5866] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6288] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./81/file1", [pid 6288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] unlink("./80/binderfs" [pid 5865] <... umount2 resumed>) = 0 [pid 5864] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5864] openat(AT_FDCWD, "./81/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 4 [pid 5866] getdents64(3, ./strace-static-x86_64: Process 6289 attached 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(4, "", [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6289 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6289] set_robust_list(0x5555593cd660, 24) = 0 [pid 6289] chdir("./83" [pid 5866] close(3 [pid 5865] newfstatat(AT_FDCWD, "./82/file1", [pid 5864] getdents64(4, [pid 5866] <... close resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] rmdir("./80" [pid 5865] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 6289] <... chdir resumed>) = 0 [pid 6288] <... write resumed>) = 524288 [pid 5866] mkdir("./81", 0777 [pid 5865] openat(AT_FDCWD, "./82/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6289] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6288] munmap(0x7f1864095000, 138412032 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 6289] <... prctl resumed>) = 0 [pid 6288] <... munmap resumed>) = 0 [pid 5864] close(4 [pid 6289] setpgid(0, 0 [pid 5865] newfstatat(4, "", [pid 6289] <... setpgid resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... close resumed>) = 0 [pid 6289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6288] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... openat resumed>) = 3 [pid 5865] getdents64(4, [pid 5864] rmdir("./81/file1" [pid 6289] <... openat resumed>) = 3 [pid 6288] <... openat resumed>) = 4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6288] ioctl(4, LOOP_SET_FD, 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] getdents64(4, [pid 5864] <... rmdir resumed>) = 0 [pid 6288] <... ioctl resumed>) = 0 [pid 5864] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6289] write(3, "1000", 4 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6289] <... write resumed>) = 4 [pid 5866] close(3 [pid 5865] close(4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6289] close(3 [pid 6288] close(3 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6289] <... close resumed>) = 0 [pid 6288] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(AT_FDCWD, "./81/binderfs", ./strace-static-x86_64: Process 6290 attached [pid 6289] symlink("/dev/binderfs", "./binderfs" [pid 6288] close(4 [pid 5865] rmdir("./82/file1" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6288] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] unlink("./81/binderfs" [pid 6288] mkdir("./file1", 0777 [pid 6289] <... symlink resumed>) = 0 [pid 6288] <... mkdir resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 executing program [pid 6289] write(1, "executing program\n", 18 [pid 6288] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6290 [pid 5865] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6289] <... write resumed>) = 18 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6290] set_robust_list(0x5555593cd660, 24 [pid 6289] memfd_create("syzkaller", 0 [pid 5865] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5864] getdents64(3, [pid 6290] <... set_robust_list resumed>) = 0 [pid 6289] <... memfd_create resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6290] chdir("./81" [pid 6289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6289] <... mmap resumed>) = 0x7f1864095000 [pid 5864] close(3 [pid 5865] unlink("./82/binderfs" [pid 5864] <... close resumed>) = 0 [pid 6290] <... chdir resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] rmdir("./81" [pid 6290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] getdents64(3, [pid 5864] <... rmdir resumed>) = 0 [pid 6290] setpgid(0, 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6290] <... setpgid resumed>) = 0 [ 184.565656][ T6288] loop4: detected capacity change from 0 to 1024 [pid 5865] close(3 [pid 5864] mkdir("./82", 0777 [pid 6290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6290] <... openat resumed>) = 3 [pid 6288] <... mount resumed>) = 0 [pid 5865] rmdir("./82" [pid 6288] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6290] write(3, "1000", 4 [pid 6288] chdir("./file1" [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6290] <... write resumed>) = 4 [pid 6288] <... chdir resumed>) = 0 [pid 6290] close(3 [pid 6288] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6290] <... close resumed>) = 0 [pid 6288] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6288] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6290] symlink("/dev/binderfs", "./binderfs" [pid 6289] <... write resumed>) = 524288 [pid 5864] <... openat resumed>) = 3 [pid 6290] <... symlink resumed>) = 0 [pid 6288] <... link resumed>) = 0 [pid 6288] sync(executing program [pid 6290] write(1, "executing program\n", 18 [pid 6289] munmap(0x7f1864095000, 138412032 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6290] <... write resumed>) = 18 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3) = 0 [pid 6290] memfd_create("syzkaller", 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6291 attached [pid 6290] <... memfd_create resumed>) = 3 [pid 5865] mkdir("./83", 0777 [pid 6289] <... munmap resumed>) = 0 [pid 6289] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6288] <... sync resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6291 [pid 6288] exit_group(0 [pid 6289] <... openat resumed>) = 4 [pid 5865] <... mkdir resumed>) = 0 [pid 6290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6289] ioctl(4, LOOP_SET_FD, 3 [pid 6288] <... exit_group resumed>) = ? [pid 6291] set_robust_list(0x5555593cd660, 24 [pid 6290] <... mmap resumed>) = 0x7f1864095000 [pid 6289] <... ioctl resumed>) = 0 [pid 6288] +++ exited with 0 +++ [pid 6291] <... set_robust_list resumed>) = 0 [pid 6289] close(3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6288, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6291] chdir("./82") = 0 [pid 6291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6291] setpgid(0, 0) = 0 [pid 6291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6289] <... close resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6291] <... openat resumed>) = 3 [pid 6289] close(4 [pid 6290] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6289] <... close resumed>) = 0 [pid 6291] write(3, "1000", 4 [pid 6289] mkdir("./file1", 0777 [pid 5868] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6291] <... write resumed>) = 4 [pid 6289] <... mkdir resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6290] <... write resumed>) = 524288 [pid 6291] close(3 [pid 5865] <... ioctl resumed>) = 0 [pid 6291] <... close resumed>) = 0 [pid 5865] close(3 [pid 6291] symlink("/dev/binderfs", "./binderfs" [pid 6289] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5865] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [ 184.703434][ T6289] loop3: detected capacity change from 0 to 1024 [pid 5868] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6290] munmap(0x7f1864095000, 138412032 [pid 6291] <... symlink resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6290] <... munmap resumed>) = 0 executing program ./strace-static-x86_64: Process 6292 attached [pid 6291] write(1, "executing program\n", 18 [pid 6290] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6291] <... write resumed>) = 18 [pid 6290] <... openat resumed>) = 4 [pid 6291] memfd_create("syzkaller", 0 [pid 6290] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6292 [pid 6290] close(3) = 0 [pid 6290] close(4) = 0 [pid 6290] mkdir("./file1", 0777) = 0 [pid 6291] <... memfd_create resumed>) = 3 [pid 6290] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6292] set_robust_list(0x5555593cd660, 24) = 0 [pid 6291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6292] chdir("./83" [pid 6291] <... mmap resumed>) = 0x7f1864095000 [pid 6289] <... mount resumed>) = 0 [pid 6289] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6292] <... chdir resumed>) = 0 [pid 6292] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6289] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 6292] <... prctl resumed>) = 0 [pid 6291] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6289] chdir("./file1" [pid 6292] setpgid(0, 0 [pid 6290] <... mount resumed>) = 0 [pid 6289] <... chdir resumed>) = 0 [pid 6292] <... setpgid resumed>) = 0 [pid 6290] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6289] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6290] <... openat resumed>) = 3 [pid 6290] chdir("./file1") = 0 [pid 6290] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6289] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6290] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6292] <... openat resumed>) = 3 [pid 6289] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] write(3, "1000", 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./84/file1", [pid 6292] <... write resumed>) = 4 [pid 6292] close(3 [pid 6291] <... write resumed>) = 524288 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6292] <... close resumed>) = 0 [pid 6290] <... link resumed>) = 0 [pid 6292] symlink("/dev/binderfs", "./binderfs" [pid 6290] sync( [pid 6289] <... link resumed>) = 0 [pid 5868] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./84/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6291] munmap(0x7f1864095000, 138412032 [ 184.790005][ T6290] loop2: detected capacity change from 0 to 1024 [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6291] <... munmap resumed>) = 0 [pid 6289] sync( [pid 5868] getdents64(4, [pid 6292] <... symlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6291] openat(AT_FDCWD, "/dev/loop0", O_RDWRexecuting program [pid 6292] write(1, "executing program\n", 18 [pid 5868] getdents64(4, [pid 6292] <... write resumed>) = 18 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6291] <... openat resumed>) = 4 [pid 6291] ioctl(4, LOOP_SET_FD, 3 [pid 5868] close(4 [pid 6292] memfd_create("syzkaller", 0 [pid 6291] <... ioctl resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./84/file1" [pid 6292] <... memfd_create resumed>) = 3 [pid 6291] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 6292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6291] <... close resumed>) = 0 [pid 6292] <... mmap resumed>) = 0x7f1864095000 [pid 6291] close(4 [pid 5868] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6291] <... close resumed>) = 0 [pid 6290] <... sync resumed>) = 0 [pid 6289] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6291] mkdir("./file1", 0777 [pid 6290] exit_group(0 [pid 6289] exit_group(0 [pid 5868] newfstatat(AT_FDCWD, "./84/binderfs", [pid 6289] <... exit_group resumed>) = ? [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6289] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6289, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6291] <... mkdir resumed>) = 0 [pid 5868] unlink("./84/binderfs" [pid 6290] <... exit_group resumed>) = ? [pid 6290] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6290, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] <... restart_syscall resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5867] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6291] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] rmdir("./84" [pid 5867] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 5866] newfstatat(3, "", [pid 6292] <... write resumed>) = 524288 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 184.873791][ T6291] loop0: detected capacity change from 0 to 1024 [pid 5867] getdents64(3, [pid 6292] munmap(0x7f1864095000, 138412032 [pid 5868] mkdir("./85", 0777 [pid 5866] getdents64(3, [pid 6292] <... munmap resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6292] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6291] <... mount resumed>) = 0 [pid 5867] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6292] <... openat resumed>) = 4 [pid 6291] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... openat resumed>) = 3 [pid 6292] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6291] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6291] chdir("./file1") = 0 [pid 6291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6291] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 6292] close(3) = 0 [pid 5868] <... close resumed>) = 0 [pid 6292] close(4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6292] <... close resumed>) = 0 [pid 6292] mkdir("./file1", 0777) = 0 ./strace-static-x86_64: Process 6293 attached [pid 6293] set_robust_list(0x5555593cd660, 24 [pid 6292] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6293 [pid 6293] <... set_robust_list resumed>) = 0 [pid 6293] chdir("./85") = 0 [pid 6293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6293] setpgid(0, 0) = 0 [pid 6293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6291] <... link resumed>) = 0 [ 184.961067][ T6292] loop1: detected capacity change from 0 to 1024 [pid 6293] write(3, "1000", 4 [pid 6291] sync( [pid 6293] <... write resumed>) = 4 [pid 5866] <... umount2 resumed>) = 0 [pid 6293] close(3) = 0 [pid 6292] <... mount resumed>) = 0 [pid 6292] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6292] chdir("./file1" [pid 5866] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] <... chdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6293] symlink("/dev/binderfs", "./binderfs" [pid 6292] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./81/file1", executing program [pid 6293] <... symlink resumed>) = 0 [pid 6292] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6293] write(1, "executing program\n", 18 [pid 5867] newfstatat(AT_FDCWD, "./83/file1", [pid 5866] umount2("./81/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] <... write resumed>) = 18 [pid 6292] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6293] memfd_create("syzkaller", 0 [pid 5867] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./81/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6293] <... memfd_create resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 4 [pid 6293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] openat(AT_FDCWD, "./83/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 6293] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... openat resumed>) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5866] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 5866] close(4 [pid 5867] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] rmdir("./83/file1" [pid 5866] rmdir("./81/file1" [pid 6291] <... sync resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6292] <... link resumed>) = 0 [pid 6291] exit_group(0 [pid 5867] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6291] <... exit_group resumed>) = ? [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6292] sync( [pid 6291] +++ exited with 0 +++ [pid 5867] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5866] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6293] <... write resumed>) = 524288 [pid 5867] unlink("./83/binderfs" [pid 5866] unlink("./81/binderfs" [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6291, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... unlink resumed>) = 0 [pid 5864] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5864] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 5866] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] rmdir("./81" [pid 5864] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] <... sync resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6292] exit_group(0 [pid 5867] getdents64(3, [pid 6293] munmap(0x7f1864095000, 138412032) = 0 [pid 5866] mkdir("./82", 0777 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5867] close(3 [pid 6292] <... exit_group resumed>) = ? [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./83" [pid 6293] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... rmdir resumed>) = 0 [pid 6293] <... openat resumed>) = 4 [pid 5866] <... openat resumed>) = 3 [pid 6293] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6292] +++ exited with 0 +++ [pid 5867] mkdir("./84", 0777 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6292, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6293] close(3 [pid 5866] <... ioctl resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6293] <... close resumed>) = 0 [pid 5866] close(3 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6293] close(4 [pid 5866] <... close resumed>) = 0 [pid 6293] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6294 attached [pid 6293] mkdir("./file1", 0777 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6293] <... mkdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6294] set_robust_list(0x5555593cd660, 24 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6294] <... set_robust_list resumed>) = 0 [pid 6293] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... ioctl resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6294 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6294] chdir("./82" [pid 5867] close(3 [pid 5865] newfstatat(3, "", [pid 5867] <... close resumed>) = 0 [pid 6294] <... chdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6294] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6295 attached [pid 6294] <... prctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] newfstatat(AT_FDCWD, "./82/file1", [pid 6294] setpgid(0, 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6295 [pid 5865] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6295] set_robust_list(0x5555593cd660, 24 [pid 6294] <... setpgid resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6295] <... set_robust_list resumed>) = 0 [pid 6294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] umount2("./82/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6295] chdir("./84" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6294] <... openat resumed>) = 3 [pid 6293] <... mount resumed>) = 0 [pid 6295] <... chdir resumed>) = 0 [pid 6294] write(3, "1000", 4 [pid 6293] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./82/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 185.162688][ T6293] loop4: detected capacity change from 0 to 1024 [pid 6295] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6294] <... write resumed>) = 4 [pid 6293] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 4 [pid 6295] <... prctl resumed>) = 0 [pid 6295] setpgid(0, 0 [pid 6294] close(3 [pid 6293] chdir("./file1" [pid 5864] newfstatat(4, "", [pid 6295] <... setpgid resumed>) = 0 [pid 6294] <... close resumed>) = 0 [pid 6295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6294] symlink("/dev/binderfs", "./binderfs" [pid 6293] <... chdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6295] <... openat resumed>) = 3 [pid 6294] <... symlink resumed>) = 0 [pid 6293] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program [pid 6294] write(1, "executing program\n", 18 [pid 6293] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] getdents64(4, [pid 6295] write(3, "1000", 4 [pid 6294] <... write resumed>) = 18 [pid 6293] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6295] <... write resumed>) = 4 [pid 6294] memfd_create("syzkaller", 0 [pid 6295] close(3 [pid 5864] getdents64(4, [pid 6294] <... memfd_create resumed>) = 3 [pid 6295] <... close resumed>) = 0 [pid 6294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6295] symlink("/dev/binderfs", "./binderfs" [pid 6294] <... mmap resumed>) = 0x7f1864095000 [pid 5864] close(4 [pid 5865] <... umount2 resumed>) = 0 [pid 6295] <... symlink resumed>) = 0 [pid 6294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... close resumed>) = 0 [pid 5865] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./82/file1"executing program [pid 6295] write(1, "executing program\n", 18 [pid 6293] <... link resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 6293] sync( [pid 5865] newfstatat(AT_FDCWD, "./83/file1", [pid 6295] <... write resumed>) = 18 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6295] memfd_create("syzkaller", 0 [pid 5865] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6295] <... memfd_create resumed>) = 3 [pid 5865] openat(AT_FDCWD, "./83/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5865] newfstatat(4, "", [pid 6295] <... mmap resumed>) = 0x7f1864095000 [pid 6294] <... write resumed>) = 524288 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(4, [pid 6295] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] unlink("./82/binderfs" [pid 6293] <... sync resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, [pid 6293] exit_group(0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 6294] munmap(0x7f1864095000, 138412032) = 0 [pid 5864] rmdir("./82" [pid 6293] <... exit_group resumed>) = ? [pid 5865] close(4) = 0 [pid 6294] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6293] +++ exited with 0 +++ [pid 5865] rmdir("./83/file1" [pid 6295] <... write resumed>) = 524288 [pid 6294] <... openat resumed>) = 4 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6295] munmap(0x7f1864095000, 138412032 [pid 6294] ioctl(4, LOOP_SET_FD, 3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6293, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] mkdir("./83", 0777 [pid 6295] <... munmap resumed>) = 0 [pid 6294] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... restart_syscall resumed>) = 0 [pid 6294] ioctl(4, LOOP_CLR_FD [pid 5865] newfstatat(AT_FDCWD, "./83/binderfs", [pid 6294] <... ioctl resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6295] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6294] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6294] close(4 [pid 5864] <... ioctl resumed>) = 0 [pid 6295] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] close(3 [pid 6295] ioctl(4, LOOP_SET_FD, 3 [pid 5868] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] unlink("./83/binderfs" [pid 5864] <... close resumed>) = 0 [pid 6295] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5865] <... unlink resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6295] close(3 [pid 5868] newfstatat(3, "", [pid 5865] getdents64(3, [pid 6295] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6295] close(4 [pid 5868] getdents64(3, [pid 6295] <... close resumed>) = 0 [pid 5865] close(3 [pid 6295] mkdir("./file1", 0777 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... close resumed>) = 0 ./strace-static-x86_64: Process 6296 attached [pid 6295] <... mkdir resumed>) = 0 [pid 6296] set_robust_list(0x5555593cd660, 24 [pid 6295] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6294] <... close resumed>) = 0 [pid 5868] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./83" [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6296 [pid 6296] <... set_robust_list resumed>) = 0 [pid 6296] chdir("./83" [pid 6295] <... mount resumed>) = 0 [pid 6294] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 6296] <... chdir resumed>) = 0 [pid 6295] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6295] <... openat resumed>) = 3 [pid 5865] mkdir("./84", 0777 [pid 6296] setpgid(0, 0 [pid 6295] chdir("./file1" [pid 6296] <... setpgid resumed>) = 0 [pid 6296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6295] <... chdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6296] <... openat resumed>) = 3 [pid 6295] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6294] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6295] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... ioctl resumed>) = 0 [pid 5865] close(3 [pid 6294] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6295] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6296] write(3, "1000", 4 [pid 6294] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6294] sync( [pid 6296] <... write resumed>) = 4 [pid 6296] close(3) = 0 [ 185.402180][ T6295] loop3: detected capacity change from 0 to 1024 [pid 6296] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6296] write(1, "executing program\n", 18 [pid 5868] <... umount2 resumed>) = 0 [pid 5868] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./85/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6296] <... write resumed>) = 18 [pid 5868] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./85/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6296] memfd_create("syzkaller", 0 [pid 5868] <... openat resumed>) = 4 [pid 5865] <... close resumed>) = 0 [pid 6296] <... memfd_create resumed>) = 3 [pid 5868] newfstatat(4, "", [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6297 attached [pid 6296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6294] <... sync resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6297] set_robust_list(0x5555593cd660, 24 [pid 6296] <... mmap resumed>) = 0x7f1864095000 [pid 6295] <... link resumed>) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6297 [pid 6294] exit_group(0 [pid 5868] getdents64(4, [pid 6294] <... exit_group resumed>) = ? [pid 6297] <... set_robust_list resumed>) = 0 [pid 6295] sync( [pid 6294] +++ exited with 0 +++ [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6297] chdir("./84" [pid 5868] close(4) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6294, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5868] rmdir("./85/file1" [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6297] <... chdir resumed>) = 0 [pid 6297] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6297] <... prctl resumed>) = 0 [pid 6296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6297] setpgid(0, 0 [pid 5866] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6297] <... setpgid resumed>) = 0 [pid 5868] unlink("./85/binderfs" [pid 5866] newfstatat(3, "", [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5866] getdents64(3, [pid 5868] rmdir("./85") = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5868] mkdir("./86", 0777) = 0 [pid 5866] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3) = 0 [pid 6296] <... write resumed>) = 524288 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./82/binderfs" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6298 ./strace-static-x86_64: Process 6298 attached [pid 5866] <... unlink resumed>) = 0 [pid 6298] set_robust_list(0x5555593cd660, 24 [pid 5866] getdents64(3, [pid 6297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6298] <... set_robust_list resumed>) = 0 [pid 6298] chdir("./86") = 0 [pid 6298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6298] setpgid(0, 0) = 0 [pid 6298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6298] write(3, "1000", 4) = 4 [pid 6297] <... openat resumed>) = 3 [pid 6295] <... sync resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6297] write(3, "1000", 4 [pid 6296] munmap(0x7f1864095000, 138412032 [pid 6295] exit_group(0) = ? [pid 6297] <... write resumed>) = 4 [pid 6296] <... munmap resumed>) = 0 [pid 6295] +++ exited with 0 +++ [pid 5866] close(3 [pid 6298] close(3 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6295, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] <... close resumed>) = 0 [pid 6298] <... close resumed>) = 0 [pid 6297] close(3 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6298] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... restart_syscall resumed>) = 0 [pid 6298] <... symlink resumed>) = 0 [pid 6297] <... close resumed>) = 0 [pid 6296] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] rmdir("./82" [pid 6298] write(1, "executing program\n", 18executing program [pid 5867] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6298] <... write resumed>) = 18 [pid 6296] <... openat resumed>) = 4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 6298] memfd_create("syzkaller", 0 [pid 6296] ioctl(4, LOOP_SET_FD, 3 [pid 5867] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] mkdir("./83", 0777 [pid 6298] <... memfd_create resumed>) = 3 [pid 6297] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... openat resumed>) = 3 [pid 5866] <... mkdir resumed>) = 0 [pid 6298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6296] <... ioctl resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 6298] <... mmap resumed>) = 0x7f1864095000 [pid 6297] <... symlink resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 6297] write(1, "executing program\n", 18 [pid 6296] close(3 [pid 5867] getdents64(3, [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6297] <... write resumed>) = 18 [pid 6296] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6297] memfd_create("syzkaller", 0 [pid 6296] close(4 [pid 5867] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 6298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6297] <... memfd_create resumed>) = 3 [pid 6296] <... close resumed>) = 0 [pid 6297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6296] mkdir("./file1", 0777 [pid 6297] <... mmap resumed>) = 0x7f1864095000 [pid 6296] <... mkdir resumed>) = 0 [pid 6297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6296] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6298] <... write resumed>) = 524288 [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5866] close(3 [pid 6298] munmap(0x7f1864095000, 138412032) = 0 [pid 6298] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6298] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [ 185.581251][ T6296] loop0: detected capacity change from 0 to 1024 [pid 6298] ioctl(4, LOOP_CLR_FD) = 0 [pid 6298] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6298] close(4) = 0 [pid 6298] close(3 [pid 5866] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6298] <... close resumed>) = 0 [pid 6298] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6298] sync( [pid 6297] <... write resumed>) = 524288 ./strace-static-x86_64: Process 6299 attached [pid 6296] <... mount resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6299 [pid 6296] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6299] set_robust_list(0x5555593cd660, 24 [pid 6296] chdir("./file1" [pid 6299] <... set_robust_list resumed>) = 0 [pid 6299] chdir("./83" [pid 6296] <... chdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6296] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6299] <... chdir resumed>) = 0 [pid 6299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6296] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6299] setpgid(0, 0 [pid 6296] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6299] <... setpgid resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./84/file1", [pid 6297] munmap(0x7f1864095000, 138412032) = 0 [pid 6299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6299] <... openat resumed>) = 3 [pid 6299] write(3, "1000", 4 [pid 6297] <... openat resumed>) = 4 [pid 5867] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6299] <... write resumed>) = 4 [pid 6297] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./84/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6299] close(3) = 0 [pid 5867] <... openat resumed>) = 4 [pid 6299] symlink("/dev/binderfs", "./binderfs" [pid 5867] newfstatat(4, "", [pid 6297] <... ioctl resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 6298] <... sync resumed>) = 0 [pid 6299] <... symlink resumed>) = 0 [pid 6297] close(3 [pid 6296] <... link resumed>) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 6299] write(1, "executing program\n", 18 [pid 6298] exit_group(0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6299] <... write resumed>) = 18 [pid 6298] <... exit_group resumed>) = ? [pid 6299] memfd_create("syzkaller", 0 [pid 6298] +++ exited with 0 +++ [pid 6297] <... close resumed>) = 0 [pid 5867] close(4 [pid 6297] close(4 [pid 6296] sync( [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6298, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] <... close resumed>) = 0 [pid 6299] <... memfd_create resumed>) = 3 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] rmdir("./84/file1" [pid 6299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 6299] <... mmap resumed>) = 0x7f1864095000 [pid 6299] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6297] <... close resumed>) = 0 [pid 5868] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6297] mkdir("./file1", 0777 [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6297] <... mkdir resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5868] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] unlink("./84/binderfs" [pid 5868] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5867] <... unlink resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] getdents64(3, [pid 5868] unlink("./86/binderfs") = 0 [pid 6296] <... sync resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 6296] exit_group(0 [pid 5868] rmdir("./86" [pid 6297] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 6296] <... exit_group resumed>) = ? [pid 5868] mkdir("./87", 0777 [pid 5867] <... close resumed>) = 0 [pid 6296] +++ exited with 0 +++ [pid 5868] <... mkdir resumed>) = 0 [pid 5867] rmdir("./84" [pid 6299] <... write resumed>) = 524288 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... rmdir resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6296, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [ 185.702879][ T6297] loop1: detected capacity change from 0 to 1024 [pid 5868] <... openat resumed>) = 3 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6299] munmap(0x7f1864095000, 138412032 [pid 5867] mkdir("./85", 0777 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6299] <... munmap resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6299] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6297] <... mount resumed>) = 0 [pid 5868] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6299] <... openat resumed>) = 4 [pid 6297] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 6297] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6299] ioctl(4, LOOP_SET_FD, 3 [pid 5864] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6299] <... ioctl resumed>) = 0 [pid 6297] chdir("./file1" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6297] <... chdir resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6300 attached [pid 6299] close(3 [pid 6297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] close(3 [pid 5864] newfstatat(3, "", [pid 6300] set_robust_list(0x5555593cd660, 24 [pid 6297] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6300] <... set_robust_list resumed>) = 0 [pid 6297] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6300] chdir("./87" [pid 6299] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] getdents64(3, [pid 6300] <... chdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6301 attached [pid 6300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6299] close(4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6300 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6300] <... prctl resumed>) = 0 [pid 5864] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6299] <... close resumed>) = 0 [pid 6299] mkdir("./file1", 0777 [pid 6300] setpgid(0, 0 [pid 6299] <... mkdir resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6301 [pid 6300] <... setpgid resumed>) = 0 [pid 6300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6301] set_robust_list(0x5555593cd660, 24 [pid 6300] <... openat resumed>) = 3 [pid 6299] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6301] <... set_robust_list resumed>) = 0 [pid 6300] write(3, "1000", 4 [pid 6301] chdir("./85") = 0 [pid 6300] <... write resumed>) = 4 [ 185.801532][ T6299] loop2: detected capacity change from 0 to 1024 [pid 6301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6300] close(3 [pid 6297] <... link resumed>) = 0 [pid 6297] sync( [pid 6300] <... close resumed>) = 0 [pid 6301] <... prctl resumed>) = 0 [pid 6301] setpgid(0, 0 [pid 6300] symlink("/dev/binderfs", "./binderfs"executing program [pid 6301] <... setpgid resumed>) = 0 [pid 6300] <... symlink resumed>) = 0 [pid 6299] <... mount resumed>) = 0 [pid 6301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6299] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6301] <... openat resumed>) = 3 [pid 6300] write(1, "executing program\n", 18 [pid 6299] <... openat resumed>) = 3 [pid 6300] <... write resumed>) = 18 [pid 6299] chdir("./file1" [pid 6300] memfd_create("syzkaller", 0 [pid 6301] write(3, "1000", 4 [pid 6300] <... memfd_create resumed>) = 3 [pid 6299] <... chdir resumed>) = 0 [pid 6301] <... write resumed>) = 4 [pid 6300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6299] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6301] close(3) = 0 [pid 6300] <... mmap resumed>) = 0x7f1864095000 [pid 6299] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6301] symlink("/dev/binderfs", "./binderfs" [pid 6300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6301] <... symlink resumed>) = 0 [pid 6299] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... umount2 resumed>) = 0 executing program [pid 6301] write(1, "executing program\n", 18 [pid 5864] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6301] <... write resumed>) = 18 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6301] memfd_create("syzkaller", 0 [pid 5864] newfstatat(AT_FDCWD, "./83/file1", [pid 6301] <... memfd_create resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6301] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./83/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 6299] <... link resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./83/file1" [pid 6299] sync( [pid 6297] <... sync resumed>) = 0 [pid 6300] <... write resumed>) = 524288 [pid 5864] <... rmdir resumed>) = 0 [pid 6297] exit_group(0 [pid 6300] munmap(0x7f1864095000, 138412032) = 0 [pid 6301] <... write resumed>) = 524288 [pid 6297] <... exit_group resumed>) = ? [pid 5864] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6297] +++ exited with 0 +++ [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6300] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6297, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6300] <... openat resumed>) = 4 [pid 5865] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] ioctl(4, LOOP_SET_FD, 3 [pid 6301] munmap(0x7f1864095000, 138412032) = 0 [pid 6300] <... ioctl resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6301] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6300] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] unlink("./83/binderfs" [pid 6300] <... close resumed>) = 0 [pid 6301] <... openat resumed>) = 4 [pid 6300] close(4 [pid 5865] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... unlink resumed>) = 0 [pid 6301] ioctl(4, LOOP_SET_FD, 3 [pid 6300] <... close resumed>) = 0 [pid 6299] <... sync resumed>) = 0 [pid 6301] <... ioctl resumed>) = 0 [pid 6300] mkdir("./file1", 0777 [pid 6299] exit_group(0 [pid 5865] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 6301] close(3 [pid 6300] <... mkdir resumed>) = 0 [pid 6299] <... exit_group resumed>) = ? [pid 5865] newfstatat(3, "", [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6301] <... close resumed>) = 0 [pid 5864] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... close resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] rmdir("./83" [pid 6301] close(4 [pid 6300] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6301] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6301] mkdir("./file1", 0777 [pid 6299] +++ exited with 0 +++ [pid 6301] <... mkdir resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6299, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] mkdir("./84", 0777 [pid 6301] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... mkdir resumed>) = 0 [pid 6300] <... mount resumed>) = 0 [pid 5866] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6300] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6300] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] <... openat resumed>) = 3 [pid 6300] chdir("./file1") = 0 [pid 5866] newfstatat(3, "", [pid 5864] <... openat resumed>) = 3 [pid 6300] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6300] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] getdents64(3, [pid 5864] <... ioctl resumed>) = 0 [ 185.983289][ T6300] loop4: detected capacity change from 0 to 1024 [ 185.998223][ T6301] loop3: detected capacity change from 0 to 1024 [pid 6300] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] close(3 [pid 5866] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6302 attached , child_tidptr=0x5555593cd650) = 6302 [pid 6302] set_robust_list(0x5555593cd660, 24 [pid 6301] <... mount resumed>) = 0 [pid 6302] <... set_robust_list resumed>) = 0 [pid 6302] chdir("./84" [pid 6301] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... umount2 resumed>) = 0 [pid 6302] <... chdir resumed>) = 0 [pid 6301] <... openat resumed>) = 3 [pid 6300] <... link resumed>) = 0 [pid 6302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6301] chdir("./file1" [pid 6300] sync( [pid 5865] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6302] <... prctl resumed>) = 0 [pid 6301] <... chdir resumed>) = 0 [pid 6302] setpgid(0, 0 [pid 6301] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6302] <... setpgid resumed>) = 0 [pid 6301] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] newfstatat(AT_FDCWD, "./84/file1", [pid 6302] <... openat resumed>) = 3 [pid 6301] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6302] write(3, "1000", 4 [pid 5865] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6302] <... write resumed>) = 4 [pid 6302] close(3 [pid 5865] openat(AT_FDCWD, "./84/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6302] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6302] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... umount2 resumed>) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] close(4 [pid 5866] newfstatat(AT_FDCWD, "./83/file1", [pid 5865] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] rmdir("./84/file1" [pid 6302] <... symlink resumed>) = 0 [pid 5866] umount2("./83/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 6302] write(1, "executing program\n", 18 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6302] <... write resumed>) = 18 [pid 5866] openat(AT_FDCWD, "./83/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6302] memfd_create("syzkaller", 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] newfstatat(AT_FDCWD, "./84/binderfs", [pid 6302] <... memfd_create resumed>) = 3 [pid 6301] <... link resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6301] sync( [pid 5865] unlink("./84/binderfs" [pid 5866] newfstatat(4, "", [pid 5865] <... unlink resumed>) = 0 [pid 6302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 6300] <... sync resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5866] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] rmdir("./84" [pid 6300] exit_group(0) = ? [pid 5866] getdents64(4, [pid 5865] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5865] mkdir("./85", 0777 [pid 6300] +++ exited with 0 +++ [pid 6301] <... sync resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6300, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5866] rmdir("./83/file1" [pid 6301] exit_group(0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... rmdir resumed>) = 0 [pid 6301] <... exit_group resumed>) = ? [pid 6301] +++ exited with 0 +++ [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6301, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 5866] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5868] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6302] <... write resumed>) = 524288 [pid 5866] unlink("./83/binderfs" [pid 5865] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] <... unlink resumed>) = 0 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5868] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./83" [pid 6302] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 6302] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] mkdir("./84", 0777) = 0 [pid 5865] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] <... openat resumed>) = 3 [pid 6302] <... openat resumed>) = 4 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5867] newfstatat(3, "", [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6302] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5867] getdents64(3, [pid 6302] <... ioctl resumed>) = 0 [pid 5866] close(3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6303 ./strace-static-x86_64: Process 6303 attached [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6302] close(3 [pid 5866] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6302] <... close resumed>) = 0 [pid 6303] set_robust_list(0x5555593cd660, 24 [pid 6302] close(4./strace-static-x86_64: Process 6304 attached [pid 6303] <... set_robust_list resumed>) = 0 [pid 6302] <... close resumed>) = 0 [pid 6304] set_robust_list(0x5555593cd660, 24 [pid 6303] chdir("./85" [pid 6302] mkdir("./file1", 0777 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6304 [pid 6303] <... chdir resumed>) = 0 [pid 6302] <... mkdir resumed>) = 0 [pid 6303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6302] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6304] <... set_robust_list resumed>) = 0 [pid 6303] <... prctl resumed>) = 0 [pid 6303] setpgid(0, 0 [pid 6304] chdir("./84" [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5867] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6304] <... chdir resumed>) = 0 [pid 6303] <... setpgid resumed>) = 0 [pid 5868] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 186.249592][ T6302] loop0: detected capacity change from 0 to 1024 [pid 5867] newfstatat(AT_FDCWD, "./85/file1", [pid 6303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] newfstatat(AT_FDCWD, "./87/file1", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6304] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6303] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6304] <... prctl resumed>) = 0 [pid 5867] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6304] setpgid(0, 0 [pid 5868] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6304] <... setpgid resumed>) = 0 [pid 6303] write(3, "1000", 4 [pid 6302] <... mount resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6303] <... write resumed>) = 4 [pid 5868] openat(AT_FDCWD, "./87/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6303] close(3 [pid 6304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6303] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./85/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6304] <... openat resumed>) = 3 [pid 6303] symlink("/dev/binderfs", "./binderfs" [pid 6302] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... openat resumed>) = 4 [pid 6304] write(3, "1000", 4 [pid 6302] <... openat resumed>) = 3 [pid 5867] newfstatat(4, "", [pid 6304] <... write resumed>) = 4 [pid 6302] chdir("./file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6304] close(3 [pid 6302] <... chdir resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 6304] <... close resumed>) = 0 [pid 6303] <... symlink resumed>) = 0 [pid 6302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] getdents64(4, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6304] symlink("/dev/binderfs", "./binderfs"executing program [pid 6303] write(1, "executing program\n", 18 [pid 6302] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6304] <... symlink resumed>) = 0 [pid 6303] <... write resumed>) = 18 [pid 6302] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6304] write(1, "executing program\n", 18executing program [pid 6303] memfd_create("syzkaller", 0 [pid 5868] getdents64(4, [pid 5867] getdents64(4, [pid 6304] <... write resumed>) = 18 [pid 6303] <... memfd_create resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] close(4 [pid 6304] memfd_create("syzkaller", 0 [pid 6303] <... mmap resumed>) = 0x7f1864095000 [pid 5868] close(4 [pid 5867] <... close resumed>) = 0 [pid 6304] <... memfd_create resumed>) = 3 [pid 5867] rmdir("./85/file1" [pid 6303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... close resumed>) = 0 [pid 6304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6302] <... link resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6304] <... mmap resumed>) = 0x7f1864095000 [pid 5868] rmdir("./87/file1" [pid 6302] sync( [pid 5868] <... rmdir resumed>) = 0 [pid 5867] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5867] unlink("./85/binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./87/binderfs" [pid 5867] <... unlink resumed>) = 0 [pid 6304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... unlink resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(3, [pid 5868] close(3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./85") = 0 [pid 6302] <... sync resumed>) = 0 [pid 6302] exit_group(0 [pid 5868] rmdir("./87" [pid 6302] <... exit_group resumed>) = ? [pid 5868] <... rmdir resumed>) = 0 [pid 5867] mkdir("./86", 0777 [pid 6302] +++ exited with 0 +++ [pid 5868] mkdir("./88", 0777 [pid 5867] <... mkdir resumed>) = 0 [pid 6303] <... write resumed>) = 524288 [pid 6303] munmap(0x7f1864095000, 138412032 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6302, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6303] <... munmap resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6303] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6305 attached [pid 6304] <... write resumed>) = 524288 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6304] munmap(0x7f1864095000, 138412032 [pid 6303] <... openat resumed>) = 4 [pid 6305] set_robust_list(0x5555593cd660, 24 [pid 6303] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... openat resumed>) = 3 [pid 6305] <... set_robust_list resumed>) = 0 [pid 6304] <... munmap resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6305 [pid 6303] <... ioctl resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6305] chdir("./86" [pid 6303] close(3 [pid 5868] <... ioctl resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6303] <... close resumed>) = 0 [pid 5868] close(3 [pid 6305] <... chdir resumed>) = 0 [pid 6304] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... close resumed>) = 0 [pid 6305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6304] <... openat resumed>) = 4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6305] <... prctl resumed>) = 0 [pid 6304] ioctl(4, LOOP_SET_FD, 3 [pid 6305] setpgid(0, 0) = 0 [pid 6304] <... ioctl resumed>) = 0 [pid 6305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6304] close(3 [pid 6305] write(3, "1000", 4 [pid 6304] <... close resumed>) = 0 [pid 6303] close(4 [pid 5864] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6305] <... write resumed>) = 4 [pid 6304] close(4) = 0 [pid 6304] mkdir("./file1", 0777./strace-static-x86_64: Process 6306 attached [pid 6305] close(3 [pid 6303] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6303] mkdir("./file1", 0777 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6306 [pid 5864] newfstatat(3, "", [pid 6305] <... close resumed>) = 0 [pid 6304] <... mkdir resumed>) = 0 [pid 6303] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6306] set_robust_list(0x5555593cd660, 24 [pid 6305] symlink("/dev/binderfs", "./binderfs" [pid 6303] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] getdents64(3, [pid 6304] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""executing program [pid 6306] <... set_robust_list resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6306] chdir("./88" [pid 6305] <... symlink resumed>) = 0 [pid 6306] <... chdir resumed>) = 0 [pid 5864] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6305] write(1, "executing program\n", 18 [pid 6304] <... mount resumed>) = 0 [pid 6305] <... write resumed>) = 18 [pid 6304] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6305] memfd_create("syzkaller", 0 [pid 6304] <... openat resumed>) = 3 [pid 6306] <... prctl resumed>) = 0 [pid 6305] <... memfd_create resumed>) = 3 [pid 6304] chdir("./file1") = 0 [pid 6306] setpgid(0, 0 [ 186.454510][ T6303] loop1: detected capacity change from 0 to 1024 [ 186.462235][ T6304] loop2: detected capacity change from 0 to 1024 [pid 6304] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6306] <... setpgid resumed>) = 0 [pid 6305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6304] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6305] <... mmap resumed>) = 0x7f1864095000 [pid 6304] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6306] <... openat resumed>) = 3 [pid 6305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6306] write(3, "1000", 4 [pid 6303] <... mount resumed>) = 0 [pid 6306] <... write resumed>) = 4 [pid 6303] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6306] close(3 [pid 6303] <... openat resumed>) = 3 [pid 6306] <... close resumed>) = 0 [pid 6303] chdir("./file1" [pid 6306] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6303] <... chdir resumed>) = 0 [pid 6306] write(1, "executing program\n", 18 executing program [pid 6303] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6306] <... write resumed>) = 18 [pid 6306] memfd_create("syzkaller", 0) = 3 [pid 6303] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6303] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6304] <... link resumed>) = 0 [pid 6304] sync( [pid 5864] <... umount2 resumed>) = 0 [pid 6306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6305] <... write resumed>) = 524288 [pid 5864] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6303] <... link resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./84/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6305] munmap(0x7f1864095000, 138412032 [pid 5864] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6303] sync( [pid 6305] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6305] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] openat(AT_FDCWD, "./84/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", [pid 6305] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6305] ioctl(4, LOOP_SET_FD, 3 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6305] <... ioctl resumed>) = 0 [pid 5864] getdents64(4, [pid 6306] <... write resumed>) = 524288 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6306] munmap(0x7f1864095000, 138412032 [pid 6305] close(3 [pid 5864] close(4) = 0 [pid 6306] <... munmap resumed>) = 0 [pid 6305] <... close resumed>) = 0 [pid 5864] rmdir("./84/file1" [pid 6306] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6305] close(4 [pid 6306] <... openat resumed>) = 4 [pid 6305] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6306] ioctl(4, LOOP_SET_FD, 3 [pid 6305] mkdir("./file1", 0777) = 0 [pid 6304] <... sync resumed>) = 0 [pid 6303] <... sync resumed>) = 0 [pid 6304] exit_group(0 [pid 6303] exit_group(0) = ? [pid 5864] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6305] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6304] <... exit_group resumed>) = ? [pid 6303] +++ exited with 0 +++ [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6303, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] unlink("./84/binderfs") = 0 [pid 5864] getdents64(3, [pid 6304] +++ exited with 0 +++ [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6304, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] close(3) = 0 [pid 6306] <... ioctl resumed>) = 0 [pid 6306] close(3 [pid 5865] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6306] <... close resumed>) = 0 [pid 5864] rmdir("./84" [pid 6306] close(4) = 0 [pid 5866] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6305] <... mount resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 6306] mkdir("./file1", 0777 [pid 6305] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] mkdir("./85", 0777 [pid 6306] <... mkdir resumed>) = 0 [pid 6305] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 5864] <... mkdir resumed>) = 0 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5866] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6305] chdir("./file1" [pid 6306] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6305] <... chdir resumed>) = 0 [pid 5866] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6305] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5864] <... openat resumed>) = 3 [pid 6305] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [ 186.622502][ T6305] loop3: detected capacity change from 0 to 1024 [ 186.645168][ T6306] loop4: detected capacity change from 0 to 1024 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6305] <... link resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6307 [pid 6305] sync(./strace-static-x86_64: Process 6307 attached [pid 6306] <... mount resumed>) = 0 [pid 6306] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6307] set_robust_list(0x5555593cd660, 24 [pid 6306] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = 0 [pid 6307] <... set_robust_list resumed>) = 0 [pid 6307] chdir("./85" [pid 6306] chdir("./file1" [pid 6307] <... chdir resumed>) = 0 [pid 6306] <... chdir resumed>) = 0 [pid 6307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6306] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6307] setpgid(0, 0 [pid 6306] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... umount2 resumed>) = 0 [pid 5865] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6307] <... setpgid resumed>) = 0 [pid 6307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6306] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6307] <... openat resumed>) = 3 [pid 5866] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./85/file1", [pid 5866] newfstatat(AT_FDCWD, "./84/file1", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6307] write(3, "1000", 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6307] <... write resumed>) = 4 [pid 5866] umount2("./84/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6307] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6307] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6307] symlink("/dev/binderfs", "./binderfs" [pid 5866] openat(AT_FDCWD, "./84/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./85/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... openat resumed>) = 4 [pid 5865] <... openat resumed>) = 4 [pid 6307] <... symlink resumed>) = 0 [pid 6307] write(1, "executing program\n", 18 [pid 6305] <... sync resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 5865] newfstatat(4, "", executing program [pid 6305] exit_group(0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6307] <... write resumed>) = 18 [pid 6306] <... link resumed>) = 0 [pid 6307] memfd_create("syzkaller", 0 [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 6307] <... memfd_create resumed>) = 3 [pid 6306] sync( [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6305] <... exit_group resumed>) = ? [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 6307] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5865] close(4 [pid 6307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6305] +++ exited with 0 +++ [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./85/file1" [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6305, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] rmdir("./84/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... rmdir resumed>) = 0 [pid 5865] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./85/binderfs", [pid 5866] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./85/binderfs" [pid 5866] unlink("./84/binderfs" [pid 5865] <... unlink resumed>) = 0 [pid 5867] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 5865] getdents64(3, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5867] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] close(3 [pid 5865] rmdir("./85" [pid 5867] newfstatat(3, "", [pid 5866] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5866] rmdir("./84" [pid 6306] <... sync resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] mkdir("./86", 0777 [pid 6306] exit_group(0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 6306] <... exit_group resumed>) = ? [pid 5867] getdents64(3, [pid 5866] mkdir("./85", 0777 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5867] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... ioctl resumed>) = 0 [pid 6307] <... write resumed>) = 524288 [pid 6306] +++ exited with 0 +++ [pid 5866] <... openat resumed>) = 3 [pid 5865] close(3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6306, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3) = 0 [pid 5865] <... close resumed>) = 0 [pid 6307] munmap(0x7f1864095000, 138412032) = 0 [pid 6307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6307] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6307] close(3) = 0 [pid 6307] close(4) = 0 [pid 6307] mkdir("./file1", 0777 [pid 5868] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6307] <... mkdir resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6308 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6308 attached [pid 6307] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6309 attached [pid 6308] set_robust_list(0x5555593cd660, 24) = 0 [pid 6308] chdir("./85" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6309] set_robust_list(0x5555593cd660, 24 [pid 5868] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6309] <... set_robust_list resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6309] chdir("./86" [pid 6308] <... chdir resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 6309] <... chdir resumed>) = 0 [pid 6308] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6309 [pid 6309] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6308] <... prctl resumed>) = 0 [pid 5868] getdents64(3, [pid 6309] <... prctl resumed>) = 0 [pid 6308] setpgid(0, 0 [pid 6309] setpgid(0, 0 [pid 6308] <... setpgid resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6309] <... setpgid resumed>) = 0 [pid 6309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6308] <... openat resumed>) = 3 [pid 6309] <... openat resumed>) = 3 [pid 6307] <... mount resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6308] write(3, "1000", 4 [pid 6309] write(3, "1000", 4 [pid 6307] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6309] <... write resumed>) = 4 [pid 6308] <... write resumed>) = 4 [pid 6307] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6308] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./88/file1", [pid 6308] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6308] symlink("/dev/binderfs", "./binderfs" [pid 5868] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./88/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 186.886793][ T6307] loop0: detected capacity change from 0 to 1024 [pid 5868] newfstatat(4, "", [pid 6309] close(3 [pid 6308] <... symlink resumed>) = 0 [pid 6307] chdir("./file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6309] <... close resumed>) = 0 [pid 6308] write(1, "executing program\n", 18 [pid 6307] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 5867] newfstatat(AT_FDCWD, "./86/file1", [pid 6309] symlink("/dev/binderfs", "./binderfs" [pid 6308] <... write resumed>) = 18 [pid 6307] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6309] <... symlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6308] memfd_create("syzkaller", 0 [pid 6307] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] getdents64(4, executing program [pid 5867] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6308] <... memfd_create resumed>) = 3 [pid 6307] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 6309] write(1, "executing program\n", 18 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6309] <... write resumed>) = 18 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./88/file1") = 0 [pid 6309] memfd_create("syzkaller", 0 [pid 6308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] openat(AT_FDCWD, "./86/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6309] <... memfd_create resumed>) = 3 [pid 6309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6308] <... mmap resumed>) = 0x7f1864095000 [pid 5868] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5867] <... openat resumed>) = 4 [pid 6309] <... mmap resumed>) = 0x7f1864095000 [pid 5867] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] unlink("./88/binderfs") = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./88" [pid 6308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] getdents64(4, [pid 5868] mkdir("./89", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... openat resumed>) = 3 [pid 5867] getdents64(4, [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6307] <... link resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6307] sync( [pid 5867] close(4 [pid 5868] close(3) = 0 [pid 5867] <... close resumed>) = 0 [pid 6309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] rmdir("./86/file1") = 0 ./strace-static-x86_64: Process 6310 attached [pid 5867] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6310] set_robust_list(0x5555593cd660, 24 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6310] <... set_robust_list resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6310] chdir("./89" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6310 [pid 5867] unlink("./86/binderfs" [pid 6310] <... chdir resumed>) = 0 [pid 6310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6310] setpgid(0, 0) = 0 [pid 6310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6310] write(3, "1000", 4) = 4 [pid 5867] <... unlink resumed>) = 0 [pid 6310] close(3) = 0 [pid 6310] symlink("/dev/binderfs", "./binderfs" [pid 6309] <... write resumed>) = 524288 [pid 6310] <... symlink resumed>) = 0 [pid 6307] <... sync resumed>) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6310] write(1, "executing program\n", 18 [pid 6308] <... write resumed>) = 524288 [pid 6307] exit_group(0executing program [pid 5867] close(3 [pid 6310] <... write resumed>) = 18 [pid 6309] munmap(0x7f1864095000, 138412032 [pid 6308] munmap(0x7f1864095000, 138412032 [pid 5867] <... close resumed>) = 0 [pid 6310] memfd_create("syzkaller", 0 [pid 6307] <... exit_group resumed>) = ? [pid 6310] <... memfd_create resumed>) = 3 [pid 6309] <... munmap resumed>) = 0 [pid 6308] <... munmap resumed>) = 0 [pid 6307] +++ exited with 0 +++ [pid 5867] rmdir("./86" [pid 6310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6308] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6310] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6307, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6309] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6308] <... openat resumed>) = 4 [pid 5867] mkdir("./87", 0777 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6309] <... openat resumed>) = 4 [pid 6308] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6309] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6308] <... ioctl resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6309] close(3 [pid 6308] close(3 [pid 5867] <... openat resumed>) = 3 [pid 6309] <... close resumed>) = 0 [pid 6308] <... close resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6309] close(4 [pid 6308] close(4 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6310] <... write resumed>) = 524288 [pid 6309] <... close resumed>) = 0 [pid 6308] <... close resumed>) = 0 [pid 5867] close(3 [pid 6308] mkdir("./file1", 0777 [pid 5864] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... close resumed>) = 0 [pid 6309] mkdir("./file1", 0777 [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6308] <... mkdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6309] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6311 attached [pid 6309] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6310] munmap(0x7f1864095000, 138412032 [pid 6308] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6311 [pid 6311] set_robust_list(0x5555593cd660, 24 [pid 6310] <... munmap resumed>) = 0 [pid 6311] <... set_robust_list resumed>) = 0 [pid 6311] chdir("./87") = 0 [ 187.112044][ T6309] loop1: detected capacity change from 0 to 1024 [ 187.120812][ T6308] loop2: detected capacity change from 0 to 1024 [pid 6311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6311] setpgid(0, 0 [pid 6310] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6311] <... setpgid resumed>) = 0 [pid 6310] <... openat resumed>) = 4 [pid 6311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6310] ioctl(4, LOOP_SET_FD, 3 [pid 6311] <... openat resumed>) = 3 [pid 6311] write(3, "1000", 4) = 4 [pid 6311] close(3) = 0 [pid 6311] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6311] write(1, "executing program\n", 18executing program ) = 18 [pid 6311] memfd_create("syzkaller", 0) = 3 [pid 6311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6309] <... mount resumed>) = 0 [pid 6311] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... umount2 resumed>) = 0 [pid 6309] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6308] <... mount resumed>) = 0 [pid 5864] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6309] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./85/file1", [pid 6309] chdir("./file1") = 0 [pid 6308] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6309] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6308] <... openat resumed>) = 3 [pid 6310] <... ioctl resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6311] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6309] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6308] chdir("./file1" [pid 5864] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./85/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6310] close(3 [pid 6308] <... chdir resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6310] <... close resumed>) = 0 [pid 6310] close(4 [pid 5864] newfstatat(4, "", [pid 6310] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6310] mkdir("./file1", 0777 [pid 6308] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] getdents64(4, [pid 6310] <... mkdir resumed>) = 0 [pid 6308] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6310] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6308] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] getdents64(4, [pid 6309] <... link resumed>) = 0 [pid 6309] sync( [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 6308] <... link resumed>) = 0 [pid 5864] rmdir("./85/file1" [pid 6311] <... write resumed>) = 524288 [pid 6308] sync( [pid 5864] <... rmdir resumed>) = 0 [ 187.230641][ T6310] loop4: detected capacity change from 0 to 1024 [pid 5864] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./85/binderfs") = 0 [pid 5864] getdents64(3, [pid 6310] <... mount resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 6311] munmap(0x7f1864095000, 138412032 [pid 6310] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... close resumed>) = 0 [pid 6311] <... munmap resumed>) = 0 [pid 6310] <... openat resumed>) = 3 [pid 6310] chdir("./file1" [pid 5864] rmdir("./85" [pid 6310] <... chdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6310] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6310] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6311] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] mkdir("./86", 0777 [pid 6309] <... sync resumed>) = 0 [pid 6308] <... sync resumed>) = 0 [pid 6311] <... openat resumed>) = 4 [pid 6311] ioctl(4, LOOP_SET_FD, 3 [pid 6309] exit_group(0 [pid 6308] exit_group(0 [pid 5864] <... mkdir resumed>) = 0 [pid 6311] <... ioctl resumed>) = 0 [pid 6309] <... exit_group resumed>) = ? [pid 6308] <... exit_group resumed>) = ? [pid 6309] +++ exited with 0 +++ [pid 6308] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6308, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6309, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6311] close(3 [pid 5864] <... openat resumed>) = 3 [pid 6311] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6311] close(4 [pid 5866] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6311] <... close resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6310] <... link resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6311] mkdir("./file1", 0777 [pid 6310] sync( [pid 5866] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] close(3 [pid 6311] <... mkdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 5865] newfstatat(3, "", [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6311] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 5865] getdents64(3, ./strace-static-x86_64: Process 6312 attached [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6312] set_robust_list(0x5555593cd660, 24 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6312 [pid 6312] <... set_robust_list resumed>) = 0 [pid 6312] chdir("./86") = 0 [pid 6311] <... mount resumed>) = 0 [pid 6312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6312] setpgid(0, 0 [pid 6311] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6312] <... setpgid resumed>) = 0 [ 187.375891][ T6311] loop3: detected capacity change from 0 to 1024 [pid 6312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6311] <... openat resumed>) = 3 [pid 6310] <... sync resumed>) = 0 [pid 6312] <... openat resumed>) = 3 [pid 6311] chdir("./file1" [pid 6310] exit_group(0 [pid 6311] <... chdir resumed>) = 0 [pid 6310] <... exit_group resumed>) = ? [pid 6312] write(3, "1000", 4 [pid 6311] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6310] +++ exited with 0 +++ [pid 6312] <... write resumed>) = 4 [pid 6311] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6310, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6312] close(3) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6312] symlink("/dev/binderfs", "./binderfs" [pid 6311] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6312] <... symlink resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 6312] write(1, "executing program\n", 18 [pid 5868] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6312] <... write resumed>) = 18 [pid 6312] memfd_create("syzkaller", 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6312] <... memfd_create resumed>) = 3 [pid 5868] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... openat resumed>) = 3 [pid 6312] <... mmap resumed>) = 0x7f1864095000 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6312] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6311] <... link resumed>) = 0 [pid 6311] sync( [pid 5865] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6311] <... sync resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./85/file1", [pid 5865] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6311] exit_group(0 [pid 5866] umount2("./85/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6311] <... exit_group resumed>) = ? [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./86/file1", [pid 6311] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./85/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6312] <... write resumed>) = 524288 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6311, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... openat resumed>) = 4 [pid 5865] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6312] munmap(0x7f1864095000, 138412032 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6312] <... munmap resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./86/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(4, [pid 5867] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] newfstatat(4, "", [pid 6312] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... openat resumed>) = 3 [pid 5866] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6312] <... openat resumed>) = 4 [pid 5867] newfstatat(3, "", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 6312] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... close resumed>) = 0 [pid 5867] getdents64(3, [pid 5868] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] rmdir("./85/file1" [pid 5865] getdents64(4, [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./89/file1", [pid 5867] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5866] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./86/file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6312] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6312] close(3) = 0 [pid 6312] close(4 [pid 5868] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6312] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] unlink("./85/binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./89/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] <... unlink resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5868] newfstatat(4, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6312] mkdir("./file1", 0777 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 5865] unlink("./86/binderfs" [pid 6312] <... mkdir resumed>) = 0 [pid 5868] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] close(3 [pid 5868] getdents64(4, [pid 5866] <... close resumed>) = 0 [pid 5865] getdents64(3, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] rmdir("./85" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6312] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] close(3) = 0 [pid 5868] close(4 [pid 5866] mkdir("./86", 0777 [pid 5865] rmdir("./86" [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./89/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... mkdir resumed>) = 0 [pid 5868] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 187.535234][ T6312] loop0: detected capacity change from 0 to 1024 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] mkdir("./87", 0777 [pid 5868] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(AT_FDCWD, "./87/file1", [pid 5865] <... mkdir resumed>) = 0 [pid 5868] unlink("./89/binderfs") = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5867] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(3, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] openat(AT_FDCWD, "./87/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5868] close(3 [pid 5867] <... openat resumed>) = 4 [pid 5866] close(3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6312] <... mount resumed>) = 0 [pid 5867] newfstatat(4, "", [pid 5865] <... ioctl resumed>) = 0 [pid 6312] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] close(3 [pid 5867] getdents64(4, [pid 6312] <... openat resumed>) = 3 [pid 5868] rmdir("./89" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6312] chdir("./file1" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6312] <... chdir resumed>) = 0 [pid 6312] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6312] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] mkdir("./90", 0777) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./87/file1" [pid 5865] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... rmdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6314 attached [pid 6314] set_robust_list(0x5555593cd660, 24) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6314 [pid 6314] chdir("./90" [pid 5867] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6313 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./87/binderfs", [pid 6314] <... chdir resumed>) = 0 [pid 6314] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6315 attached ) = 0 [pid 6314] setpgid(0, 0) = 0 [pid 6314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6315] set_robust_list(0x5555593cd660, 24 [pid 6314] <... openat resumed>) = 3 [pid 6315] <... set_robust_list resumed>) = 0 [pid 6315] chdir("./87" [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6315 [pid 6314] write(3, "1000", 4 [pid 6315] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6313 attached [pid 6315] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6314] <... write resumed>) = 4 [pid 6314] close(3 [pid 6315] <... prctl resumed>) = 0 [pid 6314] <... close resumed>) = 0 [pid 6312] <... link resumed>) = 0 [pid 6315] setpgid(0, 0 [pid 6314] symlink("/dev/binderfs", "./binderfs" [pid 6312] sync( [pid 6315] <... setpgid resumed>) = 0 [pid 6314] <... symlink resumed>) = 0 [pid 6313] set_robust_list(0x5555593cd660, 24 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6313] <... set_robust_list resumed>) = 0 [pid 6315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6313] chdir("./86" [pid 5867] unlink("./87/binderfs"executing program [pid 6315] <... openat resumed>) = 3 [pid 6314] write(1, "executing program\n", 18 [pid 6313] <... chdir resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 6313] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] getdents64(3, [pid 6314] <... write resumed>) = 18 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6313] <... prctl resumed>) = 0 [pid 6314] memfd_create("syzkaller", 0 [pid 6313] setpgid(0, 0 [pid 5867] close(3 [pid 6315] write(3, "1000", 4 [pid 6314] <... memfd_create resumed>) = 3 [pid 6313] <... setpgid resumed>) = 0 [pid 6315] <... write resumed>) = 4 [pid 6314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... close resumed>) = 0 [pid 6315] close(3) = 0 [pid 6314] <... mmap resumed>) = 0x7f1864095000 [pid 6315] symlink("/dev/binderfs", "./binderfs" [pid 6313] <... openat resumed>) = 3 [pid 5867] rmdir("./87" [pid 6315] <... symlink resumed>) = 0 [pid 6315] write(1, "executing program\n", 18executing program [pid 5867] <... rmdir resumed>) = 0 [pid 6315] <... write resumed>) = 18 [pid 6313] write(3, "1000", 4 [pid 5867] mkdir("./88", 0777 [pid 6315] memfd_create("syzkaller", 0 [pid 6314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6312] <... sync resumed>) = 0 [pid 6314] <... write resumed>) = 524288 [pid 6315] <... memfd_create resumed>) = 3 [pid 6315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6312] exit_group(0 [pid 6313] <... write resumed>) = 4 [pid 6312] <... exit_group resumed>) = ? [pid 6315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6313] close(3 [pid 6312] +++ exited with 0 +++ [pid 5867] <... mkdir resumed>) = 0 [pid 6313] <... close resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6312, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6313] symlink("/dev/binderfs", "./binderfs" [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6313] <... symlink resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6313] write(1, "executing program\n", 18executing program [pid 5867] <... openat resumed>) = 3 [pid 6314] munmap(0x7f1864095000, 138412032 [pid 6313] <... write resumed>) = 18 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6314] <... munmap resumed>) = 0 [pid 6313] memfd_create("syzkaller", 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6314] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6313] <... memfd_create resumed>) = 3 [pid 5867] close(3 [pid 5864] <... openat resumed>) = 3 [pid 6313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... close resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 6313] <... mmap resumed>) = 0x7f1864095000 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, ./strace-static-x86_64: Process 6316 attached [pid 6315] <... write resumed>) = 524288 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6316] set_robust_list(0x5555593cd660, 24 [pid 6314] <... openat resumed>) = 4 [pid 6316] <... set_robust_list resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6316 [pid 6316] chdir("./88" [pid 6314] ioctl(4, LOOP_SET_FD, 3 [pid 5864] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] <... chdir resumed>) = 0 [pid 6316] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6314] <... ioctl resumed>) = 0 [pid 6313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6316] <... prctl resumed>) = 0 [pid 6316] setpgid(0, 0 [pid 6314] close(3 [pid 6316] <... setpgid resumed>) = 0 [pid 6315] munmap(0x7f1864095000, 138412032 [pid 6314] <... close resumed>) = 0 [pid 6316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6315] <... munmap resumed>) = 0 [pid 6314] close(4) = 0 [pid 6316] <... openat resumed>) = 3 [pid 6315] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6314] mkdir("./file1", 0777 [pid 6315] ioctl(4, LOOP_SET_FD, 3 [pid 6314] <... mkdir resumed>) = 0 [pid 6316] write(3, "1000", 4 [pid 6315] <... ioctl resumed>) = 0 [pid 6314] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6316] <... write resumed>) = 4 [pid 6315] close(3) = 0 [pid 6315] close(4 [pid 6316] close(3 [pid 6315] <... close resumed>) = 0 [pid 6316] <... close resumed>) = 0 [pid 6315] mkdir("./file1", 0777 [pid 6316] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6315] <... mkdir resumed>) = 0 executing program [pid 6316] write(1, "executing program\n", 18 [pid 6313] <... write resumed>) = 524288 [pid 6316] <... write resumed>) = 18 [pid 6316] memfd_create("syzkaller", 0 [pid 6313] munmap(0x7f1864095000, 138412032 [pid 6315] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6313] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6313] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6316] <... memfd_create resumed>) = 3 [pid 6314] <... mount resumed>) = 0 [pid 6313] <... openat resumed>) = 4 [ 187.794718][ T6314] loop4: detected capacity change from 0 to 1024 [ 187.813308][ T6315] loop1: detected capacity change from 0 to 1024 [pid 6313] ioctl(4, LOOP_SET_FD, 3 [pid 6316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6315] <... mount resumed>) = 0 [pid 6314] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6313] <... ioctl resumed>) = 0 [pid 5864] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] <... mmap resumed>) = 0x7f1864095000 [pid 6315] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6314] <... openat resumed>) = 3 [pid 6316] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6313] close(3 [pid 6315] <... openat resumed>) = 3 [pid 6314] chdir("./file1" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6315] chdir("./file1" [pid 6314] <... chdir resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./86/file1", [pid 6315] <... chdir resumed>) = 0 [pid 6314] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6313] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6315] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6314] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6313] close(4 [pid 5864] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6315] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6315] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6314] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6313] <... close resumed>) = 0 [pid 6313] mkdir("./file1", 0777) = 0 [pid 6313] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 187.868490][ T6313] loop2: detected capacity change from 0 to 1024 [pid 5864] openat(AT_FDCWD, "./86/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6316] <... write resumed>) = 524288 [pid 5864] getdents64(4, [pid 6316] munmap(0x7f1864095000, 138412032 [pid 6315] <... link resumed>) = 0 [pid 6314] <... link resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6316] <... munmap resumed>) = 0 [pid 6315] sync( [pid 6316] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6314] sync( [pid 6313] <... mount resumed>) = 0 [pid 5864] getdents64(4, [pid 6313] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6316] <... openat resumed>) = 4 [pid 6313] <... openat resumed>) = 3 [pid 5864] close(4 [pid 6316] ioctl(4, LOOP_SET_FD, 3 [pid 6313] chdir("./file1") = 0 [pid 5864] <... close resumed>) = 0 [pid 6313] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] rmdir("./86/file1" [pid 6313] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... rmdir resumed>) = 0 [pid 6313] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6315] <... sync resumed>) = 0 [pid 5864] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] <... ioctl resumed>) = 0 [pid 6314] <... sync resumed>) = 0 [pid 6316] close(3) = 0 [pid 6316] close(4 [pid 6315] exit_group(0 [pid 6313] <... link resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6313] sync( [pid 6316] <... close resumed>) = 0 [pid 6315] <... exit_group resumed>) = ? [pid 6314] exit_group(0 [pid 5864] newfstatat(AT_FDCWD, "./86/binderfs", [pid 6316] mkdir("./file1", 0777 [pid 6315] +++ exited with 0 +++ [pid 6314] <... exit_group resumed>) = ? [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6316] <... mkdir resumed>) = 0 [pid 6314] +++ exited with 0 +++ [pid 5864] unlink("./86/binderfs" [pid 6316] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6314, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=0} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6315, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5865] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... unlink resumed>) = 0 [ 187.987074][ T6316] loop3: detected capacity change from 0 to 1024 [pid 6313] <... sync resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6313] exit_group(0 [pid 5865] newfstatat(3, "", [pid 5864] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 6313] <... exit_group resumed>) = ? [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(3 [pid 6313] +++ exited with 0 +++ [pid 5868] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5865] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(3, "", [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6313, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] rmdir("./86" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] getdents64(3, [pid 6316] <... mount resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] mkdir("./87", 0777 [pid 5868] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... mkdir resumed>) = 0 [pid 6316] <... openat resumed>) = 3 [pid 6316] chdir("./file1") = 0 [pid 6316] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6316] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... openat resumed>) = 3 [pid 6316] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5866] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... ioctl resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(3 [pid 5866] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6317 attached [pid 5866] newfstatat(3, "", [pid 6317] set_robust_list(0x5555593cd660, 24 [pid 6316] <... link resumed>) = 0 [pid 6317] <... set_robust_list resumed>) = 0 [pid 6316] sync( [pid 6317] chdir("./87" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6317 [pid 5866] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6317] <... chdir resumed>) = 0 [pid 6317] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6317] <... prctl resumed>) = 0 [pid 6317] setpgid(0, 0 [pid 5865] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6317] <... setpgid resumed>) = 0 [pid 5868] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6317] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./87/file1", [pid 6317] write(3, "1000", 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6317] <... write resumed>) = 4 [pid 5865] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6317] close(3) = 0 [pid 6317] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6317] <... symlink resumed>) = 0 [pid 6316] <... sync resumed>) = 0 executing program [pid 5868] newfstatat(AT_FDCWD, "./90/file1", [pid 5866] <... umount2 resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./87/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6317] write(1, "executing program\n", 18 [pid 6316] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6317] <... write resumed>) = 18 [pid 6316] <... exit_group resumed>) = ? [pid 5868] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 4 [pid 6316] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./90/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6317] memfd_create("syzkaller", 0 [pid 5868] <... openat resumed>) = 4 [pid 5866] newfstatat(AT_FDCWD, "./86/file1", [pid 5868] newfstatat(4, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./86/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(4, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] openat(AT_FDCWD, "./86/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6317] <... memfd_create resumed>) = 3 [pid 5868] getdents64(4, [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6316, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", [pid 6317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6317] <... mmap resumed>) = 0x7f1864095000 [pid 5868] close(4 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] rmdir("./90/file1" [pid 5866] getdents64(4, [pid 6317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5868] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(4, [pid 5868] newfstatat(AT_FDCWD, "./90/binderfs", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] unlink("./90/binderfs" [pid 5867] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] close(4 [pid 5865] getdents64(4, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... unlink resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(3, [pid 5867] <... openat resumed>) = 3 [pid 5866] rmdir("./86/file1" [pid 5865] close(4 [pid 5867] newfstatat(3, "", [pid 5865] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] rmdir("./87/file1" [pid 5867] getdents64(3, [pid 5865] <... rmdir resumed>) = 0 [pid 5868] close(3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] rmdir("./90" [pid 5866] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5868] <... rmdir resumed>) = 0 [pid 5867] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5868] mkdir("./91", 0777 [pid 5866] unlink("./86/binderfs") = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] unlink("./87/binderfs" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] close(3 [pid 5865] <... unlink resumed>) = 0 [pid 5865] getdents64(3, [pid 5868] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6317] <... write resumed>) = 524288 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] close(3 [pid 5868] close(3) = 0 [pid 5866] rmdir("./86" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... rmdir resumed>) = 0 [pid 6317] munmap(0x7f1864095000, 138412032 [pid 5866] mkdir("./87", 0777 [pid 5865] <... close resumed>) = 0 ./strace-static-x86_64: Process 6318 attached [pid 5865] rmdir("./87" [pid 6318] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6318 [pid 6318] <... set_robust_list resumed>) = 0 [pid 6318] chdir("./91" [pid 5865] <... rmdir resumed>) = 0 [pid 6317] <... munmap resumed>) = 0 [pid 5865] mkdir("./88", 0777 [pid 6317] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] <... mkdir resumed>) = 0 [pid 6318] <... chdir resumed>) = 0 [pid 6317] <... openat resumed>) = 4 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6317] ioctl(4, LOOP_SET_FD, 3 [pid 6318] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6317] <... ioctl resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 6317] close(3 [pid 6318] <... prctl resumed>) = 0 [pid 6317] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6317] close(4 [pid 6318] setpgid(0, 0 [pid 6317] <... close resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... ioctl resumed>) = 0 [pid 6318] <... setpgid resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 6318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] close(3 [pid 6318] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 6318] write(3, "1000", 4 [pid 6317] mkdir("./file1", 0777 [pid 5865] close(3 [pid 6318] <... write resumed>) = 4 [pid 6318] close(3) = 0 [pid 6317] <... mkdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6318] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6317] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6318] write(1, "executing program\n", 18) = 18 [pid 6318] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6319 attached ) = 3 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6319 [pid 6318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6317] <... mount resumed>) = 0 [pid 6319] set_robust_list(0x5555593cd660, 24 [pid 6318] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6317] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6317] <... openat resumed>) = 3 [ 188.298291][ T6317] loop0: detected capacity change from 0 to 1024 [pid 5867] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6320 attached [pid 6319] <... set_robust_list resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6319] chdir("./88" [pid 5867] newfstatat(AT_FDCWD, "./88/file1", [pid 6320] set_robust_list(0x5555593cd660, 24 [pid 6319] <... chdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6317] chdir("./file1" [pid 6320] <... set_robust_list resumed>) = 0 [pid 6319] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6317] <... chdir resumed>) = 0 [pid 5867] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6320 [pid 6320] chdir("./87" [pid 6319] <... prctl resumed>) = 0 [pid 6317] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6320] <... chdir resumed>) = 0 [pid 6319] setpgid(0, 0 [pid 6317] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] openat(AT_FDCWD, "./88/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6320] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6319] <... setpgid resumed>) = 0 [pid 6317] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 4 [pid 6320] <... prctl resumed>) = 0 [pid 6319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] newfstatat(4, "", [pid 6320] setpgid(0, 0 [pid 6319] <... openat resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6320] <... setpgid resumed>) = 0 [pid 6319] write(3, "1000", 4 [pid 5867] getdents64(4, [pid 6320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6319] <... write resumed>) = 4 [pid 6317] <... link resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6320] <... openat resumed>) = 3 [pid 6319] close(3 [pid 6317] sync( [pid 5867] getdents64(4, [pid 6318] <... write resumed>) = 524288 executing program [pid 6319] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6319] symlink("/dev/binderfs", "./binderfs" [pid 5867] close(4 [pid 6319] <... symlink resumed>) = 0 [pid 6320] write(3, "1000", 4 [pid 5867] <... close resumed>) = 0 [pid 6320] <... write resumed>) = 4 [pid 6319] write(1, "executing program\n", 18 [pid 5867] rmdir("./88/file1" [pid 6320] close(3 [pid 6319] <... write resumed>) = 18 [pid 6320] <... close resumed>) = 0 [pid 6319] memfd_create("syzkaller", 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6320] symlink("/dev/binderfs", "./binderfs" [pid 6319] <... memfd_create resumed>) = 3 [pid 6320] <... symlink resumed>) = 0 [pid 6318] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6320] write(1, "executing program\n", 18 [pid 6319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6318] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6320] <... write resumed>) = 18 [pid 6319] <... mmap resumed>) = 0x7f1864095000 [pid 6317] <... sync resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./88/binderfs", [pid 6320] memfd_create("syzkaller", 0 [pid 6318] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6317] exit_group(0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6317] <... exit_group resumed>) = ? [pid 6320] <... memfd_create resumed>) = 3 [pid 6318] <... openat resumed>) = 4 [pid 5867] unlink("./88/binderfs") = 0 [pid 6318] ioctl(4, LOOP_SET_FD, 3 [pid 5867] getdents64(3, [pid 6320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6318] <... ioctl resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6320] <... mmap resumed>) = 0x7f1864095000 [pid 5867] close(3) = 0 [pid 6318] close(3 [pid 5867] rmdir("./88" [pid 6317] +++ exited with 0 +++ [pid 5867] <... rmdir resumed>) = 0 [pid 6318] <... close resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6317, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6320] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6318] close(4) = 0 [pid 5867] mkdir("./89", 0777) = 0 [pid 6318] mkdir("./file1", 0777) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6318] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6319] <... write resumed>) = 524288 [pid 5867] close(3 [pid 5864] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6319] munmap(0x7f1864095000, 138412032 [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6319] <... munmap resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6319] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 188.452928][ T6318] loop4: detected capacity change from 0 to 1024 [pid 6319] ioctl(4, LOOP_SET_FD, 3 [pid 6318] <... mount resumed>) = 0 [pid 6318] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6319] <... ioctl resumed>) = 0 [pid 6318] <... openat resumed>) = 3 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6321 attached [pid 6320] <... write resumed>) = 524288 [pid 6319] close(3 [pid 6318] chdir("./file1") = 0 [pid 6318] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6321] set_robust_list(0x5555593cd660, 24 [pid 6318] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6319] <... close resumed>) = 0 [pid 6319] close(4) = 0 [pid 6319] mkdir("./file1", 0777) = 0 [pid 6319] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6321] <... set_robust_list resumed>) = 0 [pid 6318] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6321 [pid 6321] chdir("./89") = 0 [pid 6320] munmap(0x7f1864095000, 138412032 [pid 6321] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6320] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6321] <... prctl resumed>) = 0 [pid 6321] setpgid(0, 0 [pid 6320] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6321] <... setpgid resumed>) = 0 [pid 6320] <... openat resumed>) = 4 [pid 6320] ioctl(4, LOOP_SET_FD, 3 [pid 6321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6320] <... ioctl resumed>) = 0 [pid 6321] <... openat resumed>) = 3 [pid 6320] close(3 [pid 6319] <... mount resumed>) = 0 [pid 5864] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6320] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6320] close(4 [pid 6319] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] newfstatat(AT_FDCWD, "./87/file1", [pid 6321] write(3, "1000", 4 [pid 6319] <... openat resumed>) = 3 [pid 6320] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6321] <... write resumed>) = 4 [pid 6320] mkdir("./file1", 0777 [pid 6319] chdir("./file1" [pid 5864] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6321] close(3 [pid 6320] <... mkdir resumed>) = 0 [pid 6319] <... chdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6321] <... close resumed>) = 0 [pid 6319] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] openat(AT_FDCWD, "./87/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6321] symlink("/dev/binderfs", "./binderfs" [pid 6319] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... openat resumed>) = 4 [pid 6321] <... symlink resumed>) = 0 [ 188.521149][ T6319] loop1: detected capacity change from 0 to 1024 [ 188.569344][ T6320] loop2: detected capacity change from 0 to 1024 [pid 6319] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6321] write(1, "executing program\n", 18executing program [pid 6320] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] newfstatat(4, "", [pid 6321] <... write resumed>) = 18 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6321] memfd_create("syzkaller", 0 [pid 6318] <... link resumed>) = 0 [pid 6321] <... memfd_create resumed>) = 3 [pid 5864] getdents64(4, [pid 6321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6318] sync( [pid 6321] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 6319] <... link resumed>) = 0 [pid 5864] rmdir("./87/file1") = 0 [pid 6321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6319] sync( [pid 6320] <... mount resumed>) = 0 [pid 5864] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6320] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6320] chdir("./file1") = 0 [pid 6320] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./87/binderfs", [pid 6320] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6321] <... write resumed>) = 524288 [pid 5864] unlink("./87/binderfs" [pid 6321] munmap(0x7f1864095000, 138412032 [pid 5864] <... unlink resumed>) = 0 [pid 6321] <... munmap resumed>) = 0 [pid 5864] getdents64(3, [pid 6321] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6319] <... sync resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 6321] <... openat resumed>) = 4 [pid 6319] exit_group(0 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./87" [pid 6321] ioctl(4, LOOP_SET_FD, 3 [pid 6319] <... exit_group resumed>) = ? [pid 5864] <... rmdir resumed>) = 0 [pid 5864] mkdir("./88", 0777 [pid 6320] <... link resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6321] <... ioctl resumed>) = 0 [pid 6320] sync( [pid 6319] +++ exited with 0 +++ [pid 6318] <... sync resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6321] close(3 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6319, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6321] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6321] close(4 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6321] <... close resumed>) = 0 [pid 6318] exit_group(0 [pid 5864] <... ioctl resumed>) = 0 [pid 6321] mkdir("./file1", 0777 [pid 6318] <... exit_group resumed>) = ? [pid 5864] close(3 [pid 6321] <... mkdir resumed>) = 0 [pid 6321] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6318] +++ exited with 0 +++ [pid 5864] <... close resumed>) = 0 [pid 6321] <... mount resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6318, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6322 attached [pid 6321] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6321] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 6322] set_robust_list(0x5555593cd660, 24 [pid 6321] chdir("./file1" [pid 6320] <... sync resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6322 [pid 6322] <... set_robust_list resumed>) = 0 [pid 6321] <... chdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6322] chdir("./88" [pid 6321] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6320] exit_group(0 [pid 5868] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 6322] <... chdir resumed>) = 0 [pid 6321] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6320] <... exit_group resumed>) = ? [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6322] prctl(PR_SET_PDEATHSIG, SIGKILL [ 188.724767][ T6321] loop3: detected capacity change from 0 to 1024 [pid 5868] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6322] <... prctl resumed>) = 0 [pid 6321] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6320] +++ exited with 0 +++ [pid 5868] <... openat resumed>) = 3 [pid 5865] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6322] setpgid(0, 0 [pid 5868] newfstatat(3, "", [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6320, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6322] <... setpgid resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6322] <... openat resumed>) = 3 [pid 5868] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6322] write(3, "1000", 4 [pid 6321] <... link resumed>) = 0 [pid 6321] sync( [pid 6322] <... write resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6322] close(3 [pid 5866] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6322] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6322] symlink("/dev/binderfs", "./binderfs" [pid 5866] newfstatat(3, "", [pid 6322] <... symlink resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, executing program [pid 6322] write(1, "executing program\n", 18 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6322] <... write resumed>) = 18 [pid 5866] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6322] memfd_create("syzkaller", 0) = 3 [pid 6322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6321] <... sync resumed>) = 0 [pid 6321] exit_group(0) = ? [pid 5865] <... umount2 resumed>) = 0 [pid 6322] <... write resumed>) = 524288 [pid 6321] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6322] munmap(0x7f1864095000, 138412032 [pid 5866] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6321, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6322] <... munmap resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./91/file1", [pid 5865] newfstatat(AT_FDCWD, "./88/file1", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./87/file1", [pid 5868] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6322] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] openat(AT_FDCWD, "./91/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./87/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6322] <... openat resumed>) = 4 [pid 5868] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6322] ioctl(4, LOOP_SET_FD, 3 [pid 5868] newfstatat(4, "", [pid 5867] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "./87/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./88/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6322] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(3, "", [pid 5866] <... openat resumed>) = 4 [pid 5865] <... openat resumed>) = 4 [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(3, [pid 5868] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] close(4 [pid 5867] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(4, [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./91/file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] getdents64(4, [pid 6322] close(3 [pid 5866] newfstatat(4, "", [pid 6322] <... close resumed>) = 0 [pid 5868] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6322] close(4) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(4 [pid 5866] getdents64(4, [pid 6322] mkdir("./file1", 0777 [pid 5868] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] rmdir("./88/file1" [pid 6322] <... mkdir resumed>) = 0 [pid 5868] unlink("./91/binderfs" [pid 5866] getdents64(4, [pid 5865] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6322] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... unlink resumed>) = 0 [pid 5866] close(4 [pid 5865] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5866] rmdir("./87/file1" [pid 6322] <... mount resumed>) = 0 [pid 5868] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] unlink("./88/binderfs" [pid 6322] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] rmdir("./91" [pid 5866] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... unlink resumed>) = 0 [pid 6322] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6322] chdir("./file1" [pid 5866] newfstatat(AT_FDCWD, "./87/binderfs", [pid 6322] <... chdir resumed>) = 0 [pid 6322] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(3, [pid 6322] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] mkdir("./92", 0777 [pid 5866] unlink("./87/binderfs" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [ 188.921484][ T6322] loop0: detected capacity change from 0 to 1024 [pid 6322] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... mkdir resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] close(3) = 0 [pid 5865] rmdir("./88" [pid 5866] getdents64(3, [pid 5865] <... rmdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./89/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] mkdir("./89", 0777 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] close(3 [pid 6322] <... link resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./89/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... mkdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./87" [pid 6322] sync( [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... openat resumed>) = 4 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... ioctl resumed>) = 0 [pid 5867] newfstatat(4, "", [pid 5868] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] mkdir("./88", 0777 [pid 5865] <... openat resumed>) = 3 [pid 5867] getdents64(4, [pid 5866] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... ioctl resumed>) = 0 [pid 5867] close(4 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] close(3 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... close resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5867] rmdir("./89/file1" [pid 5866] close(3./strace-static-x86_64: Process 6323 attached ) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6323 ./strace-static-x86_64: Process 6324 attached [pid 6323] set_robust_list(0x5555593cd660, 24 [pid 6322] <... sync resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5867] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6324 [pid 6324] set_robust_list(0x5555593cd660, 24 [pid 5867] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5865] <... close resumed>) = 0 [pid 6324] <... set_robust_list resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6324] chdir("./88" [pid 6323] <... set_robust_list resumed>) = 0 [pid 6322] exit_group(0 [pid 6324] <... chdir resumed>) = 0 [pid 6322] <... exit_group resumed>) = ? [pid 5867] unlink("./89/binderfs" [pid 6324] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... unlink resumed>) = 0 [pid 6324] <... prctl resumed>) = 0 [pid 5867] getdents64(3, [pid 6324] setpgid(0, 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6324] <... setpgid resumed>) = 0 [pid 5867] close(3 [pid 6324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6322] +++ exited with 0 +++ [pid 5867] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6323] chdir("./92"./strace-static-x86_64: Process 6325 attached [pid 6324] <... openat resumed>) = 3 [pid 6323] <... chdir resumed>) = 0 [pid 5867] rmdir("./89" [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6322, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 6323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6325] set_robust_list(0x5555593cd660, 24 [pid 6324] write(3, "1000", 4 [pid 5867] mkdir("./90", 0777 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6325] <... set_robust_list resumed>) = 0 [pid 6324] <... write resumed>) = 4 [pid 6323] setpgid(0, 0 [pid 6325] chdir("./89" [pid 6324] close(3 [pid 6323] <... setpgid resumed>) = 0 [pid 6325] <... chdir resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6324] <... close resumed>) = 0 [pid 6325] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6324] symlink("/dev/binderfs", "./binderfs" [pid 6323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6325 [pid 5864] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6325] <... prctl resumed>) = 0 [pid 6324] <... symlink resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWRexecuting program [pid 6325] setpgid(0, 0 [pid 6324] write(1, "executing program\n", 18 [pid 6323] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6323] write(3, "1000", 4 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6325] <... setpgid resumed>) = 0 [pid 6323] <... write resumed>) = 4 [pid 6325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6324] <... write resumed>) = 18 [pid 6323] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6325] <... openat resumed>) = 3 [pid 6324] memfd_create("syzkaller", 0 [pid 6323] <... close resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 6323] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5867] close(3 [pid 6323] <... symlink resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6324] <... memfd_create resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5864] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6325] write(3, "1000", 4 [pid 6324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6325] <... write resumed>) = 4 [pid 6324] <... mmap resumed>) = 0x7f1864095000 executing program [pid 6325] close(3 [pid 6323] write(1, "executing program\n", 18 [pid 6325] <... close resumed>) = 0 [pid 6323] <... write resumed>) = 18 [pid 6325] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6323] memfd_create("syzkaller", 0 [pid 6325] write(1, "executing program\n", 18) = 18 [pid 6325] memfd_create("syzkaller", 0) = 3 [pid 6324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6323] <... memfd_create resumed>) = 3 [pid 6325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6326 attached [pid 6324] <... write resumed>) = 524288 [pid 6323] <... write resumed>) = 524288 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6326 [pid 6326] set_robust_list(0x5555593cd660, 24 [pid 5864] <... umount2 resumed>) = 0 [pid 6326] <... set_robust_list resumed>) = 0 [pid 6324] munmap(0x7f1864095000, 138412032 [pid 6326] chdir("./90" [pid 6324] <... munmap resumed>) = 0 [pid 6326] <... chdir resumed>) = 0 [pid 6325] <... write resumed>) = 524288 [pid 6323] munmap(0x7f1864095000, 138412032 [pid 5864] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6326] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6325] munmap(0x7f1864095000, 138412032 [pid 6324] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6326] <... prctl resumed>) = 0 [pid 6325] <... munmap resumed>) = 0 [pid 6324] <... openat resumed>) = 4 [pid 6323] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6326] setpgid(0, 0 [pid 5864] newfstatat(AT_FDCWD, "./88/file1", [pid 6323] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6323] <... openat resumed>) = 4 [pid 5864] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6323] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6326] <... setpgid resumed>) = 0 [pid 6324] ioctl(4, LOOP_SET_FD, 3executing program [pid 6326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6325] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6323] <... ioctl resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./88/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6326] <... openat resumed>) = 3 [pid 6325] <... openat resumed>) = 4 [pid 6324] <... ioctl resumed>) = 0 [pid 6326] write(3, "1000", 4 [pid 6325] ioctl(4, LOOP_SET_FD, 3 [pid 6324] close(3 [pid 5864] <... openat resumed>) = 4 [pid 6326] <... write resumed>) = 4 [pid 6325] <... ioctl resumed>) = 0 [pid 6324] <... close resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6326] close(3 [pid 6325] close(3 [pid 6324] close(4 [pid 6326] <... close resumed>) = 0 [pid 6325] <... close resumed>) = 0 [pid 6324] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6326] symlink("/dev/binderfs", "./binderfs" [pid 6325] close(4 [pid 6324] mkdir("./file1", 0777 [pid 5864] getdents64(4, [pid 6326] <... symlink resumed>) = 0 [pid 6325] <... close resumed>) = 0 [pid 6324] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 6326] write(1, "executing program\n", 18 [pid 6325] mkdir("./file1", 0777 [pid 6324] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6326] <... write resumed>) = 18 [pid 6325] <... mkdir resumed>) = 0 [pid 5864] close(4) = 0 [pid 6326] memfd_create("syzkaller", 0 [pid 5864] rmdir("./88/file1" [pid 6326] <... memfd_create resumed>) = 3 [pid 6325] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5864] <... rmdir resumed>) = 0 [pid 6323] close(3 [pid 5864] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6323] <... close resumed>) = 0 [pid 6323] close(4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6323] <... close resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./88/binderfs", [pid 6326] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6324] <... mount resumed>) = 0 [pid 6323] mkdir("./file1", 0777) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6324] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5864] unlink("./88/binderfs" [pid 6325] <... mount resumed>) = 0 [pid 6324] chdir("./file1" [pid 5864] <... unlink resumed>) = 0 [pid 6323] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 189.169487][ T6323] loop4: detected capacity change from 0 to 1024 [ 189.172496][ T6324] loop2: detected capacity change from 0 to 1024 [ 189.175722][ T6325] loop1: detected capacity change from 0 to 1024 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./88") = 0 [pid 6324] <... chdir resumed>) = 0 [pid 5864] mkdir("./89", 0777 [pid 6325] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6324] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... mkdir resumed>) = 0 [pid 6325] <... openat resumed>) = 3 [pid 6324] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6325] chdir("./file1" [pid 6324] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6325] <... chdir resumed>) = 0 [pid 6325] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6325] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6325] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6323] <... mount resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6326] <... write resumed>) = 524288 [pid 6323] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6327 attached [pid 6323] <... openat resumed>) = 3 [pid 6326] munmap(0x7f1864095000, 138412032 [pid 6323] chdir("./file1" [pid 6327] set_robust_list(0x5555593cd660, 24 [pid 6326] <... munmap resumed>) = 0 [pid 6323] <... chdir resumed>) = 0 [pid 6327] <... set_robust_list resumed>) = 0 [pid 6323] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6327] chdir("./89" [pid 6324] <... link resumed>) = 0 [pid 6323] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6327] <... chdir resumed>) = 0 [pid 6323] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6327] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6326] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6324] sync( [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6327 [pid 6325] <... link resumed>) = 0 [pid 6325] sync( [pid 6327] <... prctl resumed>) = 0 [pid 6326] <... openat resumed>) = 4 [pid 6327] setpgid(0, 0) = 0 [pid 6327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6326] ioctl(4, LOOP_SET_FD, 3 [pid 6327] <... openat resumed>) = 3 [pid 6326] <... ioctl resumed>) = 0 [pid 6327] write(3, "1000", 4 [pid 6326] close(3 [pid 6323] <... link resumed>) = 0 [pid 6327] <... write resumed>) = 4 [pid 6326] <... close resumed>) = 0 [pid 6323] sync( [pid 6326] close(4 [pid 6327] close(3 [pid 6326] <... close resumed>) = 0 [pid 6327] <... close resumed>) = 0 [pid 6326] mkdir("./file1", 0777 [pid 6327] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6326] <... mkdir resumed>) = 0 executing program [pid 6327] write(1, "executing program\n", 18 [pid 6326] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6327] <... write resumed>) = 18 [pid 6327] memfd_create("syzkaller", 0) = 3 [pid 6327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [ 189.322949][ T6326] loop3: detected capacity change from 0 to 1024 [pid 6327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6326] <... mount resumed>) = 0 [pid 6325] <... sync resumed>) = 0 [pid 6324] <... sync resumed>) = 0 [pid 6323] <... sync resumed>) = 0 [pid 6326] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6327] munmap(0x7f1864095000, 138412032 [pid 6326] chdir("./file1" [pid 6325] exit_group(0 [pid 6324] exit_group(0 [pid 6327] <... munmap resumed>) = 0 [pid 6323] exit_group(0 [pid 6326] <... chdir resumed>) = 0 [pid 6324] <... exit_group resumed>) = ? [pid 6323] <... exit_group resumed>) = ? [pid 6325] <... exit_group resumed>) = ? [pid 6327] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6325] +++ exited with 0 +++ [pid 6323] +++ exited with 0 +++ [pid 6326] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6323, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6325, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6326] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6326] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6324] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6327] <... openat resumed>) = 4 [pid 5868] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6324, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] <... restart_syscall resumed>) = 0 [pid 6327] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... openat resumed>) = 3 [pid 6327] <... ioctl resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 6327] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6327] <... close resumed>) = 0 [pid 5868] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6327] close(4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6327] <... close resumed>) = 0 [pid 5868] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6327] mkdir("./file1", 0777 [pid 5865] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6327] <... mkdir resumed>) = 0 [pid 6326] <... link resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6327] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5866] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6326] sync( [pid 5866] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6327] <... mount resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6327] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6327] chdir("./file1") = 0 [ 189.463012][ T6327] loop0: detected capacity change from 0 to 1024 [pid 6327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5868] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./92/file1", [pid 6327] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6326] <... sync resumed>) = 0 [pid 5868] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 6326] exit_group(0) = ? [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./92/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6326] +++ exited with 0 +++ [pid 5868] newfstatat(4, "", [pid 5865] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6326, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6327] <... link resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... umount2 resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./89/file1", [pid 6327] sync( [pid 5867] <... restart_syscall resumed>) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, [pid 5867] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] close(4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./88/file1", [pid 5868] rmdir("./92/file1" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 3 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./88/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./89/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6327] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(3, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6327] exit_group(0 [pid 5868] newfstatat(AT_FDCWD, "./92/binderfs", [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] openat(AT_FDCWD, "./88/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 4 [pid 6327] <... exit_group resumed>) = ? [pid 5865] newfstatat(4, "", [pid 5867] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] getdents64(4, [pid 5868] unlink("./92/binderfs" [pid 5866] newfstatat(4, "", [pid 6327] +++ exited with 0 +++ [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(3, [pid 5866] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6327, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5866] getdents64(4, [pid 5865] close(4 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... close resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5865] rmdir("./89/file1" [pid 5868] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5866] close(4 [pid 5865] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] rmdir("./92" [pid 5866] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5868] <... rmdir resumed>) = 0 [pid 5866] rmdir("./88/file1" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] unlink("./89/binderfs" [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] getdents64(3, [pid 5864] <... openat resumed>) = 3 [pid 5868] mkdir("./93", 0777 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(3 [pid 5864] newfstatat(3, "", [pid 5867] newfstatat(AT_FDCWD, "./90/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5865] rmdir("./89" [pid 5864] getdents64(3, [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] openat(AT_FDCWD, "./90/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 4 [pid 5866] unlink("./88/binderfs" [pid 5864] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(4, "", [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] getdents64(3, [pid 5865] mkdir("./90", 0777 [pid 5868] close(3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(4, [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5865] <... mkdir resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./88"./strace-static-x86_64: Process 6328 attached ) = 0 [pid 5866] mkdir("./89", 0777 [pid 6328] set_robust_list(0x5555593cd660, 24 [pid 5867] close(4 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6328 [pid 5867] rmdir("./90/file1" [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 6328] <... set_robust_list resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6328] chdir("./93" [pid 5867] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... ioctl resumed>) = 0 [pid 6328] <... chdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 6328] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6328] <... prctl resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6328] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6329 attached [pid 5866] close(3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] unlink("./90/binderfs") = 0 [pid 5867] getdents64(3, ./strace-static-x86_64: Process 6330 attached 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./90" [pid 6330] set_robust_list(0x5555593cd660, 24 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6330 [pid 6330] <... set_robust_list resumed>) = 0 [pid 6330] chdir("./89") = 0 [pid 6330] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] mkdir("./91", 0777 [pid 6328] <... setpgid resumed>) = 0 [pid 6330] <... prctl resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6330] setpgid(0, 0) = 0 [pid 6329] set_robust_list(0x5555593cd660, 24 [pid 6328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... openat resumed>) = 3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6329 [pid 6329] <... set_robust_list resumed>) = 0 [pid 6328] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6330] <... openat resumed>) = 3 [pid 6329] chdir("./90" [pid 6328] write(3, "1000", 4 [pid 5867] <... ioctl resumed>) = 0 [pid 6330] write(3, "1000", 4 [pid 6329] <... chdir resumed>) = 0 [pid 6328] <... write resumed>) = 4 [pid 5867] close(3 [pid 6330] <... write resumed>) = 4 [pid 6329] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6328] close(3 [pid 5867] <... close resumed>) = 0 [pid 6330] close(3 [pid 6329] <... prctl resumed>) = 0 [pid 6328] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6329] setpgid(0, 0) = 0 [pid 6328] symlink("/dev/binderfs", "./binderfs"executing program [pid 6330] <... close resumed>) = 0 [pid 6329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6328] <... symlink resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6328] write(1, "executing program\n", 18./strace-static-x86_64: Process 6331 attached [pid 6330] symlink("/dev/binderfs", "./binderfs" [pid 6329] <... openat resumed>) = 3 [pid 6328] <... write resumed>) = 18 [pid 6331] set_robust_list(0x5555593cd660, 24 [pid 6330] <... symlink resumed>) = 0 [pid 5864] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6331] <... set_robust_list resumed>) = 0 executing program [pid 6330] write(1, "executing program\n", 18 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6331 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6330] <... write resumed>) = 18 [pid 5864] newfstatat(AT_FDCWD, "./89/file1", [pid 6331] chdir("./91" [pid 6330] memfd_create("syzkaller", 0 [pid 6328] memfd_create("syzkaller", 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6331] <... chdir resumed>) = 0 [pid 6330] <... memfd_create resumed>) = 3 [pid 6328] <... memfd_create resumed>) = 3 [pid 6331] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6331] <... prctl resumed>) = 0 [pid 6330] <... mmap resumed>) = 0x7f1864095000 [pid 6329] write(3, "1000", 4 [pid 6328] <... mmap resumed>) = 0x7f1864095000 [pid 6331] setpgid(0, 0 [pid 6329] <... write resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6331] <... setpgid resumed>) = 0 [pid 6329] close(3 [pid 6331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] openat(AT_FDCWD, "./89/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6331] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 4 [pid 6330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6329] <... close resumed>) = 0 [pid 6328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] newfstatat(4, "", [pid 6331] write(3, "1000", 4 [pid 6329] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6331] <... write resumed>) = 4 [pid 5864] getdents64(4, [pid 6331] close(3 [pid 6329] <... symlink resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6331] <... close resumed>) = 0 executing program [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6329] write(1, "executing program\n", 18) = 18 [pid 6331] symlink("/dev/binderfs", "./binderfs" [pid 5864] close(4 [pid 6329] memfd_create("syzkaller", 0 [pid 6331] <... symlink resumed>) = 0 [pid 6329] <... memfd_create resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 6329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] rmdir("./89/file1" [pid 6329] <... mmap resumed>) = 0x7f1864095000 executing program [pid 6331] write(1, "executing program\n", 18 [pid 5864] <... rmdir resumed>) = 0 [pid 6331] <... write resumed>) = 18 [pid 6331] memfd_create("syzkaller", 0 [pid 5864] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6331] <... memfd_create resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./89/binderfs", [pid 6331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6331] <... mmap resumed>) = 0x7f1864095000 [pid 5864] unlink("./89/binderfs") = 0 [pid 6328] <... write resumed>) = 524288 [pid 6330] <... write resumed>) = 524288 [pid 6329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6328] munmap(0x7f1864095000, 138412032 [pid 5864] getdents64(3, [pid 6328] <... munmap resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6330] munmap(0x7f1864095000, 138412032 [pid 5864] close(3 [pid 6330] <... munmap resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6328] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] rmdir("./89" [pid 6330] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6328] <... openat resumed>) = 4 [pid 5864] <... rmdir resumed>) = 0 [pid 6331] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6330] <... openat resumed>) = 4 [pid 6328] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6330] ioctl(4, LOOP_SET_FD, 3 [pid 6328] ioctl(4, LOOP_CLR_FD [pid 6331] <... write resumed>) = 524288 [pid 6329] <... write resumed>) = 524288 [pid 6328] <... ioctl resumed>) = 0 [pid 5864] mkdir("./90", 0777) = 0 [pid 6330] <... ioctl resumed>) = 0 [pid 6330] close(3) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6330] close(4 [pid 5864] <... openat resumed>) = 3 [pid 6330] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3) = 0 [pid 6330] mkdir("./file1", 0777 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6330] <... mkdir resumed>) = 0 [pid 6328] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6332 attached ) = -1 EBUSY (Device or resource busy) [pid 6328] close(4 [pid 6332] set_robust_list(0x5555593cd660, 24 [pid 6330] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6332] <... set_robust_list resumed>) = 0 [pid 6332] chdir("./90" [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6332 [pid 6332] <... chdir resumed>) = 0 [pid 6332] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6329] munmap(0x7f1864095000, 138412032 [pid 6332] <... prctl resumed>) = 0 [pid 6331] munmap(0x7f1864095000, 138412032 [pid 6329] <... munmap resumed>) = 0 [pid 6332] setpgid(0, 0 [pid 6331] <... munmap resumed>) = 0 [pid 6329] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6329] ioctl(4, LOOP_SET_FD, 3 [pid 6332] <... setpgid resumed>) = 0 [pid 6329] <... ioctl resumed>) = 0 [pid 6328] <... close resumed>) = 0 [ 189.851407][ T6330] loop2: detected capacity change from 0 to 1024 [pid 6332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6331] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6330] <... mount resumed>) = 0 [pid 6329] close(3) = 0 [pid 6331] <... openat resumed>) = 4 [pid 6329] close(4 [pid 6328] close(3 [pid 6332] <... openat resumed>) = 3 [pid 6331] ioctl(4, LOOP_SET_FD, 3 [pid 6330] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6329] <... close resumed>) = 0 [pid 6329] mkdir("./file1", 0777 [pid 6328] <... close resumed>) = 0 [pid 6328] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6332] write(3, "1000", 4 [pid 6331] <... ioctl resumed>) = 0 [pid 6330] <... openat resumed>) = 3 [pid 6329] <... mkdir resumed>) = 0 [pid 6328] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6328] sync( [pid 6330] chdir("./file1") = 0 [pid 6332] <... write resumed>) = 4 [pid 6331] close(3 [pid 6329] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6332] close(3 [pid 6331] <... close resumed>) = 0 [pid 6330] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6332] <... close resumed>) = 0 [pid 6330] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6332] symlink("/dev/binderfs", "./binderfs" [pid 6331] close(4 [pid 6330] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6331] <... close resumed>) = 0 [pid 6331] mkdir("./file1", 0777 [pid 6329] <... mount resumed>) = 0 [pid 6330] <... link resumed>) = 0 [pid 6330] sync( [pid 6329] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6332] <... symlink resumed>) = 0 [ 189.898089][ T6329] loop1: detected capacity change from 0 to 1024 [ 189.932001][ T6331] loop3: detected capacity change from 0 to 1024 [pid 6331] <... mkdir resumed>) = 0 [pid 6329] <... openat resumed>) = 3 [pid 6332] write(1, "executing program\n", 18 [pid 6329] chdir("./file1") = 0 executing program [pid 6331] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6329] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6332] <... write resumed>) = 18 [pid 6329] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6332] memfd_create("syzkaller", 0 [pid 6329] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6332] <... memfd_create resumed>) = 3 [pid 6328] <... sync resumed>) = 0 [pid 6332] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6328] exit_group(0) = ? [pid 6328] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6328, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6329] <... link resumed>) = 0 [pid 5868] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6332] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6329] sync( [pid 5868] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5868] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./93/binderfs") = 0 [pid 5868] getdents64(3, [pid 6331] <... mount resumed>) = 0 [pid 6331] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6329] <... sync resumed>) = 0 [pid 6331] chdir("./file1" [pid 6329] exit_group(0 [pid 5868] close(3 [pid 6331] <... chdir resumed>) = 0 [pid 6330] <... sync resumed>) = 0 [pid 6329] <... exit_group resumed>) = ? [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./93" [pid 6330] exit_group(0 [pid 5868] <... rmdir resumed>) = 0 [pid 6332] <... write resumed>) = 524288 [pid 6330] <... exit_group resumed>) = ? [pid 6331] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6331] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] mkdir("./94", 0777) = 0 [pid 6329] +++ exited with 0 +++ [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6329, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5868] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5868] close(3 [pid 6332] munmap(0x7f1864095000, 138412032 [pid 6331] <... link resumed>) = 0 [pid 6330] +++ exited with 0 +++ [pid 6331] sync( [pid 5868] <... close resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6332] <... munmap resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6330, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6331] <... sync resumed>) = 0 [pid 5865] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6333 attached [pid 6331] exit_group(0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6333] set_robust_list(0x5555593cd660, 24 [pid 6332] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6333] <... set_robust_list resumed>) = 0 [pid 6332] <... openat resumed>) = 4 [pid 6331] <... exit_group resumed>) = ? [pid 5865] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6332] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6333 [pid 5865] <... openat resumed>) = 3 [pid 6333] chdir("./94" [pid 5865] newfstatat(3, "", [pid 6332] <... ioctl resumed>) = 0 [pid 6332] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6332] <... close resumed>) = 0 [pid 5865] getdents64(3, [pid 6332] close(4) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6333] <... chdir resumed>) = 0 [pid 6331] +++ exited with 0 +++ [pid 6333] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6333] <... prctl resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6331, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6333] setpgid(0, 0) = 0 [pid 6333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6332] mkdir("./file1", 0777 [pid 6333] <... openat resumed>) = 3 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6333] write(3, "1000", 4 [pid 6332] <... mkdir resumed>) = 0 executing program [pid 5867] <... restart_syscall resumed>) = 0 [pid 6333] <... write resumed>) = 4 [pid 6332] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6333] close(3) = 0 [pid 6333] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6333] write(1, "executing program\n", 18) = 18 [pid 6333] memfd_create("syzkaller", 0) = 3 [pid 6333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6332] <... mount resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [ 190.114600][ T6332] loop0: detected capacity change from 0 to 1024 [pid 6332] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6333] <... write resumed>) = 524288 [pid 5867] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6332] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6332] chdir("./file1" [pid 5865] newfstatat(AT_FDCWD, "./90/file1", [pid 5867] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6332] <... chdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6332] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... openat resumed>) = 3 [pid 5865] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6332] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] newfstatat(3, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6332] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./90/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... openat resumed>) = 4 [pid 5867] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5866] <... umount2 resumed>) = 0 [pid 6333] munmap(0x7f1864095000, 138412032 [pid 6332] <... link resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6332] sync( [pid 5866] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(4, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6333] <... munmap resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./89/file1", [pid 5865] close(4 [pid 6333] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6333] <... openat resumed>) = 4 [pid 5866] umount2("./89/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6333] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6333] <... ioctl resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./89/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6333] close(3 [pid 5866] newfstatat(4, "", [pid 5865] rmdir("./90/file1" [pid 6333] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6333] close(4) = 0 [pid 5866] getdents64(4, [pid 6333] mkdir("./file1", 0777 [pid 6332] <... sync resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./90/binderfs") = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6333] <... mkdir resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] rmdir("./90") = 0 [pid 6332] exit_group(0 [pid 5866] close(4 [pid 6333] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6332] <... exit_group resumed>) = ? [pid 5866] <... close resumed>) = 0 [pid 6332] +++ exited with 0 +++ [pid 5867] <... umount2 resumed>) = 0 [pid 5866] rmdir("./89/file1" [pid 5865] mkdir("./91", 0777 [pid 5867] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6332, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5867] newfstatat(AT_FDCWD, "./91/file1", [pid 5865] <... mkdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] openat(AT_FDCWD, "./91/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 190.252929][ T6333] loop4: detected capacity change from 0 to 1024 [pid 5866] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5865] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6333] <... mount resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6333] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] getdents64(4, [pid 5866] unlink("./89/binderfs" [pid 5865] <... ioctl resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... unlink resumed>) = 0 [pid 5865] close(3 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 6333] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] <... close resumed>) = 0 [pid 5864] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6333] chdir("./file1" [pid 5867] rmdir("./91/file1" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6333] <... chdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] close(3./strace-static-x86_64: Process 6334 attached [pid 6333] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6334] set_robust_list(0x5555593cd660, 24 [pid 6333] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5866] rmdir("./89" [pid 6334] <... set_robust_list resumed>) = 0 [pid 6333] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] newfstatat(3, "", [pid 5867] unlink("./91/binderfs" [pid 6334] chdir("./91" [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6334 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6334] <... chdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] mkdir("./90", 0777 [pid 5864] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... mkdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6335 attached , child_tidptr=0x5555593cd650) = 6335 [pid 6335] set_robust_list(0x5555593cd660, 24) = 0 [pid 6334] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] getdents64(3, [pid 6334] <... prctl resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6334] setpgid(0, 0 [pid 5867] close(3 [pid 6335] chdir("./90" [pid 6334] <... setpgid resumed>) = 0 [pid 6333] <... link resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./91" [pid 6333] sync( [pid 6334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... rmdir resumed>) = 0 [pid 6335] <... chdir resumed>) = 0 [pid 5867] mkdir("./92", 0777 [pid 6335] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6334] <... openat resumed>) = 3 [pid 5867] <... mkdir resumed>) = 0 [pid 6334] write(3, "1000", 4 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6334] <... write resumed>) = 4 [pid 6334] close(3 [pid 6335] <... prctl resumed>) = 0 [pid 6335] setpgid(0, 0 [pid 6334] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6334] symlink("/dev/binderfs", "./binderfs" [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6335] <... setpgid resumed>) = 0 [pid 6334] <... symlink resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5867] close(3 [pid 5864] <... umount2 resumed>) = 0 [pid 6335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6335] <... openat resumed>) = 3 [pid 6334] write(1, "executing program\n", 18 [pid 5867] <... close resumed>) = 0 [pid 6334] <... write resumed>) = 18 [pid 6335] write(3, "1000", 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./90/file1", [pid 6333] <... sync resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6335] <... write resumed>) = 4 [pid 6333] exit_group(0 [pid 5864] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6335] close(3 [pid 6333] <... exit_group resumed>) = ? [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6335] <... close resumed>) = 0 [pid 6333] +++ exited with 0 +++ [pid 5864] openat(AT_FDCWD, "./90/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6333, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6335] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... openat resumed>) = 4 [pid 6335] <... symlink resumed>) = 0 [pid 6334] memfd_create("syzkaller", 0 [pid 5864] newfstatat(4, "", executing program [pid 6335] write(1, "executing program\n", 18 [pid 6334] <... memfd_create resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 6334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 6334] <... mmap resumed>) = 0x7f1864095000 [pid 6335] <... write resumed>) = 18 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6336 [pid 6335] memfd_create("syzkaller", 0 [pid 5864] rmdir("./90/file1") = 0 [pid 6335] <... memfd_create resumed>) = 3 [pid 6335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 ./strace-static-x86_64: Process 6336 attached [pid 6334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6336] set_robust_list(0x5555593cd660, 24 [pid 5864] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6336] <... set_robust_list resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6336] chdir("./92" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(3, "", [pid 6336] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6336] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./90/binderfs" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6336] <... prctl resumed>) = 0 [pid 6336] setpgid(0, 0 [pid 5868] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... unlink resumed>) = 0 [pid 6336] <... setpgid resumed>) = 0 [pid 6335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6334] <... write resumed>) = 524288 [pid 6336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 6336] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 6336] write(3, "1000", 4 [pid 5864] rmdir("./90") = 0 [pid 5864] mkdir("./91", 0777 [pid 6336] <... write resumed>) = 4 [pid 5864] <... mkdir resumed>) = 0 [pid 6336] close(3 [pid 6334] munmap(0x7f1864095000, 138412032 [pid 6336] <... close resumed>) = 0 [pid 6336] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6335] <... write resumed>) = 524288 [pid 6334] <... munmap resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3 [pid 6335] munmap(0x7f1864095000, 138412032 [pid 5864] <... close resumed>) = 0 [pid 6335] <... munmap resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6336] write(1, "executing program\n", 18 [pid 6334] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6336] <... write resumed>) = 18 ./strace-static-x86_64: Process 6337 attached [pid 6336] memfd_create("syzkaller", 0 [pid 6335] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6336] <... memfd_create resumed>) = 3 [pid 6335] <... openat resumed>) = 4 [pid 6336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6334] <... openat resumed>) = 4 [pid 6335] ioctl(4, LOOP_SET_FD, 3 [pid 6336] <... mmap resumed>) = 0x7f1864095000 [pid 6335] <... ioctl resumed>) = 0 [pid 6334] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... umount2 resumed>) = 0 [pid 6337] set_robust_list(0x5555593cd660, 24) = 0 [pid 6334] <... ioctl resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6337 [pid 6337] chdir("./91" [pid 6335] close(3) = 0 [pid 6337] <... chdir resumed>) = 0 [pid 6335] close(4 [pid 6337] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6335] <... close resumed>) = 0 [pid 6337] <... prctl resumed>) = 0 [pid 6335] mkdir("./file1", 0777 [pid 6337] setpgid(0, 0 [pid 6335] <... mkdir resumed>) = 0 [pid 6337] <... setpgid resumed>) = 0 [pid 6337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6335] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6337] <... openat resumed>) = 3 [pid 6337] write(3, "1000", 4 [pid 6336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6334] close(3 [pid 5868] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6337] <... write resumed>) = 4 [pid 6334] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6337] close(3) = 0 [pid 6334] close(4 [pid 5868] newfstatat(AT_FDCWD, "./94/file1", [pid 6337] symlink("/dev/binderfs", "./binderfs" [pid 6334] <... close resumed>) = 0 [pid 6337] <... symlink resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6335] <... mount resumed>) = 0 [pid 6337] write(1, "executing program\n", 18executing program [pid 6335] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6337] <... write resumed>) = 18 [pid 6335] <... openat resumed>) = 3 [pid 6334] mkdir("./file1", 0777 [pid 5868] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6337] memfd_create("syzkaller", 0 [pid 6335] chdir("./file1" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6337] <... memfd_create resumed>) = 3 [pid 6334] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./94/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5868] <... openat resumed>) = 4 [pid 6334] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 190.553414][ T6335] loop2: detected capacity change from 0 to 1024 [ 190.559028][ T6334] loop1: detected capacity change from 0 to 1024 [pid 5868] newfstatat(4, "", [pid 6335] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6335] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] getdents64(4, [pid 6335] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6335] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 6336] <... write resumed>) = 524288 [pid 5868] <... close resumed>) = 0 [pid 6336] munmap(0x7f1864095000, 138412032 [pid 5868] rmdir("./94/file1" [pid 6336] <... munmap resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6336] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6336] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6337] <... write resumed>) = 524288 [pid 6336] ioctl(4, LOOP_SET_FD, 3 [pid 6335] <... link resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./94/binderfs", [pid 6334] <... mount resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6335] sync( [pid 6334] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] unlink("./94/binderfs" [pid 6337] munmap(0x7f1864095000, 138412032 [pid 6334] <... openat resumed>) = 3 [pid 6334] chdir("./file1" [pid 6337] <... munmap resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 6337] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6334] <... chdir resumed>) = 0 [pid 5868] getdents64(3, [pid 6334] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6334] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] close(3) = 0 [pid 6334] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] rmdir("./94" [pid 6337] <... openat resumed>) = 4 [pid 6336] <... ioctl resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6337] ioctl(4, LOOP_SET_FD, 3 [pid 6336] close(3 [pid 6337] <... ioctl resumed>) = 0 [pid 6336] <... close resumed>) = 0 [pid 6337] close(3 [pid 6336] close(4 [pid 6337] <... close resumed>) = 0 [pid 6336] <... close resumed>) = 0 [pid 6337] close(4 [pid 6336] mkdir("./file1", 0777 [pid 6337] <... close resumed>) = 0 [pid 6336] <... mkdir resumed>) = 0 [pid 5868] mkdir("./95", 0777 [pid 6337] mkdir("./file1", 0777 [pid 6336] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6335] <... sync resumed>) = 0 [pid 6335] exit_group(0) = ? [pid 6337] <... mkdir resumed>) = 0 [pid 6335] +++ exited with 0 +++ [pid 6337] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... mkdir resumed>) = 0 [pid 6334] <... link resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6335, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6334] sync( [pid 5866] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6337] <... mount resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6337] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] <... openat resumed>) = 3 [ 190.686566][ T6336] loop3: detected capacity change from 0 to 1024 [ 190.692344][ T6337] loop0: detected capacity change from 0 to 1024 [pid 5866] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6337] chdir("./file1" [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] <... openat resumed>) = 3 [pid 6337] <... chdir resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 6337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6336] <... mount resumed>) = 0 [pid 5868] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6337] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6336] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 6336] <... openat resumed>) = 3 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6338 attached [pid 6336] chdir("./file1" [pid 5866] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] set_robust_list(0x5555593cd660, 24 [pid 6336] <... chdir resumed>) = 0 [pid 6336] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6338] <... set_robust_list resumed>) = 0 [pid 6337] <... link resumed>) = 0 [pid 6338] chdir("./95") = 0 [pid 6337] sync( [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6338 [pid 6336] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6338] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6336] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6338] <... prctl resumed>) = 0 [pid 6338] setpgid(0, 0) = 0 [pid 6338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6334] <... sync resumed>) = 0 [pid 6338] <... openat resumed>) = 3 [pid 6334] exit_group(0) = ? [pid 6338] write(3, "1000", 4) = 4 [pid 6338] close(3) = 0 [pid 6338] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6334] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6334, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6336] <... link resumed>) = 0 [pid 5865] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6338] write(1, "executing program\n", 18 [pid 5865] <... openat resumed>) = 3 [pid 6338] <... write resumed>) = 18 [pid 6336] sync( [pid 5865] newfstatat(3, "", [pid 6338] memfd_create("syzkaller", 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6338] <... memfd_create resumed>) = 3 [pid 5865] getdents64(3, [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6338] <... mmap resumed>) = 0x7f1864095000 [pid 5866] newfstatat(AT_FDCWD, "./90/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./90/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./90/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6337] <... sync resumed>) = 0 [pid 6336] <... sync resumed>) = 0 [pid 5866] getdents64(4, [pid 6337] exit_group(0 [pid 6336] exit_group(0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6337] <... exit_group resumed>) = ? [pid 6338] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6336] <... exit_group resumed>) = ? [pid 5866] getdents64(4, [pid 6337] +++ exited with 0 +++ [pid 6336] +++ exited with 0 +++ [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6336, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] close(4) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6337, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./90/file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6338] <... write resumed>) = 524288 [pid 5867] <... openat resumed>) = 3 [pid 5866] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] munmap(0x7f1864095000, 138412032 [pid 5867] newfstatat(3, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6338] <... munmap resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6338] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] newfstatat(AT_FDCWD, "./90/binderfs", [pid 5864] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 6338] <... openat resumed>) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] ioctl(4, LOOP_SET_FD, 3 [pid 5866] unlink("./90/binderfs" [pid 5864] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6338] <... ioctl resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 6338] close(3 [pid 5866] getdents64(3, [pid 6338] <... close resumed>) = 0 [pid 6338] close(4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6338] <... close resumed>) = 0 [pid 5866] close(3 [pid 5865] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./91/file1", [pid 5866] rmdir("./90" [pid 6338] mkdir("./file1", 0777 [pid 5866] <... rmdir resumed>) = 0 [pid 5866] mkdir("./91", 0777 [pid 6338] <... mkdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5865] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(3, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] openat(AT_FDCWD, "./91/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] getdents64(3, [pid 6338] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5866] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4) = 0 [pid 5865] rmdir("./91/file1") = 0 [pid 5865] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./91/binderfs"./strace-static-x86_64: Process 6339 attached ) = 0 [pid 6339] set_robust_list(0x5555593cd660, 24 [pid 6338] <... mount resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6339 [pid 6338] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6339] <... set_robust_list resumed>) = 0 [pid 6339] chdir("./91" [pid 6338] <... openat resumed>) = 3 [pid 6338] chdir("./file1" [pid 6339] <... chdir resumed>) = 0 [pid 5865] getdents64(3, [pid 6339] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6338] <... chdir resumed>) = 0 [pid 6339] <... prctl resumed>) = 0 [pid 6338] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6339] setpgid(0, 0 [pid 6338] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6339] <... setpgid resumed>) = 0 [pid 6338] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] close(3) = 0 [ 190.961737][ T6338] loop4: detected capacity change from 0 to 1024 [pid 5865] rmdir("./91" [pid 5867] <... umount2 resumed>) = 0 [pid 6339] <... openat resumed>) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = 0 [pid 6339] write(3, "1000", 4 [pid 5864] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] mkdir("./92", 0777 [pid 5864] newfstatat(AT_FDCWD, "./91/file1", [pid 6338] <... link resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./92/file1", [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6339] <... write resumed>) = 4 [pid 6338] sync( [pid 6339] close(3 [pid 5864] umount2("./91/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6339] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6339] symlink("/dev/binderfs", "./binderfs" [pid 5867] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./91/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6339] <... symlink resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", executing program [pid 6339] write(1, "executing program\n", 18 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6339] <... write resumed>) = 18 [pid 5864] getdents64(4, [pid 6339] memfd_create("syzkaller", 0 [pid 6338] <... sync resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6339] <... memfd_create resumed>) = 3 [pid 5867] openat(AT_FDCWD, "./92/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... ioctl resumed>) = 0 [pid 5864] getdents64(4, [pid 6339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6338] exit_group(0 [pid 5867] <... openat resumed>) = 4 [pid 5865] close(3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] newfstatat(4, "", [pid 5865] <... close resumed>) = 0 [pid 6339] <... mmap resumed>) = 0x7f1864095000 [pid 6338] <... exit_group resumed>) = ? [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] close(4 [pid 5867] getdents64(4, [pid 6338] +++ exited with 0 +++ [pid 5864] <... close resumed>) = 0 [pid 6339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6340 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6340 attached [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6338, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] close(4 [pid 5864] rmdir("./91/file1" [pid 5867] <... close resumed>) = 0 [pid 5868] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 6340] set_robust_list(0x5555593cd660, 24 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] rmdir("./92/file1" [pid 5864] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... openat resumed>) = 3 [pid 5867] <... rmdir resumed>) = 0 [pid 5867] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6340] <... set_robust_list resumed>) = 0 [pid 6339] <... write resumed>) = 524288 [pid 5868] newfstatat(3, "", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5867] newfstatat(AT_FDCWD, "./92/binderfs", [pid 6340] chdir("./92" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, [pid 5864] unlink("./91/binderfs" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... unlink resumed>) = 0 [pid 6340] <... chdir resumed>) = 0 [pid 5868] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] getdents64(3, [pid 5867] unlink("./92/binderfs" [pid 6340] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 6340] <... prctl resumed>) = 0 [pid 5867] getdents64(3, [pid 6340] setpgid(0, 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 6340] <... setpgid resumed>) = 0 [pid 5867] close(3 [pid 5864] <... close resumed>) = 0 [pid 6340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] rmdir("./91" [pid 6340] <... openat resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 6340] write(3, "1000", 4 [pid 5867] <... close resumed>) = 0 [pid 6340] <... write resumed>) = 4 [pid 5867] rmdir("./92" [pid 5864] mkdir("./92", 0777 [pid 6340] close(3 [pid 5864] <... mkdir resumed>) = 0 [pid 6340] <... close resumed>) = 0 [pid 6340] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6339] munmap(0x7f1864095000, 138412032 [pid 5867] mkdir("./93", 0777executing program [pid 6340] write(1, "executing program\n", 18 [pid 6339] <... munmap resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6340] <... write resumed>) = 18 [pid 5864] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6340] memfd_create("syzkaller", 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5867] close(3 [pid 6339] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6340] <... memfd_create resumed>) = 3 [pid 6339] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6339] ioctl(4, LOOP_SET_FD, 3 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6340] <... mmap resumed>) = 0x7f1864095000 [pid 6339] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] close(3./strace-static-x86_64: Process 6341 attached [pid 6339] ioctl(4, LOOP_CLR_FD [pid 5868] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6341 [pid 6339] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] newfstatat(AT_FDCWD, "./95/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6342 attached [pid 6339] ioctl(4, LOOP_SET_FD, 3 [pid 5868] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6339] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6339] close(4 [pid 5868] openat(AT_FDCWD, "./95/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6339] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 6342] set_robust_list(0x5555593cd660, 24 [pid 6341] set_robust_list(0x5555593cd660, 24 [pid 6340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] newfstatat(4, "", [pid 6341] <... set_robust_list resumed>) = 0 [pid 6342] <... set_robust_list resumed>) = 0 [pid 6341] chdir("./93" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6342 [pid 6342] chdir("./92" [pid 5868] getdents64(4, [pid 6342] <... chdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6342] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] getdents64(4, [pid 6342] <... prctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6342] setpgid(0, 0) = 0 [pid 5868] close(4 [pid 6342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... close resumed>) = 0 [pid 6341] <... chdir resumed>) = 0 [pid 6342] <... openat resumed>) = 3 [pid 5868] rmdir("./95/file1" [pid 6342] write(3, "1000", 4 [pid 6341] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... rmdir resumed>) = 0 [pid 6341] <... prctl resumed>) = 0 [pid 6342] <... write resumed>) = 4 [pid 6342] close(3) = 0 [pid 6341] setpgid(0, 0 [pid 6342] symlink("/dev/binderfs", "./binderfs" [pid 6341] <... setpgid resumed>) = 0 [pid 6339] close(3 [pid 5868] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6342] <... symlink resumed>) = 0 [pid 6341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6339] <... close resumed>) = 0 executing program executing program [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6342] write(1, "executing program\n", 18 [pid 6341] <... openat resumed>) = 3 [pid 6340] <... write resumed>) = 524288 [pid 6339] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6342] <... write resumed>) = 18 [pid 6339] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6341] write(3, "1000", 4 [pid 6339] sync( [pid 6342] memfd_create("syzkaller", 0 [pid 6341] <... write resumed>) = 4 [pid 6340] munmap(0x7f1864095000, 138412032 [pid 6341] close(3 [pid 6342] <... memfd_create resumed>) = 3 [pid 6341] <... close resumed>) = 0 [pid 6341] symlink("/dev/binderfs", "./binderfs" [pid 6342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5868] newfstatat(AT_FDCWD, "./95/binderfs", [pid 6341] <... symlink resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./95/binderfs" [pid 6341] write(1, "executing program\n", 18) = 18 [pid 5868] <... unlink resumed>) = 0 [pid 5868] getdents64(3, [pid 6341] memfd_create("syzkaller", 0) = 3 [pid 6340] <... munmap resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6340] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6339] <... sync resumed>) = 0 [pid 5868] close(3 [pid 6340] <... openat resumed>) = 4 [pid 5868] <... close resumed>) = 0 [pid 6340] ioctl(4, LOOP_SET_FD, 3 [pid 5868] rmdir("./95" [pid 6340] <... ioctl resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6340] close(3 [pid 6339] exit_group(0 [pid 5868] mkdir("./96", 0777 [pid 6340] <... close resumed>) = 0 [pid 6339] <... exit_group resumed>) = ? [pid 6341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6340] close(4 [pid 6339] +++ exited with 0 +++ [pid 5868] <... mkdir resumed>) = 0 [pid 6340] <... close resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6339, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6340] mkdir("./file1", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6340] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... openat resumed>) = 3 [pid 5866] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6341] <... write resumed>) = 524288 [pid 6341] munmap(0x7f1864095000, 138412032 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6341] <... munmap resumed>) = 0 [pid 6341] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3 [pid 6341] <... openat resumed>) = 4 [pid 6341] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... close resumed>) = 0 [ 191.269220][ T6340] loop1: detected capacity change from 0 to 1024 [pid 6342] <... write resumed>) = 524288 [pid 6341] <... ioctl resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6343 attached [pid 6342] munmap(0x7f1864095000, 138412032 [pid 6341] close(3) = 0 [pid 6342] <... munmap resumed>) = 0 [pid 6341] close(4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6343 [pid 6341] <... close resumed>) = 0 [pid 6343] set_robust_list(0x5555593cd660, 24) = 0 [pid 6342] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6343] chdir("./96") = 0 [pid 6343] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6341] mkdir("./file1", 0777 [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 6341] <... mkdir resumed>) = 0 [pid 6342] <... openat resumed>) = 4 [pid 6341] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6343] <... prctl resumed>) = 0 [pid 6342] ioctl(4, LOOP_SET_FD, 3 [pid 5866] getdents64(3, [pid 6343] setpgid(0, 0 [pid 6342] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6343] <... setpgid resumed>) = 0 [pid 6342] ioctl(4, LOOP_CLR_FD [pid 6340] <... mount resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6342] <... ioctl resumed>) = 0 [pid 6340] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./91/binderfs", [pid 6342] ioctl(4, LOOP_SET_FD, 3 [pid 6341] <... mount resumed>) = 0 [ 191.329093][ T6341] loop3: detected capacity change from 0 to 1024 [pid 6342] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6342] close(4) = 0 [pid 6342] close(3 [pid 6341] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6343] <... openat resumed>) = 3 [pid 6341] <... openat resumed>) = 3 [pid 6341] chdir("./file1") = 0 [pid 6341] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6341] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6343] write(3, "1000", 4 [pid 6340] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6343] <... write resumed>) = 4 [pid 6340] chdir("./file1" [pid 5866] unlink("./91/binderfs" [pid 6340] <... chdir resumed>) = 0 [pid 6340] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] <... unlink resumed>) = 0 [pid 6343] close(3) = 0 [pid 6342] <... close resumed>) = 0 [pid 6340] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6343] symlink("/dev/binderfs", "./binderfs" [pid 6340] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 6342] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6343] <... symlink resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6342] <... link resumed>) = -1 ENOENT (No such file or directory) executing program [pid 6343] write(1, "executing program\n", 18 [pid 5866] rmdir("./91" [pid 6342] sync( [pid 6343] <... write resumed>) = 18 [pid 5866] <... rmdir resumed>) = 0 [pid 6343] memfd_create("syzkaller", 0) = 3 [pid 5866] mkdir("./92", 0777 [pid 6343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] <... mkdir resumed>) = 0 [pid 6341] <... link resumed>) = 0 [pid 6341] sync( [pid 6343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5866] close(3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6340] <... link resumed>) = 0 ./strace-static-x86_64: Process 6344 attached [pid 6342] <... sync resumed>) = 0 [pid 6340] sync( [pid 6342] exit_group(0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6344 [pid 6344] set_robust_list(0x5555593cd660, 24) = 0 [pid 6343] <... write resumed>) = 524288 [pid 6342] <... exit_group resumed>) = ? [pid 6342] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6342, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6344] chdir("./92" [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6344] <... chdir resumed>) = 0 [pid 6343] munmap(0x7f1864095000, 138412032 [pid 6340] <... sync resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6344] setpgid(0, 0) = 0 [pid 6343] <... munmap resumed>) = 0 [pid 6341] <... sync resumed>) = 0 [pid 6340] exit_group(0 [pid 5864] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6340] <... exit_group resumed>) = ? [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6340] +++ exited with 0 +++ [pid 5864] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6344] <... openat resumed>) = 3 [pid 6343] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6341] exit_group(0 [pid 5864] <... openat resumed>) = 3 [pid 6344] write(3, "1000", 4 [pid 6343] <... openat resumed>) = 4 [pid 6341] <... exit_group resumed>) = ? [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6340, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] newfstatat(3, "", [pid 6344] <... write resumed>) = 4 [pid 6343] ioctl(4, LOOP_SET_FD, 3 [pid 6341] +++ exited with 0 +++ [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6344] close(3 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6341, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6344] <... close resumed>) = 0 [pid 6343] <... ioctl resumed>) = 0 [pid 6344] symlink("/dev/binderfs", "./binderfs" [pid 6343] close(3 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] getdents64(3, [pid 6344] <... symlink resumed>) = 0 [pid 6343] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6344] write(1, "executing program\n", 18 executing program [pid 6343] close(4 [pid 5864] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] <... write resumed>) = 18 [pid 6343] <... close resumed>) = 0 [pid 5865] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6344] memfd_create("syzkaller", 0 [pid 6343] mkdir("./file1", 0777 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./92/binderfs", [pid 6344] <... memfd_create resumed>) = 3 [pid 5865] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(3, "", [pid 6344] <... mmap resumed>) = 0x7f1864095000 [pid 6343] <... mkdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(3, "", [pid 5865] getdents64(3, [pid 6344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6343] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] unlink("./92/binderfs" [pid 5865] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... unlink resumed>) = 0 [pid 5867] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [ 191.521546][ T6343] loop4: detected capacity change from 0 to 1024 [pid 5864] rmdir("./92") = 0 [pid 5864] mkdir("./93", 0777 [pid 6343] <... mount resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6343] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6343] chdir("./file1") = 0 [pid 6343] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6343] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5867] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6344] <... write resumed>) = 524288 [pid 5867] newfstatat(AT_FDCWD, "./93/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(3) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./92/file1", [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6345 attached ) = -1 EINVAL (Invalid argument) [pid 6345] set_robust_list(0x5555593cd660, 24 [pid 6344] munmap(0x7f1864095000, 138412032 [pid 6343] <... link resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./92/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6344] <... munmap resumed>) = 0 [pid 6345] <... set_robust_list resumed>) = 0 [pid 6343] sync( [pid 5867] openat(AT_FDCWD, "./93/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 4 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6345 [pid 6344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6344] ioctl(4, LOOP_SET_FD, 3 [pid 5865] newfstatat(4, "", [pid 5867] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", [pid 5865] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6345] chdir("./93" [pid 5867] getdents64(4, [pid 5865] getdents64(4, [pid 6345] <... chdir resumed>) = 0 [pid 6345] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6345] <... prctl resumed>) = 0 [pid 5867] getdents64(4, [pid 5865] close(4 [pid 6345] setpgid(0, 0) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 6345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6344] <... ioctl resumed>) = 0 [pid 5867] close(4 [pid 5865] rmdir("./92/file1" [pid 6345] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6345] write(3, "1000", 4 [pid 5867] rmdir("./93/file1" [pid 6344] close(3 [pid 6345] <... write resumed>) = 4 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6345] close(3 [pid 5867] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6345] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6345] symlink("/dev/binderfs", "./binderfs" [pid 6344] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./92/binderfs", [pid 6344] close(4 [pid 6345] <... symlink resumed>) = 0 [pid 6344] <... close resumed>) = 0 [pid 6343] <... sync resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6344] mkdir("./file1", 0777) = 0 executing program [pid 6343] exit_group(0 [pid 5865] unlink("./92/binderfs" [pid 6345] write(1, "executing program\n", 18 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6345] <... write resumed>) = 18 [pid 5867] unlink("./93/binderfs" [pid 6345] memfd_create("syzkaller", 0 [ 191.666394][ T6344] loop2: detected capacity change from 0 to 1024 [pid 6344] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6343] <... exit_group resumed>) = ? [pid 5867] <... unlink resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 6345] <... memfd_create resumed>) = 3 [pid 6343] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6343, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] getdents64(3, [pid 6345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6345] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5868] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... openat resumed>) = 3 [pid 5867] close(3 [pid 5865] rmdir("./92" [pid 5868] newfstatat(3, "", [pid 5867] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] rmdir("./93" [pid 5865] mkdir("./93", 0777 [pid 6345] <... write resumed>) = 524288 [pid 5868] getdents64(3, [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] mkdir("./94", 0777 [pid 5865] <... openat resumed>) = 3 [pid 6345] munmap(0x7f1864095000, 138412032 [pid 6344] <... mount resumed>) = 0 [pid 5868] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... mkdir resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6345] <... munmap resumed>) = 0 [pid 6344] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... ioctl resumed>) = 0 [pid 6345] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] close(3 [pid 6345] <... openat resumed>) = 4 [pid 6344] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5865] <... close resumed>) = 0 [pid 6345] ioctl(4, LOOP_SET_FD, 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6344] chdir("./file1") = 0 [pid 6344] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6344] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"./strace-static-x86_64: Process 6346 attached [pid 6346] set_robust_list(0x5555593cd660, 24 [pid 6345] <... ioctl resumed>) = 0 [pid 6346] <... set_robust_list resumed>) = 0 [pid 6345] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 6345] <... close resumed>) = 0 [pid 5867] close(3 [pid 6345] close(4 [pid 5867] <... close resumed>) = 0 [pid 6346] chdir("./93" [pid 6345] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6346 [pid 6345] mkdir("./file1", 0777 [pid 6346] <... chdir resumed>) = 0 [pid 6345] <... mkdir resumed>) = 0 [pid 6344] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6346] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6345] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6347 attached [pid 6344] sync( [pid 6346] <... prctl resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6347 [pid 6347] set_robust_list(0x5555593cd660, 24 [pid 6346] setpgid(0, 0) = 0 [pid 6347] <... set_robust_list resumed>) = 0 [pid 5868] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6347] chdir("./94" [pid 6346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6347] <... chdir resumed>) = 0 [pid 6346] <... openat resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./96/file1", [pid 6346] write(3, "1000", 4) = 4 [pid 6347] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6347] <... prctl resumed>) = 0 [pid 6346] close(3 [ 191.799034][ T6345] loop0: detected capacity change from 0 to 1024 [pid 6347] setpgid(0, 0 [pid 5868] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6346] <... close resumed>) = 0 [pid 6346] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6347] <... setpgid resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./96/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... openat resumed>) = 4 [pid 5868] newfstatat(4, "", [pid 6347] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6346] <... symlink resumed>) = 0 [pid 6346] write(1, "executing program\n", 18 [pid 6347] write(3, "1000", 4 [pid 6346] <... write resumed>) = 18 [pid 5868] getdents64(4, [pid 6347] <... write resumed>) = 4 [pid 6346] memfd_create("syzkaller", 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6347] close(3 [pid 5868] getdents64(4, [pid 6347] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6347] symlink("/dev/binderfs", "./binderfs" [pid 6346] <... memfd_create resumed>) = 3 [pid 5868] close(4 [pid 6347] <... symlink resumed>) = 0 [pid 6346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6347] write(1, "executing program\n", 18 [pid 6346] <... mmap resumed>) = 0x7f1864095000 executing program [pid 5868] <... close resumed>) = 0 [pid 6347] <... write resumed>) = 18 [pid 6345] <... mount resumed>) = 0 [pid 6345] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] rmdir("./96/file1" [pid 6345] chdir("./file1" [pid 6347] memfd_create("syzkaller", 0 [pid 6345] <... chdir resumed>) = 0 [pid 6345] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... rmdir resumed>) = 0 [pid 6347] <... memfd_create resumed>) = 3 [pid 6346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6345] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6345] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6347] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./96/binderfs", [pid 6347] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./96/binderfs") = 0 [pid 5868] getdents64(3, [pid 6345] <... link resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6345] sync( [pid 5868] close(3 [pid 6347] <... write resumed>) = 524288 [pid 6346] <... write resumed>) = 524288 [pid 5868] <... close resumed>) = 0 [pid 6347] munmap(0x7f1864095000, 138412032 [pid 6346] munmap(0x7f1864095000, 138412032 [pid 5868] rmdir("./96" [pid 6347] <... munmap resumed>) = 0 [pid 6346] <... munmap resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5868] mkdir("./97", 0777 [pid 6347] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6346] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6347] <... openat resumed>) = 4 [pid 6347] ioctl(4, LOOP_SET_FD, 3 [pid 6346] <... openat resumed>) = 4 [pid 6346] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6347] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3 [pid 6347] close(3 [pid 6346] <... ioctl resumed>) = 0 [pid 6347] <... close resumed>) = 0 [pid 6346] close(3 [pid 6344] <... sync resumed>) = 0 [pid 6347] close(4 [pid 6346] <... close resumed>) = 0 [pid 6347] <... close resumed>) = 0 [pid 6346] close(4 [pid 6347] mkdir("./file1", 0777 [pid 6346] <... close resumed>) = 0 [pid 6344] exit_group(0 [pid 5868] <... close resumed>) = 0 [ 191.937982][ T6347] loop3: detected capacity change from 0 to 1024 [ 191.946879][ T6346] loop1: detected capacity change from 0 to 1024 [pid 6346] mkdir("./file1", 0777) = 0 [pid 6345] <... sync resumed>) = 0 [pid 6344] <... exit_group resumed>) = ? [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6347] <... mkdir resumed>) = 0 [pid 6345] exit_group(0) = ? [pid 6347] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6346] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6345] +++ exited with 0 +++ [pid 6344] +++ exited with 0 +++ ./strace-static-x86_64: Process 6348 attached [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6348 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6345, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6344, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6348] set_robust_list(0x5555593cd660, 24 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... restart_syscall resumed>) = 0 [pid 6348] <... set_robust_list resumed>) = 0 [pid 6348] chdir("./97" [pid 5866] <... restart_syscall resumed>) = 0 [pid 6348] <... chdir resumed>) = 0 [pid 6348] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6348] <... prctl resumed>) = 0 [pid 6348] setpgid(0, 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6348] <... setpgid resumed>) = 0 [pid 5866] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6347] <... mount resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6348] <... openat resumed>) = 3 [pid 6347] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6348] write(3, "1000", 4 [pid 6347] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6348] <... write resumed>) = 4 [pid 6347] chdir("./file1") = 0 [pid 6347] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... openat resumed>) = 3 [pid 6347] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6348] close(3 [pid 6347] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6346] <... mount resumed>) = 0 [pid 5866] getdents64(3, [pid 5864] newfstatat(3, "", [pid 6348] <... close resumed>) = 0 [pid 6346] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6348] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6348] <... symlink resumed>) = 0 [pid 6346] <... openat resumed>) = 3 [pid 5866] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(3, executing program [pid 6348] write(1, "executing program\n", 18 [pid 6346] chdir("./file1" [pid 6348] <... write resumed>) = 18 [pid 6346] <... chdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6348] memfd_create("syzkaller", 0 [pid 6346] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6348] <... memfd_create resumed>) = 3 [pid 6346] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6346] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6348] <... mmap resumed>) = 0x7f1864095000 [pid 6348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6347] <... link resumed>) = 0 [pid 6347] sync( [pid 6346] <... link resumed>) = 0 [pid 6346] sync( [pid 6348] munmap(0x7f1864095000, 138412032) = 0 [pid 6348] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6348] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6348] close(3) = 0 [pid 6348] close(4) = 0 [pid 6348] mkdir("./file1", 0777 [pid 5864] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6348] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./93/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6348] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] newfstatat(AT_FDCWD, "./92/file1", [pid 5864] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./93/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6347] <... sync resumed>) = 0 [pid 6346] <... sync resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6347] exit_group(0 [pid 6346] exit_group(0 [pid 5866] umount2("./92/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6347] <... exit_group resumed>) = ? [pid 6346] <... exit_group resumed>) = ? [ 192.119890][ T6348] loop4: detected capacity change from 0 to 1024 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(4, "", [pid 6348] <... mount resumed>) = 0 [pid 6347] +++ exited with 0 +++ [pid 6346] +++ exited with 0 +++ [pid 5866] openat(AT_FDCWD, "./92/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6348] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... openat resumed>) = 4 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6346, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6348] <... openat resumed>) = 3 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6347, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] newfstatat(4, "", [pid 6348] chdir("./file1" [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5864] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6348] <... chdir resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6348] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] getdents64(4, [pid 5864] getdents64(4, [pid 5865] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6348] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... openat resumed>) = 3 [pid 5864] close(4 [pid 6348] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(4, [pid 5864] <... close resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 5864] rmdir("./93/file1" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5867] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] close(4 [pid 5864] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 5865] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5864] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./92/file1" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] unlink("./93/binderfs" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... unlink resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./92/binderfs", [pid 5864] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] unlink("./92/binderfs" [pid 5864] close(3) = 0 [pid 5864] rmdir("./93" [pid 5866] <... unlink resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6348] <... link resumed>) = 0 [pid 5866] getdents64(3, [pid 6348] sync( [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] mkdir("./94", 0777 [pid 5866] close(3) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5866] rmdir("./92" [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5867] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] mkdir("./93", 0777 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 6348] <... sync resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] close(3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6348] exit_group(0 [pid 5867] newfstatat(AT_FDCWD, "./94/file1", [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6348] <... exit_group resumed>) = ? [pid 5867] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6348] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6348, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] newfstatat(AT_FDCWD, "./93/file1", [pid 5867] openat(AT_FDCWD, "./94/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555593cd650) = 6350 ./strace-static-x86_64: Process 6350 attached [pid 5867] <... openat resumed>) = 4 [pid 5866] close(3 [pid 5865] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(4, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6350] set_robust_list(0x5555593cd660, 24 [pid 5868] getdents64(3, [pid 6350] <... set_robust_list resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6350] chdir("./94" [pid 5868] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./93/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6350] <... chdir resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 6350] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] newfstatat(4, "", [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6350] <... prctl resumed>) = 0 [pid 5865] getdents64(4, [pid 6350] setpgid(0, 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6350] <... setpgid resumed>) = 0 [pid 5867] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6351 attached [pid 5867] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 6351] set_robust_list(0x5555593cd660, 24 [pid 6350] <... openat resumed>) = 3 [pid 5867] rmdir("./94/file1" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6351 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6350] write(3, "1000", 4) = 4 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] close(4 [pid 5867] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 6350] close(3) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] rmdir("./93/file1" [pid 6350] symlink("/dev/binderfs", "./binderfs"executing program [pid 6351] <... set_robust_list resumed>) = 0 [pid 6350] <... symlink resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5865] <... rmdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6351] chdir("./93" [pid 5867] unlink("./94/binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6351] <... chdir resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./93/binderfs", [pid 6351] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6350] write(1, "executing program\n", 18) = 18 [pid 6350] memfd_create("syzkaller", 0 [pid 6351] <... prctl resumed>) = 0 [pid 5867] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6351] setpgid(0, 0 [pid 6350] <... memfd_create resumed>) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6351] <... setpgid resumed>) = 0 [pid 6350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] unlink("./93/binderfs" [pid 6351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] close(3 [pid 6351] <... openat resumed>) = 3 [pid 6350] <... mmap resumed>) = 0x7f1864095000 [pid 5868] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 6350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] getdents64(3, [pid 5867] rmdir("./94" [pid 6351] write(3, "1000", 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./97/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6351] <... write resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... rmdir resumed>) = 0 [pid 6351] close(3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] openat(AT_FDCWD, "./97/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6351] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5865] close(3 [pid 5868] newfstatat(4, "", [pid 6351] symlink("/dev/binderfs", "./binderfs" [pid 5867] mkdir("./95", 0777 [pid 5865] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] rmdir("./93" [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4executing program [pid 5865] <... rmdir resumed>) = 0 [pid 6351] <... symlink resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6351] write(1, "executing program\n", 18 [pid 5865] mkdir("./94", 0777 [pid 5868] rmdir("./97/file1" [pid 6351] <... write resumed>) = 18 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... mkdir resumed>) = 0 [pid 6351] memfd_create("syzkaller", 0 [pid 5868] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6351] <... memfd_create resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] <... openat resumed>) = 3 [pid 5867] <... ioctl resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6351] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] close(3 [pid 5865] <... ioctl resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5865] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] unlink("./97/binderfs") = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6352 attached [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6352 [pid 5868] close(3) = 0 [pid 5868] rmdir("./97" [pid 6352] set_robust_list(0x5555593cd660, 24 [pid 6351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6350] <... write resumed>) = 524288 [pid 5868] <... rmdir resumed>) = 0 [pid 6352] <... set_robust_list resumed>) = 0 [pid 6350] munmap(0x7f1864095000, 138412032 [pid 5868] mkdir("./98", 0777 [pid 6352] chdir("./94" [pid 5868] <... mkdir resumed>) = 0 [pid 6352] <... chdir resumed>) = 0 [pid 6350] <... munmap resumed>) = 0 [pid 6352] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6353 attached ) = 0 [pid 6351] <... write resumed>) = 524288 [pid 6350] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6352] setpgid(0, 0) = 0 [pid 6350] <... openat resumed>) = 4 [pid 6353] set_robust_list(0x5555593cd660, 24 [pid 6352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6350] ioctl(4, LOOP_SET_FD, 3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6353 [pid 6353] <... set_robust_list resumed>) = 0 [pid 6352] <... openat resumed>) = 3 [pid 6350] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6353] chdir("./95" [pid 5868] <... ioctl resumed>) = 0 [pid 6353] <... chdir resumed>) = 0 [pid 6352] write(3, "1000", 4 [pid 6351] munmap(0x7f1864095000, 138412032 [pid 6350] close(3 [pid 5868] close(3 [pid 6350] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6350] close(4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6350] <... close resumed>) = 0 ./strace-static-x86_64: Process 6354 attached [pid 6353] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6352] <... write resumed>) = 4 [pid 6351] <... munmap resumed>) = 0 [pid 6354] set_robust_list(0x5555593cd660, 24 [pid 6353] <... prctl resumed>) = 0 [pid 6352] close(3 [pid 6351] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6354] <... set_robust_list resumed>) = 0 [pid 6353] setpgid(0, 0 [pid 6352] <... close resumed>) = 0 [pid 6351] <... openat resumed>) = 4 [pid 6350] mkdir("./file1", 0777 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6354 [pid 6354] chdir("./98" [pid 6353] <... setpgid resumed>) = 0 [pid 6352] symlink("/dev/binderfs", "./binderfs" [pid 6351] ioctl(4, LOOP_SET_FD, 3executing program [pid 6354] <... chdir resumed>) = 0 [pid 6353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6352] <... symlink resumed>) = 0 [pid 6351] <... ioctl resumed>) = 0 [pid 6350] <... mkdir resumed>) = 0 [pid 6354] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6352] write(1, "executing program\n", 18 [pid 6354] <... prctl resumed>) = 0 [pid 6353] <... openat resumed>) = 3 [pid 6352] <... write resumed>) = 18 [pid 6351] close(3 [pid 6354] setpgid(0, 0 [pid 6350] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6352] memfd_create("syzkaller", 0 [pid 6354] <... setpgid resumed>) = 0 [pid 6351] <... close resumed>) = 0 [pid 6354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6353] write(3, "1000", 4 [pid 6352] <... memfd_create resumed>) = 3 [pid 6351] close(4 [pid 6354] <... openat resumed>) = 3 [pid 6353] <... write resumed>) = 4 [pid 6352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6353] close(3 [pid 6352] <... mmap resumed>) = 0x7f1864095000 [pid 6353] <... close resumed>) = 0 [pid 6354] write(3, "1000", 4 [pid 6353] symlink("/dev/binderfs", "./binderfs" [pid 6354] <... write resumed>) = 4 [pid 6353] <... symlink resumed>) = 0 [pid 6351] <... close resumed>) = 0 [pid 6354] close(3 [pid 6351] mkdir("./file1", 0777 [pid 6354] <... close resumed>) = 0 executing program [pid 6353] write(1, "executing program\n", 18 [pid 6352] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6351] <... mkdir resumed>) = 0 [pid 6354] symlink("/dev/binderfs", "./binderfs" [pid 6353] <... write resumed>) = 18 [pid 6354] <... symlink resumed>) = 0 [pid 6353] memfd_create("syzkaller", 0 [pid 6350] <... mount resumed>) = 0 [pid 6351] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6350] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORYexecuting program [pid 6354] write(1, "executing program\n", 18 [pid 6350] <... openat resumed>) = 3 [pid 6354] <... write resumed>) = 18 [pid 6353] <... memfd_create resumed>) = 3 [pid 6350] chdir("./file1" [ 192.481642][ T6350] loop0: detected capacity change from 0 to 1024 [ 192.522132][ T6351] loop2: detected capacity change from 0 to 1024 [pid 6353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6350] <... chdir resumed>) = 0 [pid 6354] memfd_create("syzkaller", 0 [pid 6353] <... mmap resumed>) = 0x7f1864095000 [pid 6352] <... write resumed>) = 524288 [pid 6350] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6354] <... memfd_create resumed>) = 3 [pid 6350] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6350] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6354] <... mmap resumed>) = 0x7f1864095000 [pid 6352] munmap(0x7f1864095000, 138412032 [pid 6351] <... mount resumed>) = 0 [pid 6354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6352] <... munmap resumed>) = 0 [pid 6351] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6352] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6354] <... write resumed>) = 524288 [pid 6352] <... openat resumed>) = 4 [pid 6351] chdir("./file1" [pid 6354] munmap(0x7f1864095000, 138412032 [pid 6352] ioctl(4, LOOP_SET_FD, 3 [pid 6351] <... chdir resumed>) = 0 [pid 6351] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6350] <... link resumed>) = 0 [pid 6353] <... write resumed>) = 524288 [pid 6351] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6350] sync( [pid 6354] <... munmap resumed>) = 0 [pid 6353] munmap(0x7f1864095000, 138412032 [pid 6351] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6353] <... munmap resumed>) = 0 [pid 6354] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6353] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6352] <... ioctl resumed>) = 0 [pid 6353] <... openat resumed>) = 4 [pid 6353] ioctl(4, LOOP_SET_FD, 3 [pid 6352] close(3 [pid 6354] <... openat resumed>) = 4 [pid 6352] <... close resumed>) = 0 [pid 6354] ioctl(4, LOOP_SET_FD, 3 [pid 6353] <... ioctl resumed>) = 0 [ 192.608575][ T6352] loop1: detected capacity change from 0 to 1024 [ 192.641268][ T6353] loop3: detected capacity change from 0 to 1024 [pid 6352] close(4 [pid 6354] <... ioctl resumed>) = 0 [pid 6353] close(3 [pid 6352] <... close resumed>) = 0 [pid 6353] <... close resumed>) = 0 [pid 6352] mkdir("./file1", 0777 [pid 6353] close(4 [pid 6352] <... mkdir resumed>) = 0 [pid 6354] close(3 [pid 6353] <... close resumed>) = 0 [pid 6352] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6351] <... link resumed>) = 0 [pid 6354] <... close resumed>) = 0 [pid 6353] mkdir("./file1", 0777 [pid 6351] sync( [pid 6354] close(4 [pid 6353] <... mkdir resumed>) = 0 [pid 6354] <... close resumed>) = 0 [ 192.652402][ T6354] loop4: detected capacity change from 0 to 1024 [pid 6353] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6354] mkdir("./file1", 0777) = 0 [pid 6354] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6352] <... mount resumed>) = 0 [pid 6354] <... mount resumed>) = 0 [pid 6352] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6354] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6352] <... openat resumed>) = 3 [pid 6354] <... openat resumed>) = 3 [pid 6354] chdir("./file1" [pid 6352] chdir("./file1" [pid 6354] <... chdir resumed>) = 0 [pid 6353] <... mount resumed>) = 0 [pid 6354] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6353] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6352] <... chdir resumed>) = 0 [pid 6354] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6353] <... openat resumed>) = 3 [pid 6352] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6353] chdir("./file1") = 0 [pid 6353] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6352] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6353] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6352] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6350] <... sync resumed>) = 0 [pid 6350] exit_group(0 [pid 6354] <... link resumed>) = 0 [pid 6353] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6350] <... exit_group resumed>) = ? [pid 6354] sync( [pid 6351] <... sync resumed>) = 0 [pid 6353] <... link resumed>) = 0 [pid 6351] exit_group(0 [pid 6350] +++ exited with 0 +++ [pid 6351] <... exit_group resumed>) = ? [pid 6353] sync( [pid 6351] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6351, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6350, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5864] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6352] <... link resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6352] sync( [pid 5864] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 5864] <... umount2 resumed>) = 0 [pid 6354] <... sync resumed>) = 0 [pid 6353] <... sync resumed>) = 0 [pid 6352] <... sync resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6354] exit_group(0 [pid 6353] exit_group(0 [pid 5864] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6353] <... exit_group resumed>) = ? [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] newfstatat(AT_FDCWD, "./94/file1", [pid 6354] <... exit_group resumed>) = ? [pid 6353] +++ exited with 0 +++ [pid 6352] exit_group(0 [pid 5866] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6353, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6352] <... exit_group resumed>) = ? [pid 5864] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6354] +++ exited with 0 +++ [pid 6352] +++ exited with 0 +++ [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6354, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] <... restart_syscall resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6352, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] openat(AT_FDCWD, "./94/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 5867] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 5868] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 5864] getdents64(4, [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] newfstatat(3, "", [pid 5865] getdents64(3, [pid 5864] close(4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... close resumed>) = 0 [pid 5867] getdents64(3, [pid 5868] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./94/file1" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 5867] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./94/binderfs") = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./94") = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5864] mkdir("./95", 0777) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5868] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./95/file1", [pid 5868] newfstatat(AT_FDCWD, "./98/file1", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./93/file1", [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6355 ./strace-static-x86_64: Process 6355 attached [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6355] set_robust_list(0x5555593cd660, 24 [pid 5868] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./93/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6355] <... set_robust_list resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./94/file1", [pid 6355] chdir("./95" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6355] <... chdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./98/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6355] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] openat(AT_FDCWD, "./93/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6355] <... prctl resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./95/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6355] setpgid(0, 0 [pid 5868] newfstatat(4, "", [pid 5867] <... openat resumed>) = 4 [pid 5866] newfstatat(4, "", [pid 5865] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6355] <... setpgid resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./94/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5865] <... openat resumed>) = 4 [pid 6355] <... openat resumed>) = 3 [pid 5868] getdents64(4, [pid 5867] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] newfstatat(4, "", [pid 6355] write(3, "1000", 4 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6355] <... write resumed>) = 4 [pid 5868] close(4 [pid 5867] close(4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 6355] close(3 [pid 5868] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] close(4 [pid 6355] <... close resumed>) = 0 [pid 5868] rmdir("./98/file1" [pid 5867] rmdir("./95/file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6355] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 5866] rmdir("./93/file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4) = 0 [pid 5865] rmdir("./94/file1" [pid 6355] <... symlink resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 executing program [pid 5868] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6355] write(1, "executing program\n", 18 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./95/binderfs", [pid 6355] <... write resumed>) = 18 [pid 5868] newfstatat(AT_FDCWD, "./98/binderfs", [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 6355] memfd_create("syzkaller", 0 [pid 5867] unlink("./95/binderfs" [pid 5865] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6355] <... memfd_create resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] unlink("./98/binderfs" [pid 5867] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./94/binderfs", [pid 6355] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] unlink("./93/binderfs" [pid 5867] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] unlink("./94/binderfs" [pid 5867] rmdir("./95" [pid 5865] <... unlink resumed>) = 0 [pid 5868] getdents64(3, [pid 5866] <... unlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] getdents64(3, [pid 5868] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] mkdir("./96", 0777 [pid 5866] close(3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] rmdir("./98" [pid 5866] <... close resumed>) = 0 [pid 5865] close(3 [pid 5867] <... mkdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] rmdir("./93" [pid 5865] rmdir("./94" [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] mkdir("./99", 0777 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5865] mkdir("./95", 0777 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5866] mkdir("./94", 0777 [pid 5865] <... mkdir resumed>) = 0 [pid 6355] <... write resumed>) = 524288 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] close(3 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 6355] munmap(0x7f1864095000, 138412032 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... openat resumed>) = 3 [pid 6355] <... munmap resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5868] close(3 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 6357 attached [pid 6355] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... ioctl resumed>) = 0 [pid 6357] set_robust_list(0x5555593cd660, 24 [pid 5865] close(3 [pid 6357] <... set_robust_list resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6357 [pid 5865] <... close resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6357] chdir("./96" [pid 5866] <... ioctl resumed>) = 0 [pid 5866] close(3./strace-static-x86_64: Process 6358 attached ) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6359 attached [pid 6355] <... openat resumed>) = 4 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6358 [pid 6358] set_robust_list(0x5555593cd660, 24 [pid 6355] ioctl(4, LOOP_SET_FD, 3 [pid 6358] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6359 [pid 6358] chdir("./95" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6360 attached [pid 6359] set_robust_list(0x5555593cd660, 24 [pid 6358] <... chdir resumed>) = 0 [pid 6357] <... chdir resumed>) = 0 [pid 6359] <... set_robust_list resumed>) = 0 [pid 6358] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6357] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6360 [pid 6360] set_robust_list(0x5555593cd660, 24 [pid 6359] chdir("./94" [pid 6358] <... prctl resumed>) = 0 [pid 6357] <... prctl resumed>) = 0 [pid 6360] <... set_robust_list resumed>) = 0 [pid 6359] <... chdir resumed>) = 0 [pid 6358] setpgid(0, 0 [pid 6357] setpgid(0, 0 [pid 6360] chdir("./99" [pid 6359] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6355] <... ioctl resumed>) = 0 [pid 6360] <... chdir resumed>) = 0 [pid 6359] <... prctl resumed>) = 0 [pid 6355] close(3 [pid 6360] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6359] setpgid(0, 0 [pid 6355] <... close resumed>) = 0 [pid 6360] <... prctl resumed>) = 0 [pid 6359] <... setpgid resumed>) = 0 [pid 6358] <... setpgid resumed>) = 0 [pid 6357] <... setpgid resumed>) = 0 [pid 6355] close(4 [pid 6360] setpgid(0, 0 [pid 6359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6355] <... close resumed>) = 0 [pid 6360] <... setpgid resumed>) = 0 [pid 6359] <... openat resumed>) = 3 [pid 6358] <... openat resumed>) = 3 [pid 6357] <... openat resumed>) = 3 [pid 6357] write(3, "1000", 4) = 4 [pid 6360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6359] write(3, "1000", 4 [pid 6358] write(3, "1000", 4 [pid 6357] close(3 [pid 6355] mkdir("./file1", 0777 [pid 6360] <... openat resumed>) = 3 [pid 6359] <... write resumed>) = 4 [pid 6360] write(3, "1000", 4 [pid 6357] <... close resumed>) = 0 [pid 6355] <... mkdir resumed>) = 0 [pid 6360] <... write resumed>) = 4 [pid 6359] close(3 [pid 6358] <... write resumed>) = 4 [pid 6357] symlink("/dev/binderfs", "./binderfs" [pid 6359] <... close resumed>) = 0 [pid 6358] close(3 [pid 6357] <... symlink resumed>) = 0 [pid 6360] close(3 [pid 6359] symlink("/dev/binderfs", "./binderfs" [pid 6358] <... close resumed>) = 0 [pid 6355] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6360] <... close resumed>) = 0 [pid 6359] <... symlink resumed>) = 0 [pid 6360] symlink("/dev/binderfs", "./binderfs" [pid 6359] write(1, "executing program\n", 18executing program executing program [pid 6360] <... symlink resumed>) = 0 [pid 6358] symlink("/dev/binderfs", "./binderfs" [pid 6360] write(1, "executing program\n", 18 [pid 6359] <... write resumed>) = 18 [pid 6358] <... symlink resumed>) = 0 [pid 6357] write(1, "executing program\n", 18 [pid 6360] <... write resumed>) = 18 [pid 6359] memfd_create("syzkaller", 0 [pid 6358] write(1, "executing program\n", 18executing program executing program [pid 6360] memfd_create("syzkaller", 0 [pid 6359] <... memfd_create resumed>) = 3 [pid 6358] <... write resumed>) = 18 [pid 6357] <... write resumed>) = 18 [pid 6359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6358] memfd_create("syzkaller", 0 [pid 6359] <... mmap resumed>) = 0x7f1864095000 [ 193.217518][ T6355] loop0: detected capacity change from 0 to 1024 [pid 6358] <... memfd_create resumed>) = 3 [pid 6360] <... memfd_create resumed>) = 3 [pid 6357] memfd_create("syzkaller", 0 [pid 6360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6360] <... mmap resumed>) = 0x7f1864095000 [pid 6357] <... memfd_create resumed>) = 3 [pid 6359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6358] <... mmap resumed>) = 0x7f1864095000 [pid 6357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6360] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6357] <... mmap resumed>) = 0x7f1864095000 [pid 6355] <... mount resumed>) = 0 [pid 6359] <... write resumed>) = 524288 [pid 6357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6355] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6358] <... write resumed>) = 524288 [pid 6355] <... openat resumed>) = 3 [pid 6355] chdir("./file1") = 0 [pid 6355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6355] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6360] <... write resumed>) = 524288 [pid 6359] munmap(0x7f1864095000, 138412032) = 0 [pid 6359] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6359] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6358] munmap(0x7f1864095000, 138412032 [pid 6355] <... link resumed>) = 0 [pid 6359] close(3 [pid 6358] <... munmap resumed>) = 0 [pid 6359] <... close resumed>) = 0 [pid 6359] close(4 [pid 6358] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6359] <... close resumed>) = 0 [pid 6358] <... openat resumed>) = 4 [pid 6360] munmap(0x7f1864095000, 138412032 [pid 6359] mkdir("./file1", 0777 [pid 6358] ioctl(4, LOOP_SET_FD, 3 [pid 6357] <... write resumed>) = 524288 [pid 6360] <... munmap resumed>) = 0 [pid 6359] <... mkdir resumed>) = 0 [pid 6358] <... ioctl resumed>) = 0 [pid 6355] sync( [pid 6359] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6358] close(3) = 0 [pid 6360] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6358] close(4 [pid 6360] <... openat resumed>) = 4 [pid 6358] <... close resumed>) = 0 [pid 6357] munmap(0x7f1864095000, 138412032 [pid 6360] ioctl(4, LOOP_SET_FD, 3 [pid 6358] mkdir("./file1", 0777 [pid 6357] <... munmap resumed>) = 0 [pid 6360] <... ioctl resumed>) = 0 [pid 6358] <... mkdir resumed>) = 0 [pid 6357] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6357] ioctl(4, LOOP_SET_FD, 3) = 0 [ 193.352780][ T6359] loop2: detected capacity change from 0 to 1024 [ 193.369131][ T6358] loop1: detected capacity change from 0 to 1024 [ 193.399209][ T6360] loop4: detected capacity change from 0 to 1024 [pid 6360] close(3) = 0 [pid 6359] <... mount resumed>) = 0 [pid 6357] close(3 [pid 6360] close(4 [pid 6359] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6358] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6360] <... close resumed>) = 0 [pid 6359] <... openat resumed>) = 3 [pid 6357] <... close resumed>) = 0 [pid 6360] mkdir("./file1", 0777 [pid 6359] chdir("./file1" [pid 6357] close(4 [pid 6360] <... mkdir resumed>) = 0 [pid 6359] <... chdir resumed>) = 0 [pid 6357] <... close resumed>) = 0 [pid 6355] <... sync resumed>) = 0 [pid 6359] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6357] mkdir("./file1", 0777 [pid 6355] exit_group(0 [pid 6360] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6358] <... mount resumed>) = 0 [pid 6357] <... mkdir resumed>) = 0 [pid 6355] <... exit_group resumed>) = ? [pid 6358] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6357] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6359] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6358] <... openat resumed>) = 3 [ 193.416510][ T6357] loop3: detected capacity change from 0 to 1024 [pid 6359] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6358] chdir("./file1" [pid 6355] +++ exited with 0 +++ [pid 6358] <... chdir resumed>) = 0 [pid 6358] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6355, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6358] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6358] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5864] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6360] <... mount resumed>) = 0 [pid 6357] <... mount resumed>) = 0 [pid 6360] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6357] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6360] <... openat resumed>) = 3 [pid 6358] <... link resumed>) = 0 [pid 6357] chdir("./file1" [pid 6360] chdir("./file1" [pid 6359] <... link resumed>) = 0 [pid 6358] sync( [pid 6357] <... chdir resumed>) = 0 [pid 6360] <... chdir resumed>) = 0 [pid 6359] sync( [pid 6357] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6360] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6357] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6360] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6357] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... umount2 resumed>) = 0 [pid 5864] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./95/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6360] <... link resumed>) = 0 [pid 6360] sync( [pid 6357] <... link resumed>) = 0 [pid 6357] sync( [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./95/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6358] <... sync resumed>) = 0 [pid 5864] getdents64(4, [pid 6359] <... sync resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6359] exit_group(0 [pid 6358] exit_group(0 [pid 5864] getdents64(4, [pid 6360] <... sync resumed>) = 0 [pid 6359] <... exit_group resumed>) = ? [pid 6358] <... exit_group resumed>) = ? [pid 6357] <... sync resumed>) = 0 [pid 6360] exit_group(0 [pid 6357] exit_group(0 [pid 6360] <... exit_group resumed>) = ? [pid 6357] <... exit_group resumed>) = ? [pid 6360] +++ exited with 0 +++ [pid 6359] +++ exited with 0 +++ [pid 6358] +++ exited with 0 +++ [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6359, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5864] close(4 [pid 6357] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6360, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] <... close resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6358, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] rmdir("./95/file1" [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... rmdir resumed>) = 0 [pid 5866] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6357, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... restart_syscall resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5864] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5868] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] newfstatat(3, "", [pid 5864] unlink("./95/binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5864] <... unlink resumed>) = 0 [pid 5867] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] getdents64(3, [pid 5868] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] close(3 [pid 5867] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./95" [pid 5867] newfstatat(3, "", [pid 5864] <... rmdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 5864] mkdir("./96", 0777 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... mkdir resumed>) = 0 [pid 5867] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./95/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./95/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6363 [pid 5865] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... close resumed>) = 0 ./strace-static-x86_64: Process 6363 attached [pid 5865] rmdir("./95/file1") = 0 [pid 6363] set_robust_list(0x5555593cd660, 24) = 0 [pid 6363] chdir("./96" [pid 5866] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] <... chdir resumed>) = 0 [pid 5865] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] newfstatat(AT_FDCWD, "./95/binderfs", [pid 6363] setpgid(0, 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6363] <... setpgid resumed>) = 0 [pid 6363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5865] unlink("./95/binderfs") = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6363] write(3, "1000", 4) = 4 [pid 5865] <... close resumed>) = 0 [pid 6363] close(3 [pid 5865] rmdir("./95" [pid 6363] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./94/file1", [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6363] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5868] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = 0 [pid 5866] umount2("./94/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] write(1, "executing program\n", 18 [pid 5865] mkdir("./96", 0777 [pid 6363] <... write resumed>) = 18 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... mkdir resumed>) = 0 [pid 6363] memfd_create("syzkaller", 0 [pid 5866] openat(AT_FDCWD, "./94/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] newfstatat(AT_FDCWD, "./99/file1", [pid 6363] <... memfd_create resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5868] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(4, "", [pid 5865] <... ioctl resumed>) = 0 [pid 6363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] close(3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./96/file1", [pid 5868] openat(AT_FDCWD, "./99/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6363] <... mmap resumed>) = 0x7f1864095000 [pid 5868] newfstatat(4, "", [pid 5866] getdents64(4, [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(4, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(4 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] openat(AT_FDCWD, "./96/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 ./strace-static-x86_64: Process 6364 attached [pid 5868] getdents64(4, [pid 5867] <... openat resumed>) = 4 [pid 5866] rmdir("./94/file1" [pid 6364] set_robust_list(0x5555593cd660, 24 [pid 5867] newfstatat(4, "", [pid 6364] <... set_robust_list resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6364 [pid 5868] close(4 [pid 5867] getdents64(4, [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6364] chdir("./96" [pid 6363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] rmdir("./99/file1" [pid 5867] getdents64(4, [pid 5866] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6364] <... chdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6364] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] close(4 [pid 6364] <... prctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6364] setpgid(0, 0 [pid 5868] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] rmdir("./96/file1" [pid 5866] newfstatat(AT_FDCWD, "./94/binderfs", [pid 6364] <... setpgid resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5867] <... rmdir resumed>) = 0 [pid 6364] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] unlink("./94/binderfs" [pid 6364] write(3, "1000", 4 [pid 5868] unlink("./99/binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... unlink resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./96/binderfs", [pid 6364] <... write resumed>) = 4 [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] getdents64(3, [pid 6364] close(3) = 0 [pid 6363] <... write resumed>) = 524288 [pid 5868] getdents64(3, [pid 5867] unlink("./96/binderfs" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6364] symlink("/dev/binderfs", "./binderfs" [pid 6363] munmap(0x7f1864095000, 138412032 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] close(3 [pid 5868] close(3 [pid 5866] <... close resumed>) = 0 [pid 6364] <... symlink resumed>) = 0 [pid 6363] <... munmap resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] rmdir("./94" executing program [pid 6364] write(1, "executing program\n", 18 [pid 6363] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] rmdir("./99" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6364] <... write resumed>) = 18 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] close(3 [pid 6364] memfd_create("syzkaller", 0 [pid 6363] <... openat resumed>) = 4 [pid 5868] mkdir("./100", 0777 [pid 5867] <... close resumed>) = 0 [pid 6364] <... memfd_create resumed>) = 3 [pid 6363] ioctl(4, LOOP_SET_FD, 3 [pid 5867] rmdir("./96" [pid 5866] mkdir("./95", 0777 [pid 6364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6363] <... ioctl resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6364] <... mmap resumed>) = 0x7f1864095000 [pid 6363] close(3 [pid 5867] mkdir("./97", 0777 [pid 6364] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6363] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... openat resumed>) = 3 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6363] close(4 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5866] close(3 [pid 6363] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6364] <... write resumed>) = 524288 [pid 6363] mkdir("./file1", 0777 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6364] munmap(0x7f1864095000, 138412032 [pid 6363] <... mkdir resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6364] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6366 attached [pid 6363] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6367 attached [ 193.895948][ T6363] loop0: detected capacity change from 0 to 1024 [pid 6367] set_robust_list(0x5555593cd660, 24 [pid 6364] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6367 [pid 6367] <... set_robust_list resumed>) = 0 [pid 6367] chdir("./100" [pid 6366] set_robust_list(0x5555593cd660, 24 [pid 6364] <... openat resumed>) = 4 [pid 5866] <... close resumed>) = 0 [pid 6367] <... chdir resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6366 [pid 6367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6366] <... set_robust_list resumed>) = 0 [pid 6364] ioctl(4, LOOP_SET_FD, 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6367] setpgid(0, 0 [pid 6366] chdir("./97" [pid 6367] <... setpgid resumed>) = 0 [pid 6367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6364] <... ioctl resumed>) = 0 [pid 6367] <... openat resumed>) = 3 [pid 6366] <... chdir resumed>) = 0 [pid 6367] write(3, "1000", 4 [pid 6366] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6364] close(3 [pid 6366] <... prctl resumed>) = 0 [pid 6364] <... close resumed>) = 0 [pid 6366] setpgid(0, 0 [pid 6364] close(4 [pid 6366] <... setpgid resumed>) = 0 [pid 6364] <... close resumed>) = 0 [pid 6366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6364] mkdir("./file1", 0777 [pid 6367] <... write resumed>) = 4 [pid 6364] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6368 attached [pid 6366] <... openat resumed>) = 3 [pid 6367] close(3 [pid 6366] write(3, "1000", 4 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6368 [pid 6367] <... close resumed>) = 0 [pid 6366] <... write resumed>) = 4 [pid 6368] set_robust_list(0x5555593cd660, 24 [pid 6367] symlink("/dev/binderfs", "./binderfs" [pid 6366] close(3 [pid 6364] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6363] <... mount resumed>) = 0 [pid 6368] <... set_robust_list resumed>) = 0 [pid 6367] <... symlink resumed>) = 0 [pid 6366] <... close resumed>) = 0 [pid 6368] chdir("./95" [pid 6366] symlink("/dev/binderfs", "./binderfs" [pid 6363] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6368] <... chdir resumed>) = 0 [pid 6367] write(1, "executing program\n", 18 [pid 6366] <... symlink resumed>) = 0 [pid 6363] <... openat resumed>) = 3 [pid 6368] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program [pid 6363] chdir("./file1" [pid 6368] <... prctl resumed>) = 0 executing program [pid 6367] <... write resumed>) = 18 [pid 6366] write(1, "executing program\n", 18 [pid 6363] <... chdir resumed>) = 0 [pid 6368] setpgid(0, 0 [pid 6367] memfd_create("syzkaller", 0 [pid 6366] <... write resumed>) = 18 [pid 6363] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6368] <... setpgid resumed>) = 0 [pid 6367] <... memfd_create resumed>) = 3 [pid 6366] memfd_create("syzkaller", 0 [pid 6363] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6366] <... memfd_create resumed>) = 3 [pid 6364] <... mount resumed>) = 0 [pid 6363] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6368] <... openat resumed>) = 3 [ 193.980847][ T6364] loop1: detected capacity change from 0 to 1024 [pid 6367] <... mmap resumed>) = 0x7f1864095000 [pid 6366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6368] write(3, "1000", 4 [pid 6367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6364] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6368] <... write resumed>) = 4 [pid 6364] <... openat resumed>) = 3 [pid 6368] close(3 [pid 6364] chdir("./file1" [pid 6368] <... close resumed>) = 0 [pid 6366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6364] <... chdir resumed>) = 0 [pid 6368] symlink("/dev/binderfs", "./binderfs" [pid 6364] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6368] <... symlink resumed>) = 0 [pid 6364] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6364] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6368] write(1, "executing program\n", 18executing program ) = 18 [pid 6367] <... write resumed>) = 524288 [pid 6368] memfd_create("syzkaller", 0 [pid 6363] <... link resumed>) = 0 [pid 6368] <... memfd_create resumed>) = 3 [pid 6363] sync( [pid 6368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6367] munmap(0x7f1864095000, 138412032 [pid 6366] <... write resumed>) = 524288 [pid 6364] <... link resumed>) = 0 [pid 6366] munmap(0x7f1864095000, 138412032 [pid 6364] sync( [pid 6367] <... munmap resumed>) = 0 [pid 6366] <... munmap resumed>) = 0 [pid 6368] <... write resumed>) = 524288 [pid 6367] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6366] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6367] <... openat resumed>) = 4 [pid 6366] <... openat resumed>) = 4 [pid 6367] ioctl(4, LOOP_SET_FD, 3 [pid 6366] ioctl(4, LOOP_SET_FD, 3 [pid 6367] <... ioctl resumed>) = 0 [pid 6366] <... ioctl resumed>) = 0 [pid 6367] close(3 [pid 6366] close(3 [pid 6367] <... close resumed>) = 0 [pid 6366] <... close resumed>) = 0 [pid 6367] close(4 [pid 6366] close(4 [pid 6368] munmap(0x7f1864095000, 138412032 [pid 6367] <... close resumed>) = 0 [pid 6367] mkdir("./file1", 0777) = 0 [pid 6368] <... munmap resumed>) = 0 [pid 6366] <... close resumed>) = 0 [pid 6364] <... sync resumed>) = 0 [pid 6363] <... sync resumed>) = 0 [pid 6367] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6368] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6366] mkdir("./file1", 0777 [pid 6364] exit_group(0 [pid 6363] exit_group(0 [pid 6368] <... openat resumed>) = 4 [pid 6366] <... mkdir resumed>) = 0 [pid 6364] <... exit_group resumed>) = ? [pid 6363] <... exit_group resumed>) = ? [pid 6368] ioctl(4, LOOP_SET_FD, 3 [pid 6366] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6368] <... ioctl resumed>) = 0 [pid 6363] +++ exited with 0 +++ [pid 6367] <... mount resumed>) = 0 [pid 6368] close(3 [pid 6367] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6364] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6363, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6364, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6368] <... close resumed>) = 0 [pid 6367] <... openat resumed>) = 3 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6368] close(4 [pid 6367] chdir("./file1" [pid 6368] <... close resumed>) = 0 [pid 6367] <... chdir resumed>) = 0 [pid 6368] mkdir("./file1", 0777) = 0 [pid 6367] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6368] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6367] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6366] <... mount resumed>) = 0 [pid 6367] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6366] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6366] <... openat resumed>) = 3 [ 194.175192][ T6367] loop4: detected capacity change from 0 to 1024 [ 194.176441][ T6366] loop3: detected capacity change from 0 to 1024 [ 194.213485][ T6368] loop2: detected capacity change from 0 to 1024 [pid 5865] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6366] chdir("./file1" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 3 [pid 6366] <... chdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] newfstatat(3, "", [pid 6366] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6366] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 6368] <... mount resumed>) = 0 [pid 6366] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] newfstatat(3, "", [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6368] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6368] <... openat resumed>) = 3 [pid 5865] getdents64(3, [pid 5864] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6368] chdir("./file1" [pid 6367] <... link resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6368] <... chdir resumed>) = 0 [pid 5865] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6368] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6367] sync( [pid 6368] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6366] <... link resumed>) = 0 [pid 6366] sync( [pid 6368] <... link resumed>) = 0 [pid 6368] sync( [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5864] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./96/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./96/file1", [pid 5864] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./96/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./96/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", [pid 5865] newfstatat(4, "", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5864] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 5865] close(4 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./96/file1") = 0 [pid 5864] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./96/binderfs" [pid 5865] <... close resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5865] rmdir("./96/file1" [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./96") = 0 [pid 5864] mkdir("./97", 0777 [pid 6368] <... sync resumed>) = 0 [pid 6367] <... sync resumed>) = 0 [pid 6366] <... sync resumed>) = 0 [pid 5865] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6368] exit_group(0 [pid 6367] exit_group(0 [pid 6366] exit_group(0 [pid 5864] <... mkdir resumed>) = 0 [pid 6368] <... exit_group resumed>) = ? [pid 6367] <... exit_group resumed>) = ? [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6368] +++ exited with 0 +++ [pid 6367] +++ exited with 0 +++ [pid 6366] <... exit_group resumed>) = ? [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6368, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] <... openat resumed>) = 3 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6366] +++ exited with 0 +++ [pid 5865] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5864] <... ioctl resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6366, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6367, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... restart_syscall resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5865] unlink("./96/binderfs" [pid 5866] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... unlink resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5867] getdents64(3, [pid 5866] newfstatat(3, "", ./strace-static-x86_64: Process 6369 attached [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6369 [pid 5867] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6369] set_robust_list(0x5555593cd660, 24 [pid 5866] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] <... set_robust_list resumed>) = 0 [pid 6369] chdir("./97") = 0 [pid 6369] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] getdents64(3, [pid 6369] <... prctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6369] setpgid(0, 0 [pid 5865] close(3 [pid 6369] <... setpgid resumed>) = 0 [pid 5868] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] rmdir("./96" [pid 6369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5868] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... rmdir resumed>) = 0 [pid 6369] write(3, "1000", 4 [pid 5865] mkdir("./97", 0777 [pid 5868] <... openat resumed>) = 3 [pid 6369] <... write resumed>) = 4 [pid 6369] close(3) = 0 [pid 6369] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5868] newfstatat(3, "", [pid 5865] <... mkdir resumed>) = 0 [pid 6369] write(1, "executing program\n", 18 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] getdents64(3, [pid 6369] <... write resumed>) = 18 [pid 6369] memfd_create("syzkaller", 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... openat resumed>) = 3 [pid 6369] <... memfd_create resumed>) = 3 [pid 6369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5868] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] close(3 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6370 attached [pid 5867] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6370 [pid 6370] set_robust_list(0x5555593cd660, 24) = 0 [pid 5867] newfstatat(AT_FDCWD, "./97/file1", [pid 5866] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6370] chdir("./97" [pid 6369] <... write resumed>) = 524288 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6370] <... chdir resumed>) = 0 [pid 5868] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./95/file1", [pid 6370] setpgid(0, 0 [pid 6369] munmap(0x7f1864095000, 138412032 [pid 5868] newfstatat(AT_FDCWD, "./100/file1", [pid 5867] openat(AT_FDCWD, "./97/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6370] <... setpgid resumed>) = 0 [pid 6369] <... munmap resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... openat resumed>) = 4 [pid 6369] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] umount2("./95/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6369] ioctl(4, LOOP_SET_FD, 3 [pid 5868] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6369] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(4, [pid 5866] openat(AT_FDCWD, "./95/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6370] <... openat resumed>) = 3 [pid 6369] close(3 [pid 5868] openat(AT_FDCWD, "./100/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... openat resumed>) = 4 [pid 6370] write(3, "1000", 4 [pid 6369] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5867] getdents64(4, [pid 5866] newfstatat(4, "", [pid 6369] close(4 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] newfstatat(4, "", [pid 6370] <... write resumed>) = 4 [pid 6369] <... close resumed>) = 0 [pid 6369] mkdir("./file1", 0777 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] close(4 [pid 5866] getdents64(4, [pid 6369] <... mkdir resumed>) = 0 [pid 5868] getdents64(4, [pid 6370] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6370] <... close resumed>) = 0 [pid 6369] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] rmdir("./97/file1" [pid 5866] getdents64(4, [pid 6370] symlink("/dev/binderfs", "./binderfs" [pid 5868] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... close resumed>) = 0 [pid 5868] close(4 [pid 5866] rmdir("./95/file1" [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./100/file1") = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5867] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./97/binderfs") = 0 [pid 5867] getdents64(3, [pid 6370] <... symlink resumed>) = 0 [pid 5868] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5866] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] unlink("./100/binderfs" [pid 5867] close(3 [pid 5866] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5867] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] rmdir("./97" [pid 5866] unlink("./95/binderfs"executing program [pid 5868] <... unlink resumed>) = 0 [pid 6369] <... mount resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 6370] write(1, "executing program\n", 18 [pid 6369] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] getdents64(3, [pid 6370] <... write resumed>) = 18 [pid 6369] <... openat resumed>) = 3 [pid 5866] getdents64(3, [pid 6369] chdir("./file1" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6369] <... chdir resumed>) = 0 [pid 5868] close(3 [pid 6369] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... close resumed>) = 0 [pid 5867] mkdir("./98", 0777 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6370] memfd_create("syzkaller", 0 [pid 6369] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] rmdir("./100" [pid 5867] <... mkdir resumed>) = 0 [pid 5866] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... close resumed>) = 0 [pid 6369] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [ 194.560501][ T6369] loop0: detected capacity change from 0 to 1024 [pid 5866] rmdir("./95" [pid 6370] <... memfd_create resumed>) = 3 [pid 5868] mkdir("./101", 0777 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... rmdir resumed>) = 0 [pid 6370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5867] <... ioctl resumed>) = 0 [pid 5866] mkdir("./96", 0777 [pid 5867] close(3 [pid 5866] <... mkdir resumed>) = 0 [pid 6370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6369] <... link resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 6369] sync( [pid 5868] close(3 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] close(3 [pid 6370] <... write resumed>) = 524288 [pid 6370] munmap(0x7f1864095000, 138412032 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6370] <... munmap resumed>) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6370] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6371 attached ./strace-static-x86_64: Process 6372 attached ) = 0 [pid 5866] <... close resumed>) = 0 [pid 6371] set_robust_list(0x5555593cd660, 24) = 0 [pid 6369] <... sync resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6371 [pid 6372] set_robust_list(0x5555593cd660, 24 [pid 6371] chdir("./98" [pid 6370] close(3 [pid 6369] exit_group(0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6372 [pid 6372] <... set_robust_list resumed>) = 0 [pid 6371] <... chdir resumed>) = 0 [pid 6370] <... close resumed>) = 0 [pid 6370] close(4 [pid 6372] chdir("./101" [pid 6371] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6370] <... close resumed>) = 0 [pid 6369] <... exit_group resumed>) = ? [pid 6372] <... chdir resumed>) = 0 [pid 6371] <... prctl resumed>) = 0 [pid 6370] mkdir("./file1", 0777 [pid 6369] +++ exited with 0 +++ [pid 6371] setpgid(0, 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6372] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6371] <... setpgid resumed>) = 0 [pid 6370] <... mkdir resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6369, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6372] <... prctl resumed>) = 0 [pid 6371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6372] setpgid(0, 0 [pid 6370] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6374 attached [pid 6371] <... openat resumed>) = 3 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6374 [pid 6371] write(3, "1000", 4) = 4 [pid 6374] set_robust_list(0x5555593cd660, 24 [pid 6371] close(3 [pid 6374] <... set_robust_list resumed>) = 0 [pid 6371] <... close resumed>) = 0 [pid 6374] chdir("./96" [pid 6371] symlink("/dev/binderfs", "./binderfs" [pid 6374] <... chdir resumed>) = 0 [pid 6372] <... setpgid resumed>) = 0 [pid 6371] <... symlink resumed>) = 0 [pid 6372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6374] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6374] <... prctl resumed>) = 0 [pid 6371] write(1, "executing program\n", 18executing program [pid 6374] setpgid(0, 0 [pid 6371] <... write resumed>) = 18 [pid 5864] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6372] <... openat resumed>) = 3 [pid 6371] memfd_create("syzkaller", 0 [pid 6374] <... setpgid resumed>) = 0 [pid 6372] write(3, "1000", 4 [pid 6371] <... memfd_create resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 6372] <... write resumed>) = 4 [pid 6374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6372] close(3 [pid 6371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] newfstatat(3, "", [pid 6374] <... openat resumed>) = 3 [pid 6372] <... close resumed>) = 0 [ 194.660692][ T6370] loop1: detected capacity change from 0 to 1024 [pid 6374] write(3, "1000", 4 [pid 6372] symlink("/dev/binderfs", "./binderfs" [pid 6371] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6374] <... write resumed>) = 4 [pid 6372] <... symlink resumed>) = 0 [pid 6370] <... mount resumed>) = 0 [pid 5864] getdents64(3, executing program 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6372] write(1, "executing program\n", 18 [pid 6371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6370] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6374] close(3 [pid 6372] <... write resumed>) = 18 [pid 6370] <... openat resumed>) = 3 [pid 6374] <... close resumed>) = 0 [pid 6374] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6372] memfd_create("syzkaller", 0 [pid 6370] chdir("./file1" [pid 6374] write(1, "executing program\n", 18 [pid 6372] <... memfd_create resumed>) = 3 [pid 6370] <... chdir resumed>) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6374] <... write resumed>) = 18 [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6370] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6370] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"executing program [pid 6374] memfd_create("syzkaller", 0) = 3 [pid 6374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6371] <... write resumed>) = 524288 [pid 6370] <... link resumed>) = 0 [pid 6374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6370] sync( [pid 6371] munmap(0x7f1864095000, 138412032) = 0 [pid 6371] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6371] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6371] close(3) = 0 [pid 6371] close(4) = 0 [pid 6371] mkdir("./file1", 0777) = 0 [pid 5864] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6374] munmap(0x7f1864095000, 138412032 [pid 6372] <... write resumed>) = 524288 [pid 6371] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] munmap(0x7f1864095000, 138412032 [pid 5864] newfstatat(AT_FDCWD, "./97/file1", [pid 6372] <... munmap resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6374] <... munmap resumed>) = 0 [pid 5864] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./97/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6374] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6372] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... openat resumed>) = 4 [pid 6374] <... openat resumed>) = 4 [pid 6372] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", [pid 6374] ioctl(4, LOOP_SET_FD, 3 [pid 6372] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 194.805388][ T6371] loop3: detected capacity change from 0 to 1024 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6371] <... mount resumed>) = 0 [pid 5864] getdents64(4, [pid 6371] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6371] <... openat resumed>) = 3 [pid 5864] close(4 [pid 6371] chdir("./file1" [pid 5864] <... close resumed>) = 0 [pid 6371] <... chdir resumed>) = 0 [pid 5864] rmdir("./97/file1" [pid 6371] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5864] <... rmdir resumed>) = 0 [pid 6371] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6374] <... ioctl resumed>) = 0 [pid 6372] <... ioctl resumed>) = 0 [pid 6370] <... sync resumed>) = 0 [pid 5864] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6374] close(3 [pid 6372] close(3 [pid 6370] exit_group(0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6374] <... close resumed>) = 0 [pid 6372] <... close resumed>) = 0 [pid 6370] <... exit_group resumed>) = ? [pid 6374] close(4 [pid 6372] close(4) = 0 [pid 6374] <... close resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./97/binderfs", [pid 6372] mkdir("./file1", 0777 [pid 6370] +++ exited with 0 +++ [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6374] mkdir("./file1", 0777 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6370, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] unlink("./97/binderfs" [pid 6374] <... mkdir resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6372] <... mkdir resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6374] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] getdents64(3, [pid 6372] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] rmdir("./97" [pid 5865] <... openat resumed>) = 3 [ 194.871469][ T6372] loop4: detected capacity change from 0 to 1024 [ 194.874354][ T6374] loop2: detected capacity change from 0 to 1024 [pid 6371] <... link resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 5864] <... rmdir resumed>) = 0 [pid 6371] sync( [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] mkdir("./98", 0777 [pid 6374] <... mount resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] <... mkdir resumed>) = 0 [pid 6374] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6374] <... openat resumed>) = 3 [pid 6372] <... mount resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6374] chdir("./file1" [pid 6372] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 6374] <... chdir resumed>) = 0 [pid 6372] <... openat resumed>) = 3 [pid 5864] close(3 [pid 6374] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6372] chdir("./file1" [pid 5864] <... close resumed>) = 0 [pid 6374] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6372] <... chdir resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6372] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6374] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"./strace-static-x86_64: Process 6375 attached [pid 6372] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6375] set_robust_list(0x5555593cd660, 24) = 0 [pid 6375] chdir("./98") = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6375 [pid 6375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6372] <... link resumed>) = 0 [pid 6375] setpgid(0, 0) = 0 [pid 6375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6375] write(3, "1000", 4) = 4 [pid 6375] close(3 [pid 6374] <... link resumed>) = 0 [pid 6375] <... close resumed>) = 0 [pid 6374] sync( [pid 6372] sync( [pid 6375] symlink("/dev/binderfs", "./binderfs" [pid 6371] <... sync resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6375] <... symlink resumed>) = 0 [pid 5865] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6375] write(1, "executing program\n", 18 [pid 6371] exit_group(0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6375] <... write resumed>) = 18 [pid 6371] <... exit_group resumed>) = ? [pid 5865] newfstatat(AT_FDCWD, "./97/file1", [pid 6375] memfd_create("syzkaller", 0 [pid 6371] +++ exited with 0 +++ [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6375] <... memfd_create resumed>) = 3 [pid 5865] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6371, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./97/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6375] <... mmap resumed>) = 0x7f1864095000 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... openat resumed>) = 4 [pid 6375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6372] <... sync resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 6374] <... sync resumed>) = 0 [pid 6372] exit_group(0 [pid 5865] newfstatat(4, "", [pid 6374] exit_group(0 [pid 6372] <... exit_group resumed>) = ? [pid 5867] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6374] <... exit_group resumed>) = ? [pid 6374] +++ exited with 0 +++ [pid 6372] +++ exited with 0 +++ [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(4, [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6372, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6374, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] getdents64(4, [pid 5867] newfstatat(3, "", [pid 5866] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(4 [pid 5867] getdents64(3, [pid 5866] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./97/file1" [pid 5866] <... openat resumed>) = 3 [pid 6375] <... write resumed>) = 524288 [pid 5868] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6375] munmap(0x7f1864095000, 138412032 [pid 5868] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6375] <... munmap resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6375] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(3, "", [pid 6375] <... openat resumed>) = 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6375] ioctl(4, LOOP_SET_FD, 3 [pid 5865] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5868] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./97/binderfs") = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6375] <... ioctl resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6375] close(3) = 0 [pid 6375] close(4) = 0 [pid 6375] mkdir("./file1", 0777) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] rmdir("./97" [pid 6375] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... rmdir resumed>) = 0 [pid 5865] mkdir("./98", 0777) = 0 [pid 5867] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./98/file1", [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6375] <... mount resumed>) = 0 [pid 5867] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6375] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... ioctl resumed>) = 0 [pid 6375] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = 0 [pid 5865] close(3 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./98/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [ 195.118094][ T6375] loop0: detected capacity change from 0 to 1024 [pid 6375] chdir("./file1" [pid 5868] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 4 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(4, "", [pid 5868] newfstatat(AT_FDCWD, "./101/file1", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6376 attached [pid 6375] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] getdents64(4, [pid 5866] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(4, [pid 5868] openat(AT_FDCWD, "./101/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6375] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] close(4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6376] set_robust_list(0x5555593cd660, 24 [pid 6375] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... close resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./96/file1", [pid 6376] <... set_robust_list resumed>) = 0 [pid 6375] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] rmdir("./98/file1" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6376] chdir("./98" [pid 5868] <... openat resumed>) = 4 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] umount2("./96/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6376 [pid 6376] <... chdir resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5867] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6376] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./96/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] newfstatat(AT_FDCWD, "./98/binderfs", [pid 5866] <... openat resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(4, "", [pid 6376] <... prctl resumed>) = 0 [pid 5867] unlink("./98/binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] getdents64(4, [pid 5868] getdents64(4, [pid 5867] getdents64(3, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(4, [pid 5867] close(3 [pid 6376] setpgid(0, 0) = 0 [pid 6375] <... link resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 6376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6375] sync( [pid 5868] close(4 [pid 5867] rmdir("./98" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] close(4 [pid 5868] rmdir("./101/file1" [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./96/file1" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] mkdir("./99", 0777 [pid 5868] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] unlink("./101/binderfs" [pid 6375] <... sync resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6376] <... openat resumed>) = 3 [pid 5866] newfstatat(AT_FDCWD, "./96/binderfs", [pid 6375] exit_group(0 [pid 5868] getdents64(3, [pid 6376] write(3, "1000", 4 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6375] <... exit_group resumed>) = ? [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] unlink("./96/binderfs" [pid 6376] <... write resumed>) = 4 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6376] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 6376] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] close(3 [pid 5866] <... unlink resumed>) = 0 [pid 5868] rmdir("./101") = 0 [pid 6376] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 6376] <... symlink resumed>) = 0 [pid 6375] +++ exited with 0 +++ [pid 5868] mkdir("./102", 0777 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6377 attached [pid 6376] write(1, "executing program\n", 18 [pid 5868] <... mkdir resumed>) = 0 [pid 5866] close(3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6375, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6377] set_robust_list(0x5555593cd660, 24executing program [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6377 [pid 5866] <... close resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6377] <... set_robust_list resumed>) = 0 [pid 6376] <... write resumed>) = 18 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] rmdir("./96" [pid 5864] <... restart_syscall resumed>) = 0 [pid 6377] chdir("./99" [pid 6376] memfd_create("syzkaller", 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] <... rmdir resumed>) = 0 [pid 6377] <... chdir resumed>) = 0 [pid 6376] <... memfd_create resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6376] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6377] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6376] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... ioctl resumed>) = 0 [pid 6377] <... prctl resumed>) = 0 [pid 5866] mkdir("./97", 0777 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6377] setpgid(0, 0 [pid 5868] close(3 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6377] <... setpgid resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(3, "", [pid 6377] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5866] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6377] write(3, "1000", 4 [pid 6376] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6378 attached [pid 6377] <... write resumed>) = 4 [pid 5866] <... ioctl resumed>) = 0 [pid 5864] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6378] set_robust_list(0x5555593cd660, 24 [pid 6377] close(3 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6378 [pid 5866] close(3 [pid 6378] <... set_robust_list resumed>) = 0 [pid 6376] <... write resumed>) = 524288 [pid 6378] chdir("./102" [pid 6377] <... close resumed>) = 0 [pid 6378] <... chdir resumed>) = 0 [pid 6377] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... close resumed>) = 0 [pid 6378] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6377] <... symlink resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6378] <... prctl resumed>) = 0 [pid 6377] write(1, "executing program\n", 18 [pid 6378] setpgid(0, 0 [pid 6377] <... write resumed>) = 18 [pid 6378] <... setpgid resumed>) = 0 [pid 6377] memfd_create("syzkaller", 0 [pid 6378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6377] <... memfd_create resumed>) = 3 [pid 6378] <... openat resumed>) = 3 [pid 6377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6378] write(3, "1000", 4) = 4 [pid 6378] close(3./strace-static-x86_64: Process 6379 attached ) = 0 [pid 6379] set_robust_list(0x5555593cd660, 24 [pid 6378] symlink("/dev/binderfs", "./binderfs" [pid 6377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6379] <... set_robust_list resumed>) = 0 [pid 6379] chdir("./97") = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6379 [pid 6379] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6378] <... symlink resumed>) = 0 [pid 6379] <... prctl resumed>) = 0 [pid 6378] write(1, "executing program\n", 18 [pid 6376] munmap(0x7f1864095000, 138412032 [pid 6379] setpgid(0, 0 [pid 6378] <... write resumed>) = 18 [pid 6379] <... setpgid resumed>) = 0 [pid 6378] memfd_create("syzkaller", 0 [pid 6379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 6378] <... memfd_create resumed>) = 3 [pid 6376] <... munmap resumed>) = 0 [pid 6379] <... openat resumed>) = 3 [pid 6378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6379] write(3, "1000", 4 [pid 6378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6377] <... write resumed>) = 524288 [pid 6376] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6379] <... write resumed>) = 4 [pid 6377] munmap(0x7f1864095000, 138412032 [pid 6376] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = 0 [pid 6379] close(3 [pid 6377] <... munmap resumed>) = 0 [pid 6376] ioctl(4, LOOP_SET_FD, 3 [pid 6379] <... close resumed>) = 0 [pid 6377] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6377] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6377] ioctl(4, LOOP_SET_FD, 3 [pid 5864] newfstatat(AT_FDCWD, "./98/file1", [pid 6379] symlink("/dev/binderfs", "./binderfs" [pid 6377] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6379] <... symlink resumed>) = 0 [pid 6377] ioctl(4, LOOP_CLR_FD [pid 5864] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6377] <... ioctl resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./98/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6379] write(1, "executing program\n", 18executing program [pid 5864] <... openat resumed>) = 4 [pid 6379] <... write resumed>) = 18 [pid 6377] ioctl(4, LOOP_SET_FD, 3 [pid 6376] <... ioctl resumed>) = 0 [pid 6379] memfd_create("syzkaller", 0 [pid 6377] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6376] close(3 [pid 5864] newfstatat(4, "", [pid 6379] <... memfd_create resumed>) = 3 [pid 6377] close(4 [pid 6376] <... close resumed>) = 0 [pid 6379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6378] <... write resumed>) = 524288 [pid 6377] <... close resumed>) = 0 [pid 6376] close(4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6379] <... mmap resumed>) = 0x7f1864095000 [pid 6378] munmap(0x7f1864095000, 138412032 [pid 6377] close(3 [pid 6376] <... close resumed>) = 0 [pid 6379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6377] <... close resumed>) = 0 [pid 6376] mkdir("./file1", 0777 [pid 5864] getdents64(4, [pid 6378] <... munmap resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6378] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6376] <... mkdir resumed>) = 0 [pid 6378] <... openat resumed>) = 4 [pid 5864] close(4 [pid 6378] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... close resumed>) = 0 [pid 6378] <... ioctl resumed>) = 0 [pid 5864] rmdir("./98/file1") = 0 [pid 5864] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6378] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6378] <... close resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./98/binderfs", [pid 6378] close(4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 195.392292][ T6376] loop1: detected capacity change from 0 to 1024 [pid 6378] <... close resumed>) = 0 [pid 6376] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] unlink("./98/binderfs" [pid 6378] mkdir("./file1", 0777 [pid 6377] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... unlink resumed>) = 0 [pid 6378] <... mkdir resumed>) = 0 [pid 6377] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6377] sync( [pid 5864] getdents64(3, [pid 6378] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./98") = 0 [pid 5864] mkdir("./99", 0777) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6379] <... write resumed>) = 524288 [pid 5864] <... openat resumed>) = 3 [pid 6379] munmap(0x7f1864095000, 138412032) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6379] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... ioctl resumed>) = 0 [pid 6379] <... openat resumed>) = 4 [pid 6379] ioctl(4, LOOP_SET_FD, 3 [pid 5864] close(3 [pid 6379] <... ioctl resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6380 attached [pid 6376] <... mount resumed>) = 0 [ 195.443344][ T6378] loop4: detected capacity change from 0 to 1024 [pid 6379] close(3) = 0 [pid 6378] <... mount resumed>) = 0 [pid 6379] close(4 [pid 6378] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6379] <... close resumed>) = 0 [pid 6378] <... openat resumed>) = 3 [pid 6379] mkdir("./file1", 0777 [pid 6378] chdir("./file1" [pid 6380] set_robust_list(0x5555593cd660, 24 [pid 6378] <... chdir resumed>) = 0 [pid 6376] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6380 [pid 6380] <... set_robust_list resumed>) = 0 [pid 6379] <... mkdir resumed>) = 0 [pid 6376] <... openat resumed>) = 3 [pid 6380] chdir("./99" [pid 6378] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6379] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6378] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6380] <... chdir resumed>) = 0 [pid 6378] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6376] chdir("./file1" [pid 6380] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6376] <... chdir resumed>) = 0 [pid 6380] <... prctl resumed>) = 0 [pid 6376] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6380] setpgid(0, 0) = 0 [pid 6380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6376] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6380] write(3, "1000", 4) = 4 [pid 6379] <... mount resumed>) = 0 [pid 6376] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6379] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6380] close(3 [pid 6378] <... link resumed>) = 0 [pid 6380] <... close resumed>) = 0 [pid 6379] <... openat resumed>) = 3 [pid 6378] sync( [pid 6377] <... sync resumed>) = 0 [ 195.492253][ T6379] loop2: detected capacity change from 0 to 1024 [pid 6380] symlink("/dev/binderfs", "./binderfs" [pid 6379] chdir("./file1") = 0 [pid 6379] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6377] exit_group(0 [pid 6379] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6377] <... exit_group resumed>) = ? [pid 6380] <... symlink resumed>) = 0 [pid 6380] write(1, "executing program\n", 18 [pid 6377] +++ exited with 0 +++ [pid 6376] <... link resumed>) = 0 [pid 6376] sync(executing program [pid 6380] <... write resumed>) = 18 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6377, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- [pid 6380] memfd_create("syzkaller", 0 [pid 5867] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6380] <... memfd_create resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... openat resumed>) = 3 [pid 6380] <... mmap resumed>) = 0x7f1864095000 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5867] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6380] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] unlink("./99/binderfs") = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./99") = 0 [pid 5867] mkdir("./100", 0777) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6381 attached [pid 6381] set_robust_list(0x5555593cd660, 24) = 0 [pid 6380] <... write resumed>) = 524288 [pid 6381] chdir("./100") = 0 [pid 6381] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6381] setpgid(0, 0) = 0 [pid 6380] munmap(0x7f1864095000, 138412032 [pid 6379] <... link resumed>) = 0 [pid 6378] <... sync resumed>) = 0 [pid 6379] sync( [pid 6378] exit_group(0) = ? [pid 6378] +++ exited with 0 +++ [pid 6381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6378, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6381 [pid 6381] <... openat resumed>) = 3 [pid 6381] write(3, "1000", 4) = 4 [pid 6381] close(3 [pid 6380] <... munmap resumed>) = 0 [pid 6379] <... sync resumed>) = 0 [pid 6376] <... sync resumed>) = 0 [pid 6381] <... close resumed>) = 0 [pid 6381] symlink("/dev/binderfs", "./binderfs" [pid 6380] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6379] exit_group(0 [pid 6376] exit_group(0 [pid 6381] <... symlink resumed>) = 0 [pid 6379] <... exit_group resumed>) = ? [pid 6376] <... exit_group resumed>) = ? executing program [pid 6381] write(1, "executing program\n", 18 [pid 6380] <... openat resumed>) = 4 [pid 6379] +++ exited with 0 +++ [pid 6376] +++ exited with 0 +++ [pid 5868] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] <... write resumed>) = 18 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6379, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6381] memfd_create("syzkaller", 0 [pid 6380] ioctl(4, LOOP_SET_FD, 3 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6376, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6381] <... memfd_create resumed>) = 3 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6380] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] newfstatat(3, "", [pid 6381] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6380] close(3 [pid 5868] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6380] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6380] close(4 [pid 5865] <... openat resumed>) = 3 [pid 6380] <... close resumed>) = 0 [pid 5866] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6380] mkdir("./file1", 0777 [pid 5865] newfstatat(3, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6380] <... mkdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] getdents64(3, [pid 6380] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", [pid 6381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] <... write resumed>) = 524288 [ 195.682676][ T6380] loop0: detected capacity change from 0 to 1024 [pid 5868] <... umount2 resumed>) = 0 [pid 6381] munmap(0x7f1864095000, 138412032 [pid 6380] <... mount resumed>) = 0 [pid 5868] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 6381] <... munmap resumed>) = 0 [pid 6380] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6380] <... openat resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./102/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = 0 [pid 6381] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./97/file1", [pid 5868] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./97/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] <... openat resumed>) = 4 [pid 6380] chdir("./file1" [pid 5868] openat(AT_FDCWD, "./102/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] ioctl(4, LOOP_SET_FD, 3 [pid 6380] <... chdir resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5866] openat(AT_FDCWD, "./97/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6381] <... ioctl resumed>) = 0 [pid 6380] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] newfstatat(4, "", [pid 5866] <... openat resumed>) = 4 [pid 5865] newfstatat(AT_FDCWD, "./98/file1", [pid 6380] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] newfstatat(4, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6380] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6381] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5865] openat(AT_FDCWD, "./98/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6381] close(4) = 0 [pid 5868] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... openat resumed>) = 4 [pid 6381] mkdir("./file1", 0777 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(4, [pid 5865] newfstatat(4, "", [pid 5868] close(4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6381] <... mkdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] rmdir("./102/file1" [pid 5866] close(4 [pid 6381] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6380] <... link resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 5868] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./97/file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6380] sync( [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 5865] getdents64(4, [pid 5868] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./98/file1" [pid 5868] unlink("./102/binderfs" [pid 5866] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] <... mount resumed>) = 0 [pid 5866] unlink("./97/binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6381] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] newfstatat(AT_FDCWD, "./98/binderfs", [pid 6381] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 195.803783][ T6381] loop3: detected capacity change from 0 to 1024 [pid 5866] getdents64(3, [pid 5865] unlink("./98/binderfs" [pid 6381] chdir("./file1") = 0 [pid 6381] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6381] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5868] close(3 [pid 5866] close(3 [pid 5865] getdents64(3, [pid 6381] <... link resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6381] sync( [pid 5868] rmdir("./102" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] rmdir("./97" [pid 5865] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] mkdir("./103", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] rmdir("./98" [pid 6380] <... sync resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 6380] exit_group(0 [pid 5868] close(3 [pid 5866] mkdir("./98", 0777 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] mkdir("./99", 0777 [pid 6380] <... exit_group resumed>) = ? [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6382 attached [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5866] <... ioctl resumed>) = 0 [pid 5866] close(3 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6382 [pid 5866] <... close resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6382] set_robust_list(0x5555593cd660, 24 [pid 5865] close(3 [pid 6382] <... set_robust_list resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... close resumed>) = 0 [pid 6382] chdir("./103") = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6380] +++ exited with 0 +++ [pid 6382] setpgid(0, 0./strace-static-x86_64: Process 6383 attached ) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6380, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- ./strace-static-x86_64: Process 6384 attached [pid 6382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6381] <... sync resumed>) = 0 [pid 6384] set_robust_list(0x5555593cd660, 24 [pid 6383] set_robust_list(0x5555593cd660, 24 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6384 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6383 [pid 6384] <... set_robust_list resumed>) = 0 [pid 6383] <... set_robust_list resumed>) = 0 [pid 6382] <... openat resumed>) = 3 [pid 6381] exit_group(0 [pid 5864] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6384] chdir("./98" [pid 6381] <... exit_group resumed>) = ? [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6384] <... chdir resumed>) = 0 [pid 6383] chdir("./99" [pid 6381] +++ exited with 0 +++ [pid 5864] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6384] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... openat resumed>) = 3 [pid 6384] <... prctl resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6381, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] newfstatat(3, "", [pid 6384] setpgid(0, 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6384] <... setpgid resumed>) = 0 [pid 5864] getdents64(3, [pid 6384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6382] write(3, "1000", 4 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6383] <... chdir resumed>) = 0 [pid 6383] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6382] <... write resumed>) = 4 [pid 6383] <... prctl resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5864] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6384] <... openat resumed>) = 3 [pid 6383] setpgid(0, 0 [pid 6382] close(3 [pid 6383] <... setpgid resumed>) = 0 [pid 6382] <... close resumed>) = 0 [pid 6384] write(3, "1000", 4 [pid 6383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6382] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6384] <... write resumed>) = 4 [pid 6383] <... openat resumed>) = 3 [pid 6382] write(1, "executing program\n", 18) = 18 [pid 6382] memfd_create("syzkaller", 0 [pid 6384] close(3 [pid 6382] <... memfd_create resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6384] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6384] symlink("/dev/binderfs", "./binderfs" [pid 6383] write(3, "1000", 4 [pid 6382] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... openat resumed>) = 3 [pid 6384] <... symlink resumed>) = 0 [pid 6383] <... write resumed>) = 4 [pid 6382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] newfstatat(3, "", [pid 6383] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 6384] write(1, "executing program\n", 18 [pid 5867] getdents64(3, [pid 6384] <... write resumed>) = 18 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6384] memfd_create("syzkaller", 0 [pid 5867] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6384] <... memfd_create resumed>) = 3 [pid 6382] <... write resumed>) = 524288 [pid 6384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6383] <... close resumed>) = 0 [pid 6384] <... mmap resumed>) = 0x7f1864095000 [pid 6383] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6383] write(1, "executing program\n", 18 [pid 5864] <... umount2 resumed>) = 0 [pid 6382] munmap(0x7f1864095000, 138412032 [pid 6383] <... write resumed>) = 18 [pid 6384] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6383] memfd_create("syzkaller", 0 [pid 6382] <... munmap resumed>) = 0 [pid 5864] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./99/file1", [pid 6383] <... memfd_create resumed>) = 3 [pid 6383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6382] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6383] <... mmap resumed>) = 0x7f1864095000 [pid 6382] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./99/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", [pid 6383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6382] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./99/file1" [pid 6382] <... ioctl resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6382] close(3) = 0 [pid 5864] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6382] close(4) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6382] mkdir("./file1", 0777 [pid 5864] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./99/binderfs") = 0 [pid 5864] getdents64(3, [pid 6382] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./99") = 0 [pid 5864] mkdir("./100", 0777 [pid 6384] <... write resumed>) = 524288 [pid 6382] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... umount2 resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6384] munmap(0x7f1864095000, 138412032) = 0 [pid 5867] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./100/file1", [pid 6384] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6384] <... openat resumed>) = 4 [pid 5867] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... ioctl resumed>) = 0 [pid 6384] ioctl(4, LOOP_SET_FD, 3 [pid 6383] <... write resumed>) = 524288 [pid 6383] munmap(0x7f1864095000, 138412032 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(3 [pid 5867] openat(AT_FDCWD, "./100/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6383] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5864] <... close resumed>) = 0 [pid 6383] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6384] <... ioctl resumed>) = 0 [pid 6383] <... openat resumed>) = 4 [ 196.086031][ T6382] loop4: detected capacity change from 0 to 1024 [pid 5867] newfstatat(4, "", [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6385 attached [pid 6384] close(3) = 0 [pid 5867] getdents64(4, [pid 6385] set_robust_list(0x5555593cd660, 24 [pid 6384] close(4 [pid 6382] <... mount resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6385] <... set_robust_list resumed>) = 0 [pid 6384] <... close resumed>) = 0 [pid 6382] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] getdents64(4, [pid 6383] ioctl(4, LOOP_SET_FD, 3 [pid 6384] mkdir("./file1", 0777 [pid 6383] <... ioctl resumed>) = 0 [pid 6382] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6385 [pid 6385] chdir("./100" [pid 6383] close(3 [pid 5867] close(4 [pid 6385] <... chdir resumed>) = 0 [pid 6383] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6385] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6384] <... mkdir resumed>) = 0 [pid 6383] close(4 [pid 6382] chdir("./file1" [pid 5867] rmdir("./100/file1" [pid 6385] <... prctl resumed>) = 0 [pid 6384] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6383] <... close resumed>) = 0 [pid 6385] setpgid(0, 0 [pid 6383] mkdir("./file1", 0777 [pid 6385] <... setpgid resumed>) = 0 [pid 6383] <... mkdir resumed>) = 0 [pid 6382] <... chdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6382] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6383] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6385] <... openat resumed>) = 3 [pid 6382] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6382] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6385] write(3, "1000", 4 [pid 5867] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6385] <... write resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6385] close(3) = 0 [pid 6385] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6384] <... mount resumed>) = 0 [pid 5867] unlink("./100/binderfs" [pid 6384] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... unlink resumed>) = 0 executing program [pid 6384] <... openat resumed>) = 3 [pid 6384] chdir("./file1") = 0 [pid 6385] write(1, "executing program\n", 18) = 18 [pid 6384] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] getdents64(3, [pid 6385] memfd_create("syzkaller", 0 [pid 6384] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6383] <... mount resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6383] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6382] <... link resumed>) = 0 [pid 6385] <... memfd_create resumed>) = 3 [pid 6384] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] close(3 [pid 6385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6382] sync( [pid 5867] <... close resumed>) = 0 [pid 6385] <... mmap resumed>) = 0x7f1864095000 [ 196.141150][ T6384] loop2: detected capacity change from 0 to 1024 [ 196.165245][ T6383] loop1: detected capacity change from 0 to 1024 [pid 6385] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6383] <... openat resumed>) = 3 [pid 5867] rmdir("./100" [pid 6383] chdir("./file1" [pid 5867] <... rmdir resumed>) = 0 [pid 6383] <... chdir resumed>) = 0 [pid 6383] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6383] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6384] <... link resumed>) = 0 [pid 5867] mkdir("./101", 0777 [pid 6385] <... write resumed>) = 524288 [pid 6384] sync( [pid 6385] munmap(0x7f1864095000, 138412032) = 0 [pid 6385] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5867] <... mkdir resumed>) = 0 [pid 6385] ioctl(4, LOOP_SET_FD, 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6385] <... ioctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6385] close(3 [pid 6383] <... link resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6385] <... close resumed>) = 0 [pid 6383] sync( [pid 5867] <... ioctl resumed>) = 0 [pid 6385] close(4 [pid 6382] <... sync resumed>) = 0 [pid 5867] close(3 [pid 6385] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6385] mkdir("./file1", 0777 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6385] <... mkdir resumed>) = 0 [pid 6382] exit_group(0./strace-static-x86_64: Process 6386 attached ) = ? [pid 6385] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6386] set_robust_list(0x5555593cd660, 24) = 0 [pid 6386] chdir("./101" [pid 6382] +++ exited with 0 +++ [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6386 [pid 6386] <... chdir resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6382, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6386] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6386] <... prctl resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [ 196.290835][ T6385] loop0: detected capacity change from 0 to 1024 [pid 6386] setpgid(0, 0) = 0 [pid 6386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5868] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6386] write(3, "1000", 4 [pid 5868] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6386] <... write resumed>) = 4 [pid 5868] <... openat resumed>) = 3 [pid 6386] close(3 [pid 6385] <... mount resumed>) = 0 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 6386] <... close resumed>) = 0 [pid 6385] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6386] symlink("/dev/binderfs", "./binderfs" [pid 6385] <... openat resumed>) = 3 [pid 6384] <... sync resumed>) = 0 [pid 6383] <... sync resumed>) = 0 [pid 5868] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6386] <... symlink resumed>) = 0 [pid 6385] chdir("./file1" [pid 6384] exit_group(0 [pid 6383] exit_group(0executing program [pid 6386] write(1, "executing program\n", 18 [pid 6385] <... chdir resumed>) = 0 [pid 6384] <... exit_group resumed>) = ? [pid 6383] <... exit_group resumed>) = ? [pid 6386] <... write resumed>) = 18 [pid 6385] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6386] memfd_create("syzkaller", 0 [pid 6385] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6384] +++ exited with 0 +++ [pid 6383] +++ exited with 0 +++ [pid 6385] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6386] <... memfd_create resumed>) = 3 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6384, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6383, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6386] <... mmap resumed>) = 0x7f1864095000 [pid 5865] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... openat resumed>) = 3 [pid 5865] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6385] <... link resumed>) = 0 [pid 6385] sync( [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6386] <... write resumed>) = 524288 [pid 6386] munmap(0x7f1864095000, 138412032) = 0 [pid 6385] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6386] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6385] exit_group(0 [pid 5868] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6386] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6386] ioctl(4, LOOP_SET_FD, 3 [pid 6385] <... exit_group resumed>) = ? [pid 5868] newfstatat(AT_FDCWD, "./103/file1", [pid 5866] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./99/file1", [pid 6386] <... ioctl resumed>) = 0 [pid 6385] +++ exited with 0 +++ [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6386] close(3 [pid 5868] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6386] <... close resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./98/file1", [pid 5865] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6385, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6386] close(4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6386] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./99/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6386] mkdir("./file1", 0777 [pid 5868] openat(AT_FDCWD, "./103/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./98/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6386] <... mkdir resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 4 [pid 5866] openat(AT_FDCWD, "./98/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(4, "", [pid 5868] newfstatat(4, "", [pid 5866] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 6386] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(4, [pid 5864] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5864] newfstatat(3, "", [pid 5868] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [ 196.516774][ T6386] loop3: detected capacity change from 0 to 1024 [pid 5868] close(4 [pid 5866] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, [pid 5865] close(4 [pid 5868] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] rmdir("./98/file1" [pid 5865] rmdir("./99/file1" [pid 5868] rmdir("./103/file1" [pid 5864] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5868] newfstatat(AT_FDCWD, "./103/binderfs", [pid 6386] <... mount resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./98/binderfs", [pid 6386] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6386] chdir("./file1") = 0 [pid 6386] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5868] unlink("./103/binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./99/binderfs" [pid 6386] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... unlink resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5868] getdents64(3, [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5866] unlink("./98/binderfs" [pid 5865] close(3 [pid 5868] <... close resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] rmdir("./103" [pid 5865] rmdir("./99" [pid 5868] <... rmdir resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5866] rmdir("./98") = 0 [pid 6386] <... link resumed>) = 0 [pid 6386] sync( [pid 5864] <... umount2 resumed>) = 0 [pid 5868] mkdir("./104", 0777 [pid 5866] mkdir("./99", 0777 [pid 5865] mkdir("./100", 0777 [pid 5864] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] newfstatat(AT_FDCWD, "./100/file1", [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] <... openat resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./100/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... openat resumed>) = 4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... openat resumed>) = 3 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6387 attached [pid 5865] <... ioctl resumed>) = 0 [pid 5864] getdents64(4, [pid 5865] close(3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] close(4 [pid 6387] set_robust_list(0x5555593cd660, 24 [pid 5864] <... close resumed>) = 0 [pid 6387] <... set_robust_list resumed>) = 0 [pid 5866] close(3 [pid 5864] rmdir("./100/file1" [pid 5866] <... close resumed>) = 0 ./strace-static-x86_64: Process 6388 attached [pid 6387] chdir("./104" [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... rmdir resumed>) = 0 [pid 6388] set_robust_list(0x5555593cd660, 24 [pid 6387] <... chdir resumed>) = 0 [pid 6386] <... sync resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6388 [pid 6388] <... set_robust_list resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6387 [pid 5864] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6387] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6389 [pid 5864] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6387] setpgid(0, 0 [pid 6388] chdir("./100" [pid 6387] <... setpgid resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6389 attached [pid 6388] <... chdir resumed>) = 0 [pid 6387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6386] exit_group(0 [pid 5864] unlink("./100/binderfs" [pid 6388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6387] <... openat resumed>) = 3 [pid 6389] set_robust_list(0x5555593cd660, 24 [pid 6388] setpgid(0, 0 [pid 6387] write(3, "1000", 4 [pid 5864] <... unlink resumed>) = 0 [pid 6386] <... exit_group resumed>) = ? [pid 5864] getdents64(3, [pid 6387] <... write resumed>) = 4 [pid 6387] close(3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6389] <... set_robust_list resumed>) = 0 [pid 6388] <... setpgid resumed>) = 0 [pid 6387] <... close resumed>) = 0 [pid 6386] +++ exited with 0 +++ [pid 5864] close(3 [pid 6389] chdir("./99" [pid 6388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6387] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... close resumed>) = 0 [pid 6389] <... chdir resumed>) = 0 [pid 6388] <... openat resumed>) = 3 [pid 6387] <... symlink resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6386, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5864] rmdir("./100" [pid 6389] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6388] write(3, "1000", 4 [pid 6387] write(1, "executing program\n", 18 [pid 6389] <... prctl resumed>) = 0 executing program [pid 6389] setpgid(0, 0 [pid 6388] <... write resumed>) = 4 [pid 6387] <... write resumed>) = 18 [pid 5864] <... rmdir resumed>) = 0 [pid 6388] close(3 [pid 6387] memfd_create("syzkaller", 0 [pid 5864] mkdir("./101", 0777 [pid 6389] <... setpgid resumed>) = 0 [pid 6388] <... close resumed>) = 0 [pid 5867] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6388] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6388] <... symlink resumed>) = 0 [pid 6387] <... memfd_create resumed>) = 3 [pid 5867] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... mkdir resumed>) = 0 [pid 6389] <... openat resumed>) = 3 [pid 6388] write(1, "executing program\n", 18 executing program [pid 6387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6389] write(3, "1000", 4 [pid 6388] <... write resumed>) = 18 [pid 6389] <... write resumed>) = 4 [pid 5867] newfstatat(3, "", [pid 6389] close(3 [pid 6388] memfd_create("syzkaller", 0 [pid 6387] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... openat resumed>) = 3 [pid 6388] <... memfd_create resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6389] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6389] symlink("/dev/binderfs", "./binderfs" [pid 6388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] getdents64(3, [pid 6389] <... symlink resumed>) = 0 [pid 6388] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... ioctl resumed>) = 0 [pid 5867] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(3 [pid 6389] write(1, "executing program\n", 18executing program [pid 5864] <... close resumed>) = 0 [pid 6389] <... write resumed>) = 18 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6389] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6390 attached ) = 3 [pid 6389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6390] set_robust_list(0x5555593cd660, 24 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6390 [pid 6390] <... set_robust_list resumed>) = 0 [pid 6389] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6388] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6390] chdir("./101") = 0 [pid 6390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6390] setpgid(0, 0) = 0 [pid 6387] <... write resumed>) = 524288 [pid 6387] munmap(0x7f1864095000, 138412032 [pid 6390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6390] write(3, "1000", 4) = 4 [pid 6388] <... write resumed>) = 524288 [pid 6390] close(3 [pid 6388] munmap(0x7f1864095000, 138412032) = 0 [pid 6387] <... munmap resumed>) = 0 [pid 6387] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6390] <... close resumed>) = 0 [pid 6389] <... write resumed>) = 524288 [pid 6388] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6390] symlink("/dev/binderfs", "./binderfs" [pid 6388] <... openat resumed>) = 4 [pid 6390] <... symlink resumed>) = 0 [pid 6388] ioctl(4, LOOP_SET_FD, 3executing program [pid 6390] write(1, "executing program\n", 18 [pid 6389] munmap(0x7f1864095000, 138412032 [pid 6390] <... write resumed>) = 18 [pid 6390] memfd_create("syzkaller", 0 [pid 6389] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6390] <... memfd_create resumed>) = 3 [pid 6389] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6388] <... ioctl resumed>) = 0 [pid 6387] <... openat resumed>) = 4 [pid 6390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6389] <... openat resumed>) = 4 [pid 6388] close(3 [pid 6387] ioctl(4, LOOP_SET_FD, 3 [pid 6389] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6389] close(3 [pid 6388] <... close resumed>) = 0 [pid 5867] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6390] <... mmap resumed>) = 0x7f1864095000 [pid 6389] <... close resumed>) = 0 [pid 6388] close(4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6389] close(4 [pid 6388] <... close resumed>) = 0 [pid 6387] <... ioctl resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./101/file1", [pid 6389] <... close resumed>) = 0 [pid 6388] mkdir("./file1", 0777 [pid 6389] mkdir("./file1", 0777 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 196.829131][ T6388] loop1: detected capacity change from 0 to 1024 [ 196.859158][ T6389] loop2: detected capacity change from 0 to 1024 [pid 6390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6389] <... mkdir resumed>) = 0 [pid 6388] <... mkdir resumed>) = 0 [pid 6387] close(3 [pid 5867] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6387] <... close resumed>) = 0 [pid 6387] close(4 [pid 6389] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6388] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6387] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6387] mkdir("./file1", 0777) = 0 [pid 5867] openat(AT_FDCWD, "./101/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 6387] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6390] <... write resumed>) = 524288 [pid 6388] <... mount resumed>) = 0 [pid 5867] getdents64(4, [pid 6390] munmap(0x7f1864095000, 138412032 [pid 6388] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6390] <... munmap resumed>) = 0 [pid 6389] <... mount resumed>) = 0 [pid 6388] <... openat resumed>) = 3 [pid 5867] close(4 [pid 6389] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 196.871710][ T6387] loop4: detected capacity change from 0 to 1024 [pid 5867] <... close resumed>) = 0 [pid 6390] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6389] chdir("./file1" [pid 6388] chdir("./file1" [pid 5867] rmdir("./101/file1" [pid 6390] <... openat resumed>) = 4 [pid 5867] <... rmdir resumed>) = 0 [pid 6389] <... chdir resumed>) = 0 [pid 6390] ioctl(4, LOOP_SET_FD, 3 [pid 6389] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6388] <... chdir resumed>) = 0 [pid 5867] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6390] <... ioctl resumed>) = 0 [pid 6389] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6388] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6390] close(3 [pid 6389] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6388] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] newfstatat(AT_FDCWD, "./101/binderfs", [pid 6390] <... close resumed>) = 0 [pid 6388] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6390] close(4) = 0 [pid 5867] unlink("./101/binderfs" [pid 6390] mkdir("./file1", 0777) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5867] getdents64(3, [pid 6390] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6387] <... mount resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6388] <... link resumed>) = 0 [pid 6387] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] close(3 [pid 6387] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 6387] chdir("./file1" [pid 5867] rmdir("./101" [pid 6388] sync( [pid 6387] <... chdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6387] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] mkdir("./102", 0777 [pid 6387] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... mkdir resumed>) = 0 [pid 6390] <... mount resumed>) = 0 [pid 6389] <... link resumed>) = 0 [ 196.955275][ T6390] loop0: detected capacity change from 0 to 1024 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6390] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6389] sync( [pid 5867] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6390] <... openat resumed>) = 3 [pid 5867] <... ioctl resumed>) = 0 [pid 6390] chdir("./file1" [pid 5867] close(3 [pid 6390] <... chdir resumed>) = 0 [pid 6390] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 6390] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6390] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6387] <... link resumed>) = 0 [pid 6387] sync(./strace-static-x86_64: Process 6391 attached [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6391 [pid 6391] set_robust_list(0x5555593cd660, 24 [pid 6388] <... sync resumed>) = 0 [pid 6391] <... set_robust_list resumed>) = 0 [pid 6391] chdir("./102" [pid 6389] <... sync resumed>) = 0 [pid 6388] exit_group(0 [pid 6391] <... chdir resumed>) = 0 [pid 6389] exit_group(0 [pid 6388] <... exit_group resumed>) = ? [pid 6389] <... exit_group resumed>) = ? [pid 6391] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6388] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6388, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6391] setpgid(0, 0 [pid 6389] +++ exited with 0 +++ [pid 6391] <... setpgid resumed>) = 0 [pid 6391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6390] <... link resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6389, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6391] <... openat resumed>) = 3 [pid 6391] write(3, "1000", 4) = 4 [pid 6391] close(3 [pid 6390] sync( [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6391] <... close resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6391] symlink("/dev/binderfs", "./binderfs" [pid 6387] <... sync resumed>) = 0 [pid 6391] <... symlink resumed>) = 0 [pid 6387] exit_group(0executing program [pid 6391] write(1, "executing program\n", 18 [pid 6387] <... exit_group resumed>) = ? [pid 5865] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6390] <... sync resumed>) = 0 [pid 6387] +++ exited with 0 +++ [pid 5866] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6391] <... write resumed>) = 18 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6391] memfd_create("syzkaller", 0 [pid 6390] exit_group(0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6387, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5866] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 6390] <... exit_group resumed>) = ? [pid 5866] <... openat resumed>) = 3 [pid 6391] <... memfd_create resumed>) = 3 [pid 6391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] newfstatat(3, "", [pid 5865] newfstatat(3, "", [pid 6391] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6390] +++ exited with 0 +++ [pid 5868] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6390, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5868] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... restart_syscall resumed>) = 0 [pid 5864] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 6391] <... write resumed>) = 524288 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6391] munmap(0x7f1864095000, 138412032 [pid 5866] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./99/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./100/file1", [pid 5866] umount2("./99/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./100/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./99/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./100/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5866] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5866] close(4 [pid 5865] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] rmdir("./100/file1" [pid 5866] rmdir("./99/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6391] <... munmap resumed>) = 0 [pid 5866] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5865] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6391] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6391] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./99/binderfs" [pid 5865] unlink("./100/binderfs" [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5866] close(3 [pid 5865] <... close resumed>) = 0 [pid 6391] <... ioctl resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] rmdir("./100" [pid 6391] close(3 [pid 5866] rmdir("./99" [pid 6391] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6391] close(4) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6391] mkdir("./file1", 0777 [pid 5866] mkdir("./100", 0777 [pid 6391] <... mkdir resumed>) = 0 [pid 6391] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] mkdir("./101", 0777 [pid 5868] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5868] newfstatat(AT_FDCWD, "./104/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(3 [pid 5865] <... openat resumed>) = 3 [pid 5864] newfstatat(AT_FDCWD, "./101/file1", [pid 5868] openat(AT_FDCWD, "./104/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6392 attached [pid 6391] <... mount resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5865] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] close(3 [pid 6392] set_robust_list(0x5555593cd660, 24 [pid 6391] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] getdents64(4, [pid 6392] <... set_robust_list resumed>) = 0 [pid 6391] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6392] chdir("./100" [pid 6391] chdir("./file1" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] openat(AT_FDCWD, "./101/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6392] <... chdir resumed>) = 0 [pid 6391] <... chdir resumed>) = 0 [pid 5868] getdents64(4, [ 197.254721][ T6391] loop3: detected capacity change from 0 to 1024 [pid 6392] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6391] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6392] <... prctl resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6392 [pid 5865] <... close resumed>) = 0 [pid 6392] setpgid(0, 0 [pid 6391] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] close(4 [pid 6392] <... setpgid resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6391] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] rmdir("./104/file1" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] getdents64(4, [pid 6392] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6392] write(3, "1000", 4 [pid 5864] close(4 [pid 6392] <... write resumed>) = 4 [pid 5868] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 6392] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] rmdir("./101/file1") = 0 [pid 6392] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./104/binderfs", [pid 6392] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6393 attached [pid 6392] <... symlink resumed>) = 0 [pid 5868] unlink("./104/binderfs" [pid 5864] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... unlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6392] write(1, "executing program\n", 18executing program [pid 5868] getdents64(3, [pid 5864] newfstatat(AT_FDCWD, "./101/binderfs", [pid 6392] <... write resumed>) = 18 [pid 6393] set_robust_list(0x5555593cd660, 24 [pid 6392] memfd_create("syzkaller", 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6393] <... set_robust_list resumed>) = 0 [pid 5868] close(3 [pid 5864] unlink("./101/binderfs" [pid 6393] chdir("./101" [pid 5868] <... close resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6393 [pid 5864] <... unlink resumed>) = 0 [pid 5868] rmdir("./104") = 0 [pid 6392] <... memfd_create resumed>) = 3 [pid 5864] getdents64(3, [pid 6393] <... chdir resumed>) = 0 [pid 6391] <... link resumed>) = 0 [pid 5868] mkdir("./105", 0777 [pid 6393] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6393] <... prctl resumed>) = 0 [pid 6392] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] close(3 [pid 6393] setpgid(0, 0 [pid 6392] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6391] sync( [pid 5864] <... close resumed>) = 0 [pid 6393] <... setpgid resumed>) = 0 [pid 6393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] rmdir("./101" [pid 5868] <... openat resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 6393] <... openat resumed>) = 3 [pid 6393] write(3, "1000", 4) = 4 [pid 6393] close(3) = 0 [pid 6393] symlink("/dev/binderfs", "./binderfs" [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] mkdir("./102", 0777 [pid 5868] <... ioctl resumed>) = 0 executing program [pid 5868] close(3) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6394 attached [pid 6393] <... symlink resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6393] write(1, "executing program\n", 18 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6393] <... write resumed>) = 18 [pid 5864] <... ioctl resumed>) = 0 [pid 6393] memfd_create("syzkaller", 0 [pid 5864] close(3) = 0 [pid 6393] <... memfd_create resumed>) = 3 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6394] set_robust_list(0x5555593cd660, 24 [pid 6393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6395 attached [pid 6395] set_robust_list(0x5555593cd660, 24 [pid 6394] <... set_robust_list resumed>) = 0 [pid 6393] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6394 [pid 6395] <... set_robust_list resumed>) = 0 [pid 6394] chdir("./105" [pid 6393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6395] chdir("./102" [pid 6394] <... chdir resumed>) = 0 [pid 6392] <... write resumed>) = 524288 [pid 6391] <... sync resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6395 [pid 6395] <... chdir resumed>) = 0 [pid 6394] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6393] <... write resumed>) = 524288 [pid 6391] exit_group(0 [pid 6394] <... prctl resumed>) = 0 [pid 6392] munmap(0x7f1864095000, 138412032 [pid 6394] setpgid(0, 0 [pid 6392] <... munmap resumed>) = 0 [pid 6394] <... setpgid resumed>) = 0 [pid 6392] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6392] <... openat resumed>) = 4 [pid 6392] ioctl(4, LOOP_SET_FD, 3 [pid 6394] <... openat resumed>) = 3 [pid 6392] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6395] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6391] <... exit_group resumed>) = ? [pid 6395] <... prctl resumed>) = 0 [pid 6394] write(3, "1000", 4 [pid 6392] ioctl(4, LOOP_CLR_FD [pid 6395] setpgid(0, 0 [pid 6394] <... write resumed>) = 4 [pid 6392] <... ioctl resumed>) = 0 [pid 6394] close(3) = 0 [pid 6394] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6395] <... setpgid resumed>) = 0 executing program [pid 6394] write(1, "executing program\n", 18 [pid 6391] +++ exited with 0 +++ [pid 6394] <... write resumed>) = 18 [pid 6392] ioctl(4, LOOP_SET_FD, 3 [pid 6395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6394] memfd_create("syzkaller", 0 [pid 6392] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6395] <... openat resumed>) = 3 [pid 6392] close(4 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6391, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6395] write(3, "1000", 4 [pid 6394] <... memfd_create resumed>) = 3 [pid 6393] munmap(0x7f1864095000, 138412032 [pid 6394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6395] <... write resumed>) = 4 [pid 6394] <... mmap resumed>) = 0x7f1864095000 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6395] close(3 [pid 6393] <... munmap resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 6395] <... close resumed>) = 0 [pid 6395] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6395] write(1, "executing program\n", 18 [pid 5867] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6395] <... write resumed>) = 18 [pid 6395] memfd_create("syzkaller", 0 [pid 6393] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6393] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6395] <... memfd_create resumed>) = 3 [pid 6393] ioctl(4, LOOP_SET_FD, 3 [pid 6394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6393] <... ioctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6392] <... close resumed>) = 0 [pid 6395] <... mmap resumed>) = 0x7f1864095000 [pid 5867] newfstatat(3, "", [pid 6392] close(3 [pid 6395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6392] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6393] close(3) = 0 [pid 6393] close(4 [pid 5867] getdents64(3, [pid 6393] <... close resumed>) = 0 [pid 6393] mkdir("./file1", 0777) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6393] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6394] <... write resumed>) = 524288 [pid 6392] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6392] sync( [pid 6394] munmap(0x7f1864095000, 138412032 [pid 6393] <... mount resumed>) = 0 [ 197.494708][ T6393] loop1: detected capacity change from 0 to 1024 [pid 6393] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6395] <... write resumed>) = 524288 [pid 6394] <... munmap resumed>) = 0 [pid 6393] <... openat resumed>) = 3 [pid 6393] chdir("./file1" [pid 6395] munmap(0x7f1864095000, 138412032 [pid 6393] <... chdir resumed>) = 0 [pid 6394] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6393] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6395] <... munmap resumed>) = 0 [pid 6392] <... sync resumed>) = 0 [pid 6395] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6394] <... openat resumed>) = 4 [pid 6393] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6395] <... openat resumed>) = 4 [pid 6394] ioctl(4, LOOP_SET_FD, 3 [pid 6393] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6392] exit_group(0 [pid 6395] ioctl(4, LOOP_SET_FD, 3 [pid 6394] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6392] <... exit_group resumed>) = ? [pid 6395] <... ioctl resumed>) = 0 [pid 6394] ioctl(4, LOOP_CLR_FD [pid 6395] close(3 [pid 6394] <... ioctl resumed>) = 0 [pid 6395] <... close resumed>) = 0 [pid 6395] close(4) = 0 [pid 6392] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6392, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6395] mkdir("./file1", 0777) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6394] ioctl(4, LOOP_SET_FD, 3 [pid 6395] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6394] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6394] close(4 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6393] <... link resumed>) = 0 [pid 6393] sync( [pid 6394] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6395] <... mount resumed>) = 0 [pid 6394] close(3 [pid 5867] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6395] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] newfstatat(AT_FDCWD, "./102/file1", [pid 5866] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6395] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [ 197.583204][ T6395] loop0: detected capacity change from 0 to 1024 [pid 6395] chdir("./file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(3, "", [pid 5867] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6395] <... chdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6394] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./102/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, [pid 6395] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6393] <... sync resumed>) = 0 [pid 6395] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6393] exit_group(0 [pid 5867] <... openat resumed>) = 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6394] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] newfstatat(4, "", [pid 5866] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6394] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6395] <... link resumed>) = 0 [pid 6394] sync( [pid 6393] <... exit_group resumed>) = ? [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6395] sync( [pid 5867] getdents64(4, [pid 5866] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6393] +++ exited with 0 +++ [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] getdents64(4, [pid 5866] unlink("./100/binderfs" [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6393, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./102/file1" [pid 5866] getdents64(3, [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 6394] <... sync resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5867] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./100" [pid 6394] exit_group(0 [pid 6395] <... sync resumed>) = 0 [pid 6394] <... exit_group resumed>) = ? [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5865] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6394] +++ exited with 0 +++ [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6394, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6395] exit_group(0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] unlink("./102/binderfs" [pid 5866] mkdir("./101", 0777 [pid 5865] newfstatat(3, "", [pid 6395] <... exit_group resumed>) = ? [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] getdents64(3, [pid 5868] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... openat resumed>) = 3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 5865] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5867] getdents64(3, [pid 6395] +++ exited with 0 +++ [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5868] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(3 [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 5866] close(3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6395, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5867] rmdir("./102" [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] unlink("./105/binderfs" [pid 5867] mkdir("./103", 0777 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", [pid 5868] getdents64(3, [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5867] close(3 [pid 5868] rmdir("./105" [pid 5867] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6396 attached [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6396 [pid 6396] set_robust_list(0x5555593cd660, 24./strace-static-x86_64: Process 6397 attached ) = 0 [pid 5868] mkdir("./106", 0777 [pid 6397] set_robust_list(0x5555593cd660, 24 [pid 6396] chdir("./101" [pid 5868] <... mkdir resumed>) = 0 [pid 6396] <... chdir resumed>) = 0 [pid 6397] <... set_robust_list resumed>) = 0 [pid 6396] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6397 [pid 6397] chdir("./103") = 0 [pid 6396] <... prctl resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6397] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6396] setpgid(0, 0 [pid 6397] <... prctl resumed>) = 0 [pid 6396] <... setpgid resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6397] setpgid(0, 0) = 0 [pid 6396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6397] <... openat resumed>) = 3 [pid 5868] close(3 [pid 6397] write(3, "1000", 4 [pid 5868] <... close resumed>) = 0 [pid 6397] <... write resumed>) = 4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6397] close(3./strace-static-x86_64: Process 6398 attached [pid 6396] <... openat resumed>) = 3 [pid 6398] set_robust_list(0x5555593cd660, 24 [pid 6397] <... close resumed>) = 0 [pid 6396] write(3, "1000", 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6398 [pid 6398] <... set_robust_list resumed>) = 0 [pid 6397] symlink("/dev/binderfs", "./binderfs" [pid 6396] <... write resumed>) = 4 [pid 6398] chdir("./106" [pid 6397] <... symlink resumed>) = 0 [pid 6396] close(3executing program [pid 6398] <... chdir resumed>) = 0 [pid 6396] <... close resumed>) = 0 [pid 6398] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6396] symlink("/dev/binderfs", "./binderfs" [pid 6398] <... prctl resumed>) = 0 [pid 6397] write(1, "executing program\n", 18) = 18 [pid 6398] setpgid(0, 0 [pid 6397] memfd_create("syzkaller", 0 [pid 6396] <... symlink resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6398] <... setpgid resumed>) = 0 [pid 6397] <... memfd_create resumed>) = 3 [pid 6396] write(1, "executing program\n", 18executing program [pid 5864] <... umount2 resumed>) = 0 [pid 6398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6396] <... write resumed>) = 18 [pid 5865] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6398] <... openat resumed>) = 3 [pid 5864] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6398] write(3, "1000", 4 [pid 6397] <... mmap resumed>) = 0x7f1864095000 [pid 6396] memfd_create("syzkaller", 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6398] <... write resumed>) = 4 [pid 6397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6396] <... memfd_create resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6398] close(3) = 0 [pid 5865] newfstatat(AT_FDCWD, "./101/file1", [pid 5864] newfstatat(AT_FDCWD, "./102/file1", [pid 6398] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6398] <... symlink resumed>) = 0 [pid 6396] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6398] write(1, "executing program\n", 18 [pid 5864] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6398] <... write resumed>) = 18 [pid 5865] openat(AT_FDCWD, "./101/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6398] memfd_create("syzkaller", 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(4, "", [pid 5864] openat(AT_FDCWD, "./102/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6398] <... memfd_create resumed>) = 3 [pid 6398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6398] <... mmap resumed>) = 0x7f1864095000 [pid 5865] getdents64(4, [pid 5864] newfstatat(4, "", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5864] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] close(4) = 0 [pid 5864] getdents64(4, [pid 5865] rmdir("./101/file1" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./102/file1" [pid 5865] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 6396] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./101/binderfs", [pid 5864] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] unlink("./101/binderfs" [pid 5864] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5865] <... unlink resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6397] <... write resumed>) = 524288 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] unlink("./102/binderfs" [pid 6398] <... write resumed>) = 524288 [pid 5865] close(3 [pid 5864] <... unlink resumed>) = 0 [pid 6397] munmap(0x7f1864095000, 138412032) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] getdents64(3, [pid 5865] rmdir("./101" [pid 6396] <... write resumed>) = 524288 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6397] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] close(3 [pid 6397] <... openat resumed>) = 4 [pid 6397] ioctl(4, LOOP_SET_FD, 3 [pid 5865] mkdir("./102", 0777 [pid 5864] <... close resumed>) = 0 [pid 6397] <... ioctl resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] rmdir("./102") = 0 [pid 6397] close(3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6397] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] mkdir("./103", 0777) = 0 [pid 6397] close(4) = 0 [pid 6397] mkdir("./file1", 0777 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 6398] munmap(0x7f1864095000, 138412032 [pid 5865] close(3 [pid 6397] <... mkdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6398] <... munmap resumed>) = 0 [pid 6396] munmap(0x7f1864095000, 138412032 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... openat resumed>) = 3 [pid 6398] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6397] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6396] <... munmap resumed>) = 0 [pid 6398] <... openat resumed>) = 4 [pid 6396] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6399 attached [pid 6396] <... openat resumed>) = 4 [pid 6398] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... ioctl resumed>) = 0 [pid 6399] set_robust_list(0x5555593cd660, 24 [pid 6398] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6399] <... set_robust_list resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6399] chdir("./102" [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6399 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6398] close(3) = 0 [pid 6399] <... chdir resumed>) = 0 [pid 6396] ioctl(4, LOOP_SET_FD, 3 [pid 6398] close(4./strace-static-x86_64: Process 6400 attached [pid 6399] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6398] <... close resumed>) = 0 [pid 6397] <... mount resumed>) = 0 [pid 6399] <... prctl resumed>) = 0 [pid 6399] setpgid(0, 0 [pid 6398] mkdir("./file1", 0777 [pid 6397] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6396] <... ioctl resumed>) = 0 [ 197.926569][ T6397] loop3: detected capacity change from 0 to 1024 [ 197.959366][ T6398] loop4: detected capacity change from 0 to 1024 [pid 6400] set_robust_list(0x5555593cd660, 24 [pid 6399] <... setpgid resumed>) = 0 [pid 6398] <... mkdir resumed>) = 0 [pid 6397] <... openat resumed>) = 3 [pid 6400] <... set_robust_list resumed>) = 0 [pid 6399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6398] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6397] chdir("./file1" [pid 6396] close(3) = 0 [pid 6396] close(4) = 0 [pid 6396] mkdir("./file1", 0777 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6400 [pid 6396] <... mkdir resumed>) = 0 [pid 6400] chdir("./103" [pid 6399] <... openat resumed>) = 3 [pid 6397] <... chdir resumed>) = 0 [pid 6396] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6400] <... chdir resumed>) = 0 [pid 6399] write(3, "1000", 4 [pid 6397] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6400] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6399] <... write resumed>) = 4 [pid 6397] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6398] <... mount resumed>) = 0 [pid 6400] <... prctl resumed>) = 0 [pid 6400] setpgid(0, 0 [pid 6398] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6397] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6400] <... setpgid resumed>) = 0 [pid 6399] close(3 [pid 6398] <... openat resumed>) = 3 [pid 6400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6399] <... close resumed>) = 0 [ 197.979325][ T6396] loop2: detected capacity change from 0 to 1024 [pid 6398] chdir("./file1" [pid 6400] <... openat resumed>) = 3 [pid 6399] symlink("/dev/binderfs", "./binderfs" [pid 6398] <... chdir resumed>) = 0 [pid 6396] <... mount resumed>) = 0 [pid 6399] <... symlink resumed>) = 0 [pid 6398] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6400] write(3, "1000", 4 [pid 6396] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6400] <... write resumed>) = 4 [pid 6398] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6396] <... openat resumed>) = 3 [pid 6400] close(3executing program [pid 6399] write(1, "executing program\n", 18 [pid 6396] chdir("./file1" [pid 6400] <... close resumed>) = 0 [pid 6399] <... write resumed>) = 18 [pid 6396] <... chdir resumed>) = 0 [pid 6400] symlink("/dev/binderfs", "./binderfs" [pid 6399] memfd_create("syzkaller", 0 [pid 6396] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6400] <... symlink resumed>) = 0 [pid 6399] <... memfd_create resumed>) = 3 [pid 6396] <... openat resumed>) = -1 EBUSY (Device or resource busy) executing program [pid 6400] write(1, "executing program\n", 18 [pid 6399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6396] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6400] <... write resumed>) = 18 [pid 6399] <... mmap resumed>) = 0x7f1864095000 [pid 6397] <... link resumed>) = 0 [pid 6397] sync( [pid 6400] memfd_create("syzkaller", 0) = 3 [pid 6400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6400] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6398] <... link resumed>) = 0 [pid 6398] sync( [pid 6399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6396] <... link resumed>) = 0 [pid 6396] sync( [pid 6400] <... write resumed>) = 524288 [pid 6399] <... write resumed>) = 524288 [pid 6399] munmap(0x7f1864095000, 138412032) = 0 [pid 6399] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6397] <... sync resumed>) = 0 [pid 6399] ioctl(4, LOOP_SET_FD, 3 [pid 6398] <... sync resumed>) = 0 [pid 6397] exit_group(0 [pid 6396] <... sync resumed>) = 0 [pid 6397] <... exit_group resumed>) = ? [pid 6400] munmap(0x7f1864095000, 138412032) = 0 [pid 6397] +++ exited with 0 +++ [pid 6396] exit_group(0 [pid 6398] exit_group(0 [pid 6400] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6399] <... ioctl resumed>) = 0 [pid 6398] <... exit_group resumed>) = ? [pid 6396] <... exit_group resumed>) = ? [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6397, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6398] +++ exited with 0 +++ [pid 6400] <... openat resumed>) = 4 [pid 6399] close(3 [pid 6396] +++ exited with 0 +++ [pid 5867] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6396, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6399] <... close resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6398, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6399] close(4 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6400] ioctl(4, LOOP_SET_FD, 3 [pid 6399] <... close resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6399] mkdir("./file1", 0777 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6399] <... mkdir resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] newfstatat(3, "", [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5868] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6400] <... ioctl resumed>) = 0 [pid 6399] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] close(3 [pid 5868] <... openat resumed>) = 3 [pid 6400] <... close resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 6400] close(4) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6400] mkdir("./file1", 0777 [pid 5868] getdents64(3, [pid 6400] <... mkdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6400] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6399] <... mount resumed>) = 0 [pid 6399] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6399] chdir("./file1") = 0 [pid 6399] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6399] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [ 198.169323][ T6399] loop1: detected capacity change from 0 to 1024 [ 198.198704][ T6400] loop0: detected capacity change from 0 to 1024 [pid 5866] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6399] <... link resumed>) = 0 [pid 5867] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./101/file1", [pid 6399] sync( [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6400] <... mount resumed>) = 0 [pid 6400] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] newfstatat(AT_FDCWD, "./103/file1", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6400] <... openat resumed>) = 3 [pid 6400] chdir("./file1") = 0 [pid 5866] umount2("./101/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6400] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./101/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./103/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 5867] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5867] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5867] close(4 [pid 5866] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] rmdir("./101/file1" [pid 5867] rmdir("./103/file1" [pid 5866] <... rmdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./101/binderfs", [pid 6400] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] newfstatat(AT_FDCWD, "./106/file1", [pid 5867] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5866] unlink("./101/binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] unlink("./103/binderfs" [pid 5866] getdents64(3, [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(3, [pid 5866] close(3 [pid 6400] <... link resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./106/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6400] sync( [pid 6399] <... sync resumed>) = 0 [pid 6399] exit_group(0 [pid 5868] <... openat resumed>) = 4 [pid 5868] newfstatat(4, "", [pid 5866] <... close resumed>) = 0 [pid 6399] <... exit_group resumed>) = ? [pid 5866] rmdir("./101" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] close(3 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... close resumed>) = 0 [pid 5866] mkdir("./102", 0777 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] rmdir("./103" [pid 5866] <... mkdir resumed>) = 0 [pid 5868] close(4) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] mkdir("./104", 0777 [pid 5866] <... openat resumed>) = 3 [pid 6399] +++ exited with 0 +++ [pid 5868] rmdir("./106/file1") = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6399, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... ioctl resumed>) = 0 [pid 6400] <... sync resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] close(3 [pid 5868] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] exit_group(0 [pid 5867] <... openat resumed>) = 3 [pid 6400] <... exit_group resumed>) = ? [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] +++ exited with 0 +++ [pid 5868] newfstatat(AT_FDCWD, "./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5868] unlink("./106/binderfs" [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6400, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] close(3) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5868] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6401 attached [pid 5865] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6401 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6401] set_robust_list(0x5555593cd660, 24 [pid 5868] close(3 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6401] <... set_robust_list resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./106" [pid 6401] chdir("./104" [pid 5868] <... rmdir resumed>) = 0 [pid 6401] <... chdir resumed>) = 0 [pid 6401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6401] setpgid(0, 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6402 attached [pid 6401] <... setpgid resumed>) = 0 [pid 5868] mkdir("./107", 0777 [pid 5864] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6402] set_robust_list(0x5555593cd660, 24 [pid 6401] write(3, "1000", 4 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6401] <... write resumed>) = 4 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6402 [pid 6402] <... set_robust_list resumed>) = 0 [pid 6401] close(3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... openat resumed>) = 3 [pid 6402] chdir("./102" [pid 6401] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 6401] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6402] <... chdir resumed>) = 0 [pid 6402] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6401] <... symlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6402] <... prctl resumed>) = 0 executing program [pid 6402] setpgid(0, 0 [pid 6401] write(1, "executing program\n", 18 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6402] <... setpgid resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6401] <... write resumed>) = 18 [pid 6402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6401] memfd_create("syzkaller", 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5864] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6401] <... memfd_create resumed>) = 3 [pid 5868] close(3 [pid 6402] <... openat resumed>) = 3 [pid 6401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6402] write(3, "1000", 4) = 4 [pid 6402] close(3 [pid 5865] <... umount2 resumed>) = 0 [pid 6401] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6402] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./102/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./102/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 6402] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 6402] <... symlink resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./102/file1") = 0 [pid 5865] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6402] write(1, "executing program\n", 18 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program [pid 5865] unlink("./102/binderfs" [pid 6402] <... write resumed>) = 18 [pid 6402] memfd_create("syzkaller", 0 [pid 5865] <... unlink resumed>) = 0 [pid 5865] getdents64(3, ./strace-static-x86_64: Process 6403 attached 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6402] <... memfd_create resumed>) = 3 [pid 5864] <... umount2 resumed>) = 0 [pid 6403] set_robust_list(0x5555593cd660, 24 [pid 5865] <... close resumed>) = 0 [pid 6403] <... set_robust_list resumed>) = 0 [pid 5865] rmdir("./102" [pid 6403] chdir("./107") = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] mkdir("./103", 0777 [pid 6403] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6403 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6402] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6403] <... prctl resumed>) = 0 [pid 6401] <... write resumed>) = 524288 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6403] setpgid(0, 0 [pid 6402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6401] munmap(0x7f1864095000, 138412032 [pid 5864] newfstatat(AT_FDCWD, "./103/file1", [pid 6403] <... setpgid resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... openat resumed>) = 3 [pid 6403] <... openat resumed>) = 3 [pid 6401] <... munmap resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... ioctl resumed>) = 0 [pid 5865] close(3) = 0 [pid 6403] write(3, "1000", 4 [pid 6401] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6403] <... write resumed>) = 4 [pid 6401] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6403] close(3 [pid 6401] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6404 attached [pid 6403] <... close resumed>) = 0 [pid 6401] <... ioctl resumed>) = 0 [pid 6403] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5864] openat(AT_FDCWD, "./103/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6401] close(3 [pid 6404] set_robust_list(0x5555593cd660, 24 [pid 6403] write(1, "executing program\n", 18 [pid 6401] <... close resumed>) = 0 executing program [pid 6404] <... set_robust_list resumed>) = 0 [pid 6403] <... write resumed>) = 18 [pid 6401] close(4 [pid 6404] chdir("./103") = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6404 [pid 5864] <... openat resumed>) = 4 [pid 6404] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] newfstatat(4, "", [pid 6404] <... prctl resumed>) = 0 [pid 6404] setpgid(0, 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6403] memfd_create("syzkaller", 0 [pid 6401] <... close resumed>) = 0 [pid 6404] <... setpgid resumed>) = 0 [pid 6403] <... memfd_create resumed>) = 3 [pid 6404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6402] <... write resumed>) = 524288 [pid 6401] mkdir("./file1", 0777 [pid 5864] getdents64(4, [pid 6404] <... openat resumed>) = 3 [pid 6403] <... mmap resumed>) = 0x7f1864095000 [pid 6401] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6401] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6404] write(3, "1000", 4 [pid 6402] munmap(0x7f1864095000, 138412032 [pid 5864] close(4 [pid 6404] <... write resumed>) = 4 [pid 6404] close(3 [pid 6402] <... munmap resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6404] <... close resumed>) = 0 [pid 6403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] rmdir("./103/file1" [pid 6404] symlink("/dev/binderfs", "./binderfs" [pid 6402] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6404] <... symlink resumed>) = 0 [pid 6402] <... openat resumed>) = 4 [pid 5864] <... rmdir resumed>) = 0 [pid 6402] ioctl(4, LOOP_SET_FD, 3executing program [pid 6404] write(1, "executing program\n", 18 [pid 6403] <... write resumed>) = 524288 [pid 6401] <... mount resumed>) = 0 [ 198.474448][ T6401] loop3: detected capacity change from 0 to 1024 [pid 5864] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6404] <... write resumed>) = 18 [pid 6401] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6404] memfd_create("syzkaller", 0 [pid 6401] <... openat resumed>) = 3 [pid 6401] chdir("./file1" [pid 5864] newfstatat(AT_FDCWD, "./103/binderfs", [pid 6401] <... chdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6404] <... memfd_create resumed>) = 3 [pid 6401] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] unlink("./103/binderfs" [pid 6404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6403] munmap(0x7f1864095000, 138412032 [pid 6402] <... ioctl resumed>) = 0 [pid 6401] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... unlink resumed>) = 0 [pid 6401] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6404] <... mmap resumed>) = 0x7f1864095000 [pid 6403] <... munmap resumed>) = 0 [pid 6402] close(3 [pid 5864] getdents64(3, [pid 6402] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6402] close(4 [pid 5864] close(3 [pid 6403] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6402] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6403] <... openat resumed>) = 4 [pid 6402] mkdir("./file1", 0777 [pid 5864] rmdir("./103" [pid 6402] <... mkdir resumed>) = 0 [pid 6403] ioctl(4, LOOP_SET_FD, 3 [pid 6402] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... rmdir resumed>) = 0 [ 198.531100][ T6402] loop2: detected capacity change from 0 to 1024 [pid 6404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6403] <... ioctl resumed>) = 0 [pid 5864] mkdir("./104", 0777 [pid 6401] <... link resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6403] close(3 [pid 6401] sync( [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6403] <... close resumed>) = 0 [pid 6403] close(4 [pid 5864] <... openat resumed>) = 3 [pid 6403] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6403] mkdir("./file1", 0777 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6403] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6403] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6402] <... mount resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6404] <... write resumed>) = 524288 [pid 6402] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6402] chdir("./file1" [pid 6404] munmap(0x7f1864095000, 138412032 [pid 6402] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6405 attached [pid 6402] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6405] set_robust_list(0x5555593cd660, 24 [pid 6404] <... munmap resumed>) = 0 [pid 6402] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6405] <... set_robust_list resumed>) = 0 [pid 6404] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6405] chdir("./104" [pid 6404] <... openat resumed>) = 4 [ 198.583428][ T6403] loop4: detected capacity change from 0 to 1024 [pid 6402] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6405] <... chdir resumed>) = 0 [pid 6404] ioctl(4, LOOP_SET_FD, 3 [pid 6403] <... mount resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6405 [pid 6405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6404] <... ioctl resumed>) = 0 [pid 6405] setpgid(0, 0 [pid 6403] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6404] close(3 [pid 6405] <... setpgid resumed>) = 0 [pid 6401] <... sync resumed>) = 0 [pid 6403] <... openat resumed>) = 3 [pid 6405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6404] <... close resumed>) = 0 [pid 6403] chdir("./file1" [pid 6401] exit_group(0 [pid 6404] close(4 [pid 6403] <... chdir resumed>) = 0 [pid 6404] <... close resumed>) = 0 [pid 6403] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6404] mkdir("./file1", 0777 [pid 6403] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6405] <... openat resumed>) = 3 [pid 6404] <... mkdir resumed>) = 0 [pid 6401] <... exit_group resumed>) = ? [pid 6405] write(3, "1000", 4 [pid 6404] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6401] +++ exited with 0 +++ [pid 6405] <... write resumed>) = 4 [pid 6403] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6405] close(3 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6401, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6405] <... close resumed>) = 0 [pid 5867] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6405] <... symlink resumed>) = 0 [pid 6404] <... mount resumed>) = 0 [pid 6402] <... link resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6404] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... openat resumed>) = 3 [ 198.656622][ T6404] loop1: detected capacity change from 0 to 1024 [pid 6405] write(1, "executing program\n", 18 [pid 6404] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", executing program [pid 6405] <... write resumed>) = 18 [pid 6404] chdir("./file1" [pid 6403] <... link resumed>) = 0 [pid 6402] sync( [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6405] memfd_create("syzkaller", 0 [pid 6404] <... chdir resumed>) = 0 [pid 6403] sync( [pid 6405] <... memfd_create resumed>) = 3 [pid 6404] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] getdents64(3, [pid 6405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6404] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] <... mmap resumed>) = 0x7f1864095000 [pid 6404] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6404] <... link resumed>) = 0 [pid 6403] <... sync resumed>) = 0 [pid 6402] <... sync resumed>) = 0 [pid 6404] sync( [pid 6403] exit_group(0 [pid 6402] exit_group(0 [pid 6403] <... exit_group resumed>) = ? [pid 6402] <... exit_group resumed>) = ? [pid 6405] <... write resumed>) = 524288 [pid 6403] +++ exited with 0 +++ [pid 6402] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6403, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] <... umount2 resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6402, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6405] munmap(0x7f1864095000, 138412032 [pid 5868] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] <... munmap resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./104/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6405] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 6405] <... openat resumed>) = 4 [pid 6404] <... sync resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(3, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] openat(AT_FDCWD, "./104/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6405] ioctl(4, LOOP_SET_FD, 3 [pid 6404] exit_group(0 [pid 5868] getdents64(3, [pid 5867] <... openat resumed>) = 4 [pid 5866] getdents64(3, [pid 6404] <... exit_group resumed>) = ? [pid 6405] <... ioctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6405] close(3 [pid 6404] +++ exited with 0 +++ [pid 5867] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6405] <... close resumed>) = 0 [pid 5866] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] close(4 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6404, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6405] <... close resumed>) = 0 [pid 5867] getdents64(4, [pid 6405] mkdir("./file1", 0777 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6405] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 6405] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... restart_syscall resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./104/file1" [pid 5865] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6405] <... mount resumed>) = 0 [pid 6405] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6405] chdir("./file1") = 0 [pid 6405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6405] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(3, "", [pid 5867] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(3, [pid 5868] <... umount2 resumed>) = 0 [pid 5867] unlink("./104/binderfs" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... unlink resumed>) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5868] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] rmdir("./104" [pid 5866] <... umount2 resumed>) = 0 [ 198.831342][ T6405] loop0: detected capacity change from 0 to 1024 [pid 5868] newfstatat(AT_FDCWD, "./107/file1", [pid 5867] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] mkdir("./105", 0777 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6405] <... link resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./107/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... mkdir resumed>) = 0 [pid 5866] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] sync( [pid 5868] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] newfstatat(AT_FDCWD, "./102/file1", [pid 5868] getdents64(4, [pid 5867] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] umount2("./102/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./102/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 5867] <... ioctl resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... close resumed>) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5868] rmdir("./107/file1" [pid 5866] rmdir("./102/file1" [pid 5868] <... rmdir resumed>) = 0 [pid 5868] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./102/binderfs") = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5868] newfstatat(AT_FDCWD, "./107/binderfs", ./strace-static-x86_64: Process 6406 attached {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6406 [pid 5866] <... close resumed>) = 0 [pid 5868] unlink("./107/binderfs" [pid 6405] <... sync resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6406] set_robust_list(0x5555593cd660, 24 [pid 6405] exit_group(0 [pid 5868] close(3 [pid 5866] rmdir("./102" [pid 6406] <... set_robust_list resumed>) = 0 [pid 6405] <... exit_group resumed>) = ? [pid 5868] <... close resumed>) = 0 [pid 6406] chdir("./105" [pid 5868] rmdir("./107" [pid 6406] <... chdir resumed>) = 0 [pid 6406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6406] setpgid(0, 0) = 0 [pid 6406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6405] +++ exited with 0 +++ [pid 5868] mkdir("./108", 0777 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6405, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... rmdir resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 6406] write(3, "1000", 4 [pid 5866] mkdir("./103", 0777 [pid 5864] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6406] <... write resumed>) = 4 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6406] close(3 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6406] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 6406] symlink("/dev/binderfs", "./binderfs" [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] newfstatat(3, "", [pid 6406] <... symlink resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 executing program [pid 5865] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6406] write(1, "executing program\n", 18 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6406] <... write resumed>) = 18 [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(3, [pid 6406] memfd_create("syzkaller", 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... close resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./103/file1", [pid 6406] <... memfd_create resumed>) = 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6407 attached [pid 6406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... openat resumed>) = 3 [pid 6406] <... mmap resumed>) = 0x7f1864095000 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6407] set_robust_list(0x5555593cd660, 24 [pid 6406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... ioctl resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] close(3 [pid 6407] <... set_robust_list resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./103/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6407] chdir("./103" [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6407 ./strace-static-x86_64: Process 6408 attached [pid 6407] <... chdir resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6408 [pid 6408] set_robust_list(0x5555593cd660, 24) = 0 [pid 6407] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] newfstatat(4, "", [pid 6408] chdir("./108" [pid 6407] <... prctl resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6408] <... chdir resumed>) = 0 [pid 6407] setpgid(0, 0 [pid 5865] getdents64(4, [pid 6407] <... setpgid resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] getdents64(4, [pid 6407] <... openat resumed>) = 3 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6407] write(3, "1000", 4 [pid 5865] close(4 [pid 6407] <... write resumed>) = 4 [pid 5865] <... close resumed>) = 0 [pid 6408] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6407] close(3 [pid 5865] rmdir("./103/file1" [pid 6408] <... prctl resumed>) = 0 [pid 6408] setpgid(0, 0 [pid 6407] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6407] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5865] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6406] <... write resumed>) = 524288 executing program [pid 6408] <... setpgid resumed>) = 0 [pid 6407] write(1, "executing program\n", 18 [pid 6406] munmap(0x7f1864095000, 138412032 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = 0 [pid 6408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6407] <... write resumed>) = 18 [pid 6408] <... openat resumed>) = 3 [pid 6407] memfd_create("syzkaller", 0 [pid 6406] <... munmap resumed>) = 0 [pid 5864] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6408] write(3, "1000", 4 [pid 6407] <... memfd_create resumed>) = 3 [pid 6406] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] newfstatat(AT_FDCWD, "./103/binderfs", [pid 6408] <... write resumed>) = 4 [pid 6408] close(3 [pid 6407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6406] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6408] <... close resumed>) = 0 [pid 6406] ioctl(4, LOOP_SET_FD, 3 [pid 6408] symlink("/dev/binderfs", "./binderfs" [pid 6407] <... mmap resumed>) = 0x7f1864095000 [pid 5865] unlink("./103/binderfs" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6408] <... symlink resumed>) = 0 executing program [pid 6408] write(1, "executing program\n", 18 [pid 6406] <... ioctl resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./104/file1", [pid 6408] <... write resumed>) = 18 [pid 5865] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6408] memfd_create("syzkaller", 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./104/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] rmdir("./103" [pid 5864] <... openat resumed>) = 4 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6408] <... memfd_create resumed>) = 3 [pid 5864] getdents64(4, [pid 6408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6406] close(3 [pid 5865] mkdir("./104", 0777 [pid 6406] <... close resumed>) = 0 [pid 6408] <... mmap resumed>) = 0x7f1864095000 [pid 6406] close(4 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6406] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] close(4 [pid 6408] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6406] mkdir("./file1", 0777 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 6406] <... mkdir resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] rmdir("./104/file1" [pid 6406] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] close(3 [pid 6408] <... write resumed>) = 524288 [pid 6407] <... write resumed>) = 524288 [pid 5864] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 199.106635][ T6406] loop3: detected capacity change from 0 to 1024 [pid 6408] munmap(0x7f1864095000, 138412032 [pid 6407] munmap(0x7f1864095000, 138412032 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(AT_FDCWD, "./104/binderfs", [pid 6408] <... munmap resumed>) = 0 [pid 6407] <... munmap resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6409 attached [pid 6408] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6407] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6408] <... openat resumed>) = 4 [pid 6407] <... openat resumed>) = 4 [pid 6406] <... mount resumed>) = 0 [pid 5864] unlink("./104/binderfs" [pid 6408] ioctl(4, LOOP_SET_FD, 3 [pid 6407] ioctl(4, LOOP_SET_FD, 3 [pid 6406] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... unlink resumed>) = 0 [pid 6409] set_robust_list(0x5555593cd660, 24 [pid 6406] <... openat resumed>) = 3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6409 [pid 6409] <... set_robust_list resumed>) = 0 [pid 6409] chdir("./104" [pid 5864] getdents64(3, [pid 6409] <... chdir resumed>) = 0 [pid 6409] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6409] <... prctl resumed>) = 0 [pid 6407] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6409] setpgid(0, 0 [pid 6408] <... ioctl resumed>) = 0 [pid 6407] close(3 [pid 6406] chdir("./file1" [pid 5864] <... close resumed>) = 0 [pid 6409] <... setpgid resumed>) = 0 [pid 6408] close(3 [pid 6407] <... close resumed>) = 0 [pid 6406] <... chdir resumed>) = 0 [pid 5864] rmdir("./104" [pid 6407] close(4 [pid 6408] <... close resumed>) = 0 [pid 6406] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6408] close(4 [pid 6407] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6408] <... close resumed>) = 0 [pid 6407] mkdir("./file1", 0777 [pid 6408] mkdir("./file1", 0777 [pid 5864] mkdir("./105", 0777 [pid 6407] <... mkdir resumed>) = 0 [pid 6408] <... mkdir resumed>) = 0 [pid 6407] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... mkdir resumed>) = 0 [pid 6408] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6409] <... openat resumed>) = 3 [pid 6406] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... openat resumed>) = 3 [pid 6409] write(3, "1000", 4 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6409] <... write resumed>) = 4 [pid 6406] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... ioctl resumed>) = 0 [pid 6409] close(3 [pid 5864] close(3 [pid 6409] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [ 199.183463][ T6407] loop2: detected capacity change from 0 to 1024 [ 199.184362][ T6408] loop4: detected capacity change from 0 to 1024 [pid 6409] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6407] <... mount resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6406] <... link resumed>) = 0 [pid 6408] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6410 attached [pid 6409] write(1, "executing program\n", 18 [pid 6408] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6407] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6406] sync(executing program [pid 6409] <... write resumed>) = 18 [pid 6408] <... openat resumed>) = 3 [pid 6407] <... openat resumed>) = 3 [pid 6410] set_robust_list(0x5555593cd660, 24 [pid 6409] memfd_create("syzkaller", 0 [pid 6408] chdir("./file1" [pid 6407] chdir("./file1" [pid 6410] <... set_robust_list resumed>) = 0 [pid 6409] <... memfd_create resumed>) = 3 [pid 6408] <... chdir resumed>) = 0 [pid 6407] <... chdir resumed>) = 0 [pid 6408] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6407] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6408] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6407] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6410 [pid 6410] chdir("./105" [pid 6409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6410] <... chdir resumed>) = 0 [pid 6408] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6407] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6410] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6409] <... mmap resumed>) = 0x7f1864095000 [pid 6410] <... prctl resumed>) = 0 [pid 6410] setpgid(0, 0 [pid 6406] <... sync resumed>) = 0 [pid 6410] <... setpgid resumed>) = 0 [pid 6410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6409] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6406] exit_group(0) = ? [pid 6410] write(3, "1000", 4 [pid 6408] <... link resumed>) = 0 [pid 6407] <... link resumed>) = 0 [pid 6406] +++ exited with 0 +++ [pid 6410] <... write resumed>) = 4 [pid 6408] sync( [pid 6407] sync( [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6406, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6410] close(3 [pid 5867] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6410] <... close resumed>) = 0 [pid 6410] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6410] <... symlink resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6410] write(1, "executing program\n", 18executing program [pid 5867] <... openat resumed>) = 3 [pid 6410] <... write resumed>) = 18 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6410] memfd_create("syzkaller", 0 [pid 6409] <... write resumed>) = 524288 [pid 5867] getdents64(3, [pid 6410] <... memfd_create resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6409] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6409] <... munmap resumed>) = 0 [pid 6409] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6410] <... mmap resumed>) = 0x7f1864095000 [pid 6409] <... openat resumed>) = 4 [pid 6409] ioctl(4, LOOP_SET_FD, 3 [pid 6410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6409] <... ioctl resumed>) = 0 [pid 6409] close(3) = 0 [pid 6409] close(4) = 0 [pid 6409] mkdir("./file1", 0777) = 0 [pid 6410] <... write resumed>) = 524288 [pid 6409] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6408] <... sync resumed>) = 0 [pid 6407] <... sync resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6408] exit_group(0 [pid 6407] exit_group(0 [pid 6408] <... exit_group resumed>) = ? [pid 6407] <... exit_group resumed>) = ? [pid 6410] munmap(0x7f1864095000, 138412032 [pid 6409] <... mount resumed>) = 0 [pid 6408] +++ exited with 0 +++ [pid 6407] +++ exited with 0 +++ [ 199.373087][ T6409] loop1: detected capacity change from 0 to 1024 [pid 5867] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6410] <... munmap resumed>) = 0 [pid 6409] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6408, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6410] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6409] <... openat resumed>) = 3 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6407, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6410] <... openat resumed>) = 4 [pid 6409] chdir("./file1" [pid 5867] newfstatat(AT_FDCWD, "./105/file1", [pid 6410] ioctl(4, LOOP_SET_FD, 3 [pid 5868] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6409] <... chdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6409] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6409] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./105/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6409] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 4 [pid 5868] newfstatat(3, "", [pid 5867] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6410] <... ioctl resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] getdents64(4, [pid 6410] close(3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6410] <... close resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6410] close(4 [pid 6409] <... link resumed>) = 0 [pid 5867] close(4 [pid 5866] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6410] <... close resumed>) = 0 [pid 6409] sync( [pid 6410] mkdir("./file1", 0777 [pid 5866] <... openat resumed>) = 3 [pid 6410] <... mkdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6410] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] rmdir("./105/file1" [pid 5866] newfstatat(3, "", [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [ 199.456102][ T6410] loop0: detected capacity change from 0 to 1024 [pid 6410] <... mount resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./105/binderfs", [pid 6410] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./105/binderfs") = 0 [pid 5866] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6409] <... sync resumed>) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./105" [pid 6409] exit_group(0 [pid 5868] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... rmdir resumed>) = 0 [pid 6410] chdir("./file1" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./108/file1", [pid 5867] mkdir("./106", 0777 [pid 6409] <... exit_group resumed>) = ? [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5868] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./108/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6410] <... chdir resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 6410] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] newfstatat(4, "", [pid 6410] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6410] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4) = 0 [pid 5868] rmdir("./108/file1" [pid 6409] +++ exited with 0 +++ [pid 5868] <... rmdir resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6409, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5868] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5866] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6410] <... link resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5867] <... ioctl resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./103/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6410] sync( [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] close(3 [pid 5865] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] unlink("./108/binderfs" [pid 5866] umount2("./103/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./103/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(3, "", [pid 6410] <... sync resumed>) = 0 [pid 5868] getdents64(3, [pid 5866] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] newfstatat(4, "", [pid 5865] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6410] exit_group(0 [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 6410] <... exit_group resumed>) = ? [pid 5868] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] rmdir("./108" [pid 5866] getdents64(4, [pid 6410] +++ exited with 0 +++ [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6410, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5868] mkdir("./109", 0777 [pid 5866] rmdir("./103/file1" [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5866] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] unlink("./103/binderfs" [pid 5864] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6411 attached [pid 6411] set_robust_list(0x5555593cd660, 24 [pid 5868] <... ioctl resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 6411] <... set_robust_list resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6411 [pid 5866] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6411] chdir("./106" [pid 5868] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, [pid 6411] <... chdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] close(3 [pid 6411] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6411] <... prctl resumed>) = 0 [pid 5864] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 ./strace-static-x86_64: Process 6412 attached [pid 6411] setpgid(0, 0 [pid 5866] rmdir("./103" [pid 5865] <... umount2 resumed>) = 0 [pid 6412] set_robust_list(0x5555593cd660, 24 [pid 6411] <... setpgid resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6412] <... set_robust_list resumed>) = 0 [pid 6412] chdir("./109" [pid 6411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6412 [pid 5866] mkdir("./104", 0777 [pid 5865] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6412] <... chdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6412] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] newfstatat(AT_FDCWD, "./104/file1", [pid 6412] <... prctl resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6412] setpgid(0, 0 [pid 5865] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6412] <... setpgid resumed>) = 0 [pid 6411] <... openat resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] openat(AT_FDCWD, "./104/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5866] close(3 [pid 6412] <... openat resumed>) = 3 [pid 5865] newfstatat(4, "", [pid 6412] write(3, "1000", 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6412] <... write resumed>) = 4 [pid 5865] getdents64(4, [pid 6412] close(3 [pid 6411] write(3, "1000", 4 [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... umount2 resumed>) = 0 [pid 6411] <... write resumed>) = 4 [pid 6412] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 6412] symlink("/dev/binderfs", "./binderfs" [pid 6411] close(3 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6412] <... symlink resumed>) = 0 [pid 5864] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6411] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] close(4 [pid 6411] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6412] write(1, "executing program\n", 18executing program executing program [pid 5865] <... close resumed>) = 0 ./strace-static-x86_64: Process 6413 attached [pid 6411] <... symlink resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./105/file1", [pid 6411] write(1, "executing program\n", 18 [pid 6413] set_robust_list(0x5555593cd660, 24 [pid 6412] <... write resumed>) = 18 [pid 6411] <... write resumed>) = 18 [pid 5865] rmdir("./104/file1" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6413] <... set_robust_list resumed>) = 0 [pid 6412] memfd_create("syzkaller", 0 [pid 6411] memfd_create("syzkaller", 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6413 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6413] chdir("./104" [pid 6411] <... memfd_create resumed>) = 3 [pid 6413] <... chdir resumed>) = 0 [pid 6412] <... memfd_create resumed>) = 3 [pid 6411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6413] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6412] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6411] <... mmap resumed>) = 0x7f1864095000 [pid 5864] openat(AT_FDCWD, "./105/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6412] <... mmap resumed>) = 0x7f1864095000 [pid 6413] <... prctl resumed>) = 0 [pid 6412] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", [pid 6413] setpgid(0, 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6413] <... setpgid resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./104/binderfs", [pid 6413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6413] <... openat resumed>) = 3 [pid 5865] unlink("./104/binderfs" [pid 6413] write(3, "1000", 4 [pid 5865] <... unlink resumed>) = 0 [pid 6413] <... write resumed>) = 4 [pid 5865] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6413] close(3 [pid 6412] <... write resumed>) = 524288 [pid 6411] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6413] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 6413] symlink("/dev/binderfs", "./binderfs" [pid 5865] close(3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6413] <... symlink resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] close(4 [pid 5865] rmdir("./104" [pid 6413] write(1, "executing program\n", 18executing program [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6413] <... write resumed>) = 18 [pid 5865] mkdir("./105", 0777 [pid 5864] rmdir("./105/file1" [pid 6413] memfd_create("syzkaller", 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6413] <... memfd_create resumed>) = 3 [pid 5864] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./105/binderfs", [pid 6413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6413] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] unlink("./105/binderfs" [pid 6412] munmap(0x7f1864095000, 138412032 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6412] <... munmap resumed>) = 0 [pid 6411] <... write resumed>) = 524288 [pid 5865] close(3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] close(3) = 0 [pid 6411] munmap(0x7f1864095000, 138412032 [pid 6412] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5864] rmdir("./105" [pid 6413] <... write resumed>) = 524288 [pid 6412] ioctl(4, LOOP_SET_FD, 3 [pid 6411] <... munmap resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5864] mkdir("./106", 0777 [pid 6412] <... ioctl resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6414 attached [pid 6412] close(3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6414 [pid 6412] <... close resumed>) = 0 [pid 6411] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6414] set_robust_list(0x5555593cd660, 24 [pid 6412] close(4 [pid 6411] <... openat resumed>) = 4 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6414] <... set_robust_list resumed>) = 0 [pid 6412] <... close resumed>) = 0 [pid 6414] chdir("./105" [pid 6412] mkdir("./file1", 0777 [pid 6414] <... chdir resumed>) = 0 [pid 6412] <... mkdir resumed>) = 0 [pid 6414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6414] setpgid(0, 0) = 0 [pid 6412] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... openat resumed>) = 3 [pid 6414] <... openat resumed>) = 3 [pid 6411] ioctl(4, LOOP_SET_FD, 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6414] write(3, "1000", 4 [pid 5864] <... ioctl resumed>) = 0 [pid 6413] munmap(0x7f1864095000, 138412032 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6415 attached [pid 6414] <... write resumed>) = 4 [pid 6415] set_robust_list(0x5555593cd660, 24 [pid 6414] close(3 [pid 6413] <... munmap resumed>) = 0 [pid 6411] <... ioctl resumed>) = 0 [pid 6414] <... close resumed>) = 0 [pid 6411] close(3 [pid 6415] <... set_robust_list resumed>) = 0 [pid 6414] symlink("/dev/binderfs", "./binderfs" [pid 6413] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6411] <... close resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6415 [pid 6411] close(4 [pid 6415] chdir("./106" [pid 6414] <... symlink resumed>) = 0 [pid 6413] <... openat resumed>) = 4 [pid 6411] <... close resumed>) = 0 [pid 6415] <... chdir resumed>) = 0 [pid 6414] write(1, "executing program\n", 18executing program [pid 6415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6414] <... write resumed>) = 18 [pid 6415] setpgid(0, 0 [pid 6414] memfd_create("syzkaller", 0 [pid 6415] <... setpgid resumed>) = 0 [pid 6414] <... memfd_create resumed>) = 3 [pid 6413] ioctl(4, LOOP_SET_FD, 3 [pid 6411] mkdir("./file1", 0777 [pid 6415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6411] <... mkdir resumed>) = 0 [pid 6415] <... openat resumed>) = 3 [pid 6414] <... mmap resumed>) = 0x7f1864095000 [ 199.823722][ T6412] loop4: detected capacity change from 0 to 1024 [ 199.856697][ T6411] loop3: detected capacity change from 0 to 1024 [pid 6413] <... ioctl resumed>) = 0 [pid 6412] <... mount resumed>) = 0 [pid 6411] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6415] write(3, "1000", 4 [pid 6414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6412] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6415] <... write resumed>) = 4 [pid 6415] close(3 [pid 6412] <... openat resumed>) = 3 [pid 6415] <... close resumed>) = 0 [pid 6415] symlink("/dev/binderfs", "./binderfs" [pid 6413] close(3 [pid 6412] chdir("./file1" [pid 6413] <... close resumed>) = 0 [pid 6415] <... symlink resumed>) = 0 [pid 6413] close(4 [pid 6412] <... chdir resumed>) = 0 [pid 6415] write(1, "executing program\n", 18executing program ) = 18 [pid 6413] <... close resumed>) = 0 [pid 6412] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6413] mkdir("./file1", 0777 [pid 6415] memfd_create("syzkaller", 0 [pid 6413] <... mkdir resumed>) = 0 [pid 6412] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6413] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6412] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6415] <... memfd_create resumed>) = 3 [pid 6415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6411] <... mount resumed>) = 0 [pid 6415] <... mmap resumed>) = 0x7f1864095000 [pid 6411] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6414] <... write resumed>) = 524288 [pid 6413] <... mount resumed>) = 0 [pid 6413] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6414] munmap(0x7f1864095000, 138412032 [pid 6411] <... openat resumed>) = 3 [pid 6413] chdir("./file1" [pid 6411] chdir("./file1" [pid 6413] <... chdir resumed>) = 0 [pid 6415] <... write resumed>) = 524288 [pid 6414] <... munmap resumed>) = 0 [pid 6413] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6411] <... chdir resumed>) = 0 [ 199.883063][ T6413] loop2: detected capacity change from 0 to 1024 [pid 6411] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6414] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6413] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6411] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6415] munmap(0x7f1864095000, 138412032) = 0 [pid 6415] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6415] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6415] close(3) = 0 [pid 6415] close(4) = 0 [pid 6414] <... openat resumed>) = 4 [pid 6413] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6414] ioctl(4, LOOP_SET_FD, 3 [pid 6415] mkdir("./file1", 0777 [pid 6414] <... ioctl resumed>) = 0 [pid 6414] close(3) = 0 [pid 6412] <... link resumed>) = 0 [pid 6414] close(4 [pid 6415] <... mkdir resumed>) = 0 [pid 6415] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6414] <... close resumed>) = 0 [pid 6414] mkdir("./file1", 0777) = 0 [pid 6412] sync( [pid 6414] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6411] <... link resumed>) = 0 [pid 6411] sync( [pid 6413] <... link resumed>) = 0 [pid 6413] sync( [pid 6415] <... mount resumed>) = 0 [ 199.964628][ T6415] loop0: detected capacity change from 0 to 1024 [ 199.977828][ T6414] loop1: detected capacity change from 0 to 1024 [pid 6415] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6415] chdir("./file1") = 0 [pid 6415] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6414] <... mount resumed>) = 0 [pid 6415] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6414] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6415] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6414] <... openat resumed>) = 3 [pid 6414] chdir("./file1") = 0 [pid 6414] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6414] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6415] <... link resumed>) = 0 [pid 6415] sync( [pid 6414] <... link resumed>) = 0 [pid 6414] sync( [pid 6413] <... sync resumed>) = 0 [pid 6412] <... sync resumed>) = 0 [pid 6413] exit_group(0 [pid 6412] exit_group(0 [pid 6411] <... sync resumed>) = 0 [pid 6415] <... sync resumed>) = 0 [pid 6413] <... exit_group resumed>) = ? [pid 6412] <... exit_group resumed>) = ? [pid 6411] exit_group(0) = ? [pid 6415] exit_group(0 [pid 6413] +++ exited with 0 +++ [pid 6411] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6411, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6415] <... exit_group resumed>) = ? [pid 6412] +++ exited with 0 +++ [pid 6414] <... sync resumed>) = 0 [pid 6414] exit_group(0 [pid 6415] +++ exited with 0 +++ [pid 6414] <... exit_group resumed>) = ? [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6412, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6413, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6415, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6414] +++ exited with 0 +++ [pid 5867] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] getdents64(3, [pid 5866] newfstatat(3, "", [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6414, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5865] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 5868] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", [pid 5864] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5868] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] getdents64(3, [pid 5864] newfstatat(3, "", [pid 5868] newfstatat(3, "", [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(3, [pid 5868] getdents64(3, [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... umount2 resumed>) = 0 [pid 5864] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./106/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./106/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./106/file1") = 0 [pid 5867] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./106/binderfs") = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] newfstatat(AT_FDCWD, "./104/file1", [pid 5867] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] umount2("./104/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] rmdir("./106" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... rmdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./104/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] mkdir("./107", 0777) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] rmdir("./104/file1" [pid 5865] <... umount2 resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] close(3) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6416 attached [pid 5868] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6416] set_robust_list(0x5555593cd660, 24 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6416 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6416] <... set_robust_list resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./109/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6416] chdir("./107") = 0 [pid 5864] newfstatat(AT_FDCWD, "./106/file1", [pid 6416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5865] newfstatat(AT_FDCWD, "./105/file1", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6416] setpgid(0, 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6416] <... setpgid resumed>) = 0 [pid 5868] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] unlink("./104/binderfs" [pid 5865] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6416] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... unlink resumed>) = 0 [pid 6416] write(3, "1000", 4 [pid 5868] openat(AT_FDCWD, "./109/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./106/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... openat resumed>) = 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] openat(AT_FDCWD, "./105/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 5866] close(3 [pid 5865] <... openat resumed>) = 4 [pid 5866] <... close resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 5868] newfstatat(4, "", [pid 5866] rmdir("./104" [pid 5865] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6416] <... write resumed>) = 4 [pid 5868] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] mkdir("./105", 0777 [pid 5865] getdents64(4, [pid 5868] getdents64(4, [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6416] close(3) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 6416] symlink("/dev/binderfs", "./binderfs" [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 5868] rmdir("./109/file1" [pid 5866] <... openat resumed>) = 3 [pid 5865] close(4 [pid 5864] <... close resumed>) = 0 [pid 6416] <... symlink resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FDexecuting program [pid 6416] write(1, "executing program\n", 18 [pid 5865] <... close resumed>) = 0 [pid 5864] rmdir("./106/file1" [pid 6416] <... write resumed>) = 18 [pid 5868] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 5865] rmdir("./105/file1" [pid 5864] <... rmdir resumed>) = 0 [pid 6416] memfd_create("syzkaller", 0 [pid 5866] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 6416] <... memfd_create resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 6416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6416] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6417 attached [pid 6416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] unlink("./109/binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5868] <... unlink resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6417 [pid 5864] unlink("./106/binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, [pid 5864] <... unlink resumed>) = 0 [pid 6417] set_robust_list(0x5555593cd660, 24 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] unlink("./105/binderfs" [pid 6417] <... set_robust_list resumed>) = 0 [pid 5868] close(3 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6417] chdir("./105" [pid 5865] <... unlink resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6417] <... chdir resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] close(3 [pid 5868] rmdir("./109" [pid 5864] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] rmdir("./106" [pid 6417] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] close(3 [pid 6417] <... prctl resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6417] setpgid(0, 0 [pid 6416] <... write resumed>) = 524288 [pid 5865] <... close resumed>) = 0 [pid 6417] <... setpgid resumed>) = 0 [pid 6417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] mkdir("./110", 0777 [pid 5865] rmdir("./105" [pid 5864] mkdir("./107", 0777) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6417] <... openat resumed>) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3) = 0 [pid 6417] write(3, "1000", 4 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] mkdir("./106", 0777 [pid 6417] <... write resumed>) = 4 [pid 6416] munmap(0x7f1864095000, 138412032 [pid 5865] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6418 attached [pid 6417] close(3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6416] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6419 attached [pid 6417] <... close resumed>) = 0 [pid 6416] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6418 [pid 6419] set_robust_list(0x5555593cd660, 24 [pid 6418] set_robust_list(0x5555593cd660, 24 [pid 6417] symlink("/dev/binderfs", "./binderfs" [pid 6416] <... openat resumed>) = 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6419 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6419] <... set_robust_list resumed>) = 0 [pid 6418] <... set_robust_list resumed>) = 0 [pid 6417] <... symlink resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6419] chdir("./110" [pid 6418] chdir("./107"executing program [pid 6417] write(1, "executing program\n", 18 [pid 6416] ioctl(4, LOOP_SET_FD, 3 [pid 5865] close(3 [pid 6417] <... write resumed>) = 18 [pid 6416] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6418] <... chdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6418] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6417] memfd_create("syzkaller", 0 [pid 6416] ioctl(4, LOOP_CLR_FD [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6419] <... chdir resumed>) = 0 [pid 6418] <... prctl resumed>) = 0 [pid 6417] <... memfd_create resumed>) = 3 [pid 6418] setpgid(0, 0 [pid 6416] <... ioctl resumed>) = 0 [pid 6418] <... setpgid resumed>) = 0 [pid 6419] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6419] <... prctl resumed>) = 0 [pid 6417] <... mmap resumed>) = 0x7f1864095000 [pid 6419] setpgid(0, 0) = 0 [pid 6419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6418] <... openat resumed>) = 3 [pid 6418] write(3, "1000", 4./strace-static-x86_64: Process 6420 attached [pid 6419] write(3, "1000", 4 [pid 6418] <... write resumed>) = 4 [pid 6419] <... write resumed>) = 4 [pid 6416] ioctl(4, LOOP_SET_FD, 3 [pid 6420] set_robust_list(0x5555593cd660, 24 [pid 6419] close(3 [pid 6416] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6420] <... set_robust_list resumed>) = 0 [pid 6419] <... close resumed>) = 0 [pid 6418] close(3 [pid 6416] close(4 [pid 6420] chdir("./106" [pid 6419] symlink("/dev/binderfs", "./binderfs" [pid 6418] <... close resumed>) = 0 [pid 6417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6416] <... close resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6420 [pid 6420] <... chdir resumed>) = 0 [pid 6419] <... symlink resumed>) = 0 [pid 6416] close(3 [pid 6418] symlink("/dev/binderfs", "./binderfs") = 0 executing program executing program [pid 6420] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6419] write(1, "executing program\n", 18 [pid 6416] <... close resumed>) = 0 [pid 6420] <... prctl resumed>) = 0 [pid 6419] <... write resumed>) = 18 [pid 6418] write(1, "executing program\n", 18) = 18 [pid 6417] <... write resumed>) = 524288 [pid 6419] memfd_create("syzkaller", 0 [pid 6418] memfd_create("syzkaller", 0 [pid 6420] setpgid(0, 0 [pid 6418] <... memfd_create resumed>) = 3 [pid 6420] <... setpgid resumed>) = 0 [pid 6419] <... memfd_create resumed>) = 3 [pid 6418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6418] <... mmap resumed>) = 0x7f1864095000 [pid 6416] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6419] <... mmap resumed>) = 0x7f1864095000 [pid 6417] munmap(0x7f1864095000, 138412032 [pid 6416] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6417] <... munmap resumed>) = 0 [pid 6416] sync( [pid 6420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6420] write(3, "1000", 4 [pid 6418] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6420] <... write resumed>) = 4 [pid 6420] close(3 [pid 6417] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 6420] <... close resumed>) = 0 [pid 6419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6417] <... openat resumed>) = 4 [pid 6420] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6417] ioctl(4, LOOP_SET_FD, 3 [pid 6420] write(1, "executing program\n", 18) = 18 [pid 6420] memfd_create("syzkaller", 0 [pid 6416] <... sync resumed>) = 0 [pid 6420] <... memfd_create resumed>) = 3 [pid 6419] <... write resumed>) = 524288 [pid 6416] exit_group(0 [pid 6420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6418] <... write resumed>) = 524288 [pid 6418] munmap(0x7f1864095000, 138412032 [pid 6420] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6418] <... munmap resumed>) = 0 [pid 6417] <... ioctl resumed>) = 0 [pid 6416] <... exit_group resumed>) = ? [pid 6417] close(3) = 0 [pid 6416] +++ exited with 0 +++ [pid 6418] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6417] close(4 [pid 6418] <... openat resumed>) = 4 [pid 6417] <... close resumed>) = 0 [pid 6419] munmap(0x7f1864095000, 138412032 [pid 6418] ioctl(4, LOOP_SET_FD, 3 [pid 6417] mkdir("./file1", 0777 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6416, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6417] <... mkdir resumed>) = 0 [pid 5867] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... munmap resumed>) = 0 [pid 6417] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6419] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... openat resumed>) = 3 [pid 6420] <... write resumed>) = 524288 [pid 5867] newfstatat(3, "", [pid 6419] <... openat resumed>) = 4 [pid 6419] ioctl(4, LOOP_SET_FD, 3 [pid 6418] <... ioctl resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6418] close(3 [pid 5867] getdents64(3, [pid 6418] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6418] close(4 [pid 5867] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6420] munmap(0x7f1864095000, 138412032 [pid 6419] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6419] ioctl(4, LOOP_CLR_FD [pid 6420] <... munmap resumed>) = 0 [pid 6419] <... ioctl resumed>) = 0 [pid 6418] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6420] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6418] mkdir("./file1", 0777 [pid 6417] <... mount resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./107/binderfs", [pid 6420] <... openat resumed>) = 4 [pid 6418] <... mkdir resumed>) = 0 [pid 6417] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6420] ioctl(4, LOOP_SET_FD, 3 [pid 6419] ioctl(4, LOOP_SET_FD, 3 [pid 6418] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6417] <... openat resumed>) = 3 [pid 5867] unlink("./107/binderfs" [pid 6420] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6419] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6420] ioctl(4, LOOP_CLR_FD [pid 6419] close(4 [pid 6417] chdir("./file1" [pid 6419] <... close resumed>) = 0 [pid 6417] <... chdir resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 6420] <... ioctl resumed>) = 0 [pid 6417] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6419] close(3 [pid 6417] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] getdents64(3, [pid 6417] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [ 200.528203][ T6417] loop2: detected capacity change from 0 to 1024 [ 200.554149][ T6418] loop0: detected capacity change from 0 to 1024 [pid 6420] ioctl(4, LOOP_SET_FD, 3 [pid 5867] close(3 [pid 6420] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./107" [pid 6420] close(4 [pid 5867] <... rmdir resumed>) = 0 [pid 6419] <... close resumed>) = 0 [pid 5867] mkdir("./108", 0777) = 0 [pid 6419] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6419] sync( [pid 6420] <... close resumed>) = 0 [pid 6420] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6418] <... mount resumed>) = 0 [pid 6420] <... close resumed>) = 0 [pid 6417] <... link resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6418] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6417] sync( [pid 6418] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6418] chdir("./file1" [pid 5867] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6418] <... chdir resumed>) = 0 [pid 5867] close(3 [pid 6418] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 6420] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6418] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6421 attached [pid 6420] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6418] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6420] sync( [pid 6421] set_robust_list(0x5555593cd660, 24) = 0 [pid 6421] chdir("./108") = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6421 [pid 6421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6421] setpgid(0, 0) = 0 [pid 6421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6421] write(3, "1000", 4) = 4 [pid 6421] close(3 [pid 6418] <... link resumed>) = 0 [pid 6421] <... close resumed>) = 0 [pid 6418] sync( [pid 6421] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6421] write(1, "executing program\n", 18executing program ) = 18 [pid 6421] memfd_create("syzkaller", 0) = 3 [pid 6421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6417] <... sync resumed>) = 0 [pid 6419] <... sync resumed>) = 0 [pid 6418] <... sync resumed>) = 0 [pid 6420] <... sync resumed>) = 0 [pid 6417] exit_group(0 [pid 6418] exit_group(0 [pid 6417] <... exit_group resumed>) = ? [pid 6420] exit_group(0 [pid 6418] <... exit_group resumed>) = ? [pid 6417] +++ exited with 0 +++ [pid 6419] exit_group(0 [pid 6421] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6420] <... exit_group resumed>) = ? [pid 6419] <... exit_group resumed>) = ? [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6417, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6419] +++ exited with 0 +++ [pid 5866] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6418] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6419, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6418, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6420] +++ exited with 0 +++ [pid 5868] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", [pid 5864] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6420, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6421] <... write resumed>) = 524288 [pid 5868] getdents64(3, [pid 5864] newfstatat(3, "", [pid 6421] munmap(0x7f1864095000, 138412032 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5868] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6421] <... munmap resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(3, [pid 5868] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5865] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6421] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6421] <... openat resumed>) = 4 [pid 5865] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6421] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] unlink("./110/binderfs" [pid 5865] newfstatat(AT_FDCWD, "./106/binderfs", [pid 6421] close(3 [pid 5868] <... unlink resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6421] <... close resumed>) = 0 [pid 5868] getdents64(3, [pid 5865] unlink("./106/binderfs" [pid 6421] close(4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5868] close(3 [pid 5865] getdents64(3, [pid 5868] <... close resumed>) = 0 [pid 5866] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./110" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./105/file1", [pid 5865] rmdir("./106") = 0 [pid 6421] <... close resumed>) = 0 [pid 5868] mkdir("./111", 0777 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] mkdir("./107", 0777 [pid 5864] <... umount2 resumed>) = 0 [pid 6421] mkdir("./file1", 0777 [pid 5866] umount2("./105/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6421] <... mkdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... mkdir resumed>) = 0 [pid 5864] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6421] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] openat(AT_FDCWD, "./105/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... mkdir resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 3 [pid 5864] newfstatat(AT_FDCWD, "./107/file1", [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] getdents64(4, [ 200.783750][ T6421] loop3: detected capacity change from 0 to 1024 [pid 5864] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... openat resumed>) = 3 [pid 5865] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] openat(AT_FDCWD, "./107/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] close(3 [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5866] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5868] close(3 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6421] <... mount resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] newfstatat(4, "", ./strace-static-x86_64: Process 6422 attached [pid 6421] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] close(4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6422 [pid 6421] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 5864] getdents64(4, [pid 6421] chdir("./file1" [pid 5866] rmdir("./105/file1" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6423 attached [pid 6422] set_robust_list(0x5555593cd660, 24 [pid 6421] <... chdir resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6423 [pid 6423] set_robust_list(0x5555593cd660, 24 [pid 6422] <... set_robust_list resumed>) = 0 [pid 6421] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... rmdir resumed>) = 0 [pid 5864] getdents64(4, [pid 6423] <... set_robust_list resumed>) = 0 [pid 6422] chdir("./107" [pid 6423] chdir("./111" [pid 6422] <... chdir resumed>) = 0 [pid 6421] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6423] <... chdir resumed>) = 0 [pid 6422] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6421] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4 [pid 6423] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6422] <... prctl resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5864] <... close resumed>) = 0 [pid 6423] <... prctl resumed>) = 0 [pid 6422] setpgid(0, 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] rmdir("./107/file1" [pid 6423] setpgid(0, 0 [pid 6422] <... setpgid resumed>) = 0 [pid 6423] <... setpgid resumed>) = 0 [pid 6422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6422] <... openat resumed>) = 3 [pid 5866] unlink("./105/binderfs" [pid 5864] <... rmdir resumed>) = 0 [pid 6423] write(3, "1000", 4 [pid 6422] write(3, "1000", 4 [pid 5866] <... unlink resumed>) = 0 [pid 5864] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6423] <... write resumed>) = 4 [pid 6422] <... write resumed>) = 4 [pid 5866] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6421] <... link resumed>) = 0 [pid 6421] sync( [pid 5866] close(3 [pid 5864] unlink("./107/binderfs" [pid 6422] close(3 [pid 6423] close(3 [pid 5866] <... close resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6423] <... close resumed>) = 0 [pid 6422] <... close resumed>) = 0 [pid 6423] symlink("/dev/binderfs", "./binderfs" [pid 6422] symlink("/dev/binderfs", "./binderfs" [pid 5866] rmdir("./105" [pid 5864] getdents64(3, [pid 5866] <... rmdir resumed>) = 0 [pid 6423] <... symlink resumed>) = 0 [pid 6422] <... symlink resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./107" [pid 5866] mkdir("./106", 0777) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6423] write(1, "executing program\n", 18 [pid 5866] ioctl(3, LOOP_CLR_FDexecuting program ) = 0 [pid 5866] close(3 [pid 6423] <... write resumed>) = 18 executing program [pid 5866] <... close resumed>) = 0 [pid 6423] memfd_create("syzkaller", 0 [pid 6422] write(1, "executing program\n", 18 [pid 6421] <... sync resumed>) = 0 [pid 5864] mkdir("./108", 0777 [pid 6421] exit_group(0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6423] <... memfd_create resumed>) = 3 [pid 6422] <... write resumed>) = 18 [pid 6421] <... exit_group resumed>) = ? [pid 5864] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6424 attached [pid 6423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6422] memfd_create("syzkaller", 0 [pid 6421] +++ exited with 0 +++ [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6421, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6424 [pid 5864] <... openat resumed>) = 3 [pid 6423] <... mmap resumed>) = 0x7f1864095000 [pid 6422] <... memfd_create resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6424] set_robust_list(0x5555593cd660, 24) = 0 [pid 5867] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6424] chdir("./106" [pid 6423] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6423] <... write resumed>) = 524288 [pid 6422] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(3 [pid 6424] <... chdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... close resumed>) = 0 [pid 6424] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... openat resumed>) = 3 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6424] <... prctl resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 6424] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6424] <... setpgid resumed>) = 0 [pid 5867] getdents64(3, [pid 6424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6425 attached [pid 5867] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6424] write(3, "1000", 4 [pid 6425] set_robust_list(0x5555593cd660, 24 [pid 6423] munmap(0x7f1864095000, 138412032 [pid 6422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6425] <... set_robust_list resumed>) = 0 [pid 6424] <... write resumed>) = 4 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6425 [pid 6424] close(3) = 0 [pid 6423] <... munmap resumed>) = 0 [pid 6425] chdir("./108" [pid 6424] symlink("/dev/binderfs", "./binderfs" [pid 6425] <... chdir resumed>) = 0 [pid 6424] <... symlink resumed>) = 0 [pid 6425] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6424] write(1, "executing program\n", 18 [pid 6425] <... prctl resumed>) = 0 executing program [pid 6425] setpgid(0, 0 [pid 6424] <... write resumed>) = 18 [pid 6423] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6425] <... setpgid resumed>) = 0 [pid 6424] memfd_create("syzkaller", 0) = 3 [pid 6424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6423] <... openat resumed>) = 4 [pid 6424] <... mmap resumed>) = 0x7f1864095000 [pid 6423] ioctl(4, LOOP_SET_FD, 3 [pid 6425] <... openat resumed>) = 3 [pid 6424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6423] <... ioctl resumed>) = 0 [pid 6422] <... write resumed>) = 524288 [pid 6425] write(3, "1000", 4 [pid 6423] close(3) = 0 [pid 6425] <... write resumed>) = 4 [pid 6423] close(4 [pid 6422] munmap(0x7f1864095000, 138412032 [pid 6425] close(3 [pid 6423] <... close resumed>) = 0 [pid 6422] <... munmap resumed>) = 0 [pid 6423] mkdir("./file1", 0777 [pid 6425] <... close resumed>) = 0 [pid 6422] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6425] symlink("/dev/binderfs", "./binderfs" [pid 6423] <... mkdir resumed>) = 0 [pid 6422] <... openat resumed>) = 4 [pid 5867] <... umount2 resumed>) = 0 [pid 6425] <... symlink resumed>) = 0 [pid 6422] ioctl(4, LOOP_SET_FD, 3executing program [pid 6425] write(1, "executing program\n", 18 [pid 6422] <... ioctl resumed>) = 0 [pid 6425] <... write resumed>) = 18 [pid 6423] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6425] memfd_create("syzkaller", 0 [pid 6422] close(3 [pid 5867] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] <... memfd_create resumed>) = 3 [pid 6422] <... close resumed>) = 0 [pid 6422] close(4 [pid 6425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6422] <... close resumed>) = 0 [pid 6425] <... mmap resumed>) = 0x7f1864095000 [pid 6424] <... write resumed>) = 524288 [pid 6422] mkdir("./file1", 0777 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6424] munmap(0x7f1864095000, 138412032) = 0 [pid 5867] newfstatat(AT_FDCWD, "./108/file1", [pid 6424] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 201.044584][ T6423] loop4: detected capacity change from 0 to 1024 [ 201.074123][ T6422] loop1: detected capacity change from 0 to 1024 [pid 6424] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6425] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6424] close(3) = 0 [pid 6424] close(4) = 0 [pid 6424] mkdir("./file1", 0777) = 0 [pid 6425] <... write resumed>) = 524288 [pid 6424] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6422] <... mkdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6423] <... mount resumed>) = 0 [pid 6423] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5867] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6423] chdir("./file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6423] <... chdir resumed>) = 0 [pid 6423] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6422] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] openat(AT_FDCWD, "./108/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6423] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6424] <... mount resumed>) = 0 [pid 6423] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [ 201.103286][ T6424] loop2: detected capacity change from 0 to 1024 [pid 6424] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5867] <... openat resumed>) = 4 [pid 6424] chdir("./file1" [pid 5867] newfstatat(4, "", [pid 6424] <... chdir resumed>) = 0 [pid 6425] munmap(0x7f1864095000, 138412032 [pid 6424] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6425] <... munmap resumed>) = 0 [pid 6424] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6423] <... link resumed>) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6424] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6423] sync( [pid 6425] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] close(4 [pid 6425] <... openat resumed>) = 4 [pid 5867] <... close resumed>) = 0 [pid 6425] ioctl(4, LOOP_SET_FD, 3 [pid 6422] <... mount resumed>) = 0 [pid 6425] <... ioctl resumed>) = 0 [pid 5867] rmdir("./108/file1" [pid 6422] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... rmdir resumed>) = 0 [pid 6422] <... openat resumed>) = 3 [pid 6425] close(3 [pid 6422] chdir("./file1" [pid 5867] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6422] <... chdir resumed>) = 0 [pid 6422] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] newfstatat(AT_FDCWD, "./108/binderfs", [pid 6425] <... close resumed>) = 0 [pid 6422] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6425] close(4 [pid 6422] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] unlink("./108/binderfs" [pid 6425] <... close resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 6425] mkdir("./file1", 0777) = 0 [pid 6424] <... link resumed>) = 0 [pid 5867] getdents64(3, [pid 6424] sync( [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6425] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] close(3) = 0 [pid 5867] rmdir("./108") = 0 [pid 6422] <... link resumed>) = 0 [pid 6422] sync( [ 201.224011][ T6425] loop0: detected capacity change from 0 to 1024 [pid 5867] mkdir("./109", 0777) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6425] <... mount resumed>) = 0 [pid 6423] <... sync resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6423] exit_group(0 [pid 5867] <... ioctl resumed>) = 0 [pid 6425] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6423] <... exit_group resumed>) = ? [pid 5867] close(3 [pid 6423] +++ exited with 0 +++ [pid 5867] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6425] <... openat resumed>) = 3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6423, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- ./strace-static-x86_64: Process 6426 attached [pid 6425] chdir("./file1" [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6426] set_robust_list(0x5555593cd660, 24 [pid 6425] <... chdir resumed>) = 0 [pid 6425] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6426 [pid 6426] <... set_robust_list resumed>) = 0 [pid 6425] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6424] <... sync resumed>) = 0 [pid 6422] <... sync resumed>) = 0 [pid 6426] chdir("./109" [pid 6424] exit_group(0) = ? [pid 6425] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6424] +++ exited with 0 +++ [pid 6426] <... chdir resumed>) = 0 [pid 6426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6422] exit_group(0 [pid 5868] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6426] setpgid(0, 0) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6424, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6422] <... exit_group resumed>) = ? [pid 5868] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6426] <... openat resumed>) = 3 [pid 6422] +++ exited with 0 +++ [pid 5868] <... openat resumed>) = 3 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6426] write(3, "1000", 4) = 4 [pid 6426] close(3 [pid 5868] newfstatat(3, "", [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6422, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6426] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6426] symlink("/dev/binderfs", "./binderfs" [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... restart_syscall resumed>) = 0 [pid 5868] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6426] <... symlink resumed>) = 0 executing program [pid 6426] write(1, "executing program\n", 18 [pid 5866] <... openat resumed>) = 3 [pid 6426] <... write resumed>) = 18 [pid 5866] newfstatat(3, "", [pid 5865] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6426] memfd_create("syzkaller", 0) = 3 [pid 6425] <... link resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] getdents64(3, [pid 6426] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6425] sync( [pid 5866] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6426] munmap(0x7f1864095000, 138412032) = 0 [pid 6426] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5868] <... umount2 resumed>) = 0 [pid 6426] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6426] ioctl(4, LOOP_CLR_FD [pid 5866] <... umount2 resumed>) = 0 [pid 6426] <... ioctl resumed>) = 0 [pid 6425] <... sync resumed>) = 0 [pid 6426] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6425] exit_group(0 [pid 5868] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6426] close(4 [pid 5868] newfstatat(AT_FDCWD, "./111/file1", [pid 5866] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] <... exit_group resumed>) = ? [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6425] +++ exited with 0 +++ [pid 5868] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./106/file1", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] openat(AT_FDCWD, "./111/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./106/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6426] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6425, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] newfstatat(4, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./106/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] getdents64(4, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] newfstatat(AT_FDCWD, "./107/file1", [pid 5868] getdents64(4, [pid 5864] <... openat resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] newfstatat(3, "", [pid 6426] close(3 [pid 5868] close(4 [pid 5865] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6426] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] rmdir("./111/file1" [pid 5865] openat(AT_FDCWD, "./107/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5866] getdents64(4, [pid 5864] getdents64(3, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] newfstatat(4, "", [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6426] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 6426] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5864] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6426] sync( [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(4 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./107/file1" [pid 5866] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5866] rmdir("./106/file1") = 0 [pid 5868] newfstatat(AT_FDCWD, "./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./111/binderfs") = 0 [pid 5866] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6426] <... sync resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5866] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./107/binderfs" [pid 5868] getdents64(3, [pid 5866] unlink("./106/binderfs" [pid 5865] <... unlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5865] close(3 [pid 6426] exit_group(0 [pid 5868] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 6426] <... exit_group resumed>) = ? [pid 5865] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] rmdir("./107" [pid 5868] rmdir("./111" [pid 5866] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./106") = 0 [pid 5868] mkdir("./112", 0777 [pid 5865] mkdir("./108", 0777 [pid 6426] +++ exited with 0 +++ [pid 5868] <... mkdir resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6426, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] <... mkdir resumed>) = 0 [pid 5866] mkdir("./107", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... umount2 resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5865] close(3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5868] <... close resumed>) = 0 [pid 5867] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 5864] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5864] newfstatat(AT_FDCWD, "./108/file1", [pid 5866] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] unlink("./109/binderfs" [pid 5865] <... close resumed>) = 0 [pid 5864] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... unlink resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6427 attached ./strace-static-x86_64: Process 6428 attached [pid 5867] getdents64(3, [pid 5864] openat(AT_FDCWD, "./108/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5867] close(3 [pid 5864] newfstatat(4, "", [pid 6427] set_robust_list(0x5555593cd660, 24 [pid 5867] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] rmdir("./109" [pid 5864] getdents64(4, [pid 6428] set_robust_list(0x5555593cd660, 24./strace-static-x86_64: Process 6429 attached [pid 6427] <... set_robust_list resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6428 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6427] chdir("./107" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6427 [pid 5867] mkdir("./110", 0777 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6429 [pid 6428] <... set_robust_list resumed>) = 0 [pid 5864] getdents64(4, [pid 6427] <... chdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6427] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] close(4 [pid 6427] <... prctl resumed>) = 0 [pid 6428] chdir("./112" [pid 6427] setpgid(0, 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6427] <... setpgid resumed>) = 0 [pid 6429] set_robust_list(0x5555593cd660, 24 [pid 6428] <... chdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] rmdir("./108/file1" [pid 5867] <... openat resumed>) = 3 [pid 6428] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] <... rmdir resumed>) = 0 executing program [pid 6428] <... prctl resumed>) = 0 [pid 6429] <... set_robust_list resumed>) = 0 [pid 6427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6429] chdir("./108" [pid 6427] <... openat resumed>) = 3 [pid 5867] close(3 [pid 6428] setpgid(0, 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6427] write(3, "1000", 4 [pid 5864] newfstatat(AT_FDCWD, "./108/binderfs", [pid 6428] <... setpgid resumed>) = 0 [pid 6427] <... write resumed>) = 4 [pid 6427] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6427] <... close resumed>) = 0 [pid 5864] unlink("./108/binderfs" [pid 6427] symlink("/dev/binderfs", "./binderfs" [pid 6428] <... openat resumed>) = 3 [pid 6427] <... symlink resumed>) = 0 [pid 6429] <... chdir resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6429] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6427] write(1, "executing program\n", 18) = 18 [pid 6427] memfd_create("syzkaller", 0) = 3 [pid 6429] <... prctl resumed>) = 0 [pid 6428] write(3, "1000", 4 [pid 6427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] getdents64(3, [pid 6429] setpgid(0, 0 [pid 6428] <... write resumed>) = 4 [pid 6427] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6429] <... setpgid resumed>) = 0 [pid 6428] close(3 [pid 6427] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... close resumed>) = 0 [pid 6429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6428] <... close resumed>) = 0 [pid 5864] close(3) = 0 [pid 6429] <... openat resumed>) = 3 [pid 6428] symlink("/dev/binderfs", "./binderfs" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] rmdir("./108" [pid 6428] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 6430 attached [pid 6429] write(3, "1000", 4 [pid 6428] write(1, "executing program\n", 18executing program [pid 5864] <... rmdir resumed>) = 0 [pid 6429] <... write resumed>) = 4 [pid 6428] <... write resumed>) = 18 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6430 [pid 5864] mkdir("./109", 0777 [pid 6429] close(3 [pid 6430] set_robust_list(0x5555593cd660, 24 [pid 6429] <... close resumed>) = 0 [pid 6428] memfd_create("syzkaller", 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6429] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6430] <... set_robust_list resumed>) = 0 [pid 6429] write(1, "executing program\n", 18 [pid 6428] <... memfd_create resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6429] <... write resumed>) = 18 [pid 5864] <... openat resumed>) = 3 [pid 6429] memfd_create("syzkaller", 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6429] <... memfd_create resumed>) = 3 [pid 5864] <... ioctl resumed>) = 0 [pid 6430] chdir("./110" [pid 6429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] close(3 [pid 6429] <... mmap resumed>) = 0x7f1864095000 [pid 6428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... close resumed>) = 0 [pid 6428] <... mmap resumed>) = 0x7f1864095000 [pid 6427] <... write resumed>) = 524288 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6427] munmap(0x7f1864095000, 138412032 [pid 6430] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6431 attached [pid 6431] set_robust_list(0x5555593cd660, 24 [pid 6429] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6427] <... munmap resumed>) = 0 [pid 6430] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6431] <... set_robust_list resumed>) = 0 [pid 6431] chdir("./109" [pid 6430] <... prctl resumed>) = 0 [pid 6428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6431 [pid 6430] setpgid(0, 0 [pid 6427] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6430] <... setpgid resumed>) = 0 [pid 6427] <... openat resumed>) = 4 [pid 6431] <... chdir resumed>) = 0 [pid 6427] ioctl(4, LOOP_SET_FD, 3 [pid 6431] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6427] <... ioctl resumed>) = 0 [pid 6431] <... prctl resumed>) = 0 [pid 6431] setpgid(0, 0) = 0 [pid 6427] close(3 [pid 6431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6427] <... close resumed>) = 0 [pid 6431] write(3, "1000", 4) = 4 [pid 6427] close(4 [pid 6431] close(3) = 0 [pid 6430] <... openat resumed>) = 3 [pid 6427] <... close resumed>) = 0 [pid 6431] symlink("/dev/binderfs", "./binderfs" [pid 6427] mkdir("./file1", 0777 [pid 6430] write(3, "1000", 4) = 4 [pid 6430] close(3 [pid 6431] <... symlink resumed>) = 0 [pid 6430] <... close resumed>) = 0 [pid 6427] <... mkdir resumed>) = 0 [pid 6431] write(1, "executing program\n", 18executing program ) = 18 [pid 6430] symlink("/dev/binderfs", "./binderfs" [pid 6427] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6431] memfd_create("syzkaller", 0 [pid 6430] <... symlink resumed>) = 0 [pid 6431] <... memfd_create resumed>) = 3 [pid 6431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 6430] write(1, "executing program\n", 18 [pid 6429] <... write resumed>) = 524288 [pid 6428] <... write resumed>) = 524288 [pid 6431] <... mmap resumed>) = 0x7f1864095000 [pid 6430] <... write resumed>) = 18 [pid 6428] munmap(0x7f1864095000, 138412032 [pid 6430] memfd_create("syzkaller", 0 [pid 6427] <... mount resumed>) = 0 [pid 6430] <... memfd_create resumed>) = 3 [pid 6429] munmap(0x7f1864095000, 138412032 [pid 6428] <... munmap resumed>) = 0 [pid 6429] <... munmap resumed>) = 0 [pid 6428] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6427] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6431] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6430] <... mmap resumed>) = 0x7f1864095000 [pid 6429] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6428] <... openat resumed>) = 4 [pid 6427] <... openat resumed>) = 3 [pid 6429] <... openat resumed>) = 4 [pid 6428] ioctl(4, LOOP_SET_FD, 3 [pid 6427] chdir("./file1" [pid 6429] ioctl(4, LOOP_SET_FD, 3 [pid 6427] <... chdir resumed>) = 0 [ 201.731962][ T6427] loop2: detected capacity change from 0 to 1024 [pid 6427] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6427] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6429] <... ioctl resumed>) = 0 [pid 6428] <... ioctl resumed>) = 0 [pid 6429] close(3 [pid 6428] close(3 [pid 6429] <... close resumed>) = 0 [pid 6428] <... close resumed>) = 0 [pid 6429] close(4 [pid 6428] close(4 [pid 6429] <... close resumed>) = 0 [pid 6428] <... close resumed>) = 0 [pid 6429] mkdir("./file1", 0777 [pid 6428] mkdir("./file1", 0777 [pid 6429] <... mkdir resumed>) = 0 [pid 6428] <... mkdir resumed>) = 0 [pid 6430] <... write resumed>) = 524288 [pid 6429] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6428] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6430] munmap(0x7f1864095000, 138412032 [pid 6431] <... write resumed>) = 524288 [pid 6430] <... munmap resumed>) = 0 [pid 6431] munmap(0x7f1864095000, 138412032) = 0 [pid 6430] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6431] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6427] <... link resumed>) = 0 [ 201.783109][ T6428] loop4: detected capacity change from 0 to 1024 [ 201.785032][ T6429] loop1: detected capacity change from 0 to 1024 [pid 6431] <... openat resumed>) = 4 [pid 6430] ioctl(4, LOOP_SET_FD, 3 [pid 6428] <... mount resumed>) = 0 [pid 6427] sync( [pid 6431] ioctl(4, LOOP_SET_FD, 3 [pid 6430] <... ioctl resumed>) = 0 [pid 6428] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6430] close(3) = 0 [pid 6430] close(4 [pid 6428] <... openat resumed>) = 3 [pid 6429] <... mount resumed>) = 0 [pid 6428] chdir("./file1" [pid 6429] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6428] <... chdir resumed>) = 0 [pid 6430] <... close resumed>) = 0 [pid 6429] <... openat resumed>) = 3 [pid 6428] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6431] <... ioctl resumed>) = 0 [pid 6430] mkdir("./file1", 0777 [pid 6431] close(3 [pid 6430] <... mkdir resumed>) = 0 [pid 6429] chdir("./file1" [pid 6428] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6429] <... chdir resumed>) = 0 [pid 6431] <... close resumed>) = 0 [pid 6431] close(4 [pid 6429] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6430] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6428] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6429] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6431] <... close resumed>) = 0 [pid 6431] mkdir("./file1", 0777) = 0 [ 201.852551][ T6430] loop3: detected capacity change from 0 to 1024 [ 201.868026][ T6431] loop0: detected capacity change from 0 to 1024 [pid 6431] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6429] <... link resumed>) = 0 [pid 6430] <... mount resumed>) = 0 [pid 6429] sync( [pid 6430] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6430] chdir("./file1") = 0 [pid 6428] <... link resumed>) = 0 [pid 6430] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6428] sync( [pid 6430] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6431] <... mount resumed>) = 0 [pid 6427] <... sync resumed>) = 0 [pid 6431] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6427] exit_group(0 [pid 6431] chdir("./file1" [pid 6427] <... exit_group resumed>) = ? [pid 6431] <... chdir resumed>) = 0 [pid 6431] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6431] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6429] <... sync resumed>) = 0 [pid 6428] <... sync resumed>) = 0 [pid 6428] exit_group(0 [pid 6427] +++ exited with 0 +++ [pid 6428] <... exit_group resumed>) = ? [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6427, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6429] exit_group(0 [pid 6428] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6428, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6429] <... exit_group resumed>) = ? [pid 6429] +++ exited with 0 +++ [pid 6430] <... link resumed>) = 0 [pid 6430] sync( [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6429, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6431] <... link resumed>) = 0 [pid 5868] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6431] sync( [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, [pid 6431] <... sync resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6431] exit_group(0 [pid 6430] <... sync resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5866] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6431] <... exit_group resumed>) = ? [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6431] +++ exited with 0 +++ [pid 5868] getdents64(3, [pid 5865] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6430] exit_group(0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6431, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] <... openat resumed>) = 3 [pid 6430] <... exit_group resumed>) = ? [pid 5868] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 6430] +++ exited with 0 +++ [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6430, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5864] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 5867] newfstatat(3, "", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./107/file1", [pid 5868] newfstatat(AT_FDCWD, "./112/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./107/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./108/file1", [pid 5868] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./107/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./112/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... openat resumed>) = 4 [pid 5866] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./108/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 4 [pid 5868] getdents64(4, [pid 5865] newfstatat(4, "", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5866] getdents64(4, [pid 5868] getdents64(4, [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 5865] close(4 [pid 5868] <... close resumed>) = 0 [pid 5867] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... close resumed>) = 0 [pid 5864] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(4, [pid 5865] rmdir("./108/file1" [pid 5868] rmdir("./112/file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... rmdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./110/file1", [pid 5866] close(4 [pid 5865] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./109/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] rmdir("./107/file1" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] unlink("./108/binderfs" [pid 5864] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./110/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 4 [pid 5865] getdents64(3, [pid 5864] openat(AT_FDCWD, "./109/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] newfstatat(4, "", [pid 5866] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5868] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 5867] getdents64(4, [pid 5866] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./112/binderfs" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] unlink("./107/binderfs" [pid 5865] rmdir("./108" [pid 5864] newfstatat(4, "", [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(3, [pid 5867] close(4 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] mkdir("./109", 0777 [pid 5864] getdents64(4, [pid 5868] close(3 [pid 5867] rmdir("./110/file1" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] close(3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] getdents64(4, [pid 5867] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] close(4 [pid 5868] rmdir("./112" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./107" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... close resumed>) = 0 [pid 5868] mkdir("./113", 0777) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] rmdir("./109/file1" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] unlink("./110/binderfs" [pid 5865] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... unlink resumed>) = 0 [pid 5866] mkdir("./108", 0777 [pid 5865] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6432 attached [pid 5867] getdents64(3, [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... openat resumed>) = 3 [pid 6432] set_robust_list(0x5555593cd660, 24 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6432] <... set_robust_list resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6432 [pid 5866] <... ioctl resumed>) = 0 [pid 5867] close(3 [pid 5864] unlink("./109/binderfs" [pid 6432] chdir("./109" [pid 5864] <... unlink resumed>) = 0 [pid 5866] close(3 [pid 5864] getdents64(3, [pid 5867] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] rmdir("./110" [pid 5864] close(3./strace-static-x86_64: Process 6433 attached [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6433 [pid 6432] <... chdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6433] set_robust_list(0x5555593cd660, 24 [pid 6432] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] rmdir("./109" [pid 6432] <... prctl resumed>) = 0 [pid 5867] mkdir("./111", 0777 [pid 6433] <... set_robust_list resumed>) = 0 [pid 6432] setpgid(0, 0 [pid 6433] chdir("./113" [pid 5867] <... mkdir resumed>) = 0 [pid 6433] <... chdir resumed>) = 0 [pid 6432] <... setpgid resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6433] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6433] <... prctl resumed>) = 0 [pid 6433] setpgid(0, 0 [pid 5867] <... openat resumed>) = 3 [pid 6432] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] mkdir("./110", 0777 [pid 6432] write(3, "1000", 4 [pid 5867] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6434 attached [pid 6433] <... setpgid resumed>) = 0 [pid 6433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6432] <... write resumed>) = 4 [pid 5867] close(3 [pid 5864] <... mkdir resumed>) = 0 [pid 6433] <... openat resumed>) = 3 [pid 6434] set_robust_list(0x5555593cd660, 24 [pid 6433] write(3, "1000", 4 [pid 6432] close(3 [pid 6434] <... set_robust_list resumed>) = 0 [pid 6433] <... write resumed>) = 4 [pid 6434] chdir("./108" [pid 6433] close(3 [pid 6432] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6434] <... chdir resumed>) = 0 [pid 6433] <... close resumed>) = 0 [pid 6432] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6434 [pid 6434] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6433] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... openat resumed>) = 3 [pid 6434] <... prctl resumed>) = 0 [pid 6433] <... symlink resumed>) = 0 [pid 6432] <... symlink resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6434] setpgid(0, 0 [pid 6432] write(1, "executing program\n", 18executing program executing program [pid 6434] <... setpgid resumed>) = 0 [pid 6433] write(1, "executing program\n", 18 [pid 5864] <... ioctl resumed>) = 0 [pid 6434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] close(3) = 0 [pid 6432] <... write resumed>) = 18 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6434] <... openat resumed>) = 3 [pid 6433] <... write resumed>) = 18 [pid 6434] write(3, "1000", 4 [pid 6433] memfd_create("syzkaller", 0 [pid 6434] <... write resumed>) = 4 [pid 6433] <... memfd_create resumed>) = 3 [pid 6434] close(3) = 0 [pid 6433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6434] symlink("/dev/binderfs", "./binderfs" [pid 6433] <... mmap resumed>) = 0x7f1864095000 ./strace-static-x86_64: Process 6435 attached [pid 6432] memfd_create("syzkaller", 0 [pid 5867] <... close resumed>) = 0 [pid 6432] <... memfd_create resumed>) = 3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6435 [pid 6432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6435] set_robust_list(0x5555593cd660, 24 [pid 6434] <... symlink resumed>) = 0 [pid 6433] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6432] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6434] write(1, "executing program\n", 18) = 18 [pid 6435] <... set_robust_list resumed>) = 0 [pid 6434] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6436 attached [pid 6432] <... write resumed>) = 524288 [pid 6435] chdir("./110") = 0 [pid 6432] munmap(0x7f1864095000, 138412032 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6436 [pid 6434] <... memfd_create resumed>) = 3 [pid 6436] set_robust_list(0x5555593cd660, 24 [pid 6434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6436] <... set_robust_list resumed>) = 0 [pid 6434] <... mmap resumed>) = 0x7f1864095000 [pid 6436] chdir("./111" [pid 6434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6433] <... write resumed>) = 524288 [pid 6435] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6436] <... chdir resumed>) = 0 [pid 6433] munmap(0x7f1864095000, 138412032 [pid 6436] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6435] <... prctl resumed>) = 0 [pid 6433] <... munmap resumed>) = 0 [pid 6432] <... munmap resumed>) = 0 [pid 6436] <... prctl resumed>) = 0 [pid 6433] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6435] setpgid(0, 0 [pid 6436] setpgid(0, 0 [pid 6435] <... setpgid resumed>) = 0 [pid 6433] <... openat resumed>) = 4 [pid 6432] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6436] <... setpgid resumed>) = 0 [pid 6435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6433] ioctl(4, LOOP_SET_FD, 3 [pid 6432] <... openat resumed>) = 4 [pid 6436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6435] <... openat resumed>) = 3 [pid 6433] <... ioctl resumed>) = 0 [pid 6432] ioctl(4, LOOP_SET_FD, 3 [pid 6436] <... openat resumed>) = 3 [pid 6435] write(3, "1000", 4 [pid 6433] close(3 [pid 6432] <... ioctl resumed>) = 0 [pid 6432] close(3) = 0 [pid 6432] close(4 [pid 6436] write(3, "1000", 4 [pid 6433] <... close resumed>) = 0 [pid 6432] <... close resumed>) = 0 [pid 6436] <... write resumed>) = 4 [pid 6434] <... write resumed>) = 524288 [pid 6433] close(4 [pid 6432] mkdir("./file1", 0777 [pid 6436] close(3 [pid 6433] <... close resumed>) = 0 [pid 6436] <... close resumed>) = 0 [pid 6433] mkdir("./file1", 0777 [pid 6436] symlink("/dev/binderfs", "./binderfs" [pid 6435] <... write resumed>) = 4 [pid 6433] <... mkdir resumed>) = 0 [pid 6432] <... mkdir resumed>) = 0 [pid 6435] close(3 [pid 6432] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6436] <... symlink resumed>) = 0 [pid 6433] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6436] write(1, "executing program\n", 18executing program ) = 18 [pid 6435] <... close resumed>) = 0 [pid 6436] memfd_create("syzkaller", 0 [pid 6435] symlink("/dev/binderfs", "./binderfs"executing program [pid 6436] <... memfd_create resumed>) = 3 [pid 6435] <... symlink resumed>) = 0 [pid 6434] munmap(0x7f1864095000, 138412032 [pid 6432] <... mount resumed>) = 0 [pid 6436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6435] write(1, "executing program\n", 18 [pid 6434] <... munmap resumed>) = 0 [pid 6432] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6435] <... write resumed>) = 18 [pid 6436] <... mmap resumed>) = 0x7f1864095000 [pid 6435] memfd_create("syzkaller", 0 [pid 6433] <... mount resumed>) = 0 [pid 6432] <... openat resumed>) = 3 [pid 6435] <... memfd_create resumed>) = 3 [pid 6434] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6433] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6434] <... openat resumed>) = 4 [pid 6433] <... openat resumed>) = 3 [pid 6432] chdir("./file1" [pid 6436] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6435] <... mmap resumed>) = 0x7f1864095000 [pid 6434] ioctl(4, LOOP_SET_FD, 3 [pid 6433] chdir("./file1" [pid 6432] <... chdir resumed>) = 0 [ 202.346000][ T6433] loop4: detected capacity change from 0 to 1024 [ 202.347985][ T6432] loop1: detected capacity change from 0 to 1024 [pid 6434] <... ioctl resumed>) = 0 [pid 6433] <... chdir resumed>) = 0 [pid 6432] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6433] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6432] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6436] <... write resumed>) = 524288 [pid 6435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6434] close(3 [pid 6433] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6432] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6436] munmap(0x7f1864095000, 138412032 [pid 6434] <... close resumed>) = 0 [pid 6433] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6436] <... munmap resumed>) = 0 [pid 6434] close(4 [pid 6436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6434] <... close resumed>) = 0 [ 202.408875][ T6434] loop2: detected capacity change from 0 to 1024 [pid 6436] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6435] <... write resumed>) = 524288 [pid 6434] mkdir("./file1", 0777 [pid 6436] close(3 [pid 6434] <... mkdir resumed>) = 0 [pid 6436] <... close resumed>) = 0 [pid 6436] close(4) = 0 [pid 6436] mkdir("./file1", 0777 [pid 6432] <... link resumed>) = 0 [pid 6436] <... mkdir resumed>) = 0 [pid 6435] munmap(0x7f1864095000, 138412032 [pid 6434] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6432] sync( [pid 6435] <... munmap resumed>) = 0 [pid 6433] <... link resumed>) = 0 [pid 6436] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6435] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6433] sync( [pid 6435] <... openat resumed>) = 4 [ 202.457656][ T6436] loop3: detected capacity change from 0 to 1024 [pid 6435] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6435] close(3) = 0 [pid 6435] close(4) = 0 [pid 6434] <... mount resumed>) = 0 [pid 6435] mkdir("./file1", 0777 [pid 6434] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6435] <... mkdir resumed>) = 0 [pid 6434] <... openat resumed>) = 3 [pid 6436] <... mount resumed>) = 0 [pid 6435] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6434] chdir("./file1" [pid 6436] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6434] <... chdir resumed>) = 0 [pid 6436] <... openat resumed>) = 3 [ 202.528422][ T6435] loop0: detected capacity change from 0 to 1024 [pid 6434] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6436] chdir("./file1" [pid 6434] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6436] <... chdir resumed>) = 0 [pid 6434] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6436] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6434] <... link resumed>) = 0 [pid 6435] <... mount resumed>) = 0 [pid 6435] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6434] sync( [pid 6435] <... openat resumed>) = 3 [pid 6435] chdir("./file1") = 0 [pid 6435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6436] <... link resumed>) = 0 [pid 6435] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6436] sync( [pid 6433] <... sync resumed>) = 0 [pid 6433] exit_group(0 [pid 6432] <... sync resumed>) = 0 [pid 6432] exit_group(0) = ? [pid 6433] <... exit_group resumed>) = ? [pid 6433] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6433, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6435] <... link resumed>) = 0 [pid 6434] <... sync resumed>) = 0 [pid 6432] +++ exited with 0 +++ [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6435] sync( [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6432, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6436] <... sync resumed>) = 0 [pid 5865] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6436] exit_group(0 [pid 6434] exit_group(0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6436] <... exit_group resumed>) = ? [pid 6434] <... exit_group resumed>) = ? [pid 5868] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 6436] +++ exited with 0 +++ [pid 6435] <... sync resumed>) = 0 [pid 6434] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(3, "", [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6434, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6436, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6435] exit_group(0) = ? [pid 5868] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] getdents64(3, [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] newfstatat(3, "", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] getdents64(3, [pid 6435] +++ exited with 0 +++ [pid 5867] <... openat resumed>) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6435, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 5864] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5865] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5868] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./113/file1", [pid 5867] newfstatat(AT_FDCWD, "./111/file1", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./109/file1", [pid 5868] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./108/file1", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./113/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./108/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(4, "", [pid 5867] openat(AT_FDCWD, "./111/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./108/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./109/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = 0 [pid 5868] getdents64(4, [pid 5867] <... openat resumed>) = 4 [pid 5866] <... openat resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 4 [pid 5868] getdents64(4, [pid 5867] newfstatat(4, "", [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] close(4) = 0 [pid 5867] getdents64(4, [pid 5865] getdents64(4, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] rmdir("./113/file1" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] newfstatat(AT_FDCWD, "./110/file1", [pid 5868] <... rmdir resumed>) = 0 [pid 5867] getdents64(4, [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] close(4 [pid 5864] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] rmdir("./111/file1" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5867] <... rmdir resumed>) = 0 [pid 5865] close(4 [pid 5864] openat(AT_FDCWD, "./110/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5868] unlink("./113/binderfs" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(4, [pid 5865] rmdir("./109/file1" [pid 5864] newfstatat(4, "", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5866] close(4 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] rmdir("./108/file1" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 5868] getdents64(3, [pid 5867] unlink("./111/binderfs" [pid 5866] <... rmdir resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] getdents64(4, [pid 5867] getdents64(3, [pid 5866] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./109/binderfs" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./113" [pid 5867] close(3 [pid 5866] unlink("./108/binderfs" [pid 5865] <... unlink resumed>) = 0 [pid 5864] close(4 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 5867] rmdir("./111" [pid 5865] getdents64(3, [pid 5864] rmdir("./110/file1" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] mkdir("./114", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5865] close(3) = 0 [pid 5865] rmdir("./109" [pid 5867] mkdir("./112", 0777 [pid 5866] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./108" [pid 5868] <... openat resumed>) = 3 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] mkdir("./110", 0777 [pid 5864] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5867] <... openat resumed>) = 3 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] unlink("./110/binderfs" [pid 5867] <... ioctl resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... unlink resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] close(3 [pid 5865] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 5868] close(3 [pid 5866] mkdir("./109", 0777 [pid 5865] close(3 [pid 5864] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] rmdir("./110" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... mkdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6438 attached [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6437 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] mkdir("./111", 0777./strace-static-x86_64: Process 6439 attached ./strace-static-x86_64: Process 6437 attached [pid 6438] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6439 [pid 5866] <... openat resumed>) = 3 [pid 6439] set_robust_list(0x5555593cd660, 24 [pid 6438] <... set_robust_list resumed>) = 0 [pid 6437] set_robust_list(0x5555593cd660, 24 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6438 [pid 5864] <... mkdir resumed>) = 0 [pid 6439] <... set_robust_list resumed>) = 0 [pid 6437] <... set_robust_list resumed>) = 0 [pid 6439] chdir("./114" [pid 6438] chdir("./110" [pid 6437] chdir("./112" [pid 5866] <... ioctl resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6439] <... chdir resumed>) = 0 [pid 6439] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6438] <... chdir resumed>) = 0 [pid 6437] <... chdir resumed>) = 0 [pid 5866] close(3 [pid 5864] <... openat resumed>) = 3 [pid 6439] <... prctl resumed>) = 0 [pid 6437] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... close resumed>) = 0 [pid 6439] setpgid(0, 0 [pid 6437] <... prctl resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6439] <... setpgid resumed>) = 0 [pid 6437] setpgid(0, 0 [pid 6438] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6440 attached [pid 6439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6438] <... prctl resumed>) = 0 [pid 6437] <... setpgid resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6440] set_robust_list(0x5555593cd660, 24 [pid 6439] <... openat resumed>) = 3 [pid 6438] setpgid(0, 0 [pid 6437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6440 [pid 5864] close(3 [pid 6440] <... set_robust_list resumed>) = 0 [pid 6439] write(3, "1000", 4 [pid 6438] <... setpgid resumed>) = 0 [pid 6437] <... openat resumed>) = 3 [pid 6440] chdir("./109" [pid 6439] <... write resumed>) = 4 [pid 6438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6437] write(3, "1000", 4 [pid 6439] close(3 [pid 6438] <... openat resumed>) = 3 [pid 6438] write(3, "1000", 4) = 4 [pid 5864] <... close resumed>) = 0 [pid 6438] close(3) = 0 [pid 6438] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6440] <... chdir resumed>) = 0 [pid 6439] <... close resumed>) = 0 [pid 6437] <... write resumed>) = 4 [pid 6440] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6439] symlink("/dev/binderfs", "./binderfs" [pid 6437] close(3executing program ./strace-static-x86_64: Process 6441 attached [pid 6438] write(1, "executing program\n", 18 [pid 6441] set_robust_list(0x5555593cd660, 24 [pid 6440] <... prctl resumed>) = 0 [pid 6438] <... write resumed>) = 18 [pid 6437] <... close resumed>) = 0 [pid 6440] setpgid(0, 0 [pid 6439] <... symlink resumed>) = 0 [pid 6438] memfd_create("syzkaller", 0 [pid 6437] symlink("/dev/binderfs", "./binderfs" [pid 6441] <... set_robust_list resumed>) = 0 [pid 6438] <... memfd_create resumed>) = 3 [pid 6437] <... symlink resumed>) = 0 [pid 6440] <... setpgid resumed>) = 0 executing program [pid 6439] write(1, "executing program\n", 18 [pid 6441] chdir("./111" [pid 6440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6439] <... write resumed>) = 18 [pid 6438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 executing program [pid 6437] write(1, "executing program\n", 18 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6441 [pid 6441] <... chdir resumed>) = 0 [pid 6440] <... openat resumed>) = 3 [pid 6439] memfd_create("syzkaller", 0 [pid 6438] <... mmap resumed>) = 0x7f1864095000 [pid 6437] <... write resumed>) = 18 [pid 6441] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6440] write(3, "1000", 4 [pid 6439] <... memfd_create resumed>) = 3 [pid 6437] memfd_create("syzkaller", 0 [pid 6441] <... prctl resumed>) = 0 [pid 6440] <... write resumed>) = 4 [pid 6439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6437] <... memfd_create resumed>) = 3 [pid 6440] close(3) = 0 [pid 6439] <... mmap resumed>) = 0x7f1864095000 [pid 6437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6440] symlink("/dev/binderfs", "./binderfs"executing program [pid 6441] setpgid(0, 0 [pid 6440] <... symlink resumed>) = 0 [pid 6439] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6437] <... mmap resumed>) = 0x7f1864095000 [pid 6440] write(1, "executing program\n", 18 [pid 6441] <... setpgid resumed>) = 0 [pid 6440] <... write resumed>) = 18 [pid 6438] <... write resumed>) = 524288 [pid 6437] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6440] memfd_create("syzkaller", 0 [pid 6441] <... openat resumed>) = 3 [pid 6440] <... memfd_create resumed>) = 3 [pid 6441] write(3, "1000", 4) = 4 [pid 6441] close(3) = 0 [pid 6441] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6439] <... write resumed>) = 524288 [pid 6441] write(1, "executing program\n", 18 [pid 6440] <... mmap resumed>) = 0x7f1864095000 [pid 6441] <... write resumed>) = 18 [pid 6441] memfd_create("syzkaller", 0) = 3 [pid 6441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6437] <... write resumed>) = 524288 [pid 6441] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6439] munmap(0x7f1864095000, 138412032 [pid 6438] munmap(0x7f1864095000, 138412032) = 0 [pid 6439] <... munmap resumed>) = 0 [pid 6438] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6438] ioctl(4, LOOP_SET_FD, 3 [pid 6439] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6438] <... ioctl resumed>) = 0 [pid 6439] <... openat resumed>) = 4 [pid 6439] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6438] close(3 [pid 6439] close(3 [pid 6438] <... close resumed>) = 0 [pid 6439] <... close resumed>) = 0 [pid 6438] close(4 [pid 6439] close(4 [pid 6438] <... close resumed>) = 0 [pid 6439] <... close resumed>) = 0 [pid 6439] mkdir("./file1", 0777 [pid 6438] mkdir("./file1", 0777 [pid 6439] <... mkdir resumed>) = 0 [pid 6438] <... mkdir resumed>) = 0 [pid 6440] <... write resumed>) = 524288 [pid 6439] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6438] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6441] <... write resumed>) = 524288 [pid 6441] munmap(0x7f1864095000, 138412032) = 0 [pid 6437] munmap(0x7f1864095000, 138412032 [pid 6439] <... mount resumed>) = 0 [pid 6438] <... mount resumed>) = 0 [pid 6441] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6439] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6438] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6437] <... munmap resumed>) = 0 [pid 6441] <... openat resumed>) = 4 [pid 6439] <... openat resumed>) = 3 [pid 6438] <... openat resumed>) = 3 [pid 6437] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6441] ioctl(4, LOOP_SET_FD, 3 [pid 6440] munmap(0x7f1864095000, 138412032 [pid 6439] chdir("./file1" [pid 6438] chdir("./file1" [pid 6437] <... openat resumed>) = 4 [pid 6441] <... ioctl resumed>) = 0 [pid 6440] <... munmap resumed>) = 0 [pid 6439] <... chdir resumed>) = 0 [pid 6438] <... chdir resumed>) = 0 [pid 6437] ioctl(4, LOOP_SET_FD, 3 [pid 6441] close(3 [pid 6440] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6439] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6438] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6437] <... ioctl resumed>) = 0 [pid 6441] <... close resumed>) = 0 [pid 6440] <... openat resumed>) = 4 [pid 6439] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 203.103006][ T6438] loop1: detected capacity change from 0 to 1024 [ 203.111121][ T6439] loop4: detected capacity change from 0 to 1024 [pid 6438] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6437] close(3 [pid 6441] close(4 [pid 6440] ioctl(4, LOOP_SET_FD, 3 [pid 6439] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6438] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6437] <... close resumed>) = 0 [pid 6441] <... close resumed>) = 0 [pid 6440] <... ioctl resumed>) = 0 [pid 6437] close(4 [pid 6441] mkdir("./file1", 0777 [pid 6440] close(3 [pid 6437] <... close resumed>) = 0 [pid 6437] mkdir("./file1", 0777 [pid 6441] <... mkdir resumed>) = 0 [pid 6440] <... close resumed>) = 0 [pid 6440] close(4 [pid 6437] <... mkdir resumed>) = 0 [pid 6441] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6437] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6440] <... close resumed>) = 0 [pid 6440] mkdir("./file1", 0777) = 0 [pid 6438] <... link resumed>) = 0 [pid 6438] sync( [pid 6440] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6439] <... link resumed>) = 0 [ 203.163112][ T6441] loop0: detected capacity change from 0 to 1024 [ 203.165035][ T6437] loop3: detected capacity change from 0 to 1024 [ 203.177453][ T6440] loop2: detected capacity change from 0 to 1024 [pid 6439] sync( [pid 6441] <... mount resumed>) = 0 [pid 6437] <... mount resumed>) = 0 [pid 6441] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6440] <... mount resumed>) = 0 [pid 6441] <... openat resumed>) = 3 [pid 6437] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6441] chdir("./file1" [pid 6440] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6441] <... chdir resumed>) = 0 [pid 6437] <... openat resumed>) = 3 [pid 6441] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6440] <... openat resumed>) = 3 [pid 6437] chdir("./file1" [pid 6441] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6440] chdir("./file1" [pid 6441] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6440] <... chdir resumed>) = 0 [pid 6437] <... chdir resumed>) = 0 [pid 6437] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6440] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6437] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6437] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6440] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6440] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6437] <... link resumed>) = 0 [pid 6437] sync( [pid 6441] <... link resumed>) = 0 [pid 6439] <... sync resumed>) = 0 [pid 6441] sync( [pid 6439] exit_group(0) = ? [pid 6440] <... link resumed>) = 0 [pid 6439] +++ exited with 0 +++ [pid 6438] <... sync resumed>) = 0 [pid 6437] <... sync resumed>) = 0 [pid 6437] exit_group(0 [pid 6438] exit_group(0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6439, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6440] sync( [pid 6438] <... exit_group resumed>) = ? [pid 6437] <... exit_group resumed>) = ? [pid 6441] <... sync resumed>) = 0 [pid 6441] exit_group(0 [pid 6437] +++ exited with 0 +++ [pid 6441] <... exit_group resumed>) = ? [pid 5868] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6437, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5868] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6438] +++ exited with 0 +++ [pid 5868] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6438, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] <... restart_syscall resumed>) = 0 [pid 6441] +++ exited with 0 +++ [pid 5868] getdents64(3, [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5868] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6441, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(3, "", [pid 5865] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5867] getdents64(3, [pid 5865] newfstatat(3, "", [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 6440] <... sync resumed>) = 0 [pid 5864] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6440] exit_group(0 [pid 5864] <... openat resumed>) = 3 [pid 6440] <... exit_group resumed>) = ? [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 6440] +++ exited with 0 +++ [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6440, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = 0 [pid 5868] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./114/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./114/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5867] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = 0 [pid 5864] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./112/file1", [pid 5865] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./111/file1", [pid 5865] newfstatat(AT_FDCWD, "./110/file1", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] getdents64(4, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] openat(AT_FDCWD, "./112/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(AT_FDCWD, "./109/file1", [pid 5868] close(4 [pid 5867] <... openat resumed>) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5867] newfstatat(4, "", [pid 5866] umount2("./109/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./111/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./109/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] rmdir("./114/file1" [pid 5867] getdents64(4, [pid 5866] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./110/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(4, "", [pid 5866] getdents64(4, [pid 5865] newfstatat(4, "", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 5867] close(4 [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 5867] rmdir("./112/file1" [pid 5866] close(4 [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 5868] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./109/file1" [pid 5865] close(4 [pid 5864] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] rmdir("./111/file1" [pid 5868] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5867] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5866] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./110/file1" [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 5864] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] unlink("./114/binderfs" [pid 5867] unlink("./112/binderfs" [pid 5866] newfstatat(AT_FDCWD, "./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5867] <... unlink resumed>) = 0 [pid 5866] unlink("./109/binderfs" [pid 5865] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5866] getdents64(3, [pid 5864] unlink("./111/binderfs" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... unlink resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] getdents64(3, [pid 5866] <... close resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5864] getdents64(3, [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] rmdir("./109" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] unlink("./110/binderfs" [pid 5864] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] close(3 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] mkdir("./110", 0777 [pid 5867] rmdir("./112" [pid 5865] getdents64(3, [pid 5864] rmdir("./111" [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] close(3 [pid 5864] mkdir("./112", 0777 [pid 5868] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5868] rmdir("./114" [pid 5867] mkdir("./113", 0777 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5865] rmdir("./110" [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] mkdir("./115", 0777 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] mkdir("./111", 0777 [pid 5864] <... openat resumed>) = 3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... openat resumed>) = 3 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5866] close(3 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... close resumed>) = 0 ./strace-static-x86_64: Process 6442 attached [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] close(3) = 0 [pid 6442] set_robust_list(0x5555593cd660, 24 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6443 attached [pid 6442] <... set_robust_list resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6443] set_robust_list(0x5555593cd660, 24 [pid 6442] chdir("./112" [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... ioctl resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6443 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6442 [pid 6443] <... set_robust_list resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] close(3./strace-static-x86_64: Process 6444 attached [pid 6443] chdir("./111" [pid 6442] <... chdir resumed>) = 0 [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 6443] <... chdir resumed>) = 0 [pid 6442] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6444 [pid 6444] set_robust_list(0x5555593cd660, 24 [pid 6442] <... prctl resumed>) = 0 [pid 6444] <... set_robust_list resumed>) = 0 [pid 6442] setpgid(0, 0 [pid 6444] chdir("./110" [pid 6443] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6445 attached ) = 0 [pid 6445] set_robust_list(0x5555593cd660, 24 [pid 6444] <... chdir resumed>) = 0 [pid 6443] setpgid(0, 0 [pid 6442] <... setpgid resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6445 [pid 6445] <... set_robust_list resumed>) = 0 [pid 6443] <... setpgid resumed>) = 0 [pid 6444] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6445] chdir("./113" [pid 6444] <... prctl resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6445] <... chdir resumed>) = 0 [pid 6444] setpgid(0, 0 [pid 6443] <... openat resumed>) = 3 [pid 6445] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6442] <... openat resumed>) = 3 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6444] <... setpgid resumed>) = 0 [pid 6445] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 6446 attached [pid 6445] setpgid(0, 0 [pid 6444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6443] write(3, "1000", 4 [pid 6445] <... setpgid resumed>) = 0 [pid 6443] <... write resumed>) = 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6446 [pid 6445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6444] <... openat resumed>) = 3 [pid 6443] close(3 [pid 6442] write(3, "1000", 4 [pid 6443] <... close resumed>) = 0 [pid 6446] set_robust_list(0x5555593cd660, 24 [pid 6445] <... openat resumed>) = 3 [pid 6443] symlink("/dev/binderfs", "./binderfs" [pid 6442] <... write resumed>) = 4 [pid 6442] close(3) = 0 [pid 6443] <... symlink resumed>) = 0 [pid 6444] write(3, "1000", 4 [pid 6442] symlink("/dev/binderfs", "./binderfs" [pid 6446] <... set_robust_list resumed>) = 0 [pid 6443] write(1, "executing program\n", 18executing program [pid 6446] chdir("./115" [pid 6444] <... write resumed>) = 4 [pid 6442] <... symlink resumed>) = 0 [pid 6443] <... write resumed>) = 18 [pid 6445] write(3, "1000", 4 [pid 6446] <... chdir resumed>) = 0 [pid 6445] <... write resumed>) = 4 [pid 6444] close(3 executing program [pid 6443] memfd_create("syzkaller", 0 [pid 6442] write(1, "executing program\n", 18 [pid 6446] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6445] close(3 [pid 6444] <... close resumed>) = 0 [pid 6443] <... memfd_create resumed>) = 3 [pid 6442] <... write resumed>) = 18 [pid 6446] <... prctl resumed>) = 0 [pid 6445] <... close resumed>) = 0 [pid 6444] symlink("/dev/binderfs", "./binderfs" [pid 6446] setpgid(0, 0 [pid 6445] symlink("/dev/binderfs", "./binderfs" [pid 6444] <... symlink resumed>) = 0 [pid 6443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6442] memfd_create("syzkaller", 0 [pid 6444] write(1, "executing program\n", 18executing program [pid 6442] <... memfd_create resumed>) = 3 [pid 6444] <... write resumed>) = 18 [pid 6442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6446] <... setpgid resumed>) = 0 [pid 6445] <... symlink resumed>) = 0 [pid 6444] memfd_create("syzkaller", 0 [pid 6443] <... mmap resumed>) = 0x7f1864095000 [pid 6442] <... mmap resumed>) = 0x7f1864095000 [pid 6446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6445] write(1, "executing program\n", 18 [pid 6444] <... memfd_create resumed>) = 3 [pid 6443] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 6446] <... openat resumed>) = 3 [pid 6445] <... write resumed>) = 18 [pid 6446] write(3, "1000", 4 [pid 6445] memfd_create("syzkaller", 0 [pid 6444] <... mmap resumed>) = 0x7f1864095000 [pid 6446] <... write resumed>) = 4 [pid 6446] close(3 [pid 6445] <... memfd_create resumed>) = 3 [pid 6446] <... close resumed>) = 0 [pid 6445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6444] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6443] <... write resumed>) = 524288 [pid 6446] symlink("/dev/binderfs", "./binderfs" [pid 6445] <... mmap resumed>) = 0x7f1864095000 [pid 6446] <... symlink resumed>) = 0 [pid 6445] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6444] <... write resumed>) = 524288 executing program [pid 6443] munmap(0x7f1864095000, 138412032 [pid 6446] write(1, "executing program\n", 18) = 18 [pid 6443] <... munmap resumed>) = 0 [pid 6442] <... write resumed>) = 524288 [pid 6446] memfd_create("syzkaller", 0 [pid 6442] munmap(0x7f1864095000, 138412032 [pid 6446] <... memfd_create resumed>) = 3 [pid 6442] <... munmap resumed>) = 0 [pid 6443] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6442] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6443] <... openat resumed>) = 4 [pid 6442] <... openat resumed>) = 4 [pid 6442] ioctl(4, LOOP_SET_FD, 3 [pid 6444] munmap(0x7f1864095000, 138412032 [pid 6442] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6444] <... munmap resumed>) = 0 [pid 6442] ioctl(4, LOOP_CLR_FD) = 0 [pid 6446] <... mmap resumed>) = 0x7f1864095000 [pid 6444] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6443] ioctl(4, LOOP_SET_FD, 3 [pid 6444] <... openat resumed>) = 4 [pid 6443] <... ioctl resumed>) = 0 [pid 6446] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6443] close(3 [pid 6442] ioctl(4, LOOP_SET_FD, 3 [pid 6444] ioctl(4, LOOP_SET_FD, 3 [pid 6443] <... close resumed>) = 0 [pid 6442] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6444] <... ioctl resumed>) = 0 [pid 6442] close(4 [pid 6444] close(3 [pid 6443] close(4 [pid 6444] <... close resumed>) = 0 [pid 6443] <... close resumed>) = 0 [pid 6444] close(4) = 0 [pid 6443] mkdir("./file1", 0777 [pid 6444] mkdir("./file1", 0777) = 0 [pid 6443] <... mkdir resumed>) = 0 [pid 6444] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6445] <... write resumed>) = 524288 [pid 6443] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6442] <... close resumed>) = 0 [pid 6442] close(3 [pid 6444] <... mount resumed>) = 0 [pid 6444] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6444] chdir("./file1") = 0 [pid 6444] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6445] munmap(0x7f1864095000, 138412032 [pid 6444] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6444] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6446] <... write resumed>) = 524288 [pid 6445] <... munmap resumed>) = 0 [pid 6445] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6446] munmap(0x7f1864095000, 138412032) = 0 [pid 6445] <... openat resumed>) = 4 [ 203.804980][ T6443] loop1: detected capacity change from 0 to 1024 [ 203.816508][ T6444] loop2: detected capacity change from 0 to 1024 [pid 6446] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6445] ioctl(4, LOOP_SET_FD, 3 [pid 6442] <... close resumed>) = 0 [pid 6446] <... openat resumed>) = 4 [pid 6445] <... ioctl resumed>) = 0 [pid 6442] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6446] ioctl(4, LOOP_SET_FD, 3 [pid 6445] close(3 [pid 6446] <... ioctl resumed>) = 0 [pid 6445] <... close resumed>) = 0 [pid 6442] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6445] close(4) = 0 [pid 6445] mkdir("./file1", 0777 [pid 6446] close(3) = 0 [pid 6442] sync( [pid 6445] <... mkdir resumed>) = 0 [pid 6444] <... link resumed>) = 0 [pid 6444] sync( [pid 6446] close(4) = 0 [pid 6446] mkdir("./file1", 0777 [pid 6445] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6446] <... mkdir resumed>) = 0 [pid 6443] <... mount resumed>) = 0 [pid 6446] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6443] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6443] chdir("./file1" [pid 6445] <... mount resumed>) = 0 [pid 6443] <... chdir resumed>) = 0 [pid 6445] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6443] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6445] <... openat resumed>) = 3 [pid 6445] chdir("./file1" [pid 6443] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6445] <... chdir resumed>) = 0 [pid 6443] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6445] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6446] <... mount resumed>) = 0 [ 203.876511][ T6445] loop3: detected capacity change from 0 to 1024 [ 203.881037][ T6446] loop4: detected capacity change from 0 to 1024 [pid 6445] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6446] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6443] <... link resumed>) = 0 [pid 6443] sync( [pid 6445] <... link resumed>) = 0 [pid 6446] <... openat resumed>) = 3 [pid 6444] <... sync resumed>) = 0 [pid 6443] <... sync resumed>) = 0 [pid 6442] <... sync resumed>) = 0 [pid 6446] chdir("./file1" [pid 6445] sync( [pid 6444] exit_group(0 [pid 6442] exit_group(0 [pid 6446] <... chdir resumed>) = 0 [pid 6444] <... exit_group resumed>) = ? [pid 6443] exit_group(0 [pid 6444] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6444, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6446] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6445] <... sync resumed>) = 0 [pid 6443] <... exit_group resumed>) = ? [pid 6442] <... exit_group resumed>) = ? [pid 6446] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6443] +++ exited with 0 +++ [pid 6442] +++ exited with 0 +++ [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6445] exit_group(0 [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6443, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6446] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6445] <... exit_group resumed>) = ? [pid 6445] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6442, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6445, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, [pid 5867] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(3, "", [pid 5866] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6446] <... link resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 6446] sync( [pid 5867] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", [pid 5865] newfstatat(3, "", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5865] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./112/binderfs") = 0 [pid 5864] getdents64(3, [pid 5866] <... umount2 resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./110/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... close resumed>) = 0 [pid 5866] umount2("./110/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./112" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 5864] mkdir("./113", 0777 [pid 5866] openat(AT_FDCWD, "./110/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5867] <... umount2 resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] getdents64(4, [pid 5867] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5867] newfstatat(AT_FDCWD, "./113/file1", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5865] newfstatat(AT_FDCWD, "./111/file1", [pid 5864] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... close resumed>) = 0 [pid 6446] <... sync resumed>) = 0 [pid 5867] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./110/file1" [pid 5867] openat(AT_FDCWD, "./113/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./111/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6446] exit_group(0 [pid 5867] <... openat resumed>) = 4 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6447 [pid 5867] newfstatat(4, "", [pid 5865] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5865] getdents64(4, ./strace-static-x86_64: Process 6447 attached [pid 6446] <... exit_group resumed>) = ? [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(4, [pid 5866] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] close(4 [pid 5867] close(4 [pid 5866] unlink("./110/binderfs") = 0 [pid 5866] getdents64(3, [pid 6447] set_robust_list(0x5555593cd660, 24 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6447] <... set_robust_list resumed>) = 0 [pid 5866] close(3 [pid 6447] chdir("./113" [pid 6446] +++ exited with 0 +++ [pid 5867] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6446, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] rmdir("./110" [pid 6447] <... chdir resumed>) = 0 [pid 6447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6447] setpgid(0, 0) = 0 [pid 6447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... rmdir resumed>) = 0 [pid 6447] <... openat resumed>) = 3 [pid 5867] rmdir("./113/file1" [pid 6447] write(3, "1000", 4) = 4 [pid 6447] close(3) = 0 [pid 6447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5868] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6447] write(1, "executing program\n", 18 [pid 5866] mkdir("./111", 0777 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6447] <... write resumed>) = 18 [pid 5868] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... mkdir resumed>) = 0 [pid 5865] rmdir("./111/file1" [pid 6447] memfd_create("syzkaller", 0) = 3 [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 6447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] getdents64(3, [pid 6447] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5866] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5868] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./113/binderfs" [pid 5866] <... ioctl resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] close(3 [pid 5867] getdents64(3, [pid 5866] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6448 attached [pid 5867] close(3 [pid 5865] unlink("./111/binderfs" [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./113") = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6448 [pid 5865] <... unlink resumed>) = 0 [pid 6448] set_robust_list(0x5555593cd660, 24) = 0 [pid 6448] chdir("./111" [pid 5865] getdents64(3, [pid 6448] <... chdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6448] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] mkdir("./114", 0777 [pid 5865] close(3 [pid 6448] <... prctl resumed>) = 0 [pid 6448] setpgid(0, 0) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6448] write(3, "1000", 4 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6448] <... write resumed>) = 4 [pid 5867] <... ioctl resumed>) = 0 [pid 6448] close(3 [pid 5867] close(3 [pid 6448] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6448] symlink("/dev/binderfs", "./binderfs" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6448] <... symlink resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./111"executing program ./strace-static-x86_64: Process 6449 attached [pid 6448] write(1, "executing program\n", 18) = 18 [pid 6448] memfd_create("syzkaller", 0 [pid 6447] <... write resumed>) = 524288 [pid 6449] set_robust_list(0x5555593cd660, 24) = 0 [pid 6448] <... memfd_create resumed>) = 3 [pid 6449] chdir("./114" [pid 5865] <... rmdir resumed>) = 0 [pid 6448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] mkdir("./112", 0777 [pid 6449] <... chdir resumed>) = 0 [pid 6448] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6449 [pid 5865] <... mkdir resumed>) = 0 [pid 6448] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6447] munmap(0x7f1864095000, 138412032 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6449] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6447] <... munmap resumed>) = 0 [pid 6449] <... prctl resumed>) = 0 [pid 6449] setpgid(0, 0 [pid 6447] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6449] <... setpgid resumed>) = 0 [pid 6447] <... openat resumed>) = 4 [pid 6449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6447] ioctl(4, LOOP_SET_FD, 3 [pid 6449] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 6449] write(3, "1000", 4 [pid 5868] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 6449] <... write resumed>) = 4 [pid 6447] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6449] close(3 [pid 6447] close(3 [pid 5868] newfstatat(AT_FDCWD, "./115/file1", [pid 6449] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6449] symlink("/dev/binderfs", "./binderfs" [pid 6447] <... close resumed>) = 0 [pid 5868] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(3 [pid 6447] close(4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6447] <... close resumed>) = 0 [pid 6447] mkdir("./file1", 0777 [pid 6449] <... symlink resumed>) = 0 [pid 6447] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./115/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6449] write(1, "executing program\n", 18 [pid 6447] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... openat resumed>) = 4 [pid 5865] <... close resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 6449] <... write resumed>) = 18 [pid 6449] memfd_create("syzkaller", 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 6449] <... memfd_create resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6449] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] getdents64(4, [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6449] <... mmap resumed>) = 0x7f1864095000 [pid 6448] <... write resumed>) = 524288 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6450 attached [pid 6448] munmap(0x7f1864095000, 138412032 [pid 5868] close(4 [pid 6450] set_robust_list(0x5555593cd660, 24 [pid 6448] <... munmap resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./115/file1" [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6450 [pid 6450] <... set_robust_list resumed>) = 0 [pid 6448] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... rmdir resumed>) = 0 [pid 6450] chdir("./112" [pid 6448] <... openat resumed>) = 4 [pid 6447] <... mount resumed>) = 0 [pid 5868] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6450] <... chdir resumed>) = 0 [pid 6449] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6447] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6450] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6448] ioctl(4, LOOP_SET_FD, 3 [pid 5868] newfstatat(AT_FDCWD, "./115/binderfs", [pid 6450] <... prctl resumed>) = 0 [pid 6448] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6450] setpgid(0, 0 [pid 5868] unlink("./115/binderfs" [pid 6450] <... setpgid resumed>) = 0 [ 204.236840][ T6447] loop0: detected capacity change from 0 to 1024 [pid 5868] <... unlink resumed>) = 0 [pid 6450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6448] close(3 [pid 6447] <... openat resumed>) = 3 [pid 6448] <... close resumed>) = 0 [pid 6447] chdir("./file1" [pid 6450] <... openat resumed>) = 3 [pid 6448] close(4 [pid 5868] getdents64(3, [pid 6448] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6447] <... chdir resumed>) = 0 [pid 6450] write(3, "1000", 4 [pid 5868] close(3 [pid 6450] <... write resumed>) = 4 [pid 6447] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6450] close(3 [pid 6448] mkdir("./file1", 0777 [pid 6447] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... close resumed>) = 0 [pid 6450] <... close resumed>) = 0 [pid 6450] symlink("/dev/binderfs", "./binderfs" [pid 5868] rmdir("./115" [pid 6450] <... symlink resumed>) = 0 [pid 6448] <... mkdir resumed>) = 0 [pid 6447] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... rmdir resumed>) = 0 [pid 6450] write(1, "executing program\n", 18executing program ) = 18 [pid 5868] mkdir("./116", 0777 [pid 6450] memfd_create("syzkaller", 0) = 3 [pid 6450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6448] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6450] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6449] <... write resumed>) = 524288 ./strace-static-x86_64: Process 6451 attached [pid 6450] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6451 [pid 6451] set_robust_list(0x5555593cd660, 24) = 0 [pid 6451] chdir("./116" [pid 6450] <... write resumed>) = 524288 [ 204.285019][ T6448] loop2: detected capacity change from 0 to 1024 [pid 6450] munmap(0x7f1864095000, 138412032 [pid 6451] <... chdir resumed>) = 0 [pid 6449] munmap(0x7f1864095000, 138412032 [pid 6451] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6450] <... munmap resumed>) = 0 [pid 6449] <... munmap resumed>) = 0 [pid 6451] setpgid(0, 0 [pid 6450] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6447] <... link resumed>) = 0 [pid 6451] <... setpgid resumed>) = 0 [pid 6450] <... openat resumed>) = 4 [pid 6451] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6450] ioctl(4, LOOP_SET_FD, 3 [pid 6449] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6447] sync( [pid 6449] <... openat resumed>) = 4 [pid 6450] <... ioctl resumed>) = 0 [pid 6449] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6450] close(3) = 0 [pid 6449] close(3 [pid 6450] close(4 [pid 6449] <... close resumed>) = 0 [pid 6450] <... close resumed>) = 0 [pid 6449] close(4) = 0 [pid 6449] mkdir("./file1", 0777 [pid 6451] <... openat resumed>) = 3 [pid 6450] mkdir("./file1", 0777 [pid 6451] write(3, "1000", 4 [pid 6449] <... mkdir resumed>) = 0 [pid 6451] <... write resumed>) = 4 [pid 6450] <... mkdir resumed>) = 0 [pid 6451] close(3) = 0 [pid 6451] symlink("/dev/binderfs", "./binderfs" [pid 6448] <... mount resumed>) = 0 [pid 6449] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6451] <... symlink resumed>) = 0 executing program [pid 6451] write(1, "executing program\n", 18 [pid 6450] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6448] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6451] <... write resumed>) = 18 [pid 6451] memfd_create("syzkaller", 0 [pid 6448] <... openat resumed>) = 3 [pid 6451] <... memfd_create resumed>) = 3 [pid 6448] chdir("./file1" [pid 6451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6448] <... chdir resumed>) = 0 [pid 6451] <... mmap resumed>) = 0x7f1864095000 [pid 6448] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [ 204.364095][ T6450] loop1: detected capacity change from 0 to 1024 [ 204.365639][ T6449] loop3: detected capacity change from 0 to 1024 [pid 6448] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6449] <... mount resumed>) = 0 [pid 6451] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6450] <... mount resumed>) = 0 [pid 6449] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6450] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6451] <... write resumed>) = 524288 [pid 6450] <... openat resumed>) = 3 [pid 6449] chdir("./file1" [pid 6450] chdir("./file1" [pid 6448] <... link resumed>) = 0 [pid 6448] sync( [pid 6450] <... chdir resumed>) = 0 [pid 6449] <... chdir resumed>) = 0 [pid 6450] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6450] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6449] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6451] munmap(0x7f1864095000, 138412032 [pid 6449] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6451] <... munmap resumed>) = 0 [pid 6451] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6449] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6451] <... openat resumed>) = 4 [pid 6451] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6451] ioctl(4, LOOP_CLR_FD) = 0 [pid 6451] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6451] close(4) = 0 [pid 6451] close(3 [pid 6450] <... link resumed>) = 0 [pid 6450] sync( [pid 6447] <... sync resumed>) = 0 [pid 6447] exit_group(0 [pid 6449] <... link resumed>) = 0 [pid 6451] <... close resumed>) = 0 [pid 6451] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6449] sync( [pid 6447] <... exit_group resumed>) = ? [pid 6448] <... sync resumed>) = 0 [pid 6451] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6451] sync( [pid 6448] exit_group(0 [pid 6449] <... sync resumed>) = 0 [pid 6447] +++ exited with 0 +++ [pid 6451] <... sync resumed>) = 0 [pid 6450] <... sync resumed>) = 0 [pid 6449] exit_group(0 [pid 6448] <... exit_group resumed>) = ? [pid 6449] <... exit_group resumed>) = ? [pid 6448] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6447, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6451] exit_group(0 [pid 6450] exit_group(0 [pid 6449] +++ exited with 0 +++ [pid 6451] <... exit_group resumed>) = ? [pid 6450] <... exit_group resumed>) = ? [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6449, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6448, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... restart_syscall resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 6451] +++ exited with 0 +++ [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6451, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] newfstatat(3, "", [pid 5867] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6450] +++ exited with 0 +++ [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6450, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5868] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(3, "", [pid 5864] getdents64(3, [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 5868] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(3, "", [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5865] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./116/binderfs") = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./116") = 0 [pid 5868] mkdir("./117", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6452 attached [pid 6452] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6452 [pid 6452] <... set_robust_list resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6452] chdir("./117" [pid 5866] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6452] <... chdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./111/file1", [pid 6452] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./111/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./111/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6452] <... prctl resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6452] setpgid(0, 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6452] <... setpgid resumed>) = 0 [pid 5865] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./114/file1", [pid 5866] getdents64(4, [pid 5864] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] newfstatat(AT_FDCWD, "./113/file1", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./112/file1", [pid 5867] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(4 [pid 5864] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./114/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./111/file1" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./113/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... openat resumed>) = 4 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./112/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 4 [pid 5864] <... openat resumed>) = 4 [pid 5867] getdents64(4, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(4, "", [pid 5866] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5864] newfstatat(4, "", [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5866] unlink("./111/binderfs" [pid 5864] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] close(4 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6452] <... openat resumed>) = 3 [pid 5866] <... unlink resumed>) = 0 [pid 5864] getdents64(4, [pid 6452] write(3, "1000", 4 [pid 5867] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6452] <... write resumed>) = 4 [pid 5866] getdents64(3, [pid 5864] close(4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 5866] close(3 [pid 5864] rmdir("./113/file1" [pid 5866] <... close resumed>) = 0 [pid 6452] close(3 [pid 5867] rmdir("./114/file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5866] rmdir("./111" [pid 6452] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] close(4 [pid 5864] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] mkdir("./112", 0777 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6452] symlink("/dev/binderfs", "./binderfs" [pid 5867] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 6452] <... symlink resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... mkdir resumed>) = 0 [pid 5865] rmdir("./112/file1" [pid 5864] unlink("./113/binderfs") = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5867] unlink("./114/binderfs" [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] rmdir("./113"executing program [pid 6452] write(1, "executing program\n", 18 [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6452] <... write resumed>) = 18 [pid 5867] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6452] memfd_create("syzkaller", 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5865] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5864] <... rmdir resumed>) = 0 [pid 6452] <... memfd_create resumed>) = 3 [pid 5867] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./112/binderfs" [pid 5867] <... close resumed>) = 0 [pid 6452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] rmdir("./114" [pid 5866] <... close resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 6452] <... mmap resumed>) = 0x7f1864095000 [pid 5864] mkdir("./114", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] mkdir("./115", 0777 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6453 attached [pid 5867] <... mkdir resumed>) = 0 [pid 5865] close(3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6453 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6453] set_robust_list(0x5555593cd660, 24 [pid 6452] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... close resumed>) = 0 ./strace-static-x86_64: Process 6454 attached [pid 6453] <... set_robust_list resumed>) = 0 [pid 5865] rmdir("./112" [pid 5867] <... openat resumed>) = 3 [pid 6453] chdir("./114" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6454 [pid 5865] <... rmdir resumed>) = 0 [pid 6454] set_robust_list(0x5555593cd660, 24 [pid 6453] <... chdir resumed>) = 0 [pid 6452] <... write resumed>) = 524288 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] mkdir("./113", 0777 [pid 6454] <... set_robust_list resumed>) = 0 [pid 6454] chdir("./112" [pid 6453] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6452] munmap(0x7f1864095000, 138412032 [pid 5867] <... ioctl resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 6454] <... chdir resumed>) = 0 [pid 6453] <... prctl resumed>) = 0 [pid 6454] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6453] setpgid(0, 0 [pid 6452] <... munmap resumed>) = 0 [pid 5867] close(3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6454] <... prctl resumed>) = 0 [pid 6453] <... setpgid resumed>) = 0 [pid 6452] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 6454] setpgid(0, 0 [pid 6453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6452] <... openat resumed>) = 4 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... openat resumed>) = 3 [pid 6454] <... setpgid resumed>) = 0 [pid 6453] <... openat resumed>) = 3 [pid 6454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6452] ioctl(4, LOOP_SET_FD, 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6454] write(3, "1000", 4 [pid 6453] write(3, "1000", 4./strace-static-x86_64: Process 6455 attached [pid 6454] <... write resumed>) = 4 [pid 6453] <... write resumed>) = 4 [pid 6452] <... ioctl resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6455 [pid 5865] <... ioctl resumed>) = 0 [pid 6454] close(3 [pid 6453] close(3 [pid 5865] close(3 [pid 6453] <... close resumed>) = 0 [pid 6454] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6454] symlink("/dev/binderfs", "./binderfs" [pid 6453] symlink("/dev/binderfs", "./binderfs" [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6455] set_robust_list(0x5555593cd660, 24 [pid 6453] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 6456 attached [pid 6455] <... set_robust_list resumed>) = 0 [pid 6454] <... symlink resumed>) = 0 [pid 6456] set_robust_list(0x5555593cd660, 24 [pid 6455] chdir("./115"executing program [pid 6453] write(1, "executing program\n", 18 [pid 6452] close(3 [pid 6456] <... set_robust_list resumed>) = 0 [pid 6454] write(1, "executing program\n", 18 [pid 6452] <... close resumed>) = 0 [pid 6455] <... chdir resumed>) = 0 [pid 6452] close(4 [pid 6455] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6452] <... close resumed>) = 0 [pid 6455] <... prctl resumed>) = 0 [pid 6452] mkdir("./file1", 0777executing program [pid 6456] chdir("./113" [pid 6455] setpgid(0, 0 [pid 6454] <... write resumed>) = 18 [pid 6452] <... mkdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6456 [pid 6453] <... write resumed>) = 18 [pid 6455] <... setpgid resumed>) = 0 [pid 6452] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6456] <... chdir resumed>) = 0 [pid 6455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6454] memfd_create("syzkaller", 0 [pid 6453] memfd_create("syzkaller", 0 [pid 6456] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6454] <... memfd_create resumed>) = 3 [pid 6456] <... prctl resumed>) = 0 [pid 6453] <... memfd_create resumed>) = 3 [pid 6456] setpgid(0, 0 [pid 6455] <... openat resumed>) = 3 [pid 6454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6456] <... setpgid resumed>) = 0 [pid 6455] write(3, "1000", 4 [pid 6453] <... mmap resumed>) = 0x7f1864095000 [pid 6456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6455] <... write resumed>) = 4 [pid 6454] <... mmap resumed>) = 0x7f1864095000 [pid 6456] <... openat resumed>) = 3 [pid 6455] close(3) = 0 [ 204.842365][ T6452] loop4: detected capacity change from 0 to 1024 [pid 6455] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6455] write(1, "executing program\n", 18) = 18 [pid 6455] memfd_create("syzkaller", 0) = 3 [pid 6455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6455] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6456] write(3, "1000", 4 [pid 6454] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6453] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6456] <... write resumed>) = 4 [pid 6456] close(3) = 0 [pid 6455] <... write resumed>) = 524288 [pid 6456] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6456] write(1, "executing program\n", 18) = 18 [pid 6456] memfd_create("syzkaller", 0 [pid 6455] munmap(0x7f1864095000, 138412032 [pid 6456] <... memfd_create resumed>) = 3 [pid 6452] <... mount resumed>) = 0 [pid 6456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6455] <... munmap resumed>) = 0 [pid 6452] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6453] <... write resumed>) = 524288 [pid 6452] <... openat resumed>) = 3 [pid 6453] munmap(0x7f1864095000, 138412032 [pid 6456] <... mmap resumed>) = 0x7f1864095000 [pid 6456] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6455] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6453] <... munmap resumed>) = 0 [pid 6452] chdir("./file1" [pid 6455] <... openat resumed>) = 4 [pid 6455] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6454] <... write resumed>) = 524288 [pid 6453] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6452] <... chdir resumed>) = 0 [pid 6452] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6455] ioctl(4, LOOP_CLR_FD [pid 6453] <... openat resumed>) = 4 [pid 6455] <... ioctl resumed>) = 0 [pid 6452] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6454] munmap(0x7f1864095000, 138412032 [pid 6453] ioctl(4, LOOP_SET_FD, 3 [pid 6452] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6453] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6453] ioctl(4, LOOP_CLR_FD) = 0 [pid 6455] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6455] close(4) = 0 [pid 6455] close(3 [pid 6456] <... write resumed>) = 524288 [pid 6455] <... close resumed>) = 0 [pid 6454] <... munmap resumed>) = 0 [pid 6456] munmap(0x7f1864095000, 138412032 [pid 6453] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6453] close(4) = 0 [pid 6454] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6453] close(3 [pid 6456] <... munmap resumed>) = 0 [pid 6455] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6454] <... openat resumed>) = 4 [pid 6455] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6454] ioctl(4, LOOP_SET_FD, 3 [pid 6455] sync( [pid 6456] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6454] <... ioctl resumed>) = 0 [pid 6452] <... link resumed>) = 0 [pid 6454] close(3 [pid 6452] sync( [pid 6454] <... close resumed>) = 0 [pid 6454] close(4 [pid 6456] <... openat resumed>) = 4 [pid 6454] <... close resumed>) = 0 [pid 6453] <... close resumed>) = 0 [pid 6453] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6456] ioctl(4, LOOP_SET_FD, 3 [pid 6454] mkdir("./file1", 0777) = 0 [pid 6453] sync( [pid 6456] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6455] <... sync resumed>) = 0 [pid 6454] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6452] <... sync resumed>) = 0 [pid 6456] ioctl(4, LOOP_CLR_FD [pid 6455] exit_group(0 [pid 6453] <... sync resumed>) = 0 [pid 6452] exit_group(0 [pid 6455] <... exit_group resumed>) = ? [pid 6456] <... ioctl resumed>) = 0 [ 205.003147][ T6454] loop2: detected capacity change from 0 to 1024 [pid 6452] <... exit_group resumed>) = ? [pid 6455] +++ exited with 0 +++ [pid 6453] exit_group(0) = ? [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6455, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6453] +++ exited with 0 +++ [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6456] ioctl(4, LOOP_SET_FD, 3 [pid 6454] <... mount resumed>) = 0 [pid 6452] +++ exited with 0 +++ [pid 5867] <... restart_syscall resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6453, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6456] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6454] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6456] close(4 [pid 6454] <... openat resumed>) = 3 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6452, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 6456] <... close resumed>) = 0 [pid 6454] chdir("./file1" [pid 5868] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6456] close(3 [pid 6454] <... chdir resumed>) = 0 [pid 6454] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6454] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6454] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(3, "", [pid 5864] <... openat resumed>) = 3 [pid 5868] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(3, "", [pid 5868] <... openat resumed>) = 3 [pid 5867] getdents64(3, [pid 5868] newfstatat(3, "", [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6456] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(3, [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6456] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6456] sync( [pid 5867] unlink("./115/binderfs") = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6454] <... link resumed>) = 0 [pid 5867] getdents64(3, [pid 6454] sync( [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5864] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5867] rmdir("./115" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] unlink("./114/binderfs") = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] mkdir("./116", 0777 [pid 5864] close(3) = 0 [pid 5864] rmdir("./114") = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] mkdir("./115", 0777 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... mkdir resumed>) = 0 [pid 6456] <... sync resumed>) = 0 [pid 6454] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6454] exit_group(0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6454] <... exit_group resumed>) = ? [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6456] exit_group(0 [pid 6454] +++ exited with 0 +++ [pid 5868] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] <... openat resumed>) = 3 [pid 6456] <... exit_group resumed>) = ? [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6454, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] close(3 [pid 6456] +++ exited with 0 +++ [pid 5868] newfstatat(AT_FDCWD, "./117/file1", [pid 5867] <... close resumed>) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6456, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6457 attached [pid 5868] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5868] openat(AT_FDCWD, "./117/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6457] set_robust_list(0x5555593cd660, 24 [pid 5868] <... openat resumed>) = 4 [pid 5866] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(3 [pid 6457] <... set_robust_list resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... close resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6457 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6458 attached [pid 6457] chdir("./116" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6458] set_robust_list(0x5555593cd660, 24 [pid 5865] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6458] <... set_robust_list resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5868] getdents64(4, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6458 [pid 6458] chdir("./115" [pid 6457] <... chdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] newfstatat(3, "", [pid 5865] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6457] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] getdents64(4, [pid 5865] <... openat resumed>) = 3 [pid 6458] <... chdir resumed>) = 0 [pid 6457] <... prctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(3, "", [pid 6458] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6457] setpgid(0, 0 [pid 5868] close(4 [pid 5866] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6458] <... prctl resumed>) = 0 [pid 6457] <... setpgid resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] getdents64(3, [pid 6457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] rmdir("./117/file1" [pid 5866] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6458] setpgid(0, 0 [pid 5865] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6458] <... setpgid resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] unlink("./113/binderfs" [pid 6458] <... openat resumed>) = 3 [pid 6457] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6457] write(3, "1000", 4 [pid 5868] newfstatat(AT_FDCWD, "./117/binderfs", [pid 6457] <... write resumed>) = 4 [pid 6458] write(3, "1000", 4 [pid 6457] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 6458] <... write resumed>) = 4 [pid 6457] <... close resumed>) = 0 [pid 5868] unlink("./117/binderfs" [pid 5865] getdents64(3, [pid 6458] close(3 [pid 6457] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6458] <... close resumed>) = 0 [pid 6457] <... symlink resumed>) = 0 [pid 5868] getdents64(3, [pid 5865] close(3 [pid 6458] symlink("/dev/binderfs", "./binderfs" [pid 6457] write(1, "executing program\n", 18 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 executing program [pid 6458] <... symlink resumed>) = 0 [pid 6457] <... write resumed>) = 18 [pid 5868] close(3 [pid 5865] rmdir("./113" [pid 6458] write(1, "executing program\n", 18executing program [pid 6457] memfd_create("syzkaller", 0 [pid 5868] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6458] <... write resumed>) = 18 [pid 6457] <... memfd_create resumed>) = 3 [pid 5868] rmdir("./117" [pid 6458] memfd_create("syzkaller", 0 [pid 6457] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6458] <... memfd_create resumed>) = 3 [pid 5865] mkdir("./114", 0777 [pid 6458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6457] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 6458] <... mmap resumed>) = 0x7f1864095000 [pid 6457] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] mkdir("./118", 0777 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5865] close(3) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6459 attached [pid 6458] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... mkdir resumed>) = 0 [pid 6459] set_robust_list(0x5555593cd660, 24 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6459 [pid 6459] <... set_robust_list resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6459] chdir("./114" [pid 6457] <... write resumed>) = 524288 [pid 5868] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6459] <... chdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./112/file1", [pid 6459] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... ioctl resumed>) = 0 [pid 6459] <... prctl resumed>) = 0 [pid 5868] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6459] setpgid(0, 0 [pid 6457] munmap(0x7f1864095000, 138412032 [pid 5866] umount2("./112/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6459] <... setpgid resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./112/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6457] <... munmap resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6459] <... openat resumed>) = 3 [pid 6458] <... write resumed>) = 524288 [pid 5866] newfstatat(4, "", [pid 6459] write(3, "1000", 4 [pid 6457] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6459] <... write resumed>) = 4 [pid 6457] ioctl(4, LOOP_SET_FD, 3 [pid 5866] getdents64(4, [pid 6459] close(3 [pid 6458] munmap(0x7f1864095000, 138412032 [pid 6457] <... ioctl resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6458] <... munmap resumed>) = 0 [pid 6457] close(3) = 0 [pid 6457] close(4) = 0 [pid 6457] mkdir("./file1", 0777 [pid 6459] <... close resumed>) = 0 [pid 6458] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6457] <... mkdir resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] getdents64(4, [pid 6459] symlink("/dev/binderfs", "./binderfs" [pid 6458] <... openat resumed>) = 4 executing program [pid 6458] ioctl(4, LOOP_SET_FD, 3 [pid 6459] <... symlink resumed>) = 0 [pid 6458] <... ioctl resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6459] write(1, "executing program\n", 18 [pid 5866] close(4 [pid 6459] <... write resumed>) = 18 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./112/file1" [pid 6459] memfd_create("syzkaller", 0) = 3 [pid 6457] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6460 attached [pid 6459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6458] close(3 [pid 6460] set_robust_list(0x5555593cd660, 24 [pid 6459] <... mmap resumed>) = 0x7f1864095000 [pid 6458] <... close resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6460 [pid 5866] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6458] close(4 [pid 6460] <... set_robust_list resumed>) = 0 [pid 6458] <... close resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6458] mkdir("./file1", 0777 [pid 5866] newfstatat(AT_FDCWD, "./112/binderfs", [pid 6460] chdir("./118" [pid 6459] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6458] <... mkdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6460] <... chdir resumed>) = 0 [pid 6457] <... mount resumed>) = 0 [pid 5866] unlink("./112/binderfs" [pid 6460] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6457] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6460] <... prctl resumed>) = 0 [pid 6458] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6457] <... openat resumed>) = 3 [pid 5866] <... unlink resumed>) = 0 [pid 5866] getdents64(3, [pid 6460] setpgid(0, 0 [pid 6457] chdir("./file1" [pid 6460] <... setpgid resumed>) = 0 [pid 6457] <... chdir resumed>) = 0 [pid 6460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6457] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6457] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] close(3 [pid 6460] <... openat resumed>) = 3 [pid 6459] <... write resumed>) = 524288 [pid 6457] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... close resumed>) = 0 [pid 6460] write(3, "1000", 4 [pid 5866] rmdir("./112" [pid 6460] <... write resumed>) = 4 [pid 5866] <... rmdir resumed>) = 0 [pid 6460] close(3) = 0 [pid 6459] munmap(0x7f1864095000, 138412032 [pid 6460] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6458] <... mount resumed>) = 0 [pid 6460] write(1, "executing program\n", 18 [pid 6459] <... munmap resumed>) = 0 [pid 6458] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] mkdir("./113", 0777 [pid 6459] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6460] <... write resumed>) = 18 [pid 6459] <... openat resumed>) = 4 [pid 6460] memfd_create("syzkaller", 0 [pid 6459] ioctl(4, LOOP_SET_FD, 3 [pid 6458] <... openat resumed>) = 3 [pid 5866] <... mkdir resumed>) = 0 [ 205.332497][ T6457] loop3: detected capacity change from 0 to 1024 [ 205.350689][ T6458] loop0: detected capacity change from 0 to 1024 executing program [pid 6460] <... memfd_create resumed>) = 3 [pid 6459] <... ioctl resumed>) = 0 [pid 6458] chdir("./file1" [pid 6459] close(3) = 0 [pid 6459] close(4 [pid 6460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6459] <... close resumed>) = 0 [pid 6458] <... chdir resumed>) = 0 [pid 6460] <... mmap resumed>) = 0x7f1864095000 [pid 6459] mkdir("./file1", 0777 [pid 6458] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6459] <... mkdir resumed>) = 0 [pid 6458] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... openat resumed>) = 3 [pid 6459] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6458] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6457] <... link resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 6457] sync( [pid 5866] close(3 [pid 6460] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6459] <... mount resumed>) = 0 [pid 6458] <... link resumed>) = 0 [pid 6459] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6458] sync( [pid 5866] <... close resumed>) = 0 [pid 6459] <... openat resumed>) = 3 [ 205.420291][ T6459] loop1: detected capacity change from 0 to 1024 [pid 6459] chdir("./file1") = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6459] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6459] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"./strace-static-x86_64: Process 6461 attached [pid 6461] set_robust_list(0x5555593cd660, 24) = 0 [pid 6461] chdir("./113") = 0 [pid 6461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6461] setpgid(0, 0) = 0 [pid 6461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6460] munmap(0x7f1864095000, 138412032 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6461 [pid 6461] <... openat resumed>) = 3 [pid 6460] <... munmap resumed>) = 0 [pid 6461] write(3, "1000", 4) = 4 [pid 6461] close(3) = 0 [pid 6461] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6460] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program [pid 6461] write(1, "executing program\n", 18 [pid 6460] <... openat resumed>) = 4 [pid 6461] <... write resumed>) = 18 [pid 6461] memfd_create("syzkaller", 0 [pid 6460] ioctl(4, LOOP_SET_FD, 3 [pid 6461] <... memfd_create resumed>) = 3 [pid 6461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6460] <... ioctl resumed>) = 0 [pid 6459] <... link resumed>) = 0 [pid 6459] sync( [pid 6460] close(3 [pid 6461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6460] <... close resumed>) = 0 [ 205.528701][ T6460] loop4: detected capacity change from 0 to 1024 [pid 6460] close(4) = 0 [pid 6461] <... write resumed>) = 524288 [pid 6460] mkdir("./file1", 0777 [pid 6461] munmap(0x7f1864095000, 138412032) = 0 [pid 6460] <... mkdir resumed>) = 0 [pid 6460] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6461] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6457] <... sync resumed>) = 0 [pid 6457] exit_group(0 [pid 6461] <... openat resumed>) = 4 [pid 6458] <... sync resumed>) = 0 [pid 6457] <... exit_group resumed>) = ? [pid 6459] <... sync resumed>) = 0 [pid 6461] ioctl(4, LOOP_SET_FD, 3 [pid 6459] exit_group(0 [pid 6461] <... ioctl resumed>) = 0 [pid 6459] <... exit_group resumed>) = ? [pid 6458] exit_group(0 [pid 6457] +++ exited with 0 +++ [pid 6461] close(3 [pid 6460] <... mount resumed>) = 0 [pid 6461] <... close resumed>) = 0 [pid 6458] <... exit_group resumed>) = ? [pid 6461] close(4 [pid 6460] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6459] +++ exited with 0 +++ [pid 6458] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6457, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6460] <... openat resumed>) = 3 [pid 5867] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6460] chdir("./file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6459, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6460] <... chdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6458, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 6461] <... close resumed>) = 0 [pid 6460] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6461] mkdir("./file1", 0777 [pid 6460] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] newfstatat(3, "", [pid 5864] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6461] <... mkdir resumed>) = 0 [ 205.604768][ T6461] loop2: detected capacity change from 0 to 1024 [pid 6460] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6461] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] getdents64(3, [pid 5865] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] newfstatat(3, "", [pid 5864] <... openat resumed>) = 3 [pid 5867] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(3, "", [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6461] <... mount resumed>) = 0 [pid 6460] <... link resumed>) = 0 [pid 6461] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6460] sync( [pid 6461] <... openat resumed>) = 3 [pid 6461] chdir("./file1") = 0 [pid 6461] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5864] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5867] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./116/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5867] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6461] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./116/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 4 [pid 5865] newfstatat(AT_FDCWD, "./114/file1", [pid 5864] newfstatat(AT_FDCWD, "./115/file1", [pid 6460] <... sync resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6460] exit_group(0 [pid 5867] newfstatat(4, "", [pid 5865] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6460] <... exit_group resumed>) = ? [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6460] +++ exited with 0 +++ [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./114/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(4, [pid 5865] <... openat resumed>) = 4 [pid 5864] openat(AT_FDCWD, "./115/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(4, "", [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5865] getdents64(4, [pid 5864] newfstatat(4, "", [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6460, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6461] <... link resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 5865] getdents64(4, [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6461] sync( [pid 5865] close(4 [pid 5864] getdents64(4, [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] close(4 [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] rmdir("./114/file1" [pid 5864] close(4 [pid 5868] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] rmdir("./116/file1" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(3, "", [pid 5864] rmdir("./115/file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] unlink("./116/binderfs" [pid 5865] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5864] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6461] <... sync resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] unlink("./114/binderfs" [pid 5864] newfstatat(AT_FDCWD, "./115/binderfs", [pid 6461] exit_group(0 [pid 5868] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] unlink("./115/binderfs" [pid 6461] <... exit_group resumed>) = ? [pid 5865] getdents64(3, [pid 5867] getdents64(3, [pid 5864] <... unlink resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3) = 0 [pid 5867] rmdir("./116") = 0 [pid 5867] mkdir("./117", 0777) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(3, [pid 6461] +++ exited with 0 +++ [pid 5865] close(3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6461, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] <... close resumed>) = 0 [pid 5864] close(3 [pid 5865] rmdir("./114" [pid 5864] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5864] rmdir("./115" [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] <... rmdir resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] mkdir("./116", 0777 [pid 5867] close(3) = 0 [pid 5865] mkdir("./115", 0777 [pid 5864] <... mkdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 6462 attached [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6462] set_robust_list(0x5555593cd660, 24 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... ioctl resumed>) = 0 [pid 6462] <... set_robust_list resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] close(3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6462] chdir("./117" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6462 [pid 6462] <... chdir resumed>) = 0 [pid 5866] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6462] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6462] <... prctl resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6462] setpgid(0, 0 [pid 5866] <... openat resumed>) = 3 [pid 6462] <... setpgid resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 5864] <... close resumed>) = 0 [pid 6462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6462] <... openat resumed>) = 3 [pid 5866] getdents64(3, [pid 6462] write(3, "1000", 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... ioctl resumed>) = 0 [pid 6462] <... write resumed>) = 4 [pid 5866] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6462] close(3 [pid 5865] close(3 [pid 6462] <... close resumed>) = 0 [pid 6462] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6462] write(1, "executing program\n", 18) = 18 [pid 6462] memfd_create("syzkaller", 0) = 3 [pid 6462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6463 attached ./strace-static-x86_64: Process 6464 attached [pid 6463] set_robust_list(0x5555593cd660, 24 [pid 5868] <... umount2 resumed>) = 0 [pid 6463] <... set_robust_list resumed>) = 0 [pid 6464] set_robust_list(0x5555593cd660, 24) = 0 [pid 6464] chdir("./115") = 0 [pid 6464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6464] setpgid(0, 0) = 0 [pid 6463] chdir("./116" [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6464 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6463 [pid 6463] <... chdir resumed>) = 0 [pid 5868] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6463] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6463] <... prctl resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./118/file1", [pid 6464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6463] setpgid(0, 0 [pid 6462] <... write resumed>) = 524288 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6463] <... setpgid resumed>) = 0 [pid 5868] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6464] <... openat resumed>) = 3 [pid 6463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6463] <... openat resumed>) = 3 [pid 6462] munmap(0x7f1864095000, 138412032 [pid 5868] openat(AT_FDCWD, "./118/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6464] write(3, "1000", 4 [pid 6462] <... munmap resumed>) = 0 [pid 5866] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6464] <... write resumed>) = 4 [pid 6463] write(3, "1000", 4 [pid 6462] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6464] close(3 [pid 6463] <... write resumed>) = 4 [pid 6462] <... openat resumed>) = 4 [pid 5868] newfstatat(4, "", [pid 6464] <... close resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./113/file1", [pid 6464] symlink("/dev/binderfs", "./binderfs" [pid 6462] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6464] <... symlink resumed>) = 0 [pid 6463] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./113/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6463] <... close resumed>) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6463] symlink("/dev/binderfs", "./binderfs" [pid 5868] getdents64(4, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program executing program [pid 6464] write(1, "executing program\n", 18 [pid 6463] <... symlink resumed>) = 0 [pid 6462] <... ioctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] openat(AT_FDCWD, "./113/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6464] <... write resumed>) = 18 [pid 6463] write(1, "executing program\n", 18 [pid 6462] close(3 [pid 5868] close(4 [pid 5866] <... openat resumed>) = 4 [pid 6464] memfd_create("syzkaller", 0 [pid 6463] <... write resumed>) = 18 [pid 6462] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 6464] <... memfd_create resumed>) = 3 [pid 6463] memfd_create("syzkaller", 0 [pid 6462] close(4 [pid 5868] rmdir("./118/file1" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6462] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 6464] <... mmap resumed>) = 0x7f1864095000 [pid 6463] <... memfd_create resumed>) = 3 [pid 5868] <... rmdir resumed>) = 0 [pid 6463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6464] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6463] <... mmap resumed>) = 0x7f1864095000 [pid 6462] mkdir("./file1", 0777 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6462] <... mkdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(4, [pid 5868] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(4 [pid 5868] unlink("./118/binderfs") = 0 [pid 5866] <... close resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] rmdir("./113/file1" [pid 5868] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 6462] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... close resumed>) = 0 [pid 6464] <... write resumed>) = 524288 [pid 5868] rmdir("./118" [pid 5866] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6463] <... write resumed>) = 524288 [pid 5868] <... rmdir resumed>) = 0 [ 205.897757][ T6462] loop3: detected capacity change from 0 to 1024 [pid 5868] mkdir("./119", 0777) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6463] munmap(0x7f1864095000, 138412032) = 0 [pid 5866] newfstatat(AT_FDCWD, "./113/binderfs", [pid 6463] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6463] ioctl(4, LOOP_SET_FD, 3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6463] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] unlink("./113/binderfs" [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] <... unlink resumed>) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 6462] <... mount resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5866] rmdir("./113" [pid 6463] close(3 [pid 5868] close(3 [pid 6463] <... close resumed>) = 0 [pid 6464] munmap(0x7f1864095000, 138412032 [pid 6463] close(4 [pid 6462] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... rmdir resumed>) = 0 [pid 6464] <... munmap resumed>) = 0 [pid 6462] <... openat resumed>) = 3 [pid 6462] chdir("./file1" [pid 5866] mkdir("./114", 0777 [pid 6462] <... chdir resumed>) = 0 [pid 6464] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6462] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... mkdir resumed>) = 0 [pid 6464] <... openat resumed>) = 4 [pid 6464] ioctl(4, LOOP_SET_FD, 3 [pid 6463] <... close resumed>) = 0 [pid 6462] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6463] mkdir("./file1", 0777 [pid 5866] <... openat resumed>) = 3 [pid 6464] <... ioctl resumed>) = 0 [pid 6462] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3) = 0 [pid 6463] <... mkdir resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6464] close(3 [pid 6463] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6464] <... close resumed>) = 0 [pid 6464] close(4) = 0 ./strace-static-x86_64: Process 6465 attached [pid 6464] mkdir("./file1", 0777./strace-static-x86_64: Process 6466 attached [pid 6465] set_robust_list(0x5555593cd660, 24 [pid 6464] <... mkdir resumed>) = 0 [pid 6464] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6465 [pid 6465] <... set_robust_list resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6466 [pid 6466] set_robust_list(0x5555593cd660, 24 [pid 6463] <... mount resumed>) = 0 [pid 6463] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6466] <... set_robust_list resumed>) = 0 [pid 6465] chdir("./114" [pid 6463] <... openat resumed>) = 3 [ 205.965311][ T6463] loop0: detected capacity change from 0 to 1024 [ 206.008826][ T6464] loop1: detected capacity change from 0 to 1024 [pid 6466] chdir("./119" [pid 6465] <... chdir resumed>) = 0 [pid 6463] chdir("./file1" [pid 6466] <... chdir resumed>) = 0 [pid 6465] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6463] <... chdir resumed>) = 0 [pid 6463] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6466] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6465] <... prctl resumed>) = 0 [pid 6464] <... mount resumed>) = 0 [pid 6463] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6462] <... link resumed>) = 0 [pid 6466] <... prctl resumed>) = 0 [pid 6465] setpgid(0, 0 [pid 6464] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6463] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6462] sync( [pid 6466] setpgid(0, 0 [pid 6465] <... setpgid resumed>) = 0 [pid 6464] <... openat resumed>) = 3 [pid 6466] <... setpgid resumed>) = 0 [pid 6465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6464] chdir("./file1") = 0 [pid 6466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6464] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6466] <... openat resumed>) = 3 [pid 6465] <... openat resumed>) = 3 [pid 6464] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6466] write(3, "1000", 4) = 4 [pid 6464] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6466] close(3 [pid 6465] write(3, "1000", 4 [pid 6466] <... close resumed>) = 0 [pid 6463] <... link resumed>) = 0 [pid 6465] <... write resumed>) = 4 [pid 6466] symlink("/dev/binderfs", "./binderfs" [pid 6463] sync( [pid 6465] close(3 [pid 6466] <... symlink resumed>) = 0 [pid 6465] <... close resumed>) = 0 [pid 6465] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6465] write(1, "executing program\n", 18) = 18 [pid 6466] write(1, "executing program\n", 18 [pid 6465] memfd_create("syzkaller", 0executing program [pid 6466] <... write resumed>) = 18 [pid 6465] <... memfd_create resumed>) = 3 [pid 6464] <... link resumed>) = 0 [pid 6465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6464] sync( [pid 6465] <... mmap resumed>) = 0x7f1864095000 [pid 6466] memfd_create("syzkaller", 0 [pid 6465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6466] <... memfd_create resumed>) = 3 [pid 6466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6462] <... sync resumed>) = 0 [pid 6462] exit_group(0) = ? [pid 6466] <... mmap resumed>) = 0x7f1864095000 [pid 6466] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6465] <... write resumed>) = 524288 [pid 6464] <... sync resumed>) = 0 [pid 6463] <... sync resumed>) = 0 [pid 6462] +++ exited with 0 +++ [pid 6463] exit_group(0 [pid 6464] exit_group(0 [pid 6463] <... exit_group resumed>) = ? [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6462, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6464] <... exit_group resumed>) = ? [pid 5867] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6464] +++ exited with 0 +++ [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6464, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6465] munmap(0x7f1864095000, 138412032 [pid 5867] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6466] <... write resumed>) = 524288 [pid 6465] <... munmap resumed>) = 0 [pid 6463] +++ exited with 0 +++ [pid 5867] <... openat resumed>) = 3 [pid 6465] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] newfstatat(3, "", [pid 6466] munmap(0x7f1864095000, 138412032 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6463, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6465] <... openat resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6466] <... munmap resumed>) = 0 [pid 5867] getdents64(3, [pid 6465] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6465] <... ioctl resumed>) = 0 [pid 5867] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6465] close(3 [pid 5865] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... restart_syscall resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6465] <... close resumed>) = 0 [pid 6465] close(4 [pid 5865] <... openat resumed>) = 3 [pid 6465] <... close resumed>) = 0 [pid 6465] mkdir("./file1", 0777) = 0 [pid 6465] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6466] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] newfstatat(3, "", [pid 5864] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6466] <... openat resumed>) = 4 [pid 5865] getdents64(3, [pid 6466] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6466] <... ioctl resumed>) = 0 [pid 5865] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] close(3 [pid 5864] newfstatat(3, "", [pid 6466] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6465] <... mount resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./117/file1", [pid 6466] close(4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] getdents64(3, [pid 6466] <... close resumed>) = 0 [pid 6465] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] mkdir("./file1", 0777 [pid 6465] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6465] chdir("./file1" [pid 5867] openat(AT_FDCWD, "./117/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] <... mkdir resumed>) = 0 [pid 6465] <... chdir resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6466] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6465] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] getdents64(4, [pid 6465] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [ 206.194442][ T6465] loop2: detected capacity change from 0 to 1024 [ 206.232255][ T6466] loop4: detected capacity change from 0 to 1024 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6465] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] close(4) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6466] <... mount resumed>) = 0 [pid 5865] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] rmdir("./117/file1") = 0 [pid 5865] newfstatat(AT_FDCWD, "./115/file1", [pid 5867] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6466] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] <... openat resumed>) = 3 [pid 6465] <... link resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./117/binderfs", [pid 6466] chdir("./file1" [pid 6465] sync( [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6466] <... chdir resumed>) = 0 [pid 5867] unlink("./117/binderfs" [pid 5865] openat(AT_FDCWD, "./115/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = 0 [pid 6466] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... openat resumed>) = 4 [pid 6466] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6466] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... unlink resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] close(3) = 0 [pid 5865] getdents64(4, [pid 5864] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] rmdir("./117" [pid 6465] <... sync resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] mkdir("./118", 0777) = 0 [pid 5865] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./116/file1", [pid 6465] exit_group(0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6465] <... exit_group resumed>) = ? [pid 5865] close(4 [pid 5864] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6465] +++ exited with 0 +++ [pid 5867] <... openat resumed>) = 3 [pid 5865] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6465, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] rmdir("./115/file1" [pid 5864] openat(AT_FDCWD, "./116/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] close(3 [pid 6466] <... link resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(4, "", ./strace-static-x86_64: Process 6467 attached [pid 6466] sync( [pid 5866] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(4, [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6467 [pid 5866] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6467] set_robust_list(0x5555593cd660, 24) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5864] getdents64(4, [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6467] chdir("./118" [pid 5866] getdents64(3, [pid 5865] unlink("./115/binderfs" [pid 5864] close(4 [pid 6467] <... chdir resumed>) = 0 [pid 6467] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./116/file1" [pid 6467] <... prctl resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6467] setpgid(0, 0 [pid 5866] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 6467] <... setpgid resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6466] <... sync resumed>) = 0 [pid 5865] close(3) = 0 [pid 6466] exit_group(0 [pid 5865] rmdir("./115" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6467] <... openat resumed>) = 3 [pid 6466] <... exit_group resumed>) = ? [pid 5865] <... rmdir resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./116/binderfs", [pid 6466] +++ exited with 0 +++ [pid 5865] mkdir("./116", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6467] write(3, "1000", 4 [pid 5866] <... umount2 resumed>) = 0 [pid 6467] <... write resumed>) = 4 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6466, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5866] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... mkdir resumed>) = 0 [pid 5864] unlink("./116/binderfs" [pid 6467] close(3 [pid 5866] newfstatat(AT_FDCWD, "./114/file1", [pid 6467] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... unlink resumed>) = 0 [pid 6467] symlink("/dev/binderfs", "./binderfs" [pid 5866] umount2("./114/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6467] <... symlink resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 5866] openat(AT_FDCWD, "./114/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] close(3 [pid 5868] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6467] write(1, "executing program\n", 18 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(4, "", [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6467] <... write resumed>) = 18 [pid 5868] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6467] memfd_create("syzkaller", 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] getdents64(4, [pid 5865] close(3 [pid 5864] rmdir("./116" [pid 6467] <... memfd_create resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... rmdir resumed>) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] mkdir("./117", 0777 [pid 6467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] close(4 [pid 6467] <... mmap resumed>) = 0x7f1864095000 [pid 5868] getdents64(3, [pid 5866] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5866] rmdir("./114/file1") = 0 [pid 6467] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5864] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5866] unlink("./114/binderfs" [pid 6467] <... write resumed>) = 524288 [pid 5866] <... unlink resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... ioctl resumed>) = 0 [pid 6467] munmap(0x7f1864095000, 138412032 [pid 5866] getdents64(3, [pid 5864] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5866] rmdir("./114"./strace-static-x86_64: Process 6468 attached [pid 6467] <... munmap resumed>) = 0 [pid 6468] set_robust_list(0x5555593cd660, 24 [pid 6467] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6468 [pid 5864] <... close resumed>) = 0 [pid 6468] <... set_robust_list resumed>) = 0 [pid 6467] <... openat resumed>) = 4 [pid 5866] mkdir("./115", 0777 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6467] ioctl(4, LOOP_SET_FD, 3 [pid 6468] chdir("./116"./strace-static-x86_64: Process 6469 attached ) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6467] <... ioctl resumed>) = 0 [pid 6468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6468] setpgid(0, 0) = 0 [pid 6468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6469] set_robust_list(0x5555593cd660, 24 [pid 6468] <... openat resumed>) = 3 [pid 6467] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6469 [pid 6469] <... set_robust_list resumed>) = 0 [pid 6467] <... close resumed>) = 0 [pid 6469] chdir("./117" [pid 6468] write(3, "1000", 4 [pid 6467] close(4 [pid 5868] newfstatat(AT_FDCWD, "./119/file1", [pid 5866] <... openat resumed>) = 3 [pid 6469] <... chdir resumed>) = 0 [pid 6468] <... write resumed>) = 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6467] <... close resumed>) = 0 [pid 6469] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6467] mkdir("./file1", 0777 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6469] <... prctl resumed>) = 0 [pid 6469] setpgid(0, 0 [pid 6468] close(3 [pid 6469] <... setpgid resumed>) = 0 [pid 6468] <... close resumed>) = 0 [pid 6467] <... mkdir resumed>) = 0 [pid 5868] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 6469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6468] symlink("/dev/binderfs", "./binderfs" [pid 5866] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6468] <... symlink resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./119/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6468] write(1, "executing program\n", 18executing program ) = 18 [pid 5868] <... openat resumed>) = 4 [pid 6468] memfd_create("syzkaller", 0) = 3 [pid 5868] newfstatat(4, "", [pid 5866] <... close resumed>) = 0 [pid 6467] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6469] <... openat resumed>) = 3 [pid 6468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6468] <... mmap resumed>) = 0x7f1864095000 [pid 5868] getdents64(4, ./strace-static-x86_64: Process 6470 attached 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6470 [pid 5868] getdents64(4, [pid 6469] write(3, "1000", 4 [pid 6468] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6469] <... write resumed>) = 4 [ 206.526286][ T6467] loop3: detected capacity change from 0 to 1024 [pid 6469] close(3 [pid 6470] set_robust_list(0x5555593cd660, 24 [pid 6469] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6470] <... set_robust_list resumed>) = 0 [pid 6469] symlink("/dev/binderfs", "./binderfs" [pid 5868] close(4 [pid 6469] <... symlink resumed>) = 0 executing program [pid 6469] write(1, "executing program\n", 18 [pid 6470] chdir("./115" [pid 6468] <... write resumed>) = 524288 [pid 6467] <... mount resumed>) = 0 [pid 6469] <... write resumed>) = 18 [pid 5868] <... close resumed>) = 0 [pid 6470] <... chdir resumed>) = 0 [pid 6467] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] rmdir("./119/file1" [pid 6470] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6469] memfd_create("syzkaller", 0 [pid 6468] munmap(0x7f1864095000, 138412032 [pid 6467] <... openat resumed>) = 3 [pid 6470] <... prctl resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6470] setpgid(0, 0 [pid 6469] <... memfd_create resumed>) = 3 [pid 6468] <... munmap resumed>) = 0 [pid 6467] chdir("./file1" [pid 5868] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6469] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6468] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6467] <... chdir resumed>) = 0 [pid 6469] <... mmap resumed>) = 0x7f1864095000 [pid 6467] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6470] <... setpgid resumed>) = 0 [pid 6468] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6467] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6470] <... openat resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./119/binderfs", [pid 6470] write(3, "1000", 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6470] <... write resumed>) = 4 [pid 5868] unlink("./119/binderfs" [pid 6470] close(3 [pid 6468] ioctl(4, LOOP_SET_FD, 3 [pid 6467] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... unlink resumed>) = 0 [pid 6470] <... close resumed>) = 0 [pid 5868] getdents64(3, [pid 6468] <... ioctl resumed>) = 0 [pid 6470] symlink("/dev/binderfs", "./binderfs" [pid 6468] close(3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6470] <... symlink resumed>) = 0 [pid 6469] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6468] <... close resumed>) = 0 [pid 6468] close(4 [pid 6470] write(1, "executing program\n", 18 [pid 5868] close(3executing program [pid 6470] <... write resumed>) = 18 [pid 5868] <... close resumed>) = 0 [pid 6470] memfd_create("syzkaller", 0 [pid 6468] <... close resumed>) = 0 [pid 6470] <... memfd_create resumed>) = 3 [pid 5868] rmdir("./119" [pid 6470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6468] mkdir("./file1", 0777 [pid 5868] <... rmdir resumed>) = 0 [pid 6470] <... mmap resumed>) = 0x7f1864095000 [pid 6468] <... mkdir resumed>) = 0 [pid 6467] <... link resumed>) = 0 [pid 5868] mkdir("./120", 0777 [pid 6469] <... write resumed>) = 524288 [pid 6468] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6467] sync( [pid 5868] <... mkdir resumed>) = 0 [pid 6469] munmap(0x7f1864095000, 138412032) = 0 [pid 6470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6469] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6469] <... openat resumed>) = 4 [pid 5868] <... openat resumed>) = 3 [pid 6469] ioctl(4, LOOP_SET_FD, 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6469] <... ioctl resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 6470] <... write resumed>) = 524288 [pid 6469] close(3 [pid 6468] <... mount resumed>) = 0 [pid 6469] <... close resumed>) = 0 [pid 6468] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 206.653152][ T6468] loop1: detected capacity change from 0 to 1024 [pid 6469] close(4) = 0 [pid 5868] close(3 [pid 6470] munmap(0x7f1864095000, 138412032 [pid 6469] mkdir("./file1", 0777 [pid 6468] <... openat resumed>) = 3 [pid 5868] <... close resumed>) = 0 [pid 6470] <... munmap resumed>) = 0 [pid 6469] <... mkdir resumed>) = 0 [pid 6468] chdir("./file1" [pid 6470] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6469] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6468] <... chdir resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6470] <... openat resumed>) = 4 [pid 6468] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6470] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6471 attached [pid 6468] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6471] set_robust_list(0x5555593cd660, 24 [pid 6467] <... sync resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6471 [pid 6471] <... set_robust_list resumed>) = 0 [pid 6467] exit_group(0 [pid 6471] chdir("./120" [pid 6470] <... ioctl resumed>) = 0 [pid 6467] <... exit_group resumed>) = ? [ 206.701916][ T6469] loop0: detected capacity change from 0 to 1024 [pid 6471] <... chdir resumed>) = 0 [pid 6470] close(3 [pid 6467] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6467, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6470] <... close resumed>) = 0 [pid 6471] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6470] close(4 [pid 5867] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6469] <... mount resumed>) = 0 [pid 6468] <... link resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6471] <... prctl resumed>) = 0 [pid 6470] <... close resumed>) = 0 [pid 6469] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6468] sync( [pid 5867] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6471] setpgid(0, 0 [pid 6470] mkdir("./file1", 0777 [pid 6469] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 6471] <... setpgid resumed>) = 0 [pid 6470] <... mkdir resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 6471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6469] chdir("./file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6469] <... chdir resumed>) = 0 [pid 5867] getdents64(3, [pid 6471] <... openat resumed>) = 3 [pid 6470] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6469] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6471] write(3, "1000", 4 [pid 6469] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6468] <... sync resumed>) = 0 [pid 5867] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6471] <... write resumed>) = 4 [pid 6469] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [ 206.753835][ T6470] loop2: detected capacity change from 0 to 1024 [pid 6468] exit_group(0 [pid 6471] close(3 [pid 6468] <... exit_group resumed>) = ? [pid 6471] <... close resumed>) = 0 [pid 6468] +++ exited with 0 +++ [pid 6471] symlink("/dev/binderfs", "./binderfs" [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6468, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6471] <... symlink resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...>executing program [pid 6471] write(1, "executing program\n", 18) = 18 [pid 6469] <... link resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6471] memfd_create("syzkaller", 0 [pid 6469] sync( [pid 5867] <... umount2 resumed>) = 0 [pid 6471] <... memfd_create resumed>) = 3 [pid 6471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6471] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6470] <... mount resumed>) = 0 [pid 5865] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6470] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6470] chdir("./file1" [pid 5867] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6469] <... sync resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6470] <... chdir resumed>) = 0 [pid 6470] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6469] exit_group(0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(3, "", [pid 6470] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6469] <... exit_group resumed>) = ? [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(AT_FDCWD, "./118/file1", [pid 5865] getdents64(3, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6469] +++ exited with 0 +++ [pid 5865] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./118/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6469, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6470] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6471] <... write resumed>) = 524288 [pid 6470] <... link resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6470] sync( [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5864] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] rmdir("./118/file1" [pid 5864] <... openat resumed>) = 3 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5867] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5864] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6470] <... sync resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6470] exit_group(0 [pid 5867] unlink("./118/binderfs" [pid 6470] <... exit_group resumed>) = ? [pid 5867] <... unlink resumed>) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6471] munmap(0x7f1864095000, 138412032 [pid 5867] close(3 [pid 6471] <... munmap resumed>) = 0 [pid 6470] +++ exited with 0 +++ [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./118" [pid 6471] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... umount2 resumed>) = 0 [pid 6471] <... openat resumed>) = 4 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6470, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6471] ioctl(4, LOOP_SET_FD, 3 [pid 5865] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6471] <... ioctl resumed>) = 0 [pid 5866] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6471] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./116/file1", [pid 6471] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6471] close(4 [pid 5865] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6471] <... close resumed>) = 0 [pid 5867] mkdir("./119", 0777 [pid 5866] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = 0 [pid 6471] mkdir("./file1", 0777 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(3, "", [pid 6471] <... mkdir resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./116/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, [pid 5865] <... openat resumed>) = 4 [pid 5864] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6471] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] newfstatat(4, "", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./117/file1", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 3 [pid 5865] getdents64(4, [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... ioctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] openat(AT_FDCWD, "./117/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] close(3 [pid 5865] close(4) = 0 [pid 5865] rmdir("./116/file1" [pid 5864] <... openat resumed>) = 4 [pid 5867] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6472 attached [pid 5865] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(4, [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6472 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6472] set_robust_list(0x5555593cd660, 24 [pid 6471] <... mount resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4 [pid 6472] <... set_robust_list resumed>) = 0 [pid 6471] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6472] chdir("./119" [pid 6471] <... openat resumed>) = 3 [pid 6472] <... chdir resumed>) = 0 [pid 6471] chdir("./file1") = 0 [pid 5864] <... close resumed>) = 0 [pid 6472] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6471] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5864] rmdir("./117/file1" [pid 6472] <... prctl resumed>) = 0 [pid 6471] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6472] setpgid(0, 0 [ 206.935825][ T6471] loop4: detected capacity change from 0 to 1024 [pid 6471] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... rmdir resumed>) = 0 [pid 6472] <... setpgid resumed>) = 0 [pid 5865] unlink("./116/binderfs" [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 6472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5866] newfstatat(AT_FDCWD, "./115/file1", [pid 6472] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./115/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... close resumed>) = 0 [pid 5864] unlink("./117/binderfs" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] rmdir("./116" [pid 5866] openat(AT_FDCWD, "./115/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... unlink resumed>) = 0 [pid 6472] write(3, "1000", 4) = 4 [pid 5866] <... openat resumed>) = 4 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] getdents64(3, [pid 6472] close(3) = 0 [pid 6472] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5866] newfstatat(4, "", [pid 5865] mkdir("./117", 0777 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6471] <... link resumed>) = 0 [pid 6471] sync( [pid 5864] close(3 [pid 6472] write(1, "executing program\n", 18executing program [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6472] <... write resumed>) = 18 [pid 6472] memfd_create("syzkaller", 0 [pid 5864] rmdir("./117" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6472] <... memfd_create resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 5866] getdents64(4, [pid 6472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] mkdir("./118", 0777 [pid 5866] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5866] rmdir("./115/file1" [pid 5864] <... mkdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] close(3 [pid 6472] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... openat resumed>) = 3 [pid 5866] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... ioctl resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6473 attached [pid 6472] <... write resumed>) = 524288 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6473] set_robust_list(0x5555593cd660, 24 [pid 5866] unlink("./115/binderfs" [pid 6473] <... set_robust_list resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 6473] chdir("./118") = 0 [pid 6473] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] getdents64(3, [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6473 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6473] <... prctl resumed>) = 0 [pid 6471] <... sync resumed>) = 0 [pid 5866] close(3 [pid 6473] setpgid(0, 0 [pid 5866] <... close resumed>) = 0 [pid 6473] <... setpgid resumed>) = 0 [pid 6472] munmap(0x7f1864095000, 138412032 [pid 6471] exit_group(0 [pid 5866] rmdir("./115" [pid 6473] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6472] <... munmap resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6471] <... exit_group resumed>) = ? [pid 6473] <... openat resumed>) = 3 [pid 6473] write(3, "1000", 4 [pid 6472] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6473] <... write resumed>) = 4 [pid 6472] <... openat resumed>) = 4 [pid 6473] close(3 [pid 6472] ioctl(4, LOOP_SET_FD, 3 [pid 5866] mkdir("./116", 0777 [pid 5865] <... close resumed>) = 0 [pid 6473] <... close resumed>) = 0 [pid 6472] <... ioctl resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6473] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6472] close(3 [pid 6473] write(1, "executing program\n", 18 [pid 6472] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 6474 attached executing program [pid 6473] <... write resumed>) = 18 [pid 6472] close(4 [pid 6474] set_robust_list(0x5555593cd660, 24 [pid 6473] memfd_create("syzkaller", 0 [pid 6471] +++ exited with 0 +++ [pid 6474] <... set_robust_list resumed>) = 0 [pid 6472] <... close resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6474 [pid 6473] <... memfd_create resumed>) = 3 [pid 6472] mkdir("./file1", 0777 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6471, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... openat resumed>) = 3 [pid 6474] chdir("./117" [pid 6473] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6474] <... chdir resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6474] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6473] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... restart_syscall resumed>) = 0 [pid 6474] <... prctl resumed>) = 0 [pid 6474] setpgid(0, 0 [pid 6473] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6472] <... mkdir resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 6472] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] umount2("./120", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6474] <... setpgid resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] newfstatat(3, "", [pid 5866] close(3 [pid 6474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] getdents64(3, ./strace-static-x86_64: Process 6475 attached [pid 6474] <... openat resumed>) = 3 [pid 6475] set_robust_list(0x5555593cd660, 24 [pid 6474] write(3, "1000", 4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6474] <... write resumed>) = 4 [pid 5868] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6475] <... set_robust_list resumed>) = 0 [pid 6474] close(3 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6475 [pid 6474] <... close resumed>) = 0 [pid 6472] <... mount resumed>) = 0 [pid 6475] chdir("./116" [pid 6472] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6474] symlink("/dev/binderfs", "./binderfs" [pid 6472] <... openat resumed>) = 3 [pid 6472] chdir("./file1") = 0 [ 207.077024][ T6472] loop3: detected capacity change from 0 to 1024 [pid 6472] openat(AT_FDCWD, "/dev/loop3", O_RDWRexecuting program ) = -1 EBUSY (Device or resource busy) [pid 6475] <... chdir resumed>) = 0 [pid 6474] <... symlink resumed>) = 0 [pid 6472] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6475] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6474] write(1, "executing program\n", 18 [pid 6475] setpgid(0, 0 [pid 6474] <... write resumed>) = 18 [pid 6475] <... setpgid resumed>) = 0 [pid 6475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6474] memfd_create("syzkaller", 0 [pid 6473] <... write resumed>) = 524288 [pid 6475] <... openat resumed>) = 3 [pid 6475] write(3, "1000", 4 [pid 6474] <... memfd_create resumed>) = 3 [pid 6473] munmap(0x7f1864095000, 138412032 [pid 6475] <... write resumed>) = 4 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6475] close(3 [pid 6474] <... mmap resumed>) = 0x7f1864095000 [pid 6473] <... munmap resumed>) = 0 [pid 6473] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6475] <... close resumed>) = 0 [pid 6473] <... openat resumed>) = 4 [pid 6473] ioctl(4, LOOP_SET_FD, 3 [pid 6472] <... link resumed>) = 0 [pid 6473] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6473] ioctl(4, LOOP_CLR_FD) = 0 [pid 6472] sync( [pid 6473] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6473] close(4) = 0 [pid 6473] close(3 [pid 6475] symlink("/dev/binderfs", "./binderfs" [pid 6473] <... close resumed>) = 0 [pid 6475] <... symlink resumed>) = 0 [pid 6472] <... sync resumed>) = 0 [pid 6474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6473] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6475] write(1, "executing program\n", 18executing program ) = 18 [pid 5868] <... umount2 resumed>) = 0 [pid 6475] memfd_create("syzkaller", 0 [pid 6473] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6472] exit_group(0 [pid 6475] <... memfd_create resumed>) = 3 [pid 6473] sync( [pid 6472] <... exit_group resumed>) = ? [pid 6475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6472] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6472, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5868] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./120/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5867] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 3 [pid 6475] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6474] <... write resumed>) = 524288 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(3, "", [pid 5868] openat(AT_FDCWD, "./120/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6474] munmap(0x7f1864095000, 138412032 [pid 5868] <... openat resumed>) = 4 [pid 6474] <... munmap resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5867] getdents64(3, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6474] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] getdents64(4, [pid 6474] <... openat resumed>) = 4 [pid 5867] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6474] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6474] close(3) = 0 [pid 6474] close(4) = 0 [pid 6474] mkdir("./file1", 0777 [pid 6475] <... write resumed>) = 524288 [pid 6475] munmap(0x7f1864095000, 138412032 [pid 5867] <... umount2 resumed>) = 0 [pid 6475] <... munmap resumed>) = 0 [pid 5867] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./119/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6475] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6475] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./119/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 207.245401][ T6474] loop1: detected capacity change from 0 to 1024 [pid 6475] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... openat resumed>) = 4 [pid 6475] <... ioctl resumed>) = 0 [pid 6474] <... mkdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6475] close(3 [pid 6474] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] getdents64(4, [pid 5867] newfstatat(4, "", [pid 6475] <... close resumed>) = 0 [pid 6473] <... sync resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6475] close(4 [pid 6473] exit_group(0 [pid 5868] close(4) = 0 [pid 5868] rmdir("./120/file1" [pid 6473] <... exit_group resumed>) = ? [pid 6475] <... close resumed>) = 0 [pid 6473] +++ exited with 0 +++ [pid 5868] <... rmdir resumed>) = 0 [pid 5867] getdents64(4, [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6473, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6475] mkdir("./file1", 0777 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6475] <... mkdir resumed>) = 0 [pid 5868] umount2("./120/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(4, [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] newfstatat(AT_FDCWD, "./120/binderfs", [pid 5867] close(4 [pid 6475] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... close resumed>) = 0 [pid 5868] unlink("./120/binderfs") = 0 [pid 5867] rmdir("./119/file1") = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5868] close(3 [pid 5867] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] rmdir("./120" [pid 5867] newfstatat(AT_FDCWD, "./119/binderfs", [pid 5864] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6474] <... mount resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6474] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] unlink("./119/binderfs" [pid 5864] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6474] <... openat resumed>) = 3 [pid 5867] <... unlink resumed>) = 0 [pid 6474] chdir("./file1" [pid 5868] mkdir("./121", 0777 [pid 5867] getdents64(3, [pid 5864] <... openat resumed>) = 3 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] newfstatat(3, "", [pid 5867] close(3 [pid 6474] <... chdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] rmdir("./119" [pid 6474] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... rmdir resumed>) = 0 [ 207.308323][ T6475] loop2: detected capacity change from 0 to 1024 [pid 5864] getdents64(3, [pid 6475] <... mount resumed>) = 0 [pid 6474] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6475] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6474] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] mkdir("./120", 0777 [pid 5864] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6475] <... openat resumed>) = 3 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6475] chdir("./file1" [pid 5868] close(3 [pid 5864] newfstatat(AT_FDCWD, "./118/binderfs", [pid 6475] <... chdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6475] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6475] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6476 attached [pid 6475] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6474] <... link resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] unlink("./118/binderfs" [pid 5867] <... ioctl resumed>) = 0 [pid 5867] close(3 [pid 6474] sync( [pid 6476] set_robust_list(0x5555593cd660, 24 [pid 5867] <... close resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6476 [pid 6476] <... set_robust_list resumed>) = 0 [pid 6476] chdir("./121" [pid 5864] <... unlink resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6476] <... chdir resumed>) = 0 [pid 6476] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6477 attached ) = 0 [pid 5864] close(3 [pid 6476] setpgid(0, 0) = 0 [pid 6477] set_robust_list(0x5555593cd660, 24 [pid 6476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./118") = 0 [pid 6477] <... set_robust_list resumed>) = 0 [pid 6476] <... openat resumed>) = 3 [pid 6476] write(3, "1000", 4 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6477 [pid 6477] chdir("./120") = 0 [pid 6477] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6476] <... write resumed>) = 4 [pid 6476] close(3) = 0 [pid 6476] symlink("/dev/binderfs", "./binderfs" [pid 6477] <... prctl resumed>) = 0 [pid 6476] <... symlink resumed>) = 0 [pid 6477] setpgid(0, 0 [pid 6476] write(1, "executing program\n", 18executing program [pid 5864] mkdir("./119", 0777 [pid 6477] <... setpgid resumed>) = 0 [pid 6475] <... link resumed>) = 0 [pid 6475] sync( [pid 6476] <... write resumed>) = 18 [pid 6477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6476] memfd_create("syzkaller", 0) = 3 [pid 6477] <... openat resumed>) = 3 [pid 6474] <... sync resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6477] write(3, "1000", 4) = 4 [pid 6474] exit_group(0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6477] close(3 [pid 6476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6474] <... exit_group resumed>) = ? [pid 6477] <... close resumed>) = 0 [pid 6476] <... mmap resumed>) = 0x7f1864095000 [pid 6477] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 6477] <... symlink resumed>) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6477] write(1, "executing program\n", 18 [pid 6474] +++ exited with 0 +++ ./strace-static-x86_64: Process 6478 attached [pid 6477] <... write resumed>) = 18 [pid 6476] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6474, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6475] <... sync resumed>) = 0 [pid 6475] exit_group(0) = ? [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6475] +++ exited with 0 +++ [pid 5865] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6478] set_robust_list(0x5555593cd660, 24 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6475, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6477] memfd_create("syzkaller", 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6478 [pid 6477] <... memfd_create resumed>) = 3 [pid 6478] <... set_robust_list resumed>) = 0 [pid 6476] <... write resumed>) = 524288 [pid 6478] chdir("./119" [pid 6477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6478] <... chdir resumed>) = 0 [pid 6477] <... mmap resumed>) = 0x7f1864095000 [pid 5866] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6476] munmap(0x7f1864095000, 138412032) = 0 [pid 6476] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... openat resumed>) = 3 [pid 6476] <... openat resumed>) = 4 [pid 6476] ioctl(4, LOOP_SET_FD, 3 [pid 5866] newfstatat(3, "", [pid 6476] <... ioctl resumed>) = 0 [pid 6476] close(3 [pid 6478] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6478] <... prctl resumed>) = 0 [pid 5866] getdents64(3, [pid 6478] setpgid(0, 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6478] <... setpgid resumed>) = 0 [pid 6476] <... close resumed>) = 0 [pid 6476] close(4 [pid 6478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6477] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6476] <... close resumed>) = 0 [pid 5866] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6478] <... openat resumed>) = 3 [pid 6476] mkdir("./file1", 0777 [pid 6478] write(3, "1000", 4 [pid 6476] <... mkdir resumed>) = 0 [pid 6476] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6478] <... write resumed>) = 4 [pid 6478] close(3) = 0 [pid 6478] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6478] write(1, "executing program\n", 18 [pid 6477] <... write resumed>) = 524288 [pid 5865] <... umount2 resumed>) = 0 [pid 6477] munmap(0x7f1864095000, 138412032 [pid 6478] <... write resumed>) = 18 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6478] memfd_create("syzkaller", 0 [pid 6477] <... munmap resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6476] <... mount resumed>) = 0 [ 207.497914][ T6476] loop4: detected capacity change from 0 to 1024 [pid 5865] newfstatat(AT_FDCWD, "./117/file1", [pid 6477] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6478] <... memfd_create resumed>) = 3 [pid 6476] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6476] <... openat resumed>) = 3 [pid 6477] <... openat resumed>) = 4 [pid 6477] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6477] close(3) = 0 [pid 6477] close(4 [pid 5866] newfstatat(AT_FDCWD, "./116/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6477] <... close resumed>) = 0 [pid 6477] mkdir("./file1", 0777 [pid 6476] chdir("./file1" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] openat(AT_FDCWD, "./117/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6478] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6476] <... chdir resumed>) = 0 [pid 5866] umount2("./116/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 4 [pid 6476] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(4, "", [pid 6476] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6477] <... mkdir resumed>) = 0 [pid 6476] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] openat(AT_FDCWD, "./116/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] getdents64(4, [pid 6477] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] newfstatat(4, "", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(4, [pid 5865] close(4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] rmdir("./117/file1" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./116/file1") = 0 [ 207.576188][ T6477] loop3: detected capacity change from 0 to 1024 [pid 6478] <... write resumed>) = 524288 [pid 6477] <... mount resumed>) = 0 [pid 6476] <... link resumed>) = 0 [pid 5866] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6478] munmap(0x7f1864095000, 138412032 [pid 6477] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6477] chdir("./file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6478] <... munmap resumed>) = 0 [pid 6477] <... chdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5865] newfstatat(AT_FDCWD, "./117/binderfs", [pid 6477] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./116/binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6477] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6477] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... unlink resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] unlink("./117/binderfs" [pid 6476] sync( [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5866] close(3 [pid 5865] getdents64(3, [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./116" [pid 6478] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6478] <... openat resumed>) = 4 [pid 5865] <... close resumed>) = 0 [pid 6478] ioctl(4, LOOP_SET_FD, 3 [pid 5865] rmdir("./117" [pid 5866] mkdir("./117", 0777 [pid 6478] <... ioctl resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] mkdir("./118", 0777 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6478] close(3 [pid 6477] <... link resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6478] <... close resumed>) = 0 [pid 6478] close(4 [pid 6477] sync( [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5865] close(3) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6479 attached [pid 6478] <... close resumed>) = 0 [pid 6476] <... sync resumed>) = 0 [pid 5866] close(3 [pid 6478] mkdir("./file1", 0777 [pid 6476] exit_group(0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6479 [pid 6478] <... mkdir resumed>) = 0 [pid 6476] <... exit_group resumed>) = ? [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6479] set_robust_list(0x5555593cd660, 24) = 0 [pid 6479] chdir("./118") = 0 [pid 6478] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6479] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6480 attached ) = 0 [pid 6476] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6476, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6479] setpgid(0, 0) = 0 [pid 5868] umount2("./121", MNT_FORCE|UMOUNT_NOFOLLOW [ 207.681164][ T6478] loop0: detected capacity change from 0 to 1024 [pid 6479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6480] set_robust_list(0x5555593cd660, 24) = 0 [pid 6479] <... openat resumed>) = 3 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6480 [pid 6480] chdir("./117" [pid 6477] <... sync resumed>) = 0 [pid 6480] <... chdir resumed>) = 0 [pid 6479] write(3, "1000", 4 [pid 6477] exit_group(0 [pid 5868] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6480] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6479] <... write resumed>) = 4 [pid 6477] <... exit_group resumed>) = ? [pid 5868] <... openat resumed>) = 3 [pid 6480] <... prctl resumed>) = 0 [pid 6479] close(3 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 6479] <... close resumed>) = 0 [pid 6480] setpgid(0, 0 [pid 6479] symlink("/dev/binderfs", "./binderfs" [pid 6480] <... setpgid resumed>) = 0 [pid 6477] +++ exited with 0 +++ executing program [pid 6479] <... symlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6478] <... mount resumed>) = 0 [pid 6478] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6478] chdir("./file1") = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6477, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6480] <... openat resumed>) = 3 [pid 6479] write(1, "executing program\n", 18 [pid 6478] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6479] <... write resumed>) = 18 [pid 6478] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... restart_syscall resumed>) = 0 [pid 6479] memfd_create("syzkaller", 0 [pid 6478] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6480] write(3, "1000", 4 [pid 6479] <... memfd_create resumed>) = 3 [pid 6480] <... write resumed>) = 4 [pid 6479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] umount2("./120", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6480] close(3 [pid 6479] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6480] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6480] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... openat resumed>) = 3 [pid 6480] <... symlink resumed>) = 0 [pid 5867] newfstatat(3, "", executing program [pid 6480] write(1, "executing program\n", 18 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6480] <... write resumed>) = 18 [pid 6480] memfd_create("syzkaller", 0 [pid 6479] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6478] <... link resumed>) = 0 [pid 6480] <... memfd_create resumed>) = 3 [pid 6478] sync( [pid 6480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6479] <... write resumed>) = 524288 [pid 6480] <... mmap resumed>) = 0x7f1864095000 [pid 6480] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6479] munmap(0x7f1864095000, 138412032) = 0 [pid 6479] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6479] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6478] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6478] exit_group(0) = ? [pid 6479] close(3) = 0 [pid 6479] close(4) = 0 [pid 6479] mkdir("./file1", 0777 [pid 6480] munmap(0x7f1864095000, 138412032 [pid 6479] <... mkdir resumed>) = 0 [pid 6480] <... munmap resumed>) = 0 [pid 6480] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6478] +++ exited with 0 +++ [pid 6480] <... openat resumed>) = 4 [pid 6480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5868] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6479] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6478, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6480] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./121/file1", [pid 6480] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./121/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6480] close(4 [pid 5868] <... openat resumed>) = 4 [pid 5864] <... openat resumed>) = 3 [pid 6480] <... close resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5864] newfstatat(3, "", [pid 5867] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 6480] mkdir("./file1", 0777 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 5867] newfstatat(AT_FDCWD, "./120/file1", [pid 5864] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(4, [pid 5867] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] close(4 [pid 5867] openat(AT_FDCWD, "./120/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5868] rmdir("./121/file1") = 0 [pid 5867] newfstatat(4, "", [pid 5868] umount2("./121/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./121/binderfs") = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 6480] <... mkdir resumed>) = 0 [pid 5867] getdents64(4, [pid 6480] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 5867] getdents64(4, [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./121" [pid 5867] close(4 [pid 5868] <... rmdir resumed>) = 0 [ 207.873013][ T6479] loop1: detected capacity change from 0 to 1024 [ 207.891605][ T6480] loop2: detected capacity change from 0 to 1024 [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./120/file1" [pid 5868] mkdir("./122", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6479] <... mount resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3) = 0 [pid 5867] umount2("./120/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6479] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = 0 [pid 6479] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6481 attached [pid 5867] unlink("./120/binderfs" [pid 6479] chdir("./file1" [pid 5864] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6481 [pid 6481] set_robust_list(0x5555593cd660, 24 [pid 6479] <... chdir resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6481] <... set_robust_list resumed>) = 0 [pid 6480] <... mount resumed>) = 0 [pid 6479] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] getdents64(3, [pid 5864] newfstatat(AT_FDCWD, "./119/file1", [pid 6481] chdir("./122" [pid 6480] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6479] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6480] <... openat resumed>) = 3 [pid 6480] chdir("./file1" [pid 5864] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6481] <... chdir resumed>) = 0 [pid 6480] <... chdir resumed>) = 0 [pid 6479] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] close(3 [pid 6481] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6480] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 6481] <... prctl resumed>) = 0 [pid 6480] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] rmdir("./120" [pid 5864] openat(AT_FDCWD, "./119/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6481] setpgid(0, 0 [pid 6480] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6481] <... setpgid resumed>) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] getdents64(4, [pid 5867] mkdir("./121", 0777 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./119/file1") = 0 [pid 6481] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5864] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6481] write(3, "1000", 4 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] newfstatat(AT_FDCWD, "./119/binderfs", [pid 6481] <... write resumed>) = 4 [pid 6481] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6481] <... close resumed>) = 0 [pid 5867] close(3 [pid 5864] unlink("./119/binderfs" [pid 6481] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... close resumed>) = 0 [pid 6479] <... link resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6480] <... link resumed>) = 0 [pid 6479] sync( [pid 6480] sync(./strace-static-x86_64: Process 6482 attached [pid 6481] <... symlink resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6482 [pid 5864] <... unlink resumed>) = 0 [pid 6482] set_robust_list(0x5555593cd660, 24 [pid 6481] write(1, "executing program\n", 18executing program [pid 5864] getdents64(3, [pid 6482] <... set_robust_list resumed>) = 0 [pid 6481] <... write resumed>) = 18 [pid 6480] <... sync resumed>) = 0 [pid 6479] <... sync resumed>) = 0 [pid 6482] chdir("./121" [pid 6481] memfd_create("syzkaller", 0 [pid 6479] exit_group(0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6482] <... chdir resumed>) = 0 [pid 6481] <... memfd_create resumed>) = 3 [pid 6480] exit_group(0 [pid 6479] <... exit_group resumed>) = ? [pid 6482] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6480] <... exit_group resumed>) = ? [pid 5864] close(3 [pid 6482] <... prctl resumed>) = 0 [pid 6481] <... mmap resumed>) = 0x7f1864095000 [pid 6482] setpgid(0, 0 [pid 6480] +++ exited with 0 +++ [pid 6481] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... close resumed>) = 0 [pid 6482] <... setpgid resumed>) = 0 [pid 6479] +++ exited with 0 +++ [pid 5864] rmdir("./119" [pid 6482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6481] <... write resumed>) = 524288 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6480, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6479, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6482] <... openat resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 6482] write(3, "1000", 4 [pid 5866] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] mkdir("./120", 0777 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 5865] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6482] <... write resumed>) = 4 [pid 5864] <... mkdir resumed>) = 0 [pid 6482] close(3) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] getdents64(3, [pid 5865] newfstatat(3, "", [pid 6482] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6482] <... symlink resumed>) = 0 [pid 5866] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... ioctl resumed>) = 0 [pid 6481] munmap(0x7f1864095000, 138412032 [pid 5865] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6481] <... munmap resumed>) = 0 [pid 5864] close(3 [pid 6481] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6481] ioctl(4, LOOP_SET_FD, 3 [pid 6482] write(1, "executing program\n", 18 [pid 6481] <... ioctl resumed>) = 0 executing program [pid 6482] <... write resumed>) = 18 [pid 6482] memfd_create("syzkaller", 0) = 3 [pid 6481] close(3 [pid 6482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6481] <... close resumed>) = 0 [pid 6481] close(4 [pid 6482] <... mmap resumed>) = 0x7f1864095000 [pid 6481] <... close resumed>) = 0 [pid 6481] mkdir("./file1", 0777) = 0 [pid 5864] <... close resumed>) = 0 [pid 6481] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6482] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6481] <... mount resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6482] <... write resumed>) = 524288 [pid 5865] <... umount2 resumed>) = 0 [pid 5866] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./117/file1", ./strace-static-x86_64: Process 6483 attached [pid 6482] munmap(0x7f1864095000, 138412032 [pid 6481] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./117/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 208.175838][ T6481] loop4: detected capacity change from 0 to 1024 [pid 5866] openat(AT_FDCWD, "./117/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", [pid 6483] set_robust_list(0x5555593cd660, 24 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6483] <... set_robust_list resumed>) = 0 [pid 6482] <... munmap resumed>) = 0 [pid 6481] <... openat resumed>) = 3 [pid 5866] getdents64(4, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6483 [pid 6483] chdir("./120" [pid 6482] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6481] chdir("./file1" [pid 6483] <... chdir resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./118/file1", [pid 6483] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6481] <... chdir resumed>) = 0 [pid 6483] <... prctl resumed>) = 0 [pid 6481] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6483] setpgid(0, 0 [pid 6481] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6483] <... setpgid resumed>) = 0 [pid 6481] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6482] <... openat resumed>) = 4 [pid 6483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] getdents64(4, [pid 6482] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] openat(AT_FDCWD, "./118/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] close(4) = 0 [pid 5866] rmdir("./117/file1" [pid 5865] <... openat resumed>) = 4 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5866] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5865] getdents64(4, [pid 6483] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] unlink("./117/binderfs" [pid 5865] getdents64(4, [pid 5866] <... unlink resumed>) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] rmdir("./117" [pid 6483] write(3, "1000", 4 [pid 6482] <... ioctl resumed>) = 0 [pid 5865] close(4 [pid 6483] <... write resumed>) = 4 [pid 6483] close(3 [pid 6482] close(3 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5866] mkdir("./118", 0777 [pid 5865] rmdir("./118/file1" [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6483] <... close resumed>) = 0 [pid 6482] <... close resumed>) = 0 [pid 6483] symlink("/dev/binderfs", "./binderfs" [pid 6482] close(4 [pid 6481] <... link resumed>) = 0 [pid 5865] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6481] sync( [pid 6482] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6482] mkdir("./file1", 0777 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6483] <... symlink resumed>) = 0 [pid 6482] <... mkdir resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] newfstatat(AT_FDCWD, "./118/binderfs", executing program [pid 6483] write(1, "executing program\n", 18 [pid 6482] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(3 [pid 5865] unlink("./118/binderfs" [pid 6483] <... write resumed>) = 18 [pid 5866] <... close resumed>) = 0 [pid 6483] memfd_create("syzkaller", 0) = 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6484 attached [pid 6483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] getdents64(3, [pid 6483] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6484] set_robust_list(0x5555593cd660, 24) = 0 [pid 5865] close(3 [pid 6484] chdir("./118" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6484 [pid 6483] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6482] <... mount resumed>) = 0 [pid 6481] <... sync resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./118" [ 208.271857][ T6482] loop3: detected capacity change from 0 to 1024 [pid 6482] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6484] <... chdir resumed>) = 0 [pid 6482] <... openat resumed>) = 3 [pid 6481] exit_group(0 [pid 5865] <... rmdir resumed>) = 0 [pid 6484] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6482] chdir("./file1" [pid 6484] <... prctl resumed>) = 0 [pid 6481] <... exit_group resumed>) = ? [pid 6484] setpgid(0, 0 [pid 6482] <... chdir resumed>) = 0 [pid 6481] +++ exited with 0 +++ [pid 5865] mkdir("./119", 0777 [pid 6484] <... setpgid resumed>) = 0 [pid 6482] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... mkdir resumed>) = 0 [pid 6484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6481, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6482] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6482] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6484] <... openat resumed>) = 3 [pid 5868] umount2("./122", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6484] write(3, "1000", 4 [pid 6483] <... write resumed>) = 524288 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 6484] <... write resumed>) = 4 [pid 5868] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6484] close(3 [pid 6483] munmap(0x7f1864095000, 138412032 [pid 5868] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6484] <... close resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 6484] symlink("/dev/binderfs", "./binderfs" [pid 6483] <... munmap resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6484] <... symlink resumed>) = 0 [pid 5865] close(3executing program [pid 6484] write(1, "executing program\n", 18) = 18 [pid 6483] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] getdents64(3, [pid 6484] memfd_create("syzkaller", 0) = 3 [pid 6483] <... openat resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6483] ioctl(4, LOOP_SET_FD, 3 [pid 5868] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6484] <... mmap resumed>) = 0x7f1864095000 [pid 6482] <... link resumed>) = 0 [pid 6482] sync( [pid 6484] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6483] <... ioctl resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6484] <... write resumed>) = 524288 [pid 6483] close(3 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6483] <... close resumed>) = 0 ./strace-static-x86_64: Process 6485 attached [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6485 [pid 6483] close(4 [pid 6485] set_robust_list(0x5555593cd660, 24 [pid 6483] <... close resumed>) = 0 [pid 6484] munmap(0x7f1864095000, 138412032 [pid 6483] mkdir("./file1", 0777 [pid 6482] <... sync resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6485] <... set_robust_list resumed>) = 0 [pid 6484] <... munmap resumed>) = 0 [pid 6483] <... mkdir resumed>) = 0 [pid 6482] exit_group(0 [pid 6485] chdir("./119" [pid 6484] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6483] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6482] <... exit_group resumed>) = ? [pid 6484] <... openat resumed>) = 4 [pid 6485] <... chdir resumed>) = 0 [pid 6482] +++ exited with 0 +++ [pid 5868] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6485] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6485] <... prctl resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./122/file1", [pid 6485] setpgid(0, 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6485] <... setpgid resumed>) = 0 [ 208.384290][ T6483] loop0: detected capacity change from 0 to 1024 [pid 6484] ioctl(4, LOOP_SET_FD, 3 [pid 5868] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6484] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6482, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] openat(AT_FDCWD, "./122/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./121", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 4 [pid 5868] newfstatat(4, "", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6485] write(3, "1000", 4 [pid 6484] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6485] <... write resumed>) = 4 [pid 6484] <... close resumed>) = 0 [pid 5868] getdents64(4, [pid 5867] <... openat resumed>) = 3 [pid 6485] close(3 [pid 6484] close(4) = 0 [pid 6485] <... close resumed>) = 0 [pid 6484] mkdir("./file1", 0777 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] newfstatat(3, "", [pid 6485] symlink("/dev/binderfs", "./binderfs" [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6485] <... symlink resumed>) = 0 [pid 6484] <... mkdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(3, [pid 6485] write(1, "executing program\n", 18 [pid 5868] close(4 executing program [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6485] <... write resumed>) = 18 [pid 5868] <... close resumed>) = 0 [pid 5867] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6485] memfd_create("syzkaller", 0 [pid 6484] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] rmdir("./122/file1" [pid 6485] <... memfd_create resumed>) = 3 [pid 6483] <... mount resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 6485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6483] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6485] <... mmap resumed>) = 0x7f1864095000 [pid 6483] <... openat resumed>) = 3 [pid 6485] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6483] chdir("./file1" [pid 5868] umount2("./122/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6483] <... chdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6483] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] newfstatat(AT_FDCWD, "./122/binderfs", [pid 6483] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 208.451941][ T6484] loop2: detected capacity change from 0 to 1024 [pid 6484] <... mount resumed>) = 0 [pid 5868] unlink("./122/binderfs" [pid 6484] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6483] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... unlink resumed>) = 0 [pid 6484] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 6484] chdir("./file1" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6484] <... chdir resumed>) = 0 [pid 5868] close(3 [pid 6484] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... close resumed>) = 0 [pid 6484] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] rmdir("./122" [pid 6485] <... write resumed>) = 524288 [pid 6484] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5868] mkdir("./123", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] newfstatat(AT_FDCWD, "./121/file1", [pid 6483] <... link resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6483] sync( [pid 5868] close(3 [pid 5867] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] openat(AT_FDCWD, "./121/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6486 attached ) = 4 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6486 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6485] munmap(0x7f1864095000, 138412032 [pid 5867] getdents64(4, [pid 6485] <... munmap resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./121/file1" [pid 6486] set_robust_list(0x5555593cd660, 24 [pid 6484] <... link resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6486] <... set_robust_list resumed>) = 0 [pid 6486] chdir("./123" [pid 6485] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6484] sync( [pid 6486] <... chdir resumed>) = 0 [pid 6485] <... openat resumed>) = 4 [pid 5867] umount2("./121/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6486] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6485] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6486] <... prctl resumed>) = 0 [pid 6485] <... ioctl resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./121/binderfs", [pid 6486] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6486] <... setpgid resumed>) = 0 [pid 5867] unlink("./121/binderfs" [pid 6486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5867] <... unlink resumed>) = 0 [pid 6486] write(3, "1000", 4 [pid 6485] close(3 [pid 5867] getdents64(3, [pid 6485] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6486] <... write resumed>) = 4 [pid 6485] close(4 [pid 5867] close(3 [pid 6486] close(3 [pid 6485] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6485] mkdir("./file1", 0777 [pid 6484] <... sync resumed>) = 0 [pid 6483] <... sync resumed>) = 0 [pid 5867] rmdir("./121") = 0 [pid 6485] <... mkdir resumed>) = 0 [pid 6483] exit_group(0 [pid 6486] <... close resumed>) = 0 [pid 6484] exit_group(0 [pid 6486] symlink("/dev/binderfs", "./binderfs" [pid 6484] <... exit_group resumed>) = ? [pid 6483] <... exit_group resumed>) = ? [pid 6486] <... symlink resumed>) = 0 [pid 6485] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6484] +++ exited with 0 +++ [pid 5867] mkdir("./122", 0777 [pid 6486] write(1, "executing program\n", 18 [pid 6483] +++ exited with 0 +++ [pid 5867] <... mkdir resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6484, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- executing program [pid 6486] <... write resumed>) = 18 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6483, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6486] memfd_create("syzkaller", 0) = 3 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... restart_syscall resumed>) = 0 [pid 6486] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6485] <... mount resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... ioctl resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] umount2("./120", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6485] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] close(3 [pid 5866] newfstatat(3, "", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6485] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 208.592745][ T6485] loop1: detected capacity change from 0 to 1024 [pid 5864] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6485] chdir("./file1" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] getdents64(3, ./strace-static-x86_64: Process 6487 attached [pid 6485] <... chdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... openat resumed>) = 3 [pid 6487] set_robust_list(0x5555593cd660, 24 [pid 6485] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6487] <... set_robust_list resumed>) = 0 [pid 6485] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] newfstatat(3, "", [pid 6486] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6486] <... write resumed>) = 524288 [pid 6485] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6487 [pid 5864] getdents64(3, [pid 6487] chdir("./122") = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6487] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6487] <... prctl resumed>) = 0 [pid 6487] setpgid(0, 0) = 0 [pid 6487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6487] write(3, "1000", 4) = 4 [pid 6487] close(3) = 0 [pid 6487] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6487] write(1, "executing program\n", 18) = 18 [pid 6487] memfd_create("syzkaller", 0) = 3 [pid 6487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6486] munmap(0x7f1864095000, 138412032 [pid 6485] <... link resumed>) = 0 [pid 6487] <... mmap resumed>) = 0x7f1864095000 [pid 6486] <... munmap resumed>) = 0 [pid 6485] sync( [pid 6486] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6486] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6486] ioctl(4, LOOP_CLR_FD [pid 5866] <... umount2 resumed>) = 0 [pid 6486] <... ioctl resumed>) = 0 [pid 5866] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./118/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6486] ioctl(4, LOOP_SET_FD, 3 [pid 5866] umount2("./118/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6487] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6486] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6485] <... sync resumed>) = 0 [pid 6485] exit_group(0 [pid 5866] openat(AT_FDCWD, "./118/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = 0 [pid 6487] <... write resumed>) = 524288 [pid 6486] close(4 [pid 5866] <... openat resumed>) = 4 [pid 5864] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6485] <... exit_group resumed>) = ? [pid 6486] <... close resumed>) = 0 [pid 6485] +++ exited with 0 +++ [pid 5866] newfstatat(4, "", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6487] munmap(0x7f1864095000, 138412032 [pid 6486] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6485, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6487] <... munmap resumed>) = 0 [pid 6486] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./120/file1", [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6487] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] getdents64(4, [pid 5864] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... restart_syscall resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(4 [pid 5864] openat(AT_FDCWD, "./120/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5866] rmdir("./118/file1" [pid 5864] newfstatat(4, "", [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, [pid 5865] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6487] <... openat resumed>) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6487] ioctl(4, LOOP_SET_FD, 3 [pid 5865] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6487] <... ioctl resumed>) = 0 [pid 5866] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(4, [pid 6487] close(3 [pid 6486] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6487] <... close resumed>) = 0 [pid 6486] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5865] newfstatat(3, "", [pid 6487] close(4 [pid 5866] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5864] close(4 [pid 6487] <... close resumed>) = 0 [pid 6486] sync( [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... close resumed>) = 0 [pid 6487] mkdir("./file1", 0777 [pid 5866] unlink("./118/binderfs" [pid 5865] getdents64(3, [pid 5864] rmdir("./120/file1" [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6487] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6486] <... sync resumed>) = 0 [pid 5866] getdents64(3, [pid 6487] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] umount2("./120/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6486] exit_group(0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6486] <... exit_group resumed>) = ? [pid 5866] close(3 [pid 5864] newfstatat(AT_FDCWD, "./120/binderfs", [pid 6486] +++ exited with 0 +++ [pid 5866] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./120/binderfs" [pid 5866] rmdir("./118" [pid 5864] <... unlink resumed>) = 0 [ 208.814703][ T6487] loop3: detected capacity change from 0 to 1024 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6486, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... rmdir resumed>) = 0 [pid 5864] getdents64(3, [pid 5868] umount2("./123", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(3 [pid 5868] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... close resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] mkdir("./119", 0777 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] rmdir("./120" [pid 5865] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(3, "", [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./119/file1", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5865] umount2("./119/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./123/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] mkdir("./121", 0777 [pid 6487] <... mount resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./123/binderfs", [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] openat(AT_FDCWD, "./119/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... mkdir resumed>) = 0 [pid 6487] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 6487] <... openat resumed>) = 3 [pid 5868] unlink("./123/binderfs" [pid 5866] close(3 [pid 5865] newfstatat(4, "", [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6487] chdir("./file1" [pid 5866] <... close resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5865] getdents64(4, [pid 6487] <... chdir resumed>) = 0 [pid 5868] getdents64(3, [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6487] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6488 attached [pid 6487] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] close(3 [pid 5865] getdents64(4, [pid 5864] <... ioctl resumed>) = 0 [pid 6487] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./123" [pid 5865] close(4 [pid 5864] close(3 [pid 6488] set_robust_list(0x5555593cd660, 24 [pid 5865] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] rmdir("./119/file1" [pid 6488] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6488 [pid 6488] chdir("./119" [pid 5865] <... rmdir resumed>) = 0 [pid 6488] <... chdir resumed>) = 0 [pid 5868] mkdir("./124", 0777 [pid 5865] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6488] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... mkdir resumed>) = 0 [pid 6488] <... prctl resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... close resumed>) = 0 [pid 6488] setpgid(0, 0) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] newfstatat(AT_FDCWD, "./119/binderfs", [pid 5868] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] unlink("./119/binderfs" [pid 6488] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] <... unlink resumed>) = 0 [pid 6488] write(3, "1000", 4 [pid 6487] <... link resumed>) = 0 [pid 5865] getdents64(3, [pid 6488] <... write resumed>) = 4 [pid 6487] sync( [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6488] close(3 [pid 5868] close(3 [pid 5865] <... close resumed>) = 0 [pid 6488] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] rmdir("./119" [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6488] symlink("/dev/binderfs", "./binderfs" [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... rmdir resumed>) = 0 [pid 6488] <... symlink resumed>) = 0 executing program [pid 6488] write(1, "executing program\n", 18) = 18 [pid 5865] mkdir("./120", 0777 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6490 ./strace-static-x86_64: Process 6490 attached ./strace-static-x86_64: Process 6489 attached [pid 6488] memfd_create("syzkaller", 0 [pid 6489] set_robust_list(0x5555593cd660, 24 [pid 6488] <... memfd_create resumed>) = 3 [pid 6490] set_robust_list(0x5555593cd660, 24 [pid 6489] <... set_robust_list resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6489 [pid 5865] <... mkdir resumed>) = 0 [pid 6490] <... set_robust_list resumed>) = 0 [pid 6489] chdir("./124" [pid 6488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6490] chdir("./121" [pid 6489] <... chdir resumed>) = 0 [pid 6488] <... mmap resumed>) = 0x7f1864095000 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6490] <... chdir resumed>) = 0 [pid 6489] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6490] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6489] <... prctl resumed>) = 0 [pid 6488] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... openat resumed>) = 3 [pid 6490] <... prctl resumed>) = 0 [pid 6489] setpgid(0, 0 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 6489] <... setpgid resumed>) = 0 [pid 6490] setpgid(0, 0 [pid 5865] close(3 [pid 6489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6490] <... setpgid resumed>) = 0 [pid 6489] <... openat resumed>) = 3 [pid 6487] <... sync resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6489] write(3, "1000", 4) = 4 [pid 6490] <... openat resumed>) = 3 [pid 6489] close(3) = 0 [pid 6489] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6489] write(1, "executing program\n", 18 [pid 6487] exit_group(0 [pid 6489] <... write resumed>) = 18 [pid 6490] write(3, "1000", 4 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6490] <... write resumed>) = 4 [pid 6490] close(3 [pid 6489] memfd_create("syzkaller", 0 [pid 6487] <... exit_group resumed>) = ? [pid 6490] <... close resumed>) = 0 [pid 6489] <... memfd_create resumed>) = 3 [pid 6488] <... write resumed>) = 524288 ./strace-static-x86_64: Process 6491 attached [pid 6490] symlink("/dev/binderfs", "./binderfs" [pid 6489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6487] +++ exited with 0 +++ [pid 6491] set_robust_list(0x5555593cd660, 24 [pid 6488] munmap(0x7f1864095000, 138412032 [pid 6491] <... set_robust_list resumed>) = 0 [pid 6490] <... symlink resumed>) = 0 [pid 6489] <... mmap resumed>) = 0x7f1864095000 [pid 6488] <... munmap resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6491 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6487, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6491] chdir("./120" [pid 6489] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6491] <... chdir resumed>) = 0 [pid 5867] umount2("./122", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6491] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6488] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6491] <... prctl resumed>) = 0 [pid 6490] write(1, "executing program\n", 18 [pid 6488] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6491] setpgid(0, 0 [pid 6490] <... write resumed>) = 18 [pid 6488] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... openat resumed>) = 3 [pid 6491] <... setpgid resumed>) = 0 [pid 6490] memfd_create("syzkaller", 0 [pid 6488] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] newfstatat(3, "", [pid 6491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6490] <... memfd_create resumed>) = 3 [pid 6488] ioctl(4, LOOP_CLR_FD [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6491] <... openat resumed>) = 3 [pid 6490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6488] <... ioctl resumed>) = 0 [pid 5867] getdents64(3, [pid 6490] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6488] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6488] close(4 [pid 6489] <... write resumed>) = 524288 [pid 6491] write(3, "1000", 4 [pid 6490] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6491] <... write resumed>) = 4 [pid 6491] close(3) = 0 [pid 6491] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6489] munmap(0x7f1864095000, 138412032executing program [pid 6491] write(1, "executing program\n", 18 [pid 6489] <... munmap resumed>) = 0 [pid 6491] <... write resumed>) = 18 [pid 6489] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6491] memfd_create("syzkaller", 0) = 3 [pid 6488] <... close resumed>) = 0 [pid 6491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6488] close(3 [pid 6491] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6490] <... write resumed>) = 524288 [pid 6488] <... close resumed>) = 0 [pid 6490] munmap(0x7f1864095000, 138412032 [pid 6489] <... openat resumed>) = 4 [pid 6490] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5867] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6488] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6489] ioctl(4, LOOP_SET_FD, 3 [pid 6488] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5867] newfstatat(AT_FDCWD, "./122/file1", [pid 6488] sync( [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./122/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6490] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] getdents64(4, [pid 6490] <... openat resumed>) = 4 [pid 6490] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./122/file1") = 0 [pid 6490] <... ioctl resumed>) = 0 [pid 6489] <... ioctl resumed>) = 0 [pid 6488] <... sync resumed>) = 0 [pid 5867] umount2("./122/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] close(3 [pid 6489] close(3) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6489] close(4 [pid 5867] newfstatat(AT_FDCWD, "./122/binderfs", [pid 6488] exit_group(0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6491] <... write resumed>) = 524288 [pid 6490] <... close resumed>) = 0 [pid 6489] <... close resumed>) = 0 [pid 6488] <... exit_group resumed>) = ? [pid 5867] unlink("./122/binderfs") = 0 [pid 6489] mkdir("./file1", 0777 [pid 6488] +++ exited with 0 +++ [pid 5867] getdents64(3, [pid 6490] close(4 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6488, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./122" [pid 6491] munmap(0x7f1864095000, 138412032 [pid 6490] <... close resumed>) = 0 [pid 6489] <... mkdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6490] mkdir("./file1", 0777 [pid 5867] mkdir("./123", 0777 [pid 6491] <... munmap resumed>) = 0 [pid 6490] <... mkdir resumed>) = 0 [pid 6489] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... restart_syscall resumed>) = 0 [pid 5866] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6491] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6490] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... openat resumed>) = 3 [pid 6491] <... openat resumed>) = 4 [pid 5866] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6491] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... ioctl resumed>) = 0 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6489] <... mount resumed>) = 0 [pid 5867] close(3 [pid 5866] getdents64(3, [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6491] <... ioctl resumed>) = 0 [pid 6489] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 209.145782][ T6489] loop4: detected capacity change from 0 to 1024 [ 209.146035][ T6490] loop0: detected capacity change from 0 to 1024 [pid 5866] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6492 attached [pid 6491] close(3 [pid 6489] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6491] <... close resumed>) = 0 [pid 6489] chdir("./file1" [pid 5866] newfstatat(AT_FDCWD, "./119/binderfs", [pid 6492] set_robust_list(0x5555593cd660, 24 [pid 6491] close(4 [pid 6489] <... chdir resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6492 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6492] <... set_robust_list resumed>) = 0 [pid 6492] chdir("./123" [pid 6489] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] unlink("./119/binderfs" [pid 6492] <... chdir resumed>) = 0 [pid 6490] <... mount resumed>) = 0 [pid 6489] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... unlink resumed>) = 0 [pid 6491] <... close resumed>) = 0 [pid 6492] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6491] mkdir("./file1", 0777 [pid 6490] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] getdents64(3, [pid 6492] <... prctl resumed>) = 0 [pid 6491] <... mkdir resumed>) = 0 [pid 6490] <... openat resumed>) = 3 [pid 6489] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6492] setpgid(0, 0 [pid 6491] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6490] chdir("./file1" [pid 5866] close(3 [pid 6492] <... setpgid resumed>) = 0 [ 209.203729][ T6491] loop1: detected capacity change from 0 to 1024 [pid 6492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6490] <... chdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6492] <... openat resumed>) = 3 [pid 6490] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] rmdir("./119" [pid 6492] write(3, "1000", 4 [pid 6490] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6489] <... link resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6492] <... write resumed>) = 4 [pid 6490] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6489] sync( [pid 6492] close(3 [pid 5866] mkdir("./120", 0777 [pid 6492] <... close resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6492] symlink("/dev/binderfs", "./binderfs" [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6492] <... symlink resumed>) = 0 [pid 6491] <... mount resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6491] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) executing program [pid 6492] write(1, "executing program\n", 18 [pid 6491] <... openat resumed>) = 3 [pid 5866] close(3 [pid 6491] chdir("./file1" [pid 6492] <... write resumed>) = 18 [pid 6490] <... link resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6492] memfd_create("syzkaller", 0 [pid 6491] <... chdir resumed>) = 0 [pid 6490] sync( [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6491] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6491] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"./strace-static-x86_64: Process 6493 attached [pid 6492] <... memfd_create resumed>) = 3 [pid 6489] <... sync resumed>) = 0 [pid 6493] set_robust_list(0x5555593cd660, 24 [pid 6492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6493] <... set_robust_list resumed>) = 0 [pid 6492] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6493 [pid 6493] chdir("./120" [pid 6492] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6493] <... chdir resumed>) = 0 [pid 6493] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6493] setpgid(0, 0) = 0 [pid 6493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6493] write(3, "1000", 4) = 4 [pid 6493] close(3 [pid 6489] exit_group(0) = ? [pid 6493] <... close resumed>) = 0 [pid 6493] symlink("/dev/binderfs", "./binderfs" [pid 6489] +++ exited with 0 +++ [pid 6491] <... link resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6489, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6493] <... symlink resumed>) = 0 [pid 6491] sync( [pid 5868] restart_syscall(<... resuming interrupted clone ...>executing program [pid 6493] write(1, "executing program\n", 18 [pid 5868] <... restart_syscall resumed>) = 0 [pid 6493] <... write resumed>) = 18 [pid 6490] <... sync resumed>) = 0 [pid 6493] memfd_create("syzkaller", 0 [pid 6490] exit_group(0 [pid 5868] umount2("./124", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] <... exit_group resumed>) = ? [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6493] <... memfd_create resumed>) = 3 [pid 5868] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 6493] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6491] <... sync resumed>) = 0 [pid 6490] +++ exited with 0 +++ [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6493] <... mmap resumed>) = 0x7f1864095000 [pid 5868] getdents64(3, [pid 6491] exit_group(0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6490, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6492] <... write resumed>) = 524288 [pid 6491] <... exit_group resumed>) = ? [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./121", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6491] +++ exited with 0 +++ [pid 5868] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(3, "", [pid 6493] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6492] munmap(0x7f1864095000, 138412032 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6491, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5864] getdents64(3, [pid 6492] <... munmap resumed>) = 0 [pid 6492] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./120", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] <... openat resumed>) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] ioctl(4, LOOP_SET_FD, 3 [pid 5865] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6493] <... write resumed>) = 524288 [pid 5865] newfstatat(3, "", [pid 6492] <... ioctl resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6493] munmap(0x7f1864095000, 138412032 [pid 5865] getdents64(3, [pid 6493] <... munmap resumed>) = 0 [pid 6492] close(3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] <... close resumed>) = 0 [pid 6492] close(4) = 0 [pid 6492] mkdir("./file1", 0777) = 0 [pid 6493] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6492] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... umount2 resumed>) = 0 [pid 6493] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... umount2 resumed>) = 0 [pid 6493] <... ioctl resumed>) = 0 [ 209.441086][ T6492] loop3: detected capacity change from 0 to 1024 [pid 6493] close(3) = 0 [pid 5868] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6493] close(4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6493] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./124/file1", [pid 5864] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6493] mkdir("./file1", 0777) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6493] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./121/file1", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./124/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(AT_FDCWD, "./120/file1", [pid 5864] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(4, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./121/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] openat(AT_FDCWD, "./120/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 5868] getdents64(4, [pid 5864] newfstatat(4, "", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6493] <... mount resumed>) = 0 [pid 5868] getdents64(4, [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6493] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] getdents64(4, [pid 6493] <... openat resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [ 209.481029][ T6493] loop2: detected capacity change from 0 to 1024 [pid 5864] getdents64(4, [pid 6493] chdir("./file1" [pid 5868] close(4 [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6493] <... chdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6493] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] close(4 [pid 6493] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] getdents64(4, [pid 6493] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] rmdir("./120/file1" [pid 6492] <... mount resumed>) = 0 [pid 5868] rmdir("./124/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] umount2("./120/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4 [pid 5865] newfstatat(AT_FDCWD, "./120/binderfs", [pid 6492] <... openat resumed>) = 3 [pid 5868] umount2("./124/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... close resumed>) = 0 [pid 6493] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] unlink("./120/binderfs" [pid 5864] rmdir("./121/file1" [pid 6493] sync( [pid 5868] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(3, [pid 6492] chdir("./file1" [pid 5868] unlink("./124/binderfs" [pid 5864] umount2("./121/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] <... chdir resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 6492] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] getdents64(3, [pid 5864] newfstatat(AT_FDCWD, "./121/binderfs", [pid 6493] <... sync resumed>) = 0 [pid 6492] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 6493] exit_group(0 [pid 6492] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] close(3 [pid 5865] rmdir("./120" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6493] <... exit_group resumed>) = ? [pid 6493] +++ exited with 0 +++ [pid 5868] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] unlink("./121/binderfs" [pid 5868] rmdir("./124") = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6493, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] <... unlink resumed>) = 0 [pid 5865] mkdir("./121", 0777 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5868] mkdir("./125", 0777 [pid 5866] umount2("./120", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] close(3 [pid 5868] <... mkdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] rmdir("./121" [pid 5865] close(3 [pid 5866] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] newfstatat(3, "", ./strace-static-x86_64: Process 6494 attached [pid 6492] <... link resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] mkdir("./122", 0777 [pid 5866] getdents64(3, [pid 5864] <... mkdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6494] set_robust_list(0x5555593cd660, 24 [pid 6492] sync( [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6494 [pid 6494] <... set_robust_list resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6494] chdir("./121" [pid 5868] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] <... openat resumed>) = 3 [pid 6494] <... chdir resumed>) = 0 [pid 6494] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... ioctl resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6492] <... sync resumed>) = 0 [pid 5868] close(3 [pid 5864] <... ioctl resumed>) = 0 [pid 6494] <... prctl resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5864] close(3 [pid 6494] setpgid(0, 0) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6492] exit_group(0) = ? ./strace-static-x86_64: Process 6495 attached [pid 6492] +++ exited with 0 +++ [pid 6494] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6495 [pid 6495] set_robust_list(0x5555593cd660, 24 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6492, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] umount2("./123", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] newfstatat(AT_FDCWD, "./120/file1", [pid 5867] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6495] <... set_robust_list resumed>) = 0 [pid 6494] write(3, "1000", 4 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./120/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6495] chdir("./125" [pid 6494] <... write resumed>) = 4 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6496 attached [pid 5867] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./120/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6496] set_robust_list(0x5555593cd660, 24 [pid 5866] newfstatat(4, "", [pid 6496] <... set_robust_list resumed>) = 0 [pid 6495] <... chdir resumed>) = 0 [pid 6494] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6496] chdir("./122" [pid 6495] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6494] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6496 [pid 6494] symlink("/dev/binderfs", "./binderfs" [pid 6495] <... prctl resumed>) = 0 [pid 6496] <... chdir resumed>) = 0 [pid 6495] setpgid(0, 0 [pid 6494] <... symlink resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6495] <... setpgid resumed>) = 0 [pid 6494] write(1, "executing program\n", 18 [pid 6495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6494] <... write resumed>) = 18 executing program [pid 5866] getdents64(4, [pid 6496] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6495] <... openat resumed>) = 3 [pid 6494] memfd_create("syzkaller", 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6495] write(3, "1000", 4 [pid 6494] <... memfd_create resumed>) = 3 [pid 6494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6495] <... write resumed>) = 4 [pid 6496] <... prctl resumed>) = 0 [pid 5866] close(4 [pid 6496] setpgid(0, 0 [pid 5866] <... close resumed>) = 0 [pid 6496] <... setpgid resumed>) = 0 [pid 5866] rmdir("./120/file1" [pid 6496] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6495] close(3 [pid 6494] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... rmdir resumed>) = 0 [pid 6495] <... close resumed>) = 0 [pid 6496] <... openat resumed>) = 3 [pid 6495] symlink("/dev/binderfs", "./binderfs" [pid 6496] write(3, "1000", 4 [pid 5866] umount2("./120/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6496] <... write resumed>) = 4 [pid 6495] <... symlink resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6496] close(3 [pid 6495] write(1, "executing program\n", 18 [pid 5866] newfstatat(AT_FDCWD, "./120/binderfs", [pid 6495] <... write resumed>) = 18 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6495] memfd_create("syzkaller", 0 [pid 5866] unlink("./120/binderfs" [pid 6496] <... close resumed>) = 0 [pid 6495] <... memfd_create resumed>) = 3 [pid 5866] <... unlink resumed>) = 0 [pid 6495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6496] symlink("/dev/binderfs", "./binderfs" [pid 6495] <... mmap resumed>) = 0x7f1864095000 [pid 5866] getdents64(3, [pid 6496] <... symlink resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6496] write(1, "executing program\n", 18executing program [pid 5866] close(3 [pid 6496] <... write resumed>) = 18 [pid 5866] <... close resumed>) = 0 [pid 6496] memfd_create("syzkaller", 0 [pid 6495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] rmdir("./120" [pid 6496] <... memfd_create resumed>) = 3 [pid 5866] <... rmdir resumed>) = 0 [pid 6496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] mkdir("./121", 0777) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6496] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 6495] <... write resumed>) = 524288 [pid 6494] <... write resumed>) = 524288 [pid 5867] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5867] newfstatat(AT_FDCWD, "./123/file1", [pid 5866] <... ioctl resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(3 [pid 5867] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6495] munmap(0x7f1864095000, 138412032 [pid 6494] munmap(0x7f1864095000, 138412032 [pid 5867] openat(AT_FDCWD, "./123/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6495] <... munmap resumed>) = 0 [pid 6494] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 6495] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6494] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6497 attached [pid 6494] <... openat resumed>) = 4 [pid 6494] ioctl(4, LOOP_SET_FD, 3 [pid 6497] set_robust_list(0x5555593cd660, 24 [pid 5867] getdents64(4, [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6497 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./123/file1") = 0 [pid 6497] <... set_robust_list resumed>) = 0 [pid 6496] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./123/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6496] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6497] chdir("./121" [pid 6496] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] newfstatat(AT_FDCWD, "./123/binderfs", [pid 6497] <... chdir resumed>) = 0 [pid 6496] <... openat resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6497] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] unlink("./123/binderfs" [pid 6497] <... prctl resumed>) = 0 [pid 6496] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... unlink resumed>) = 0 [pid 6497] setpgid(0, 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6497] <... setpgid resumed>) = 0 [pid 5867] close(3 [pid 6494] <... ioctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] rmdir("./123" [pid 6496] <... ioctl resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6496] close(3) = 0 [pid 5867] mkdir("./124", 0777 [pid 6496] close(4 [pid 5867] <... mkdir resumed>) = 0 [pid 6496] <... close resumed>) = 0 [pid 6497] <... openat resumed>) = 3 [pid 6497] write(3, "1000", 4 [pid 6496] mkdir("./file1", 0777 [pid 6497] <... write resumed>) = 4 [pid 6497] close(3) = 0 [pid 6496] <... mkdir resumed>) = 0 [pid 6495] <... openat resumed>) = 4 [pid 6494] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6497] symlink("/dev/binderfs", "./binderfs" [pid 6495] ioctl(4, LOOP_SET_FD, 3 [pid 6494] <... close resumed>) = 0 [pid 6497] <... symlink resumed>) = 0 [pid 6494] close(4 [pid 5867] <... openat resumed>) = 3 executing program [pid 6497] write(1, "executing program\n", 18 [pid 6494] <... close resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6497] <... write resumed>) = 18 [pid 6494] mkdir("./file1", 0777 [pid 5867] <... ioctl resumed>) = 0 [ 209.819099][ T6494] loop1: detected capacity change from 0 to 1024 [ 209.851296][ T6496] loop0: detected capacity change from 0 to 1024 [pid 6496] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6494] <... mkdir resumed>) = 0 [pid 5867] close(3 [pid 6497] memfd_create("syzkaller", 0 [pid 6494] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6497] <... memfd_create resumed>) = 3 [pid 6496] <... mount resumed>) = 0 [pid 6495] <... ioctl resumed>) = 0 [pid 6496] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6495] close(3 [pid 6497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6496] <... openat resumed>) = 3 [pid 6495] <... close resumed>) = 0 [pid 6496] chdir("./file1" [pid 6495] close(4./strace-static-x86_64: Process 6498 attached [pid 6497] <... mmap resumed>) = 0x7f1864095000 [pid 6496] <... chdir resumed>) = 0 [pid 6495] <... close resumed>) = 0 [pid 6498] set_robust_list(0x5555593cd660, 24 [pid 6497] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6496] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6495] mkdir("./file1", 0777 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6498 [pid 6498] <... set_robust_list resumed>) = 0 [pid 6496] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6495] <... mkdir resumed>) = 0 [pid 6498] chdir("./124" [pid 6496] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6495] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6498] <... chdir resumed>) = 0 [pid 6494] <... mount resumed>) = 0 [ 209.884571][ T6495] loop4: detected capacity change from 0 to 1024 [pid 6498] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6494] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6497] <... write resumed>) = 524288 [pid 6498] <... prctl resumed>) = 0 [pid 6497] munmap(0x7f1864095000, 138412032 [pid 6495] <... mount resumed>) = 0 [pid 6494] <... openat resumed>) = 3 [pid 6498] setpgid(0, 0 [pid 6497] <... munmap resumed>) = 0 [pid 6495] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6494] chdir("./file1" [pid 6497] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6495] <... openat resumed>) = 3 [pid 6497] <... openat resumed>) = 4 [pid 6495] chdir("./file1" [pid 6497] ioctl(4, LOOP_SET_FD, 3 [pid 6495] <... chdir resumed>) = 0 [pid 6497] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6494] <... chdir resumed>) = 0 [pid 6498] <... setpgid resumed>) = 0 [pid 6497] ioctl(4, LOOP_CLR_FD [pid 6496] <... link resumed>) = 0 [pid 6494] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6496] sync( [pid 6494] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6498] <... openat resumed>) = 3 [pid 6497] <... ioctl resumed>) = 0 [pid 6495] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6498] write(3, "1000", 4 [pid 6495] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6494] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6498] <... write resumed>) = 4 [pid 6495] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6498] close(3 [pid 6497] ioctl(4, LOOP_SET_FD, 3 [pid 6498] <... close resumed>) = 0 [pid 6497] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6498] symlink("/dev/binderfs", "./binderfs" [pid 6497] close(4 [pid 6496] <... sync resumed>) = 0 [pid 6497] <... close resumed>) = 0 [pid 6496] exit_group(0 [pid 6495] <... link resumed>) = 0 [pid 6496] <... exit_group resumed>) = ? [pid 6498] <... symlink resumed>) = 0 [pid 6495] sync( [pid 6494] <... link resumed>) = 0 executing program [pid 6498] write(1, "executing program\n", 18 [pid 6494] sync( [pid 6498] <... write resumed>) = 18 [pid 6498] memfd_create("syzkaller", 0 [pid 6496] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6496, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6498] <... memfd_create resumed>) = 3 [pid 6498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6497] close(3 [pid 6494] <... sync resumed>) = 0 [pid 5864] umount2("./122", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6495] <... sync resumed>) = 0 [pid 6498] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6494] exit_group(0 [pid 5864] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6495] exit_group(0 [pid 6494] <... exit_group resumed>) = ? [pid 5864] <... openat resumed>) = 3 [pid 6497] <... close resumed>) = 0 [pid 6495] <... exit_group resumed>) = ? [pid 6494] +++ exited with 0 +++ [pid 5864] newfstatat(3, "", [pid 6497] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6494, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6497] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6495] +++ exited with 0 +++ [pid 6497] sync( [pid 5864] getdents64(3, [pid 5865] umount2("./121", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6495, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6497] <... sync resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6497] exit_group(0 [pid 6498] <... write resumed>) = 524288 [pid 6497] <... exit_group resumed>) = ? [pid 5865] newfstatat(3, "", [pid 5868] umount2("./125", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 6497] +++ exited with 0 +++ [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] getdents64(3, [pid 6498] munmap(0x7f1864095000, 138412032 [pid 5868] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6497, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] <... munmap resumed>) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5866] umount2("./121", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6498] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... openat resumed>) = 3 [pid 6498] <... openat resumed>) = 4 [pid 6498] ioctl(4, LOOP_SET_FD, 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6498] <... ioctl resumed>) = 0 [pid 5866] getdents64(3, [pid 6498] close(3) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6498] close(4) = 0 [pid 5866] umount2("./121/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] mkdir("./file1", 0777 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6498] <... mkdir resumed>) = 0 [pid 6498] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] newfstatat(AT_FDCWD, "./121/binderfs", [pid 6498] <... mount resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6498] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5866] unlink("./121/binderfs" [pid 6498] chdir("./file1" [pid 5866] <... unlink resumed>) = 0 [pid 6498] <... chdir resumed>) = 0 [pid 5866] getdents64(3, [pid 6498] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5866] rmdir("./121") = 0 [pid 5866] mkdir("./122", 0777) = 0 [pid 5864] <... umount2 resumed>) = 0 [ 210.139702][ T6498] loop3: detected capacity change from 0 to 1024 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./122/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6498] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./122/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] getdents64(4, [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] getdents64(4, [pid 5868] <... umount2 resumed>) = 0 [pid 5866] close(3 [pid 5865] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4 [pid 5865] newfstatat(AT_FDCWD, "./121/file1", [pid 5864] <... close resumed>) = 0 [pid 5864] rmdir("./122/file1") = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./122/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./121/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] unlink("./122/binderfs" [pid 5868] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6498] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] openat(AT_FDCWD, "./121/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... unlink resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./125/file1", ./strace-static-x86_64: Process 6499 attached [pid 6498] sync( [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 5868] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(4, "", [pid 6499] set_robust_list(0x5555593cd660, 24 [pid 5864] <... close resumed>) = 0 [pid 6499] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6499 [pid 5864] rmdir("./122" [pid 6499] chdir("./122" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] openat(AT_FDCWD, "./125/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] getdents64(4, [pid 6499] <... chdir resumed>) = 0 [pid 6499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... rmdir resumed>) = 0 [pid 6499] setpgid(0, 0 [pid 6498] <... sync resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5865] getdents64(4, [pid 5864] mkdir("./123", 0777 [pid 6498] exit_group(0 [pid 5868] newfstatat(4, "", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6498] <... exit_group resumed>) = ? [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] close(4 [pid 6499] <... setpgid resumed>) = 0 [pid 6498] +++ exited with 0 +++ [pid 5868] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6498, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] rmdir("./121/file1" [pid 5868] getdents64(4, [pid 6499] <... openat resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] close(4 [pid 5865] umount2("./121/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6499] write(3, "1000", 4 [pid 5868] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 3 [pid 5868] rmdir("./125/file1" [pid 5865] newfstatat(AT_FDCWD, "./121/binderfs", [pid 6499] <... write resumed>) = 4 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5868] umount2("./125/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] unlink("./121/binderfs" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6499] close(3 [pid 5867] umount2("./124", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... ioctl resumed>) = 0 [pid 6499] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... unlink resumed>) = 0 [pid 6499] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(3, [pid 5864] close(3 [pid 6499] <... symlink resumed>) = 0 [pid 5868] unlink("./125/binderfs" [pid 5867] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5865] close(3 [pid 6499] write(1, "executing program\n", 18executing program [pid 5868] <... unlink resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 6499] <... write resumed>) = 18 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... close resumed>) = 0 [pid 6499] memfd_create("syzkaller", 0 [pid 5868] getdents64(3, [pid 5867] getdents64(3, [pid 6499] <... memfd_create resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] rmdir("./121" [pid 5864] <... close resumed>) = 0 [pid 5867] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5868] close(3 [pid 6499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... close resumed>) = 0 [pid 6499] <... mmap resumed>) = 0x7f1864095000 [pid 5868] rmdir("./125") = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6499] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] mkdir("./126", 0777 [pid 5865] mkdir("./122", 0777 [pid 5868] <... mkdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6499] <... write resumed>) = 524288 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6499] munmap(0x7f1864095000, 138412032 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6500 [pid 6499] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6500 attached [pid 6499] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6500] set_robust_list(0x5555593cd660, 24 [pid 6499] <... openat resumed>) = 4 [pid 5868] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6500] <... set_robust_list resumed>) = 0 [pid 6499] ioctl(4, LOOP_SET_FD, 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6500] chdir("./123" [pid 5868] close(3) = 0 [pid 6500] <... chdir resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... ioctl resumed>) = 0 [pid 6500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6500] setpgid(0, 0) = 0 [pid 6500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] close(3 [pid 6500] <... openat resumed>) = 3 [pid 5865] <... close resumed>) = 0 [pid 6500] write(3, "1000", 4) = 4 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6500] close(3) = 0 [pid 6500] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6502 attached ./strace-static-x86_64: Process 6501 attached [pid 6499] <... ioctl resumed>) = 0 [pid 6499] close(3) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6501 executing program [pid 6501] set_robust_list(0x5555593cd660, 24 [pid 6500] <... symlink resumed>) = 0 [pid 6499] close(4 [pid 6502] set_robust_list(0x5555593cd660, 24 [pid 6500] write(1, "executing program\n", 18 [pid 6499] <... close resumed>) = 0 [pid 6502] <... set_robust_list resumed>) = 0 [pid 6501] <... set_robust_list resumed>) = 0 [pid 6500] <... write resumed>) = 18 [pid 6499] mkdir("./file1", 0777 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6502 [pid 6502] chdir("./122" [pid 6501] chdir("./126" [pid 6500] memfd_create("syzkaller", 0 [pid 6499] <... mkdir resumed>) = 0 [pid 6502] <... chdir resumed>) = 0 [pid 6501] <... chdir resumed>) = 0 [pid 6500] <... memfd_create resumed>) = 3 [pid 6499] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6502] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6501] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6502] <... prctl resumed>) = 0 [pid 6501] <... prctl resumed>) = 0 [pid 6500] <... mmap resumed>) = 0x7f1864095000 [pid 6499] <... mount resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 6502] setpgid(0, 0 [ 210.391273][ T6499] loop2: detected capacity change from 0 to 1024 [pid 6501] setpgid(0, 0 [pid 6499] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6501] <... setpgid resumed>) = 0 [pid 6500] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6502] <... setpgid resumed>) = 0 [pid 6501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6499] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6499] chdir("./file1" [pid 6502] <... openat resumed>) = 3 [pid 6501] <... openat resumed>) = 3 [pid 6499] <... chdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./124/file1", [pid 6502] write(3, "1000", 4 [pid 6501] write(3, "1000", 4 [pid 6499] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6502] <... write resumed>) = 4 [pid 6501] <... write resumed>) = 4 [pid 6502] close(3 [pid 6499] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6502] <... close resumed>) = 0 [pid 6501] close(3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6499] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6502] symlink("/dev/binderfs", "./binderfs" [pid 6501] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./124/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6501] symlink("/dev/binderfs", "./binderfs" [pid 6500] <... write resumed>) = 524288 [pid 6499] <... link resumed>) = 0 [pid 6499] sync( [pid 6500] munmap(0x7f1864095000, 138412032) = 0 [pid 6500] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6502] <... symlink resumed>) = 0 [pid 6501] <... symlink resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 6501] write(1, "executing program\n", 18 [pid 5867] newfstatat(4, "", executing program executing program [pid 6502] write(1, "executing program\n", 18 [pid 6501] <... write resumed>) = 18 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6502] <... write resumed>) = 18 [pid 6501] memfd_create("syzkaller", 0 [pid 6502] memfd_create("syzkaller", 0 [pid 6501] <... memfd_create resumed>) = 3 [pid 5867] getdents64(4, [pid 6502] <... memfd_create resumed>) = 3 [pid 6501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6500] <... openat resumed>) = 4 [pid 6502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6501] <... mmap resumed>) = 0x7f1864095000 [pid 5867] getdents64(4, [pid 6502] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6500] ioctl(4, LOOP_SET_FD, 3 [pid 5867] close(4 [pid 6501] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6500] <... ioctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6499] <... sync resumed>) = 0 [pid 5867] rmdir("./124/file1" [pid 6502] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6500] close(3 [pid 6499] exit_group(0 [pid 6500] <... close resumed>) = 0 [pid 6499] <... exit_group resumed>) = ? [pid 5867] <... rmdir resumed>) = 0 [pid 6500] close(4 [pid 6499] +++ exited with 0 +++ [pid 5867] umount2("./124/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6499, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6500] <... close resumed>) = 0 [pid 5867] unlink("./124/binderfs" [pid 5866] <... restart_syscall resumed>) = 0 [pid 6500] mkdir("./file1", 0777 [pid 5867] <... unlink resumed>) = 0 [pid 6501] <... write resumed>) = 524288 [pid 6500] <... mkdir resumed>) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] umount2("./122", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6502] <... write resumed>) = 524288 [pid 6500] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] rmdir("./124" [pid 5866] <... openat resumed>) = 3 [ 210.545134][ T6500] loop0: detected capacity change from 0 to 1024 [pid 5867] <... rmdir resumed>) = 0 [pid 5867] mkdir("./125", 0777 [pid 5866] newfstatat(3, "", [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6501] munmap(0x7f1864095000, 138412032 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] getdents64(3, [pid 6501] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6502] munmap(0x7f1864095000, 138412032) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... ioctl resumed>) = 0 [pid 6501] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] close(3 [pid 6502] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6501] <... openat resumed>) = 4 [pid 6501] ioctl(4, LOOP_SET_FD, 3 [pid 6502] <... openat resumed>) = 4 [pid 6501] <... ioctl resumed>) = 0 [pid 6502] ioctl(4, LOOP_SET_FD, 3 [pid 6501] close(3 [pid 6500] <... mount resumed>) = 0 [pid 6500] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6501] <... close resumed>) = 0 [pid 6501] close(4) = 0 [pid 6500] chdir("./file1" [pid 6501] mkdir("./file1", 0777 [pid 6500] <... chdir resumed>) = 0 [pid 6501] <... mkdir resumed>) = 0 [pid 6500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] <... close resumed>) = 0 [pid 6502] <... ioctl resumed>) = 0 [pid 6501] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6500] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6502] close(3) = 0 ./strace-static-x86_64: Process 6503 attached [pid 6502] close(4) = 0 [pid 6503] set_robust_list(0x5555593cd660, 24 [pid 6502] mkdir("./file1", 0777 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6503 [pid 6503] <... set_robust_list resumed>) = 0 [pid 6502] <... mkdir resumed>) = 0 [pid 6503] chdir("./125") = 0 [pid 6502] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... umount2 resumed>) = 0 [pid 6503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6501] <... mount resumed>) = 0 [pid 6500] <... link resumed>) = 0 [ 210.649554][ T6501] loop4: detected capacity change from 0 to 1024 [ 210.679417][ T6502] loop1: detected capacity change from 0 to 1024 [pid 6503] setpgid(0, 0 [pid 6501] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6503] <... setpgid resumed>) = 0 [pid 6501] <... openat resumed>) = 3 [pid 6500] sync( [pid 6503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6501] chdir("./file1" [pid 5866] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6503] <... openat resumed>) = 3 [pid 6501] <... chdir resumed>) = 0 [pid 6503] write(3, "1000", 4 [pid 6501] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6503] <... write resumed>) = 4 [pid 5866] newfstatat(AT_FDCWD, "./122/file1", [pid 6503] close(3 [pid 6501] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6503] <... close resumed>) = 0 [pid 6501] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6503] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5866] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) executing program [pid 6503] write(1, "executing program\n", 18 [pid 5866] openat(AT_FDCWD, "./122/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6503] <... write resumed>) = 18 [pid 6502] <... mount resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6503] memfd_create("syzkaller", 0) = 3 [pid 6502] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6502] <... openat resumed>) = 3 [pid 6501] <... link resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 6502] chdir("./file1") = 0 [pid 6501] sync( [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6503] <... mmap resumed>) = 0x7f1864095000 [pid 6502] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6503] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6502] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] getdents64(4, [pid 6502] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./122/file1") = 0 [pid 5866] umount2("./122/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./122/binderfs") = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5866] rmdir("./122" [pid 6502] <... link resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6503] <... write resumed>) = 524288 [pid 6502] sync( [pid 5866] mkdir("./123", 0777) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6503] munmap(0x7f1864095000, 138412032) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6504 attached [pid 6503] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6504] set_robust_list(0x5555593cd660, 24 [pid 6502] <... sync resumed>) = 0 [pid 6501] <... sync resumed>) = 0 [pid 6500] <... sync resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6504 [pid 6504] <... set_robust_list resumed>) = 0 [pid 6504] chdir("./123" [pid 6503] <... openat resumed>) = 4 [pid 6502] exit_group(0 [pid 6501] exit_group(0 [pid 6500] exit_group(0 [pid 6504] <... chdir resumed>) = 0 [pid 6502] <... exit_group resumed>) = ? [pid 6504] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6503] ioctl(4, LOOP_SET_FD, 3 [pid 6501] <... exit_group resumed>) = ? [pid 6504] <... prctl resumed>) = 0 [pid 6503] <... ioctl resumed>) = 0 [pid 6502] +++ exited with 0 +++ [pid 6501] +++ exited with 0 +++ [pid 6500] <... exit_group resumed>) = ? [pid 6504] setpgid(0, 0 [pid 6503] close(3) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6501, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6503] close(4 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6502, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6504] <... setpgid resumed>) = 0 [pid 6503] <... close resumed>) = 0 [pid 6500] +++ exited with 0 +++ [pid 5868] <... restart_syscall resumed>) = 0 [pid 6504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6503] mkdir("./file1", 0777 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6504] <... openat resumed>) = 3 [pid 6504] write(3, "1000", 4 [pid 5868] umount2("./126", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6500, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6504] <... write resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6504] close(3) = 0 [pid 5865] umount2("./122", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./123", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6504] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6504] write(1, "executing program\n", 18 [pid 5864] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6504] <... write resumed>) = 18 [pid 5864] <... openat resumed>) = 3 [pid 6504] memfd_create("syzkaller", 0 [pid 5864] newfstatat(3, "", [pid 6504] <... memfd_create resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 6504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6503] <... mkdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6503] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] newfstatat(3, "", [pid 5865] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6504] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5865] newfstatat(3, "", [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 6504] <... write resumed>) = 524288 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [ 210.924975][ T6503] loop3: detected capacity change from 0 to 1024 [pid 5865] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6504] munmap(0x7f1864095000, 138412032) = 0 [pid 6504] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6504] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6504] ioctl(4, LOOP_CLR_FD) = 0 [pid 6504] ioctl(4, LOOP_SET_FD, 3 [pid 6503] <... mount resumed>) = 0 [pid 6504] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6503] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6504] close(4 [pid 6503] <... openat resumed>) = 3 [pid 6504] <... close resumed>) = 0 [pid 6503] chdir("./file1" [pid 6504] close(3 [pid 6503] <... chdir resumed>) = 0 [pid 6503] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6504] <... close resumed>) = 0 [pid 6503] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6503] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6504] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 5865] <... umount2 resumed>) = 0 [pid 6504] sync( [pid 5868] <... umount2 resumed>) = 0 [pid 5868] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./126/file1", [pid 5865] newfstatat(AT_FDCWD, "./122/file1", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./122/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6503] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./122/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6503] sync( [pid 5865] <... openat resumed>) = 4 [pid 5864] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(4, "", [pid 5868] openat(AT_FDCWD, "./126/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./123/file1", [pid 5868] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5868] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 6504] <... sync resumed>) = 0 [pid 5868] close(4 [pid 5865] <... close resumed>) = 0 [pid 5864] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6504] exit_group(0 [pid 5868] <... close resumed>) = 0 [pid 5865] rmdir("./122/file1" [pid 6504] <... exit_group resumed>) = ? [pid 6504] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6504, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] umount2("./123", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] rmdir("./126/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./122/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./122/binderfs", [pid 5866] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] unlink("./122/binderfs" [pid 5866] getdents64(3, [pid 5865] <... unlink resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5866] umount2("./123/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./126/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./123/binderfs", [pid 5865] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5866] unlink("./123/binderfs" [pid 5865] rmdir("./122" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./123/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] unlink("./126/binderfs" [pid 5866] getdents64(3, [pid 5865] mkdir("./123", 0777 [pid 5864] <... openat resumed>) = 4 [pid 5868] <... unlink resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 5868] getdents64(3, [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 6503] <... sync resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] getdents64(4, [pid 6503] exit_group(0 [pid 5868] close(3 [pid 5866] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6503] <... exit_group resumed>) = ? [pid 5864] getdents64(4, [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] rmdir("./123" [pid 5865] <... ioctl resumed>) = 0 [pid 5864] close(4 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] close(3 [pid 5864] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] rmdir("./123/file1" [pid 5868] rmdir("./126" [pid 5866] mkdir("./124", 0777 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] mkdir("./127", 0777 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... mkdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5866] close(3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 ./strace-static-x86_64: Process 6505 attached [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./123/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... ioctl resumed>) = 0 [pid 6505] set_robust_list(0x5555593cd660, 24 [pid 5868] close(3 [pid 6505] <... set_robust_list resumed>) = 0 [pid 6505] chdir("./124" [pid 6503] +++ exited with 0 +++ [pid 5868] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6505 [pid 5864] newfstatat(AT_FDCWD, "./123/binderfs", [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6503, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6507 attached [pid 5864] unlink("./123/binderfs"./strace-static-x86_64: Process 6506 attached [pid 6507] set_robust_list(0x5555593cd660, 24 [pid 6505] <... chdir resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6507] <... set_robust_list resumed>) = 0 [pid 6505] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6507 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6506 [pid 5864] getdents64(3, [pid 6505] <... prctl resumed>) = 0 [pid 5867] umount2("./125", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6507] chdir("./127" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6505] setpgid(0, 0 [pid 5867] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6506] set_robust_list(0x5555593cd660, 24 [pid 6505] <... setpgid resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6506] <... set_robust_list resumed>) = 0 [pid 6507] <... chdir resumed>) = 0 [pid 6505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] newfstatat(3, "", [pid 5864] close(3 [pid 6507] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6505] <... openat resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6506] chdir("./123" [pid 5867] getdents64(3, [pid 6505] write(3, "1000", 4 [pid 5864] <... close resumed>) = 0 [pid 6507] <... prctl resumed>) = 0 [pid 6506] <... chdir resumed>) = 0 [pid 6505] <... write resumed>) = 4 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] rmdir("./123" [pid 6507] setpgid(0, 0 [pid 6506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6507] <... setpgid resumed>) = 0 [pid 6506] setpgid(0, 0) = 0 [pid 5867] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6505] close(3) = 0 [pid 6505] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6505] write(1, "executing program\n", 18 [pid 6506] <... openat resumed>) = 3 [pid 6505] <... write resumed>) = 18 [pid 6505] memfd_create("syzkaller", 0) = 3 [pid 6506] write(3, "1000", 4 [pid 6505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6506] <... write resumed>) = 4 [pid 6505] <... mmap resumed>) = 0x7f1864095000 [pid 5864] mkdir("./124", 0777executing program [pid 6506] close(3) = 0 [pid 6506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6506] write(1, "executing program\n", 18) = 18 [pid 6506] memfd_create("syzkaller", 0) = 3 [pid 6506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6506] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... mkdir resumed>) = 0 [pid 6507] <... openat resumed>) = 3 [pid 6507] write(3, "1000", 4 [pid 6505] <... write resumed>) = 524288 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6507] <... write resumed>) = 4 [pid 6507] close(3 [pid 5864] <... openat resumed>) = 3 [pid 6507] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6507] symlink("/dev/binderfs", "./binderfs" [pid 5864] <... ioctl resumed>) = 0 [pid 6507] <... symlink resumed>) = 0 [pid 5864] close(3 [pid 6507] write(1, "executing program\n", 18executing program ) = 18 [pid 6506] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... close resumed>) = 0 [pid 6507] memfd_create("syzkaller", 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6507] <... memfd_create resumed>) = 3 [pid 6507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 ./strace-static-x86_64: Process 6508 attached [pid 6507] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6506] <... write resumed>) = 524288 [pid 6508] set_robust_list(0x5555593cd660, 24 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6508 [pid 5867] <... umount2 resumed>) = 0 [pid 6508] <... set_robust_list resumed>) = 0 [pid 6505] munmap(0x7f1864095000, 138412032) = 0 [pid 6505] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6506] munmap(0x7f1864095000, 138412032 [pid 6505] <... openat resumed>) = 4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6506] <... munmap resumed>) = 0 [pid 6505] ioctl(4, LOOP_SET_FD, 3 [pid 5867] newfstatat(AT_FDCWD, "./125/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6506] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6507] <... write resumed>) = 524288 [pid 6506] <... openat resumed>) = 4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6508] chdir("./124" [pid 6506] ioctl(4, LOOP_SET_FD, 3 [pid 5867] openat(AT_FDCWD, "./125/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6508] <... chdir resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6508] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] close(4 [pid 6508] <... prctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6507] munmap(0x7f1864095000, 138412032 [pid 6506] <... ioctl resumed>) = 0 [pid 6505] <... ioctl resumed>) = 0 [pid 6508] setpgid(0, 0) = 0 [pid 6507] <... munmap resumed>) = 0 [pid 6506] close(3 [pid 6505] close(3 [pid 5867] rmdir("./125/file1" [pid 6506] <... close resumed>) = 0 [pid 6505] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6506] close(4 [pid 6505] close(4 [pid 6508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6506] <... close resumed>) = 0 [pid 6505] <... close resumed>) = 0 [pid 5867] umount2("./125/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6508] <... openat resumed>) = 3 [pid 6506] mkdir("./file1", 0777 [pid 6505] mkdir("./file1", 0777 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6507] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6506] <... mkdir resumed>) = 0 [pid 6505] <... mkdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./125/binderfs", [pid 6508] write(3, "1000", 4 [pid 6507] <... openat resumed>) = 4 [pid 6506] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6505] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./125/binderfs") = 0 [pid 6508] <... write resumed>) = 4 [pid 6507] ioctl(4, LOOP_SET_FD, 3 [pid 5867] getdents64(3, [pid 6508] close(3 [pid 6507] <... ioctl resumed>) = 0 [pid 6508] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6508] symlink("/dev/binderfs", "./binderfs" [pid 6507] close(3 [pid 5867] close(3 [pid 6508] <... symlink resumed>) = 0 [pid 6507] <... close resumed>) = 0 [pid 6506] <... mount resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6508] write(1, "executing program\n", 18 [pid 6507] close(4executing program [pid 6506] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] rmdir("./125" [pid 6508] <... write resumed>) = 18 [pid 6507] <... close resumed>) = 0 [pid 6506] <... openat resumed>) = 3 [pid 6505] <... mount resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6508] memfd_create("syzkaller", 0 [pid 6507] mkdir("./file1", 0777 [pid 6506] chdir("./file1" [pid 6505] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] mkdir("./126", 0777 [pid 6507] <... mkdir resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 6506] <... chdir resumed>) = 0 [pid 6505] <... openat resumed>) = 3 [pid 6508] <... memfd_create resumed>) = 3 [pid 6506] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6505] chdir("./file1" [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6506] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6506] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6505] <... chdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6507] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6508] <... mmap resumed>) = 0x7f1864095000 [pid 6505] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... ioctl resumed>) = 0 [ 211.338576][ T6505] loop2: detected capacity change from 0 to 1024 [ 211.338866][ T6506] loop1: detected capacity change from 0 to 1024 [ 211.373532][ T6507] loop4: detected capacity change from 0 to 1024 [pid 6505] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] close(3 [pid 6508] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6505] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] <... close resumed>) = 0 [pid 6508] <... write resumed>) = 524288 [pid 6506] <... link resumed>) = 0 [pid 6506] sync( [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6507] <... mount resumed>) = 0 [pid 6507] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6508] munmap(0x7f1864095000, 138412032 [pid 6507] chdir("./file1") = 0 [pid 6507] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6505] <... link resumed>) = 0 [pid 6505] sync( [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6509 [pid 6507] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6507] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"./strace-static-x86_64: Process 6509 attached [pid 6508] <... munmap resumed>) = 0 [pid 6509] set_robust_list(0x5555593cd660, 24 [pid 6506] <... sync resumed>) = 0 [pid 6509] <... set_robust_list resumed>) = 0 [pid 6506] exit_group(0 [pid 6509] chdir("./126") = 0 [pid 6506] <... exit_group resumed>) = ? [pid 6506] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6506, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6505] <... sync resumed>) = 0 [pid 6509] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] umount2("./123", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6509] <... prctl resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6509] setpgid(0, 0 [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6509] <... setpgid resumed>) = 0 [pid 6508] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6505] exit_group(0 [pid 5865] getdents64(3, [pid 6509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6508] <... openat resumed>) = 4 [pid 6505] <... exit_group resumed>) = ? [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6508] ioctl(4, LOOP_SET_FD, 3 [pid 6509] <... openat resumed>) = 3 [pid 6508] <... ioctl resumed>) = 0 [pid 6507] <... link resumed>) = 0 [pid 6505] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6505, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6509] write(3, "1000", 4 [pid 6507] sync( [pid 6509] <... write resumed>) = 4 [pid 6508] close(3 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6509] close(3 [pid 6508] <... close resumed>) = 0 [pid 6508] close(4 [pid 6509] <... close resumed>) = 0 [pid 6508] <... close resumed>) = 0 [pid 5866] umount2("./124", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6509] symlink("/dev/binderfs", "./binderfs" [pid 6508] mkdir("./file1", 0777 [pid 5866] <... openat resumed>) = 3 [pid 6509] <... symlink resumed>) = 0 [pid 6508] <... mkdir resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 6509] write(1, "executing program\n", 18 [pid 6508] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 6509] <... write resumed>) = 18 [pid 6509] memfd_create("syzkaller", 0 [pid 5866] getdents64(3, [pid 6509] <... memfd_create resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [ 211.530711][ T6508] loop0: detected capacity change from 0 to 1024 [pid 6509] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6509] <... write resumed>) = 524288 [pid 5865] newfstatat(AT_FDCWD, "./123/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./123/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./123/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6508] <... mount resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 6509] munmap(0x7f1864095000, 138412032 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6508] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6507] <... sync resumed>) = 0 [pid 6509] <... munmap resumed>) = 0 [pid 6508] <... openat resumed>) = 3 [pid 6507] exit_group(0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] getdents64(4, [pid 6508] chdir("./file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6507] <... exit_group resumed>) = ? [pid 6509] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6508] <... chdir resumed>) = 0 [pid 6509] <... openat resumed>) = 4 [pid 6508] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6509] ioctl(4, LOOP_SET_FD, 3 [pid 6508] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6508] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6507] +++ exited with 0 +++ [pid 5865] getdents64(4, [pid 5866] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6507, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6509] <... ioctl resumed>) = 0 [pid 6509] close(3) = 0 [pid 6509] close(4 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(4 [pid 5866] newfstatat(AT_FDCWD, "./124/file1", [pid 5865] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6509] <... close resumed>) = 0 [pid 5868] umount2("./127", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./123/file1" [pid 6509] mkdir("./file1", 0777 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 6509] <... mkdir resumed>) = 0 [pid 6508] <... link resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "./124/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./123/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6508] sync( [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6509] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] newfstatat(AT_FDCWD, "./123/binderfs", [pid 5866] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(4, "", [pid 5865] unlink("./123/binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3) = 0 [pid 5865] rmdir("./123") = 0 [pid 5865] mkdir("./124", 0777) = 0 [pid 5866] getdents64(4, [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... openat resumed>) = 3 [ 211.667782][ T6509] loop3: detected capacity change from 0 to 1024 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 6509] <... mount resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] getdents64(4, [pid 6509] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] newfstatat(3, "", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 6509] <... openat resumed>) = 3 [pid 5866] close(4 [pid 5865] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... close resumed>) = 0 [pid 6509] chdir("./file1" [pid 5868] getdents64(3, [pid 5866] rmdir("./124/file1" [pid 6509] <... chdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... rmdir resumed>) = 0 [pid 6509] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./124/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6509] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6509] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6508] <... sync resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./124/binderfs", ./strace-static-x86_64: Process 6510 attached [pid 6508] exit_group(0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6510 [pid 6508] <... exit_group resumed>) = ? [pid 6510] set_robust_list(0x5555593cd660, 24 [pid 6508] +++ exited with 0 +++ [pid 5866] unlink("./124/binderfs" [pid 6510] <... set_robust_list resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6508, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6510] chdir("./124" [pid 5866] <... unlink resumed>) = 0 [pid 5864] umount2("./124", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6510] <... chdir resumed>) = 0 [pid 5866] getdents64(3, [pid 6510] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6510] <... prctl resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6510] setpgid(0, 0 [pid 6509] <... link resumed>) = 0 [pid 5866] close(3 [pid 5864] <... openat resumed>) = 3 [pid 6510] <... setpgid resumed>) = 0 [pid 6509] sync( [pid 5864] newfstatat(3, "", [pid 6510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./124") = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6510] <... openat resumed>) = 3 [pid 6509] <... sync resumed>) = 0 [pid 5868] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] mkdir("./125", 0777 [pid 6510] write(3, "1000", 4 [pid 6509] exit_group(0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6509] <... exit_group resumed>) = ? [pid 5868] newfstatat(AT_FDCWD, "./127/file1", [pid 6510] <... write resumed>) = 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6510] close(3 [pid 5868] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./127/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6510] <... close resumed>) = 0 [pid 6510] symlink("/dev/binderfs", "./binderfs" [pid 6509] +++ exited with 0 +++ [pid 5868] getdents64(4, [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6509, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6510] <... symlink resumed>) = 0 [pid 5868] close(4 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... openat resumed>) = 3 [pid 6510] write(1, "executing program\n", 18executing program [pid 5868] <... close resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 6510] <... write resumed>) = 18 [pid 5868] rmdir("./127/file1" [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6510] memfd_create("syzkaller", 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5867] umount2("./126", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./127/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6510] <... memfd_create resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] close(3 [pid 5867] <... openat resumed>) = 3 [pid 5868] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5867] newfstatat(3, "", [pid 5864] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] unlink("./127/binderfs" [pid 5867] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] newfstatat(AT_FDCWD, "./124/file1", [pid 5868] getdents64(3, [pid 5867] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6510] <... mmap resumed>) = 0x7f1864095000 [pid 5868] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./124/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] rmdir("./127" [pid 5864] <... openat resumed>) = 4 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, [pid 5868] mkdir("./128", 0777 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./124/file1" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] <... close resumed>) = 0 [pid 6510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] close(3 [pid 5864] umount2("./124/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5868] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] unlink("./124/binderfs") = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... close resumed>) = 0 ./strace-static-x86_64: Process 6511 attached [pid 5864] rmdir("./124" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6511 [pid 5864] <... rmdir resumed>) = 0 [pid 6511] set_robust_list(0x5555593cd660, 24 [pid 5864] mkdir("./125", 0777) = 0 [pid 6511] <... set_robust_list resumed>) = 0 [pid 6511] chdir("./128") = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6511] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... openat resumed>) = 3 [pid 6511] <... prctl resumed>) = 0 [pid 6511] setpgid(0, 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6511] <... setpgid resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6513 attached ./strace-static-x86_64: Process 6512 attached [pid 6511] <... openat resumed>) = 3 [pid 6510] <... write resumed>) = 524288 [pid 6513] set_robust_list(0x5555593cd660, 24) = 0 [pid 6511] write(3, "1000", 4 [pid 6513] chdir("./125" [pid 6511] <... write resumed>) = 4 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6512 [pid 6511] close(3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6513 [pid 6513] <... chdir resumed>) = 0 [pid 6511] <... close resumed>) = 0 [pid 6513] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6512] set_robust_list(0x5555593cd660, 24 [pid 6511] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... umount2 resumed>) = 0 [pid 6512] <... set_robust_list resumed>) = 0 [pid 6513] <... prctl resumed>) = 0 [pid 6512] chdir("./125" [pid 6511] <... symlink resumed>) = 0 [pid 6513] setpgid(0, 0 [pid 6512] <... chdir resumed>) = 0 [pid 6510] munmap(0x7f1864095000, 138412032 [pid 5867] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6513] <... setpgid resumed>) = 0 [pid 6512] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6511] write(1, "executing program\n", 18 [pid 6513] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6512] <... prctl resumed>) = 0 [pid 6511] <... write resumed>) = 18 [pid 6510] <... munmap resumed>) = 0 [pid 6511] memfd_create("syzkaller", 0 [pid 6512] setpgid(0, 0 [pid 6511] <... memfd_create resumed>) = 3 [pid 6512] <... setpgid resumed>) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6511] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] newfstatat(AT_FDCWD, "./126/file1", [pid 6513] <... openat resumed>) = 3 [pid 6511] <... mmap resumed>) = 0x7f1864095000 [pid 6513] write(3, "1000", 4 [pid 6510] <... openat resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6513] <... write resumed>) = 4 [pid 6510] ioctl(4, LOOP_SET_FD, 3 [pid 6513] close(3 [pid 5867] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6513] <... close resumed>) = 0 [pid 6512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6510] <... ioctl resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] symlink("/dev/binderfs", "./binderfs" [pid 5867] openat(AT_FDCWD, "./126/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6513] <... symlink resumed>) = 0 [pid 6512] <... openat resumed>) = 3 [pid 6511] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6510] close(3 [pid 6513] write(1, "executing program\n", 18 [pid 6512] write(3, "1000", 4 [pid 6510] <... close resumed>) = 0 [pid 5867] <... openat resumed>) = 4 executing program [pid 6513] <... write resumed>) = 18 [pid 6512] <... write resumed>) = 4 [pid 6510] close(4 [pid 5867] newfstatat(4, "", [pid 6512] close(3 [pid 6510] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6512] <... close resumed>) = 0 [pid 6510] mkdir("./file1", 0777 [pid 6512] symlink("/dev/binderfs", "./binderfs" [pid 5867] getdents64(4, [pid 6513] memfd_create("syzkaller", 0 [pid 6512] <... symlink resumed>) = 0 [pid 6510] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6513] <... memfd_create resumed>) = 3 [pid 6513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 executing program [pid 6512] write(1, "executing program\n", 18 [pid 6510] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] getdents64(4, [pid 6512] <... write resumed>) = 18 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6512] memfd_create("syzkaller", 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./126/file1" [pid 6512] <... memfd_create resumed>) = 3 [pid 6511] <... write resumed>) = 524288 [pid 5867] <... rmdir resumed>) = 0 [pid 6512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] umount2("./126/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6512] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6511] munmap(0x7f1864095000, 138412032) = 0 [ 211.946942][ T6510] loop1: detected capacity change from 0 to 1024 [pid 5867] newfstatat(AT_FDCWD, "./126/binderfs", [pid 6513] <... write resumed>) = 524288 [pid 6511] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6511] <... openat resumed>) = 4 [pid 6511] ioctl(4, LOOP_SET_FD, 3 [pid 5867] unlink("./126/binderfs" [pid 6513] munmap(0x7f1864095000, 138412032 [pid 6511] <... ioctl resumed>) = 0 [pid 6513] <... munmap resumed>) = 0 [pid 6510] <... mount resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 6512] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6510] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] getdents64(3, [pid 6513] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6511] close(3 [pid 6513] ioctl(4, LOOP_SET_FD, 3 [pid 6511] <... close resumed>) = 0 [pid 6510] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6511] close(4) = 0 [pid 6511] mkdir("./file1", 0777 [pid 6513] <... ioctl resumed>) = 0 [pid 6511] <... mkdir resumed>) = 0 [pid 6513] close(3 [pid 6510] chdir("./file1" [pid 5867] close(3 [pid 6510] <... chdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6513] <... close resumed>) = 0 [pid 6513] close(4) = 0 [pid 6513] mkdir("./file1", 0777) = 0 [pid 6511] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6513] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6510] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] rmdir("./126") = 0 [pid 6510] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6510] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6512] <... write resumed>) = 524288 [pid 5867] mkdir("./127", 0777 [pid 6512] munmap(0x7f1864095000, 138412032 [pid 5867] <... mkdir resumed>) = 0 [pid 6512] <... munmap resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6512] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 212.016455][ T6511] loop4: detected capacity change from 0 to 1024 [ 212.041775][ T6513] loop0: detected capacity change from 0 to 1024 [pid 6512] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... openat resumed>) = 3 [pid 6512] <... ioctl resumed>) = 0 [pid 6513] <... mount resumed>) = 0 [pid 6512] close(3 [pid 6511] <... mount resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6513] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6512] <... close resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 6513] <... openat resumed>) = 3 [pid 6512] close(4 [pid 6511] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] close(3 [pid 6513] chdir("./file1" [pid 6512] <... close resumed>) = 0 [pid 6511] <... openat resumed>) = 3 [pid 6510] <... link resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6513] <... chdir resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6512] mkdir("./file1", 0777 [pid 6511] chdir("./file1" [pid 6510] sync(./strace-static-x86_64: Process 6514 attached [pid 6513] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6512] <... mkdir resumed>) = 0 [pid 6511] <... chdir resumed>) = 0 [ 212.088889][ T6512] loop2: detected capacity change from 0 to 1024 [pid 6514] set_robust_list(0x5555593cd660, 24 [pid 6513] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6511] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6512] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6514 [pid 6514] <... set_robust_list resumed>) = 0 [pid 6513] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6511] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6514] chdir("./127" [pid 6511] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6514] <... chdir resumed>) = 0 [pid 6514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6514] setpgid(0, 0) = 0 [pid 6514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6513] <... link resumed>) = 0 [pid 6512] <... mount resumed>) = 0 [pid 6511] <... link resumed>) = 0 [pid 6512] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6514] write(3, "1000", 4 [pid 6513] sync( [pid 6512] <... openat resumed>) = 3 [pid 6511] sync( [pid 6514] <... write resumed>) = 4 [pid 6514] close(3 [pid 6512] chdir("./file1" [pid 6514] <... close resumed>) = 0 [pid 6512] <... chdir resumed>) = 0 [pid 6514] symlink("/dev/binderfs", "./binderfs" [pid 6512] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6512] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"executing program [pid 6514] <... symlink resumed>) = 0 [pid 6514] write(1, "executing program\n", 18) = 18 [pid 6510] <... sync resumed>) = 0 [pid 6514] memfd_create("syzkaller", 0 [pid 6510] exit_group(0 [pid 6513] <... sync resumed>) = 0 [pid 6510] <... exit_group resumed>) = ? [pid 6514] <... memfd_create resumed>) = 3 [pid 6513] exit_group(0 [pid 6514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6513] <... exit_group resumed>) = ? [pid 6510] +++ exited with 0 +++ [pid 6514] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6513] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6510, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6513, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] umount2("./124", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6512] <... link resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] umount2("./125", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6512] sync( [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 6511] <... sync resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 5864] <... openat resumed>) = 3 [pid 6511] exit_group(0) = ? [pid 5864] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6511] +++ exited with 0 +++ [pid 5864] getdents64(3, [pid 6514] <... write resumed>) = 524288 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6511, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5865] getdents64(3, [pid 5868] umount2("./128", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6512] <... sync resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] newfstatat(3, "", [pid 6512] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(3, [pid 6512] <... exit_group resumed>) = ? [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6514] munmap(0x7f1864095000, 138412032) = 0 [pid 6514] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6514] ioctl(4, LOOP_SET_FD, 3 [pid 6512] +++ exited with 0 +++ [pid 5865] <... umount2 resumed>) = 0 [pid 6514] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6512, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6514] ioctl(4, LOOP_CLR_FD) = 0 [pid 5865] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./125", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./124/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./124/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6514] ioctl(4, LOOP_SET_FD, 3 [pid 5865] openat(AT_FDCWD, "./124/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6514] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] newfstatat(3, "", [pid 5865] <... openat resumed>) = 4 [pid 6514] close(4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 6514] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 6514] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6514] <... close resumed>) = 0 [pid 5866] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4) = 0 [pid 6514] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] rmdir("./124/file1" [pid 6514] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5865] <... rmdir resumed>) = 0 [pid 6514] sync( [pid 5864] <... umount2 resumed>) = 0 [pid 5865] umount2("./124/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./124/binderfs" [pid 5868] <... umount2 resumed>) = 0 [pid 5868] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./125/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(AT_FDCWD, "./128/file1", [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6514] <... sync resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./125/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6514] exit_group(0 [pid 5866] openat(AT_FDCWD, "./125/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./125/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 4 [pid 5864] <... openat resumed>) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6514] <... exit_group resumed>) = ? [pid 5868] openat(AT_FDCWD, "./128/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] newfstatat(4, "", [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5866] rmdir("./125/file1" [pid 6514] +++ exited with 0 +++ [pid 5868] newfstatat(4, "", [pid 5865] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 5868] getdents64(4, [pid 5865] close(3 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] getdents64(4, [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6514, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./127", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(4 [pid 5868] getdents64(4, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] rmdir("./124" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... close resumed>) = 0 [pid 5868] close(4 [pid 5866] umount2("./125/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5864] rmdir("./125/file1" [pid 5868] rmdir("./128/file1" [pid 5867] <... openat resumed>) = 3 [pid 5865] mkdir("./125", 0777 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./128/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5866] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5865] <... mkdir resumed>) = 0 [pid 5864] umount2("./125/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(AT_FDCWD, "./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./127/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] unlink("./128/binderfs" [pid 5864] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] unlink("./125/binderfs" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5867] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5864] unlink("./125/binderfs" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(3, [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... unlink resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] unlink("./127/binderfs" [pid 5866] close(3 [pid 5864] getdents64(3, [pid 5868] rmdir("./128" [pid 5866] <... close resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] mkdir("./129", 0777 [pid 5864] close(3 [pid 5867] <... unlink resumed>) = 0 [pid 5866] rmdir("./125" [pid 5865] close(3 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] <... rmdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] mkdir("./126", 0777 [pid 5864] <... close resumed>) = 0 [pid 5867] close(3 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] rmdir("./125" [pid 5867] rmdir("./127" [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... openat resumed>) = 3 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3 [pid 5867] mkdir("./128", 0777 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] mkdir("./126", 0777 [pid 5868] <... close resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] close(3./strace-static-x86_64: Process 6515 attached [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6516 attached [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6516] set_robust_list(0x5555593cd660, 24 [pid 5864] <... ioctl resumed>) = 0 [pid 6515] set_robust_list(0x5555593cd660, 24 [pid 5867] <... openat resumed>) = 3 [pid 6516] <... set_robust_list resumed>) = 0 [pid 6516] chdir("./126" [pid 5864] close(3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6515] <... set_robust_list resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6515] chdir("./129" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6515 [pid 5867] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6516 ./strace-static-x86_64: Process 6517 attached [pid 6516] <... chdir resumed>) = 0 [pid 6515] <... chdir resumed>) = 0 [pid 5867] close(3 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6517] set_robust_list(0x5555593cd660, 24 [pid 6516] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6515] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6516] <... prctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6515] <... prctl resumed>) = 0 [pid 6517] <... set_robust_list resumed>) = 0 [pid 6517] chdir("./126" [pid 6516] setpgid(0, 0 [pid 6515] setpgid(0, 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6517] <... chdir resumed>) = 0 [pid 6516] <... setpgid resumed>) = 0 [pid 6515] <... setpgid resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6517 ./strace-static-x86_64: Process 6519 attached ./strace-static-x86_64: Process 6518 attached [pid 6517] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6518 [pid 6517] <... prctl resumed>) = 0 [pid 6517] setpgid(0, 0 [pid 6516] <... openat resumed>) = 3 [pid 6515] <... openat resumed>) = 3 [pid 6517] <... setpgid resumed>) = 0 [pid 6515] write(3, "1000", 4 [pid 6519] set_robust_list(0x5555593cd660, 24 [pid 6517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6519] <... set_robust_list resumed>) = 0 [pid 6518] set_robust_list(0x5555593cd660, 24 [pid 6517] <... openat resumed>) = 3 [pid 6516] write(3, "1000", 4 [pid 6515] <... write resumed>) = 4 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6519 [pid 6518] <... set_robust_list resumed>) = 0 [pid 6517] write(3, "1000", 4 [pid 6516] <... write resumed>) = 4 [pid 6515] close(3 [pid 6516] close(3 [pid 6515] <... close resumed>) = 0 [pid 6516] <... close resumed>) = 0 [pid 6519] chdir("./128" [pid 6518] chdir("./125" [pid 6516] symlink("/dev/binderfs", "./binderfs" [pid 6515] symlink("/dev/binderfs", "./binderfs" [pid 6519] <... chdir resumed>) = 0 [pid 6517] <... write resumed>) = 4 [pid 6516] <... symlink resumed>) = 0 [pid 6515] <... symlink resumed>) = 0 [pid 6519] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6518] <... chdir resumed>) = 0 [pid 6517] close(3 [pid 6516] write(1, "executing program\n", 18 [pid 6515] write(1, "executing program\n", 18executing program executing program [pid 6516] <... write resumed>) = 18 [pid 6515] <... write resumed>) = 18 [pid 6517] <... close resumed>) = 0 [pid 6517] symlink("/dev/binderfs", "./binderfs" [pid 6515] memfd_create("syzkaller", 0 [pid 6516] memfd_create("syzkaller", 0 [pid 6519] <... prctl resumed>) = 0 [pid 6519] setpgid(0, 0 [pid 6517] <... symlink resumed>) = 0 [pid 6516] <... memfd_create resumed>) = 3 [pid 6518] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6518] <... prctl resumed>) = 0 [pid 6517] write(1, "executing program\n", 18 [pid 6519] <... setpgid resumed>) = 0 executing program [pid 6519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6518] setpgid(0, 0 [pid 6517] <... write resumed>) = 18 [pid 6516] <... mmap resumed>) = 0x7f1864095000 [pid 6515] <... memfd_create resumed>) = 3 [pid 6519] <... openat resumed>) = 3 [pid 6519] write(3, "1000", 4) = 4 [pid 6515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6519] close(3) = 0 [pid 6519] symlink("/dev/binderfs", "./binderfs" [pid 6515] <... mmap resumed>) = 0x7f1864095000 [pid 6519] <... symlink resumed>) = 0 executing program [pid 6519] write(1, "executing program\n", 18) = 18 [pid 6519] memfd_create("syzkaller", 0) = 3 [pid 6518] <... setpgid resumed>) = 0 [pid 6517] memfd_create("syzkaller", 0 [pid 6519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6517] <... memfd_create resumed>) = 3 [pid 6519] <... mmap resumed>) = 0x7f1864095000 [pid 6518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6519] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6516] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6515] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6518] <... openat resumed>) = 3 [pid 6517] <... mmap resumed>) = 0x7f1864095000 [pid 6518] write(3, "1000", 4) = 4 [pid 6518] close(3) = 0 [pid 6518] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6518] write(1, "executing program\n", 18) = 18 [pid 6518] memfd_create("syzkaller", 0) = 3 [pid 6518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6515] <... write resumed>) = 524288 [pid 6518] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6517] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6516] <... write resumed>) = 524288 [pid 6519] <... write resumed>) = 524288 [pid 6516] munmap(0x7f1864095000, 138412032 [pid 6515] munmap(0x7f1864095000, 138412032 [pid 6516] <... munmap resumed>) = 0 [pid 6516] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6515] <... munmap resumed>) = 0 [pid 6519] munmap(0x7f1864095000, 138412032 [pid 6518] <... write resumed>) = 524288 [pid 6517] <... write resumed>) = 524288 [pid 6516] <... openat resumed>) = 4 [pid 6515] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6519] <... munmap resumed>) = 0 [pid 6517] munmap(0x7f1864095000, 138412032 [pid 6516] ioctl(4, LOOP_SET_FD, 3 [pid 6515] <... openat resumed>) = 4 [pid 6515] ioctl(4, LOOP_SET_FD, 3 [pid 6519] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6518] munmap(0x7f1864095000, 138412032 [pid 6517] <... munmap resumed>) = 0 [pid 6519] <... openat resumed>) = 4 [pid 6518] <... munmap resumed>) = 0 [pid 6519] ioctl(4, LOOP_SET_FD, 3 [pid 6517] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6518] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6517] ioctl(4, LOOP_SET_FD, 3 [pid 6518] <... openat resumed>) = 4 [pid 6518] ioctl(4, LOOP_SET_FD, 3 [pid 6519] <... ioctl resumed>) = 0 [pid 6516] <... ioctl resumed>) = 0 [pid 6515] <... ioctl resumed>) = 0 [pid 6516] close(3) = 0 [pid 6516] close(4) = 0 [pid 6515] close(3 [pid 6519] close(3 [pid 6516] mkdir("./file1", 0777 [pid 6519] <... close resumed>) = 0 [pid 6515] <... close resumed>) = 0 [pid 6519] close(4 [pid 6518] <... ioctl resumed>) = 0 [pid 6517] <... ioctl resumed>) = 0 [pid 6516] <... mkdir resumed>) = 0 [pid 6515] close(4 [pid 6519] <... close resumed>) = 0 [pid 6518] close(3 [pid 6517] close(3 [pid 6516] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6515] <... close resumed>) = 0 [pid 6518] <... close resumed>) = 0 [pid 6518] close(4 [pid 6517] <... close resumed>) = 0 [pid 6515] mkdir("./file1", 0777) = 0 [pid 6519] mkdir("./file1", 0777 [pid 6518] <... close resumed>) = 0 [pid 6517] close(4 [pid 6515] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6517] <... close resumed>) = 0 [pid 6517] mkdir("./file1", 0777 [pid 6518] mkdir("./file1", 0777 [pid 6519] <... mkdir resumed>) = 0 [pid 6517] <... mkdir resumed>) = 0 [ 212.673818][ T6516] loop2: detected capacity change from 0 to 1024 [ 212.674157][ T6519] loop3: detected capacity change from 0 to 1024 [ 212.675272][ T6515] loop4: detected capacity change from 0 to 1024 [ 212.685354][ T6517] loop0: detected capacity change from 0 to 1024 [ 212.685657][ T6518] loop1: detected capacity change from 0 to 1024 [pid 6519] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6518] <... mkdir resumed>) = 0 [pid 6518] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6517] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6516] <... mount resumed>) = 0 [pid 6516] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6515] <... mount resumed>) = 0 [pid 6516] <... openat resumed>) = 3 [pid 6515] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6515] chdir("./file1") = 0 [pid 6515] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6516] chdir("./file1") = 0 [pid 6516] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6515] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6519] <... mount resumed>) = 0 [pid 6516] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6515] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6519] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6516] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6519] <... openat resumed>) = 3 [pid 6518] <... mount resumed>) = 0 [pid 6517] <... mount resumed>) = 0 [pid 6519] chdir("./file1") = 0 [pid 6519] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6517] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6518] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6519] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6518] <... openat resumed>) = 3 [pid 6517] <... openat resumed>) = 3 [pid 6519] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6518] chdir("./file1" [pid 6517] chdir("./file1" [pid 6518] <... chdir resumed>) = 0 [pid 6517] <... chdir resumed>) = 0 [pid 6518] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6517] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6515] <... link resumed>) = 0 [pid 6519] <... link resumed>) = 0 [pid 6518] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6517] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6516] <... link resumed>) = 0 [pid 6515] sync( [pid 6519] sync( [pid 6518] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6517] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6516] sync( [pid 6518] <... link resumed>) = 0 [pid 6518] sync( [pid 6517] <... link resumed>) = 0 [pid 6517] sync( [pid 6519] <... sync resumed>) = 0 [pid 6518] <... sync resumed>) = 0 [pid 6516] <... sync resumed>) = 0 [pid 6515] <... sync resumed>) = 0 [pid 6519] exit_group(0 [pid 6517] <... sync resumed>) = 0 [pid 6516] exit_group(0 [pid 6519] <... exit_group resumed>) = ? [pid 6518] exit_group(0 [pid 6517] exit_group(0 [pid 6515] exit_group(0 [pid 6516] <... exit_group resumed>) = ? [pid 6518] <... exit_group resumed>) = ? [pid 6519] +++ exited with 0 +++ [pid 6515] <... exit_group resumed>) = ? [pid 6518] +++ exited with 0 +++ [pid 6517] <... exit_group resumed>) = ? [pid 6516] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6519, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6515] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6516, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6515, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6518, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] umount2("./126", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6517] +++ exited with 0 +++ [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5866] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6517, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5865] umount2("./125", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./128", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./126", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./129", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 5865] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 5868] getdents64(3, [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] newfstatat(3, "", [pid 5864] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./126/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./125/file1", [pid 5864] newfstatat(AT_FDCWD, "./126/file1", [pid 5866] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./125/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./126/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./125/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5864] openat(AT_FDCWD, "./126/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(AT_FDCWD, "./129/file1", [pid 5866] getdents64(4, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(AT_FDCWD, "./128/file1", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5864] <... openat resumed>) = 4 [pid 5868] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] newfstatat(4, "", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 5868] openat(AT_FDCWD, "./129/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(4 [pid 5864] getdents64(4, [pid 5867] openat(AT_FDCWD, "./128/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... openat resumed>) = 4 [pid 5867] <... openat resumed>) = 4 [pid 5866] rmdir("./126/file1" [pid 5865] close(4 [pid 5868] newfstatat(4, "", [pid 5867] newfstatat(4, "", [pid 5864] getdents64(4, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5864] close(4 [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5864] rmdir("./126/file1" [pid 5865] rmdir("./125/file1" [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 5868] close(4 [pid 5867] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] rmdir("./128/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 5868] rmdir("./129/file1") = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] umount2("./126/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./126/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./125/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./129/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./128/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5864] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5866] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5866] unlink("./126/binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./129/binderfs" [pid 5867] unlink("./128/binderfs" [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] unlink("./125/binderfs" [pid 5864] unlink("./126/binderfs" [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5868] close(3 [pid 5867] getdents64(3, [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./129" [pid 5867] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] getdents64(3, [pid 5864] <... unlink resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5864] getdents64(3, [pid 5865] close(3 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] mkdir("./130", 0777 [pid 5867] <... close resumed>) = 0 [pid 5865] rmdir("./125" [pid 5866] rmdir("./126" [pid 5864] close(3 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] rmdir("./128" [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] mkdir("./129", 0777 [pid 5866] mkdir("./127", 0777 [pid 5865] mkdir("./126", 0777 [pid 5864] rmdir("./126" [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5868] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... close resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] mkdir("./127", 0777 [pid 5867] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... mkdir resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] close(3 [pid 5865] close(3) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... openat resumed>) = 3 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6521 attached ./strace-static-x86_64: Process 6520 attached [pid 5866] <... close resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6521 [pid 5864] close(3 [pid 6521] set_robust_list(0x5555593cd660, 24./strace-static-x86_64: Process 6522 attached ) = 0 [pid 6520] set_robust_list(0x5555593cd660, 24 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6520 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6521] chdir("./130" [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6523 attached [pid 6521] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6524 attached [pid 6523] set_robust_list(0x5555593cd660, 24 [pid 6522] set_robust_list(0x5555593cd660, 24 [pid 6521] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6520] <... set_robust_list resumed>) = 0 [pid 6523] <... set_robust_list resumed>) = 0 [pid 6522] <... set_robust_list resumed>) = 0 [pid 6521] <... prctl resumed>) = 0 [pid 6524] set_robust_list(0x5555593cd660, 24 [pid 6523] chdir("./127" [pid 6522] chdir("./129" [pid 6521] setpgid(0, 0 [pid 6520] chdir("./126" [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6522 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6523 [pid 6524] <... set_robust_list resumed>) = 0 [pid 6523] <... chdir resumed>) = 0 [pid 6522] <... chdir resumed>) = 0 [pid 6521] <... setpgid resumed>) = 0 [pid 6520] <... chdir resumed>) = 0 [pid 6523] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6522] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6520] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6523] <... prctl resumed>) = 0 [pid 6522] <... prctl resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6524 [pid 6524] chdir("./127") = 0 [pid 6524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6524] setpgid(0, 0) = 0 [pid 6524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6524] write(3, "1000", 4 [pid 6520] <... prctl resumed>) = 0 [pid 6522] setpgid(0, 0 [pid 6524] <... write resumed>) = 4 [pid 6523] setpgid(0, 0 [pid 6522] <... setpgid resumed>) = 0 [pid 6521] <... openat resumed>) = 3 [pid 6520] setpgid(0, 0 [pid 6523] <... setpgid resumed>) = 0 [pid 6524] close(3 [pid 6522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6521] write(3, "1000", 4 [pid 6520] <... setpgid resumed>) = 0 [pid 6524] <... close resumed>) = 0 [pid 6523] <... openat resumed>) = 3 [pid 6521] <... write resumed>) = 4 [pid 6520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6521] close(3 [pid 6524] symlink("/dev/binderfs", "./binderfs" [pid 6521] <... close resumed>) = 0 [pid 6520] <... openat resumed>) = 3 [pid 6524] <... symlink resumed>) = 0 [pid 6523] write(3, "1000", 4 [pid 6522] <... openat resumed>) = 3 [pid 6521] symlink("/dev/binderfs", "./binderfs" [pid 6520] write(3, "1000", 4 [pid 6524] write(1, "executing program\n", 18executing program [pid 6523] <... write resumed>) = 4 [pid 6522] write(3, "1000", 4 [pid 6521] <... symlink resumed>) = 0 [pid 6520] <... write resumed>) = 4 [pid 6524] <... write resumed>) = 18 [pid 6523] close(3 [pid 6522] <... write resumed>) = 4 [pid 6521] write(1, "executing program\n", 18 [pid 6520] close(3 [pid 6524] memfd_create("syzkaller", 0 [pid 6523] <... close resumed>) = 0 [pid 6522] close(3 [pid 6521] <... write resumed>) = 18 [pid 6520] <... close resumed>) = 0 [pid 6523] symlink("/dev/binderfs", "./binderfs" [pid 6522] <... close resumed>) = 0 executing program [pid 6524] <... memfd_create resumed>) = 3 [pid 6523] <... symlink resumed>) = 0 [pid 6522] symlink("/dev/binderfs", "./binderfs" [pid 6521] memfd_create("syzkaller", 0 [pid 6520] symlink("/dev/binderfs", "./binderfs" [pid 6523] write(1, "executing program\n", 18executing program executing program [pid 6524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6522] <... symlink resumed>) = 0 [pid 6520] <... symlink resumed>) = 0 [pid 6523] <... write resumed>) = 18 [pid 6522] write(1, "executing program\n", 18 [pid 6521] <... memfd_create resumed>) = 3 [pid 6524] <... mmap resumed>) = 0x7f1864095000 [pid 6523] memfd_create("syzkaller", 0 [pid 6522] <... write resumed>) = 18 [pid 6521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6520] write(1, "executing program\n", 18executing program [pid 6523] <... memfd_create resumed>) = 3 [pid 6522] memfd_create("syzkaller", 0 [pid 6521] <... mmap resumed>) = 0x7f1864095000 [pid 6520] <... write resumed>) = 18 [pid 6523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6523] <... mmap resumed>) = 0x7f1864095000 [pid 6520] memfd_create("syzkaller", 0 [pid 6524] <... write resumed>) = 524288 [pid 6520] <... memfd_create resumed>) = 3 [pid 6522] <... memfd_create resumed>) = 3 [pid 6520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6523] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6521] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6520] <... mmap resumed>) = 0x7f1864095000 [pid 6524] munmap(0x7f1864095000, 138412032 [pid 6522] <... mmap resumed>) = 0x7f1864095000 [pid 6520] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6524] <... munmap resumed>) = 0 [pid 6524] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6524] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6524] close(3) = 0 [pid 6524] close(4) = 0 [pid 6524] mkdir("./file1", 0777) = 0 [pid 6524] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6522] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6521] <... write resumed>) = 524288 [pid 6523] <... write resumed>) = 524288 [pid 6522] <... write resumed>) = 524288 [pid 6521] munmap(0x7f1864095000, 138412032) = 0 [pid 6520] <... write resumed>) = 524288 [pid 6523] munmap(0x7f1864095000, 138412032 [pid 6521] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6523] <... munmap resumed>) = 0 [pid 6521] <... openat resumed>) = 4 [ 213.321202][ T6524] loop2: detected capacity change from 0 to 1024 [pid 6524] <... mount resumed>) = 0 [pid 6523] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6521] ioctl(4, LOOP_SET_FD, 3 [pid 6523] <... openat resumed>) = 4 [pid 6524] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6523] ioctl(4, LOOP_SET_FD, 3 [pid 6521] <... ioctl resumed>) = 0 [pid 6524] <... openat resumed>) = 3 [pid 6523] <... ioctl resumed>) = 0 [pid 6524] chdir("./file1") = 0 [pid 6521] close(3 [pid 6523] close(3 [pid 6522] munmap(0x7f1864095000, 138412032 [pid 6521] <... close resumed>) = 0 [pid 6520] munmap(0x7f1864095000, 138412032 [pid 6521] close(4 [pid 6524] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6523] <... close resumed>) = 0 [pid 6521] <... close resumed>) = 0 [pid 6524] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6523] close(4 [pid 6524] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6523] <... close resumed>) = 0 [pid 6523] mkdir("./file1", 0777) = 0 [pid 6523] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6522] <... munmap resumed>) = 0 [pid 6521] mkdir("./file1", 0777) = 0 [pid 6520] <... munmap resumed>) = 0 [pid 6523] <... mount resumed>) = 0 [pid 6523] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6524] <... link resumed>) = 0 [pid 6523] chdir("./file1" [pid 6522] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6521] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6520] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6524] sync( [pid 6523] <... chdir resumed>) = 0 [pid 6522] <... openat resumed>) = 4 [pid 6520] <... openat resumed>) = 4 [pid 6523] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6522] ioctl(4, LOOP_SET_FD, 3 [pid 6520] ioctl(4, LOOP_SET_FD, 3 [pid 6523] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6522] <... ioctl resumed>) = 0 [pid 6523] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6520] <... ioctl resumed>) = 0 [ 213.391374][ T6521] loop4: detected capacity change from 0 to 1024 [ 213.393052][ T6523] loop0: detected capacity change from 0 to 1024 [pid 6522] close(3) = 0 [pid 6522] close(4) = 0 [pid 6520] close(3) = 0 [pid 6520] close(4 [pid 6522] mkdir("./file1", 0777 [pid 6521] <... mount resumed>) = 0 [pid 6520] <... close resumed>) = 0 [pid 6522] <... mkdir resumed>) = 0 [pid 6521] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6520] mkdir("./file1", 0777 [pid 6521] <... openat resumed>) = 3 [pid 6521] chdir("./file1" [pid 6520] <... mkdir resumed>) = 0 [pid 6523] <... link resumed>) = 0 [pid 6522] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6521] <... chdir resumed>) = 0 [ 213.450931][ T6522] loop3: detected capacity change from 0 to 1024 [ 213.451805][ T6520] loop1: detected capacity change from 0 to 1024 [pid 6520] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6523] sync( [pid 6521] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6521] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6520] <... mount resumed>) = 0 [pid 6520] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6520] chdir("./file1") = 0 [pid 6520] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6520] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6524] <... sync resumed>) = 0 [pid 6522] <... mount resumed>) = 0 [pid 6521] <... link resumed>) = 0 [pid 6524] exit_group(0 [pid 6522] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6521] sync( [pid 6523] <... sync resumed>) = 0 [pid 6520] <... link resumed>) = 0 [pid 6523] exit_group(0 [pid 6522] <... openat resumed>) = 3 [pid 6520] sync( [pid 6524] <... exit_group resumed>) = ? [pid 6523] <... exit_group resumed>) = ? [pid 6522] chdir("./file1") = 0 [pid 6522] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6523] +++ exited with 0 +++ [pid 6522] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6522] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6521] <... sync resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6523, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6524] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6524, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6521] exit_group(0 [pid 6520] <... sync resumed>) = 0 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6521] <... exit_group resumed>) = ? [pid 6520] exit_group(0 [pid 5866] umount2("./127", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6521] +++ exited with 0 +++ [pid 6520] <... exit_group resumed>) = ? [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6521, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5866] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] newfstatat(3, "", [pid 5864] umount2("./127", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6522] <... link resumed>) = 0 [pid 6520] +++ exited with 0 +++ [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6522] sync( [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6520, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./130", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5864] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./126", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(3, "", [pid 5868] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6522] <... sync resumed>) = 0 [pid 6522] exit_group(0) = ? [pid 6522] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6522, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5868] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./130/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./127/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./126/file1", [pid 5867] umount2("./129", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./130/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./126/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(4, "", [pid 5866] openat(AT_FDCWD, "./127/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./126/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(4, "", [pid 5868] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5865] newfstatat(4, "", [pid 5868] getdents64(4, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 5868] close(4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] close(4 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./130/file1" [pid 5866] <... close resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] <... umount2 resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] rmdir("./127/file1" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5864] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] umount2("./130/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = 0 [pid 5866] umount2("./127/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./126/file1" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5867] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5865] <... rmdir resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./127/file1", [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./126/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] unlink("./130/binderfs" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./129/file1", [pid 5866] unlink("./127/binderfs" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] getdents64(3, [pid 5864] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] close(3 [pid 5867] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] openat(AT_FDCWD, "./127/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5865] unlink("./126/binderfs" [pid 5864] <... openat resumed>) = 4 [pid 5868] rmdir("./130" [pid 5867] openat(AT_FDCWD, "./129/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5865] getdents64(3, [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] mkdir("./131", 0777 [pid 5865] close(3 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] newfstatat(4, "", [pid 5864] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] close(3 [pid 5865] rmdir("./126" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] getdents64(4, [pid 5866] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] getdents64(4, [pid 5868] <... ioctl resumed>) = 0 [pid 5866] rmdir("./127" [pid 5865] mkdir("./127", 0777 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(4, [pid 5864] close(4 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 5867] close(4 [pid 5864] rmdir("./127/file1" [pid 5865] <... mkdir resumed>) = 0 [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] rmdir("./129/file1" [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./127/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] umount2("./129/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] mkdir("./128", 0777 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6525 attached [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./127/binderfs", [pid 6525] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6525 [pid 5867] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6525] <... set_robust_list resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... close resumed>) = 0 [pid 5867] unlink("./129/binderfs" [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] unlink("./127/binderfs" [pid 6525] chdir("./131" [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6526 attached [pid 5867] getdents64(3, [pid 6525] <... chdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] getdents64(3, [pid 6526] set_robust_list(0x5555593cd660, 24 [pid 5867] close(3 [pid 5866] <... ioctl resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6525] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... close resumed>) = 0 [pid 6525] <... prctl resumed>) = 0 [pid 5866] close(3 [pid 6526] <... set_robust_list resumed>) = 0 [pid 6525] setpgid(0, 0 [pid 5867] rmdir("./129" [pid 5866] <... close resumed>) = 0 [pid 5864] close(3 [pid 6526] chdir("./127" [pid 6525] <... setpgid resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6526 [pid 5864] <... close resumed>) = 0 [pid 6526] <... chdir resumed>) = 0 [pid 6526] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] mkdir("./130", 0777 [pid 5864] rmdir("./127" [pid 6526] <... prctl resumed>) = 0 [pid 6525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6527 attached [pid 6526] setpgid(0, 0 [pid 6525] <... openat resumed>) = 3 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6527] set_robust_list(0x5555593cd660, 24 [pid 6526] <... setpgid resumed>) = 0 [pid 6525] write(3, "1000", 4 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6527 [pid 5864] mkdir("./128", 0777 [pid 6527] <... set_robust_list resumed>) = 0 [pid 6525] <... write resumed>) = 4 [pid 6527] chdir("./128" [pid 6526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6525] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... mkdir resumed>) = 0 [pid 6527] <... chdir resumed>) = 0 [pid 6525] <... close resumed>) = 0 [pid 6527] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6525] symlink("/dev/binderfs", "./binderfs" [pid 6527] <... prctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6527] setpgid(0, 0 [pid 6526] <... openat resumed>) = 3 [pid 6525] <... symlink resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6527] <... setpgid resumed>) = 0 [pid 6526] write(3, "1000", 4 [pid 6525] write(1, "executing program\n", 18 [pid 5864] <... openat resumed>) = 3 executing program [pid 6527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6526] <... write resumed>) = 4 [pid 6525] <... write resumed>) = 18 [pid 5867] <... ioctl resumed>) = 0 [pid 6527] <... openat resumed>) = 3 [pid 6526] close(3 [pid 6525] memfd_create("syzkaller", 0 [pid 5867] close(3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6526] <... close resumed>) = 0 [pid 6525] <... memfd_create resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 6526] symlink("/dev/binderfs", "./binderfs" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... ioctl resumed>) = 0 [pid 6526] <... symlink resumed>) = 0 [pid 6525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6528 attached [pid 6527] write(3, "1000", 4 [pid 6526] write(1, "executing program\n", 18executing program [pid 6525] <... mmap resumed>) = 0x7f1864095000 [pid 5864] close(3 [pid 6528] set_robust_list(0x5555593cd660, 24 [pid 6527] <... write resumed>) = 4 [pid 6526] <... write resumed>) = 18 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6528 [pid 5864] <... close resumed>) = 0 [pid 6526] memfd_create("syzkaller", 0 [pid 6528] <... set_robust_list resumed>) = 0 [pid 6526] <... memfd_create resumed>) = 3 [pid 6528] chdir("./130" [pid 6526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6528] <... chdir resumed>) = 0 [pid 6526] <... mmap resumed>) = 0x7f1864095000 [pid 6528] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6526] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6528] <... prctl resumed>) = 0 [pid 6528] setpgid(0, 0 [pid 6527] close(3 [pid 6525] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6528] <... setpgid resumed>) = 0 [pid 6527] <... close resumed>) = 0 [pid 6528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6527] symlink("/dev/binderfs", "./binderfs" [pid 6528] <... openat resumed>) = 3 [pid 6527] <... symlink resumed>) = 0 [pid 6528] write(3, "1000", 4executing program ) = 4 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6529 attached [pid 6528] close(3 [pid 6527] write(1, "executing program\n", 18) = 18 [pid 6528] <... close resumed>) = 0 [pid 6528] symlink("/dev/binderfs", "./binderfs" [pid 6527] memfd_create("syzkaller", 0 [pid 6529] set_robust_list(0x5555593cd660, 24 [pid 6528] <... symlink resumed>) = 0 [pid 6529] <... set_robust_list resumed>) = 0 executing program [pid 6528] write(1, "executing program\n", 18 [pid 6529] chdir("./128" [pid 6528] <... write resumed>) = 18 [pid 6527] <... memfd_create resumed>) = 3 [pid 6526] <... write resumed>) = 524288 [pid 6525] <... write resumed>) = 524288 [pid 6529] <... chdir resumed>) = 0 [pid 6528] memfd_create("syzkaller", 0 [pid 6527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6529 [pid 6527] <... mmap resumed>) = 0x7f1864095000 [pid 6529] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6528] <... memfd_create resumed>) = 3 [pid 6529] <... prctl resumed>) = 0 [pid 6528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6529] setpgid(0, 0 [pid 6528] <... mmap resumed>) = 0x7f1864095000 [pid 6529] <... setpgid resumed>) = 0 [pid 6529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6528] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6529] <... openat resumed>) = 3 [pid 6526] munmap(0x7f1864095000, 138412032 [pid 6529] write(3, "1000", 4 [pid 6526] <... munmap resumed>) = 0 [pid 6529] <... write resumed>) = 4 [pid 6529] close(3) = 0 [pid 6529] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6526] openat(AT_FDCWD, "/dev/loop1", O_RDWR executing program [pid 6529] write(1, "executing program\n", 18 [pid 6526] <... openat resumed>) = 4 [pid 6529] <... write resumed>) = 18 [pid 6526] ioctl(4, LOOP_SET_FD, 3 [pid 6529] memfd_create("syzkaller", 0) = 3 [pid 6525] munmap(0x7f1864095000, 138412032 [pid 6527] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6525] <... munmap resumed>) = 0 [pid 6529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6528] <... write resumed>) = 524288 [pid 6529] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6528] munmap(0x7f1864095000, 138412032 [pid 6527] <... write resumed>) = 524288 [pid 6526] <... ioctl resumed>) = 0 [pid 6525] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6527] munmap(0x7f1864095000, 138412032 [pid 6525] <... openat resumed>) = 4 [pid 6528] <... munmap resumed>) = 0 [pid 6527] <... munmap resumed>) = 0 [pid 6526] close(3 [pid 6525] ioctl(4, LOOP_SET_FD, 3 [pid 6526] <... close resumed>) = 0 [pid 6526] close(4) = 0 [pid 6527] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6525] <... ioctl resumed>) = 0 [pid 6528] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6527] <... openat resumed>) = 4 [pid 6526] mkdir("./file1", 0777 [pid 6525] close(3 [pid 6528] <... openat resumed>) = 4 [pid 6527] ioctl(4, LOOP_SET_FD, 3 [pid 6526] <... mkdir resumed>) = 0 [pid 6525] <... close resumed>) = 0 [pid 6529] <... write resumed>) = 524288 [pid 6528] ioctl(4, LOOP_SET_FD, 3 [pid 6527] <... ioctl resumed>) = 0 [pid 6526] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6528] <... ioctl resumed>) = 0 [pid 6527] close(3 [pid 6525] close(4 [pid 6527] <... close resumed>) = 0 [pid 6525] <... close resumed>) = 0 [pid 6528] close(3 [ 214.048162][ T6526] loop1: detected capacity change from 0 to 1024 [ 214.069489][ T6525] loop4: detected capacity change from 0 to 1024 [ 214.082221][ T6527] loop2: detected capacity change from 0 to 1024 [pid 6525] mkdir("./file1", 0777 [pid 6528] <... close resumed>) = 0 [pid 6527] close(4 [pid 6525] <... mkdir resumed>) = 0 [pid 6528] close(4 [pid 6527] <... close resumed>) = 0 [pid 6529] munmap(0x7f1864095000, 138412032 [pid 6526] <... mount resumed>) = 0 [pid 6525] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6529] <... munmap resumed>) = 0 [pid 6528] <... close resumed>) = 0 [pid 6527] mkdir("./file1", 0777 [pid 6526] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6528] mkdir("./file1", 0777) = 0 [pid 6526] <... openat resumed>) = 3 [pid 6529] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6526] chdir("./file1" [pid 6529] <... openat resumed>) = 4 [pid 6528] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6526] <... chdir resumed>) = 0 [pid 6529] ioctl(4, LOOP_SET_FD, 3 [pid 6526] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6527] <... mkdir resumed>) = 0 [pid 6526] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 214.087437][ T6528] loop3: detected capacity change from 0 to 1024 [pid 6526] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6529] <... ioctl resumed>) = 0 [pid 6528] <... mount resumed>) = 0 [pid 6527] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6525] <... mount resumed>) = 0 [pid 6529] close(3 [pid 6528] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6525] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6529] <... close resumed>) = 0 [pid 6525] <... openat resumed>) = 3 [pid 6528] <... openat resumed>) = 3 [pid 6525] chdir("./file1" [pid 6528] chdir("./file1" [pid 6525] <... chdir resumed>) = 0 [pid 6528] <... chdir resumed>) = 0 [pid 6525] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6528] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6525] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6528] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6525] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6529] close(4 [pid 6528] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6529] <... close resumed>) = 0 [pid 6529] mkdir("./file1", 0777 [pid 6526] <... link resumed>) = 0 [pid 6529] <... mkdir resumed>) = 0 [pid 6529] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6527] <... mount resumed>) = 0 [pid 6526] sync( [pid 6527] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6528] <... link resumed>) = 0 [pid 6527] chdir("./file1" [pid 6525] <... link resumed>) = 0 [pid 6525] sync( [pid 6528] sync( [pid 6527] <... chdir resumed>) = 0 [pid 6527] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6527] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6529] <... mount resumed>) = 0 [pid 6529] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 214.140742][ T6529] loop0: detected capacity change from 0 to 1024 [pid 6529] chdir("./file1") = 0 [pid 6529] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6529] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6527] <... link resumed>) = 0 [pid 6527] sync() = 0 [pid 6526] <... sync resumed>) = 0 [pid 6526] exit_group(0 [pid 6527] exit_group(0 [pid 6528] <... sync resumed>) = 0 [pid 6527] <... exit_group resumed>) = ? [pid 6526] <... exit_group resumed>) = ? [pid 6528] exit_group(0 [pid 6527] +++ exited with 0 +++ [pid 6526] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6527, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6526, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6528] <... exit_group resumed>) = ? [pid 6528] +++ exited with 0 +++ [pid 5866] umount2("./128", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6528, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... restart_syscall resumed>) = 0 [pid 6529] <... link resumed>) = 0 [pid 6525] <... sync resumed>) = 0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6529] sync( [pid 5866] newfstatat(3, "", [pid 6525] exit_group(0) = ? [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] umount2("./127", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 6525] +++ exited with 0 +++ [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6525, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6529] <... sync resumed>) = 0 [pid 5867] umount2("./130", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./131", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 6529] exit_group(0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6529] <... exit_group resumed>) = ? [pid 5868] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6529] +++ exited with 0 +++ [pid 5868] newfstatat(3, "", [pid 5867] newfstatat(3, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5868] getdents64(3, [pid 5867] getdents64(3, [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6529, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5868] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... restart_syscall resumed>) = 0 [pid 5864] umount2("./128", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./128/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./128/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./128/file1") = 0 [pid 5866] umount2("./128/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5865] <... umount2 resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] unlink("./128/binderfs" [pid 5865] newfstatat(AT_FDCWD, "./127/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./127/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 5868] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(3, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./127/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(3 [pid 5868] newfstatat(AT_FDCWD, "./131/file1", [pid 5867] newfstatat(AT_FDCWD, "./130/file1", [pid 5866] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] rmdir("./128" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5865] close(4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] mkdir("./129", 0777 [pid 5865] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./131/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./130/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... mkdir resumed>) = 0 [pid 5865] rmdir("./127/file1" [pid 5868] <... openat resumed>) = 4 [pid 5867] <... openat resumed>) = 4 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] newfstatat(4, "", [pid 5868] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] umount2("./127/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5866] close(3 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5864] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(4, [pid 5866] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] close(4 [pid 5867] <... close resumed>) = 0 [pid 5865] unlink("./127/binderfs" [pid 5864] newfstatat(AT_FDCWD, "./128/file1", [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] getdents64(3, [pid 5868] <... close resumed>) = 0 [pid 5864] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] rmdir("./131/file1" [pid 5867] rmdir("./130/file1" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 5864] openat(AT_FDCWD, "./128/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6530 attached [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6530] set_robust_list(0x5555593cd660, 24 [pid 5868] umount2("./131/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./130/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6530 [pid 5865] rmdir("./127" [pid 5864] newfstatat(4, "", [pid 6530] <... set_robust_list resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 6530] chdir("./129" [pid 5868] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5867] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5865] mkdir("./128", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6530] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./130/binderfs" [pid 5865] <... mkdir resumed>) = 0 [pid 5864] getdents64(4, [pid 6530] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] unlink("./131/binderfs" [pid 5867] <... unlink resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 6530] <... prctl resumed>) = 0 [pid 5868] getdents64(3, [pid 6530] setpgid(0, 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6530] <... setpgid resumed>) = 0 [pid 5868] close(3 [pid 6530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... close resumed>) = 0 [pid 5867] getdents64(3, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] rmdir("./131" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] close(3 [pid 5864] getdents64(4, [pid 6530] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6530] write(3, "1000", 4 [pid 5868] mkdir("./132", 0777 [pid 5867] rmdir("./130" [pid 5865] <... openat resumed>) = 3 [pid 5864] close(4 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... close resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] rmdir("./128/file1" [pid 5867] <... rmdir resumed>) = 0 [pid 6530] <... write resumed>) = 4 [pid 6530] close(3 [pid 5865] close(3) = 0 [pid 6530] <... close resumed>) = 0 [pid 5867] mkdir("./131", 0777 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... rmdir resumed>) = 0 [pid 6530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] umount2("./128/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./128/binderfs"./strace-static-x86_64: Process 6531 attached [pid 6530] write(1, "executing program\n", 18 [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, executing program [pid 6530] <... write resumed>) = 18 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6531] set_robust_list(0x5555593cd660, 24 [pid 5868] <... openat resumed>) = 3 [pid 5864] close(3 [pid 6530] memfd_create("syzkaller", 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... openat resumed>) = 3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6531 [pid 5864] <... close resumed>) = 0 [pid 6531] <... set_robust_list resumed>) = 0 [pid 6531] chdir("./128" [pid 5868] <... ioctl resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] rmdir("./128" [pid 6530] <... memfd_create resumed>) = 3 [pid 5868] close(3 [pid 5867] <... ioctl resumed>) = 0 [pid 6531] <... chdir resumed>) = 0 [pid 6530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... close resumed>) = 0 [pid 5867] close(3 [pid 5864] <... rmdir resumed>) = 0 [pid 6531] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6530] <... mmap resumed>) = 0x7f1864095000 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... close resumed>) = 0 [pid 5864] mkdir("./129", 0777 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6532 attached [pid 6531] <... prctl resumed>) = 0 [pid 6530] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... mkdir resumed>) = 0 [pid 6531] setpgid(0, 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6531] <... setpgid resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6533 attached [pid 6532] set_robust_list(0x5555593cd660, 24) = 0 [pid 6533] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6532 [pid 6533] <... set_robust_list resumed>) = 0 [pid 6532] chdir("./132"./strace-static-x86_64: Process 6534 attached [pid 6533] chdir("./131" [pid 6532] <... chdir resumed>) = 0 [pid 6531] <... openat resumed>) = 3 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6533 [pid 6531] write(3, "1000", 4 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6534 [pid 6531] <... write resumed>) = 4 [pid 6531] close(3) = 0 [pid 6532] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6533] <... chdir resumed>) = 0 [pid 6531] symlink("/dev/binderfs", "./binderfs" [pid 6534] set_robust_list(0x5555593cd660, 24 [pid 6533] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6532] <... prctl resumed>) = 0 [pid 6530] <... write resumed>) = 524288 [pid 6534] <... set_robust_list resumed>) = 0 [pid 6533] <... prctl resumed>) = 0 [pid 6532] setpgid(0, 0 [pid 6531] <... symlink resumed>) = 0 [pid 6534] chdir("./129" [pid 6533] setpgid(0, 0 [pid 6532] <... setpgid resumed>) = 0 [pid 6531] write(1, "executing program\n", 18 [pid 6530] munmap(0x7f1864095000, 138412032 [pid 6532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6533] <... setpgid resumed>) = 0 [pid 6534] <... chdir resumed>) = 0 [pid 6532] <... openat resumed>) = 3 executing program [pid 6534] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6531] <... write resumed>) = 18 [pid 6534] <... prctl resumed>) = 0 [pid 6533] <... openat resumed>) = 3 [pid 6531] memfd_create("syzkaller", 0 [pid 6534] setpgid(0, 0 [pid 6533] write(3, "1000", 4 [pid 6532] write(3, "1000", 4 [pid 6531] <... memfd_create resumed>) = 3 [pid 6530] <... munmap resumed>) = 0 [pid 6533] <... write resumed>) = 4 [pid 6532] <... write resumed>) = 4 [pid 6534] <... setpgid resumed>) = 0 [pid 6533] close(3 [pid 6532] close(3 [pid 6531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6533] <... close resumed>) = 0 [pid 6532] <... close resumed>) = 0 [pid 6531] <... mmap resumed>) = 0x7f1864095000 [pid 6533] symlink("/dev/binderfs", "./binderfs" [pid 6532] symlink("/dev/binderfs", "./binderfs" [pid 6531] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6530] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6534] <... openat resumed>) = 3 [pid 6534] write(3, "1000", 4executing program [pid 6530] <... openat resumed>) = 4 [pid 6532] <... symlink resumed>) = 0 [pid 6534] <... write resumed>) = 4 [pid 6533] <... symlink resumed>) = 0 [pid 6534] close(3) = 0 [pid 6534] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6534] write(1, "executing program\n", 18 [pid 6532] write(1, "executing program\n", 18 [pid 6530] ioctl(4, LOOP_SET_FD, 3executing program [pid 6534] <... write resumed>) = 18 [pid 6533] write(1, "executing program\n", 18 executing program [pid 6532] <... write resumed>) = 18 [pid 6530] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6534] memfd_create("syzkaller", 0 [pid 6533] <... write resumed>) = 18 [pid 6532] memfd_create("syzkaller", 0 [pid 6530] ioctl(4, LOOP_CLR_FD) = 0 [pid 6534] <... memfd_create resumed>) = 3 [pid 6531] <... write resumed>) = 524288 [pid 6534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6533] memfd_create("syzkaller", 0 [pid 6532] <... memfd_create resumed>) = 3 [pid 6533] <... memfd_create resumed>) = 3 [pid 6532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6531] munmap(0x7f1864095000, 138412032 [pid 6530] ioctl(4, LOOP_SET_FD, 3 [pid 6533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6532] <... mmap resumed>) = 0x7f1864095000 [pid 6530] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6534] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6531] <... munmap resumed>) = 0 [pid 6533] <... mmap resumed>) = 0x7f1864095000 [pid 6532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6530] close(4 [pid 6531] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6534] <... write resumed>) = 524288 [pid 6531] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6530] <... close resumed>) = 0 [pid 6531] close(3) = 0 [pid 6531] close(4) = 0 [pid 6530] close(3 [pid 6531] mkdir("./file1", 0777) = 0 [pid 6531] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6534] munmap(0x7f1864095000, 138412032) = 0 [pid 6533] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6534] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6534] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6530] <... close resumed>) = 0 [pid 6534] close(3 [pid 6533] <... write resumed>) = 524288 [pid 6530] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6534] <... close resumed>) = 0 [pid 6531] <... mount resumed>) = 0 [pid 6530] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6534] close(4 [pid 6533] munmap(0x7f1864095000, 138412032 [pid 6532] <... write resumed>) = 524288 [pid 6530] sync( [pid 6534] <... close resumed>) = 0 [pid 6533] <... munmap resumed>) = 0 [pid 6531] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6534] mkdir("./file1", 0777 [pid 6533] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6532] munmap(0x7f1864095000, 138412032 [pid 6531] <... openat resumed>) = 3 [pid 6531] chdir("./file1" [pid 6533] <... openat resumed>) = 4 [pid 6532] <... munmap resumed>) = 0 [pid 6531] <... chdir resumed>) = 0 [pid 6533] ioctl(4, LOOP_SET_FD, 3 [pid 6532] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 214.685257][ T6531] loop1: detected capacity change from 0 to 1024 [ 214.727004][ T6534] loop0: detected capacity change from 0 to 1024 [pid 6531] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6533] <... ioctl resumed>) = 0 [pid 6532] <... openat resumed>) = 4 [pid 6531] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6533] close(3 [pid 6531] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6533] <... close resumed>) = 0 [pid 6532] ioctl(4, LOOP_SET_FD, 3 [pid 6533] close(4) = 0 [pid 6533] mkdir("./file1", 0777) = 0 [pid 6532] <... ioctl resumed>) = 0 [pid 6532] close(3 [pid 6534] <... mkdir resumed>) = 0 [pid 6533] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6532] <... close resumed>) = 0 [pid 6534] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6532] close(4 [pid 6534] <... mount resumed>) = 0 [pid 6532] <... close resumed>) = 0 [pid 6531] <... link resumed>) = 0 [pid 6534] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6532] mkdir("./file1", 0777 [pid 6534] <... openat resumed>) = 3 [pid 6532] <... mkdir resumed>) = 0 [pid 6534] chdir("./file1") = 0 [ 214.772059][ T6533] loop3: detected capacity change from 0 to 1024 [ 214.788334][ T6532] loop4: detected capacity change from 0 to 1024 [pid 6534] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6531] sync( [pid 6534] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6532] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6533] <... mount resumed>) = 0 [pid 6533] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6532] <... mount resumed>) = 0 [pid 6530] <... sync resumed>) = 0 [pid 6533] <... openat resumed>) = 3 [pid 6530] exit_group(0 [pid 6533] chdir("./file1") = 0 [pid 6530] <... exit_group resumed>) = ? [pid 6533] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6532] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6533] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6532] <... openat resumed>) = 3 [pid 6532] chdir("./file1" [pid 6533] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6532] <... chdir resumed>) = 0 [pid 6530] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6530, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6532] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6534] <... link resumed>) = 0 [pid 6534] sync( [pid 6532] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... restart_syscall resumed>) = 0 [pid 6532] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6531] <... sync resumed>) = 0 [pid 5866] umount2("./129", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6531] exit_group(0 [pid 5866] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6531] <... exit_group resumed>) = ? [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 6533] <... link resumed>) = 0 [pid 6533] sync( [pid 6531] +++ exited with 0 +++ [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6531, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5866] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5866] umount2("./129/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./129/binderfs") = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6532] <... link resumed>) = 0 [pid 5866] getdents64(3, [pid 5865] umount2("./128", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6534] <... sync resumed>) = 0 [pid 6532] sync( [pid 5866] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6534] exit_group(0 [pid 5866] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6534] <... exit_group resumed>) = ? [pid 5866] rmdir("./129" [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6534] +++ exited with 0 +++ [pid 6532] <... sync resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] mkdir("./130", 0777 [pid 6533] <... sync resumed>) = 0 [pid 6532] exit_group(0 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6534, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6533] exit_group(0 [pid 6532] <... exit_group resumed>) = ? [pid 5866] <... openat resumed>) = 3 [pid 5864] umount2("./129", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6533] <... exit_group resumed>) = ? [pid 6532] +++ exited with 0 +++ [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5864] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6533] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6533, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] close(3 [pid 5864] <... openat resumed>) = 3 [pid 5866] <... close resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6532, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] umount2("./131", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./132", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] getdents64(3, [pid 5868] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6535 attached ) = 3 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6535 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] newfstatat(3, "", [pid 5867] newfstatat(3, "", [pid 6535] set_robust_list(0x5555593cd660, 24 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(3, [pid 5867] getdents64(3, [pid 6535] <... set_robust_list resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6535] chdir("./130") = 0 [pid 6535] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6535] setpgid(0, 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6535] <... setpgid resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./128/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6535] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] umount2("./128/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6535] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./128/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6535] write(3, "1000", 4 [pid 5865] newfstatat(4, "", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6535] <... write resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./131/file1", [pid 5865] getdents64(4, [pid 5864] newfstatat(AT_FDCWD, "./129/file1", [pid 5868] newfstatat(AT_FDCWD, "./132/file1", [pid 6535] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6535] <... close resumed>) = 0 [pid 5868] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6535] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6535] <... symlink resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./132/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(4, [pid 5864] openat(AT_FDCWD, "./129/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6535] write(1, "executing program\n", 18executing program [pid 5868] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./131/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6535] <... write resumed>) = 18 [pid 5868] newfstatat(4, "", [pid 5867] <... openat resumed>) = 4 [pid 5865] close(4 [pid 6535] memfd_create("syzkaller", 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", [pid 5864] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] getdents64(4, [pid 6535] <... memfd_create resumed>) = 3 [pid 5865] rmdir("./128/file1" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 6535] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6535] <... mmap resumed>) = 0x7f1864095000 [pid 5864] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] umount2("./128/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 5867] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./132/file1" [pid 5867] close(4 [pid 5865] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5864] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] rmdir("./129/file1" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] rmdir("./131/file1" [pid 5865] unlink("./128/binderfs" [pid 5864] <... rmdir resumed>) = 0 [pid 5868] umount2("./132/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... rmdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6535] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... unlink resumed>) = 0 [pid 5864] umount2("./129/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./131/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5864] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5868] newfstatat(AT_FDCWD, "./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5865] close(3 [pid 5864] unlink("./129/binderfs" [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5867] unlink("./131/binderfs" [pid 5865] rmdir("./128" [pid 5864] getdents64(3, [pid 5867] <... unlink resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] unlink("./132/binderfs" [pid 5867] getdents64(3, [pid 5864] close(3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] mkdir("./129", 0777 [pid 5864] <... close resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] close(3 [pid 5864] rmdir("./129" [pid 5867] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] rmdir("./131" [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5868] close(3) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] mkdir("./130", 0777 [pid 5868] rmdir("./132" [pid 5864] <... mkdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6535] <... write resumed>) = 524288 [pid 5868] mkdir("./133", 0777 [pid 5867] mkdir("./132", 0777 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... mkdir resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5867] <... mkdir resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] close(3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6535] munmap(0x7f1864095000, 138412032 [pid 5868] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... close resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] close(3 [pid 6535] <... munmap resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6536 attached [pid 5867] <... openat resumed>) = 3 [pid 5868] close(3 [pid 5864] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6535] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6537 attached [pid 6536] set_robust_list(0x5555593cd660, 24 [pid 6535] <... openat resumed>) = 4 [pid 5867] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6538 attached [pid 6535] ioctl(4, LOOP_SET_FD, 3 [pid 5867] close(3 [pid 6536] <... set_robust_list resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6537 [pid 6537] set_robust_list(0x5555593cd660, 24 [pid 6536] chdir("./129" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6536 [pid 6538] set_robust_list(0x5555593cd660, 24 [pid 6537] <... set_robust_list resumed>) = 0 [pid 6536] <... chdir resumed>) = 0 [pid 6535] <... ioctl resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6538 [pid 6536] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6537] chdir("./133") = 0 [pid 6536] <... prctl resumed>) = 0 [pid 6538] <... set_robust_list resumed>) = 0 [pid 6536] setpgid(0, 0 [pid 6535] close(3 [pid 6538] chdir("./130" [pid 6536] <... setpgid resumed>) = 0 [pid 6535] <... close resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6539 [pid 6536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6535] close(4 [pid 6536] <... openat resumed>) = 3 [pid 6535] <... close resumed>) = 0 [pid 6538] <... chdir resumed>) = 0 [pid 6535] mkdir("./file1", 0777 [pid 6538] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6536] write(3, "1000", 4 [pid 6535] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6539 attached [pid 6538] <... prctl resumed>) = 0 [pid 6537] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6538] setpgid(0, 0 [pid 6537] <... prctl resumed>) = 0 [pid 6536] <... write resumed>) = 4 [pid 6539] set_robust_list(0x5555593cd660, 24 [pid 6538] <... setpgid resumed>) = 0 [pid 6537] setpgid(0, 0 [pid 6536] close(3 [pid 6538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6537] <... setpgid resumed>) = 0 [pid 6535] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6539] <... set_robust_list resumed>) = 0 [pid 6538] <... openat resumed>) = 3 [pid 6537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6536] <... close resumed>) = 0 [pid 6539] chdir("./132" [pid 6536] symlink("/dev/binderfs", "./binderfs" [pid 6539] <... chdir resumed>) = 0 [pid 6536] <... symlink resumed>) = 0 [pid 6539] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6538] write(3, "1000", 4 [pid 6539] <... prctl resumed>) = 0 executing program [pid 6536] write(1, "executing program\n", 18 [pid 6539] setpgid(0, 0 [pid 6538] <... write resumed>) = 4 [pid 6536] <... write resumed>) = 18 [pid 6539] <... setpgid resumed>) = 0 [pid 6538] close(3 [pid 6537] <... openat resumed>) = 3 [pid 6536] memfd_create("syzkaller", 0 [pid 6539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6538] <... close resumed>) = 0 [pid 6537] write(3, "1000", 4 [pid 6536] <... memfd_create resumed>) = 3 [pid 6539] <... openat resumed>) = 3 [pid 6538] symlink("/dev/binderfs", "./binderfs" [pid 6537] <... write resumed>) = 4 [ 215.151043][ T6535] loop2: detected capacity change from 0 to 1024 [pid 6536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6535] <... mount resumed>) = 0 [pid 6539] write(3, "1000", 4 [pid 6538] <... symlink resumed>) = 0 [pid 6537] close(3 [pid 6539] <... write resumed>) = 4 [pid 6537] <... close resumed>) = 0 [pid 6536] <... mmap resumed>) = 0x7f1864095000 [pid 6537] symlink("/dev/binderfs", "./binderfs" [pid 6539] close(3 [pid 6538] write(1, "executing program\n", 18 [pid 6537] <... symlink resumed>) = 0 [pid 6536] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288executing program [pid 6539] <... close resumed>) = 0 [pid 6538] <... write resumed>) = 18 [pid 6535] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6537] write(1, "executing program\n", 18executing program [pid 6539] symlink("/dev/binderfs", "./binderfs" [pid 6538] memfd_create("syzkaller", 0 [pid 6537] <... write resumed>) = 18 [pid 6535] <... openat resumed>) = 3 [pid 6539] <... symlink resumed>) = 0 [pid 6538] <... memfd_create resumed>) = 3 [pid 6537] memfd_create("syzkaller", 0 [pid 6535] chdir("./file1"executing program [pid 6537] <... memfd_create resumed>) = 3 [pid 6535] <... chdir resumed>) = 0 [pid 6539] write(1, "executing program\n", 18 [pid 6538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6539] <... write resumed>) = 18 [pid 6538] <... mmap resumed>) = 0x7f1864095000 [pid 6535] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6539] memfd_create("syzkaller", 0 [pid 6538] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6539] <... memfd_create resumed>) = 3 [pid 6537] <... mmap resumed>) = 0x7f1864095000 [pid 6536] <... write resumed>) = 524288 [pid 6535] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6539] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6535] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6539] <... mmap resumed>) = 0x7f1864095000 [pid 6539] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6539] <... write resumed>) = 524288 [pid 6536] munmap(0x7f1864095000, 138412032 [pid 6535] <... link resumed>) = 0 [pid 6536] <... munmap resumed>) = 0 [pid 6538] <... write resumed>) = 524288 [pid 6536] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6535] sync( [pid 6538] munmap(0x7f1864095000, 138412032 [pid 6539] munmap(0x7f1864095000, 138412032 [pid 6538] <... munmap resumed>) = 0 [pid 6537] <... write resumed>) = 524288 [pid 6536] <... openat resumed>) = 4 [pid 6539] <... munmap resumed>) = 0 [pid 6539] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6536] ioctl(4, LOOP_SET_FD, 3 [pid 6539] ioctl(4, LOOP_SET_FD, 3 [pid 6537] munmap(0x7f1864095000, 138412032 [pid 6538] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6536] <... ioctl resumed>) = 0 [pid 6538] <... openat resumed>) = 4 [pid 6536] close(3) = 0 [pid 6538] ioctl(4, LOOP_SET_FD, 3 [pid 6537] <... munmap resumed>) = 0 [pid 6536] close(4 [pid 6537] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6536] <... close resumed>) = 0 [pid 6537] <... openat resumed>) = 4 [pid 6536] mkdir("./file1", 0777 [pid 6537] ioctl(4, LOOP_SET_FD, 3 [pid 6536] <... mkdir resumed>) = 0 [pid 6536] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6539] <... ioctl resumed>) = 0 [pid 6538] <... ioctl resumed>) = 0 [pid 6537] <... ioctl resumed>) = 0 [pid 6539] close(3 [pid 6537] close(3 [pid 6539] <... close resumed>) = 0 [pid 6537] <... close resumed>) = 0 [pid 6539] close(4 [pid 6537] close(4 [pid 6539] <... close resumed>) = 0 [pid 6538] close(3 [pid 6537] <... close resumed>) = 0 [pid 6536] <... mount resumed>) = 0 [pid 6535] <... sync resumed>) = 0 [pid 6539] mkdir("./file1", 0777 [pid 6538] <... close resumed>) = 0 [pid 6537] mkdir("./file1", 0777 [pid 6536] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6535] exit_group(0 [pid 6539] <... mkdir resumed>) = 0 [pid 6538] close(4 [pid 6537] <... mkdir resumed>) = 0 [pid 6536] <... openat resumed>) = 3 [pid 6539] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6538] <... close resumed>) = 0 [pid 6537] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6536] chdir("./file1" [pid 6538] mkdir("./file1", 0777 [pid 6536] <... chdir resumed>) = 0 [pid 6538] <... mkdir resumed>) = 0 [pid 6535] <... exit_group resumed>) = ? [pid 6536] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6538] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6536] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6535] +++ exited with 0 +++ [ 215.332634][ T6536] loop1: detected capacity change from 0 to 1024 [ 215.341551][ T6539] loop3: detected capacity change from 0 to 1024 [ 215.342149][ T6538] loop0: detected capacity change from 0 to 1024 [ 215.348017][ T6537] loop4: detected capacity change from 0 to 1024 [pid 6536] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6535, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6539] <... mount resumed>) = 0 [pid 6537] <... mount resumed>) = 0 [pid 6539] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] umount2("./130", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6537] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6539] <... openat resumed>) = 3 [pid 6537] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6539] chdir("./file1" [pid 6537] chdir("./file1" [pid 5866] <... openat resumed>) = 3 [pid 6539] <... chdir resumed>) = 0 [pid 6538] <... mount resumed>) = 0 [pid 6537] <... chdir resumed>) = 0 [pid 6536] <... link resumed>) = 0 [pid 6539] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] newfstatat(3, "", [pid 6539] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6538] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6538] <... openat resumed>) = 3 [pid 6538] chdir("./file1" [pid 5866] getdents64(3, [pid 6538] <... chdir resumed>) = 0 [pid 6536] sync( [pid 6539] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6537] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6538] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6538] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6537] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6538] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6537] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6539] <... link resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6539] sync( [pid 6537] <... link resumed>) = 0 [pid 5866] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6537] sync( [pid 5866] newfstatat(AT_FDCWD, "./130/file1", [pid 6536] <... sync resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./130/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6536] exit_group(0 [pid 5866] <... openat resumed>) = 4 [pid 5866] newfstatat(4, "", [pid 6536] <... exit_group resumed>) = ? [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6536] +++ exited with 0 +++ [pid 5866] getdents64(4, [pid 6538] <... link resumed>) = 0 [pid 6538] sync( [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6536, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./130/file1") = 0 [pid 5866] umount2("./130/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... restart_syscall resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./129", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] unlink("./130/binderfs" [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5866] rmdir("./130") = 0 [pid 5866] mkdir("./131", 0777 [pid 6539] <... sync resumed>) = 0 [pid 6538] <... sync resumed>) = 0 [pid 6537] <... sync resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6539] exit_group(0 [pid 6537] exit_group(0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6538] exit_group(0 [pid 6537] <... exit_group resumed>) = ? [pid 5866] <... openat resumed>) = 3 [pid 6539] <... exit_group resumed>) = ? [pid 6538] <... exit_group resumed>) = ? [pid 6537] +++ exited with 0 +++ [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6538] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6537, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] <... ioctl resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6539] +++ exited with 0 +++ [pid 5868] <... restart_syscall resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6538, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6539, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5866] close(3 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5868] umount2("./133", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./132", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./130", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(3, "", [pid 5867] newfstatat(3, "", [pid 5864] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(3, "", [pid 5868] getdents64(3, [pid 5867] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6540 attached [pid 6540] set_robust_list(0x5555593cd660, 24 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6540 [pid 5865] <... umount2 resumed>) = 0 [pid 6540] <... set_robust_list resumed>) = 0 [pid 6540] chdir("./131") = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6540] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6540] setpgid(0, 0) = 0 [pid 5865] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./129/file1", [pid 5864] newfstatat(AT_FDCWD, "./130/file1", [pid 6540] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6540] write(3, "1000", 4 [pid 5864] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] <... write resumed>) = 4 [pid 6540] close(3 [pid 5865] umount2("./129/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./130/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./129/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 6540] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", [pid 5865] newfstatat(4, "", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, [pid 6540] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... umount2 resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./133/file1", [pid 5865] close(4 [pid 5864] rmdir("./130/file1" [pid 6540] <... symlink resumed>) = 0 [pid 6540] write(1, "executing program\n", 18executing program [pid 5864] <... rmdir resumed>) = 0 [pid 5867] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] <... write resumed>) = 18 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6540] memfd_create("syzkaller", 0 [pid 5867] newfstatat(AT_FDCWD, "./132/file1", [pid 5865] <... close resumed>) = 0 [pid 5864] umount2("./130/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] <... memfd_create resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] rmdir("./129/file1" [pid 6540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6540] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./129/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./133/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./132/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5864] unlink("./130/binderfs" [pid 5868] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(4, "", [pid 5868] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] unlink("./129/binderfs" [pid 5864] <... unlink resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 6540] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] getdents64(4, [pid 5865] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(3, [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(4, [pid 5867] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./132/file1" [pid 5864] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6540] <... write resumed>) = 524288 [pid 5865] close(3 [pid 5864] rmdir("./130" [pid 5868] close(4 [pid 5865] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] rmdir("./129") = 0 [pid 5868] rmdir("./133/file1" [pid 5864] mkdir("./131", 0777 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] umount2("./132/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... mkdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./133/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] unlink("./132/binderfs" [pid 5865] mkdir("./130", 0777 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6540] munmap(0x7f1864095000, 138412032 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... unlink resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5867] getdents64(3, [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6540] <... munmap resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] close(3 [pid 5864] close(3 [pid 6540] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] unlink("./133/binderfs" [pid 5867] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6540] <... openat resumed>) = 4 [pid 5868] <... unlink resumed>) = 0 [pid 5867] rmdir("./132" [pid 5865] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5867] <... rmdir resumed>) = 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6540] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6540] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5865] close(3 [pid 6540] close(3 [pid 5868] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6540] <... close resumed>) = 0 [pid 6540] close(4 [pid 5868] rmdir("./133" [pid 5867] mkdir("./133", 0777 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... close resumed>) = 0 [pid 6540] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6541 attached [pid 6540] mkdir("./file1", 0777 [pid 5868] mkdir("./134", 0777 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6541] set_robust_list(0x5555593cd660, 24 [pid 6540] <... mkdir resumed>) = 0 [pid 6541] <... set_robust_list resumed>) = 0 [pid 6541] chdir("./130" [pid 6540] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6542 attached [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6541 [pid 6542] set_robust_list(0x5555593cd660, 24 [pid 6541] <... chdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... ioctl resumed>) = 0 [pid 6542] <... set_robust_list resumed>) = 0 [pid 6541] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... openat resumed>) = 3 [pid 5867] close(3 [pid 6542] chdir("./131" [pid 6541] <... prctl resumed>) = 0 [pid 6541] setpgid(0, 0) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6542 [ 215.808116][ T6540] loop2: detected capacity change from 0 to 1024 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3 [pid 6541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6541] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6543 attached [pid 6541] write(3, "1000", 4 [pid 6542] <... chdir resumed>) = 0 [pid 6541] <... write resumed>) = 4 [pid 6543] set_robust_list(0x5555593cd660, 24 [pid 6542] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6541] close(3 [pid 6542] <... prctl resumed>) = 0 [pid 6541] <... close resumed>) = 0 [pid 6543] <... set_robust_list resumed>) = 0 [pid 6542] setpgid(0, 0 [pid 6541] symlink("/dev/binderfs", "./binderfs" [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6544 attached [pid 6543] chdir("./134" [pid 6542] <... setpgid resumed>) = 0 [pid 6541] <... symlink resumed>) = 0 [pid 6544] set_robust_list(0x5555593cd660, 24 [pid 6543] <... chdir resumed>) = 0 [pid 6542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6543 [pid 6544] <... set_robust_list resumed>) = 0 [pid 6543] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6542] <... openat resumed>) = 3 [pid 6541] write(1, "executing program\n", 18 [pid 6544] chdir("./133" [pid 6543] <... prctl resumed>) = 0 [pid 6540] <... mount resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6544 [pid 6544] <... chdir resumed>) = 0 [pid 6544] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program ) = 0 [pid 6543] setpgid(0, 0 [pid 6542] write(3, "1000", 4 [pid 6541] <... write resumed>) = 18 [pid 6540] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6544] setpgid(0, 0 [pid 6543] <... setpgid resumed>) = 0 [pid 6542] <... write resumed>) = 4 [pid 6541] memfd_create("syzkaller", 0 [pid 6540] <... openat resumed>) = 3 [pid 6544] <... setpgid resumed>) = 0 [pid 6543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6542] close(3 [pid 6541] <... memfd_create resumed>) = 3 [pid 6540] chdir("./file1" [pid 6544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6543] <... openat resumed>) = 3 [pid 6542] <... close resumed>) = 0 [pid 6540] <... chdir resumed>) = 0 [pid 6542] symlink("/dev/binderfs", "./binderfs" [pid 6541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6540] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6544] <... openat resumed>) = 3 [pid 6542] <... symlink resumed>) = 0 [pid 6541] <... mmap resumed>) = 0x7f1864095000 [pid 6540] <... openat resumed>) = -1 EBUSY (Device or resource busy) executing program [pid 6543] write(3, "1000", 4 [pid 6542] write(1, "executing program\n", 18 [pid 6540] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6543] <... write resumed>) = 4 [pid 6542] <... write resumed>) = 18 [pid 6543] close(3 [pid 6542] memfd_create("syzkaller", 0 [pid 6543] <... close resumed>) = 0 [pid 6543] symlink("/dev/binderfs", "./binderfs" [pid 6542] <... memfd_create resumed>) = 3 [pid 6543] <... symlink resumed>) = 0 [pid 6542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6544] write(3, "1000", 4) = 4 [pid 6542] <... mmap resumed>) = 0x7f1864095000 [pid 6544] close(3) = 0 [pid 6544] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6544] write(1, "executing program\n", 18 [pid 6543] write(1, "executing program\n", 18executing program [pid 6541] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6544] <... write resumed>) = 18 [pid 6544] memfd_create("syzkaller", 0 [pid 6543] <... write resumed>) = 18 [pid 6544] <... memfd_create resumed>) = 3 [pid 6543] memfd_create("syzkaller", 0 [pid 6542] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6543] <... memfd_create resumed>) = 3 [pid 6540] <... link resumed>) = 0 [pid 6543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6540] sync( [pid 6543] <... mmap resumed>) = 0x7f1864095000 [pid 6541] <... write resumed>) = 524288 [pid 6543] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6541] munmap(0x7f1864095000, 138412032) = 0 [pid 6541] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6541] <... openat resumed>) = 4 [pid 6543] <... write resumed>) = 524288 [pid 6541] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6542] <... write resumed>) = 524288 [pid 6541] close(3) = 0 [pid 6540] <... sync resumed>) = 0 [pid 6541] close(4) = 0 [pid 6540] exit_group(0 [pid 6541] mkdir("./file1", 0777 [pid 6540] <... exit_group resumed>) = ? [pid 6543] munmap(0x7f1864095000, 138412032 [pid 6542] munmap(0x7f1864095000, 138412032) = 0 [pid 6541] <... mkdir resumed>) = 0 [pid 6544] <... write resumed>) = 524288 [pid 6543] <... munmap resumed>) = 0 [pid 6542] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6541] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6542] <... openat resumed>) = 4 [pid 6540] +++ exited with 0 +++ [pid 6542] ioctl(4, LOOP_SET_FD, 3 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6540, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 6543] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6542] <... ioctl resumed>) = 0 [pid 6542] close(3 [pid 6541] <... mount resumed>) = 0 [pid 6542] <... close resumed>) = 0 [pid 6542] close(4) = 0 [pid 6542] mkdir("./file1", 0777 [pid 6543] <... openat resumed>) = 4 [pid 6542] <... mkdir resumed>) = 0 [pid 6543] ioctl(4, LOOP_SET_FD, 3 [pid 6542] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6544] munmap(0x7f1864095000, 138412032 [pid 6541] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6543] <... ioctl resumed>) = 0 [pid 6541] <... openat resumed>) = 3 [pid 6541] chdir("./file1" [pid 6543] close(3 [pid 6541] <... chdir resumed>) = 0 [pid 6543] <... close resumed>) = 0 [ 216.032516][ T6541] loop1: detected capacity change from 0 to 1024 [ 216.068845][ T6542] loop0: detected capacity change from 0 to 1024 [pid 6543] close(4) = 0 [pid 6543] mkdir("./file1", 0777) = 0 [pid 5866] umount2("./131", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6544] <... munmap resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6541] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] newfstatat(3, "", [pid 6543] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6541] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6544] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6541] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] getdents64(3, [pid 6544] <... openat resumed>) = 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6544] ioctl(4, LOOP_SET_FD, 3 [pid 5866] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6544] <... ioctl resumed>) = 0 [pid 6542] <... mount resumed>) = 0 [pid 6542] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6544] close(3 [pid 6542] <... openat resumed>) = 3 [pid 6542] chdir("./file1" [pid 6544] <... close resumed>) = 0 [pid 6542] <... chdir resumed>) = 0 [pid 6544] close(4 [pid 6542] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6544] <... close resumed>) = 0 [pid 6544] mkdir("./file1", 0777 [pid 6542] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6544] <... mkdir resumed>) = 0 [pid 6543] <... mount resumed>) = 0 [pid 6542] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6544] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6543] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6541] <... link resumed>) = 0 [pid 6543] <... openat resumed>) = 3 [pid 6543] chdir("./file1" [pid 6541] sync( [pid 6543] <... chdir resumed>) = 0 [pid 6543] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [ 216.086162][ T6543] loop4: detected capacity change from 0 to 1024 [ 216.107479][ T6544] loop3: detected capacity change from 0 to 1024 [pid 6543] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6544] <... mount resumed>) = 0 [pid 6542] <... link resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6544] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6542] sync( [pid 5866] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6544] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6544] chdir("./file1" [pid 5866] newfstatat(AT_FDCWD, "./131/file1", [pid 6544] <... chdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6544] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5866] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6544] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] openat(AT_FDCWD, "./131/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 6543] <... link resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 6543] sync( [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6544] <... link resumed>) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./131/file1") = 0 [pid 5866] umount2("./131/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6544] sync( [pid 6541] <... sync resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6542] <... sync resumed>) = 0 [pid 6541] exit_group(0 [pid 5866] newfstatat(AT_FDCWD, "./131/binderfs", [pid 6542] exit_group(0 [pid 6541] <... exit_group resumed>) = ? [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6542] <... exit_group resumed>) = ? [pid 6541] +++ exited with 0 +++ [pid 5866] unlink("./131/binderfs") = 0 [pid 5866] getdents64(3, [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6541, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5866] close(3) = 0 [pid 5866] rmdir("./131") = 0 [pid 5866] mkdir("./132", 0777) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... restart_syscall resumed>) = 0 [pid 5865] umount2("./130", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6543] <... sync resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6542] +++ exited with 0 +++ [pid 5865] <... openat resumed>) = 3 [pid 6543] exit_group(0 [pid 5865] newfstatat(3, "", [pid 6543] <... exit_group resumed>) = ? [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6542, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6544] <... sync resumed>) = 0 [pid 6543] +++ exited with 0 +++ [pid 5864] umount2("./131", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6544] exit_group(0 [pid 5865] getdents64(3, [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6543, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6544] <... exit_group resumed>) = ? [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] close(3 [pid 5864] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6544] +++ exited with 0 +++ [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6544, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] <... openat resumed>) = 3 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] umount2("./134", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5864] newfstatat(3, "", [pid 5867] <... restart_syscall resumed>) = 0 [pid 5867] umount2("./133", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6545 attached [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] set_robust_list(0x5555593cd660, 24) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6545 [pid 6545] chdir("./132") = 0 [pid 6545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6545] setpgid(0, 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] getdents64(3, [pid 6545] <... setpgid resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] newfstatat(3, "", [pid 5864] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6545] write(3, "1000", 4 [pid 5868] getdents64(3, [pid 6545] <... write resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6545] close(3 [pid 5868] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] <... close resumed>) = 0 [pid 6545] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 executing program [pid 6545] write(1, "executing program\n", 18 [pid 5865] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] <... write resumed>) = 18 [pid 6545] memfd_create("syzkaller", 0) = 3 [pid 5867] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./130/file1", [pid 6545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5867] newfstatat(AT_FDCWD, "./133/file1", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./130/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./130/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./133/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] newfstatat(4, "", [pid 5865] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5865] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5867] close(4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 5865] close(4 [pid 5867] rmdir("./133/file1" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] rmdir("./130/file1" [pid 5864] newfstatat(AT_FDCWD, "./131/file1", [pid 5867] umount2("./133/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5865] umount2("./130/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] unlink("./133/binderfs") = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] openat(AT_FDCWD, "./131/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] getdents64(3, [pid 5864] <... openat resumed>) = 4 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6545] <... write resumed>) = 524288 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] close(3 [pid 5865] unlink("./130/binderfs" [pid 5864] newfstatat(4, "", [pid 5868] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... close resumed>) = 0 [pid 6545] munmap(0x7f1864095000, 138412032 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] rmdir("./133" [pid 6545] <... munmap resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./134/file1", [pid 5867] <... rmdir resumed>) = 0 [pid 6545] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6545] <... openat resumed>) = 4 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] ioctl(4, LOOP_SET_FD, 3 [pid 5867] mkdir("./134", 0777 [pid 5864] getdents64(4, [pid 6545] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 6545] close(3 [pid 5867] <... mkdir resumed>) = 0 [pid 6545] <... close resumed>) = 0 [pid 6545] close(4) = 0 [pid 6545] mkdir("./file1", 0777) = 0 [pid 5868] openat(AT_FDCWD, "./134/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6545] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... openat resumed>) = 4 [pid 5865] close(3 [pid 5864] getdents64(4, [pid 5868] newfstatat(4, "", [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] rmdir("./130" [pid 5864] close(4 [pid 5868] getdents64(4, [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] rmdir("./131/file1" [pid 5867] <... openat resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] getdents64(4, [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5865] mkdir("./131", 0777 [pid 5864] umount2("./131/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... ioctl resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] close(3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] <... close resumed>) = 0 [pid 5868] close(4 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6545] <... mount resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] newfstatat(AT_FDCWD, "./131/binderfs", [pid 6545] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6546 attached [pid 6545] <... openat resumed>) = 3 [pid 5868] rmdir("./134/file1" [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6546] set_robust_list(0x5555593cd660, 24 [pid 6545] chdir("./file1" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6546 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] unlink("./131/binderfs" [pid 6546] <... set_robust_list resumed>) = 0 [ 216.418285][ T6545] loop2: detected capacity change from 0 to 1024 [pid 6546] chdir("./134" [pid 6545] <... chdir resumed>) = 0 [pid 5868] umount2("./134/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6546] <... chdir resumed>) = 0 [pid 5864] getdents64(3, [pid 6546] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6546] setpgid(0, 0 [pid 5864] close(3 [pid 6546] <... setpgid resumed>) = 0 [pid 6546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6545] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5865] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6545] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] rmdir("./131" [pid 6546] <... openat resumed>) = 3 [pid 6546] write(3, "1000", 4 [pid 6545] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] unlink("./134/binderfs" [pid 5864] <... rmdir resumed>) = 0 [pid 6546] <... write resumed>) = 4 [pid 5864] mkdir("./132", 0777 [pid 6546] close(3) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6546] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5868] getdents64(3, [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6546] write(1, "executing program\n", 18) = 18 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6546] memfd_create("syzkaller", 0 [pid 5868] close(3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6546] <... memfd_create resumed>) = 3 [pid 5868] <... close resumed>) = 0 [pid 6546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] rmdir("./134" [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... ioctl resumed>) = 0 [pid 6546] <... mmap resumed>) = 0x7f1864095000 ./strace-static-x86_64: Process 6547 attached [pid 5868] <... rmdir resumed>) = 0 [pid 5864] close(3 [pid 5868] mkdir("./135", 0777 [pid 6547] set_robust_list(0x5555593cd660, 24 [pid 5868] <... mkdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6547 [pid 6547] <... set_robust_list resumed>) = 0 [pid 6547] chdir("./131" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6547] <... chdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 6547] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6547] <... prctl resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 6547] setpgid(0, 0 [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6547] <... setpgid resumed>) = 0 [pid 6547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6548 attached ) = 3 [pid 6545] <... link resumed>) = 0 [pid 6546] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6545] sync( [pid 6547] write(3, "1000", 4 [pid 6548] set_robust_list(0x5555593cd660, 24) = 0 [pid 6547] <... write resumed>) = 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6548 [pid 6548] chdir("./135" [pid 6547] close(3 [pid 6548] <... chdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6547] <... close resumed>) = 0 [pid 6547] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6548] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6547] write(1, "executing program\n", 18 [pid 6546] <... write resumed>) = 524288 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6548] <... prctl resumed>) = 0 [pid 6547] <... write resumed>) = 18 [pid 6548] setpgid(0, 0) = 0 [pid 6547] memfd_create("syzkaller", 0 [pid 6548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6546] munmap(0x7f1864095000, 138412032 [pid 6547] <... memfd_create resumed>) = 3 [pid 6547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 ./strace-static-x86_64: Process 6549 attached [pid 6548] <... openat resumed>) = 3 [pid 6546] <... munmap resumed>) = 0 [pid 6548] write(3, "1000", 4 [pid 6546] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6545] <... sync resumed>) = 0 [pid 6549] set_robust_list(0x5555593cd660, 24 [pid 6545] exit_group(0 [pid 6549] <... set_robust_list resumed>) = 0 [pid 6545] <... exit_group resumed>) = ? [pid 6549] chdir("./132" [pid 6548] <... write resumed>) = 4 [pid 6546] <... openat resumed>) = 4 [pid 6545] +++ exited with 0 +++ [pid 6549] <... chdir resumed>) = 0 [pid 6547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6549] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6545, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6549] <... prctl resumed>) = 0 [pid 6549] setpgid(0, 0 [pid 6548] close(3 [pid 6546] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6549 [pid 6549] <... setpgid resumed>) = 0 [pid 6549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6548] <... close resumed>) = 0 [pid 6549] <... openat resumed>) = 3 [pid 6549] write(3, "1000", 4) = 4 [pid 6548] symlink("/dev/binderfs", "./binderfs" [pid 6549] close(3) = 0 [pid 6549] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6548] <... symlink resumed>) = 0 executing program [pid 5866] umount2("./132", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6548] write(1, "executing program\n", 18 [pid 6547] <... write resumed>) = 524288 executing program [pid 6549] write(1, "executing program\n", 18 [pid 6548] <... write resumed>) = 18 [pid 6546] <... ioctl resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] <... write resumed>) = 18 [pid 6546] close(3 [pid 6549] memfd_create("syzkaller", 0 [pid 6546] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6546] close(4 [pid 5866] <... openat resumed>) = 3 [pid 6549] <... memfd_create resumed>) = 3 [pid 6547] munmap(0x7f1864095000, 138412032 [pid 6546] <... close resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 6546] mkdir("./file1", 0777 [pid 6549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6548] memfd_create("syzkaller", 0 [pid 6547] <... munmap resumed>) = 0 [pid 6546] <... mkdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6548] <... memfd_create resumed>) = 3 [pid 6546] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6549] <... mmap resumed>) = 0x7f1864095000 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6548] <... mmap resumed>) = 0x7f1864095000 [pid 6547] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6547] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5866] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6548] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6547] close(3 [pid 6546] <... mount resumed>) = 0 [pid 6547] <... close resumed>) = 0 [pid 6547] close(4) = 0 [pid 6547] mkdir("./file1", 0777 [pid 6546] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6547] <... mkdir resumed>) = 0 [pid 6546] <... openat resumed>) = 3 [pid 6549] <... write resumed>) = 524288 [pid 6546] chdir("./file1" [pid 6548] <... write resumed>) = 524288 [pid 6547] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6546] <... chdir resumed>) = 0 [pid 6546] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6548] munmap(0x7f1864095000, 138412032 [pid 6546] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6548] <... munmap resumed>) = 0 [pid 6546] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6548] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6548] ioctl(4, LOOP_SET_FD, 3 [pid 6549] munmap(0x7f1864095000, 138412032 [pid 6548] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6549] <... munmap resumed>) = 0 [ 216.621145][ T6546] loop3: detected capacity change from 0 to 1024 [ 216.654089][ T6547] loop1: detected capacity change from 0 to 1024 [pid 6548] ioctl(4, LOOP_CLR_FD [pid 6549] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6548] <... ioctl resumed>) = 0 [pid 6546] <... link resumed>) = 0 [pid 6549] <... openat resumed>) = 4 [pid 6546] sync( [pid 5866] <... umount2 resumed>) = 0 [pid 6549] ioctl(4, LOOP_SET_FD, 3 [pid 6548] ioctl(4, LOOP_SET_FD, 3 [pid 5866] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6549] <... ioctl resumed>) = 0 [pid 6548] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6547] <... mount resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6548] close(4 [pid 6547] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] newfstatat(AT_FDCWD, "./132/file1", [pid 6549] close(3 [pid 6547] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6549] <... close resumed>) = 0 [pid 6547] chdir("./file1" [pid 5866] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6549] close(4 [pid 6547] <... chdir resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] <... close resumed>) = 0 [pid 6547] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] openat(AT_FDCWD, "./132/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6549] mkdir("./file1", 0777 [pid 6548] <... close resumed>) = 0 [pid 6549] <... mkdir resumed>) = 0 [pid 6548] close(3 [pid 6549] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6547] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6546] <... sync resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6548] <... close resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 6548] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6547] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6546] exit_group(0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6548] sync( [pid 6546] <... exit_group resumed>) = ? [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [ 216.724791][ T6549] loop0: detected capacity change from 0 to 1024 [pid 6546] +++ exited with 0 +++ [pid 5866] getdents64(4, [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6546, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 6549] <... mount resumed>) = 0 [pid 5867] umount2("./134", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./132/file1" [pid 6549] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 6549] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6549] chdir("./file1" [pid 5867] <... openat resumed>) = 3 [pid 6549] <... chdir resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] umount2("./132/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6549] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6549] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6549] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] newfstatat(AT_FDCWD, "./132/binderfs", [pid 5867] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6547] <... link resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] unlink("./132/binderfs" [pid 6547] sync( [pid 5866] <... unlink resumed>) = 0 [pid 6549] <... link resumed>) = 0 [pid 6548] <... sync resumed>) = 0 [pid 5867] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6549] sync( [pid 6548] exit_group(0) = ? [pid 5866] getdents64(3, [pid 6548] +++ exited with 0 +++ [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6548, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] rmdir("./132" [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... rmdir resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5868] umount2("./135", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] mkdir("./133", 0777 [pid 5868] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... mkdir resumed>) = 0 [pid 6549] <... sync resumed>) = 0 [pid 6549] exit_group(0 [pid 5868] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3) = 0 [pid 6549] <... exit_group resumed>) = ? [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, ./strace-static-x86_64: Process 6550 attached [pid 6549] +++ exited with 0 +++ [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6550] set_robust_list(0x5555593cd660, 24 [pid 5868] umount2("./135/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6550 [pid 6547] <... sync resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6549, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6547] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6547] <... exit_group resumed>) = ? [pid 5868] unlink("./135/binderfs" [pid 6547] +++ exited with 0 +++ [pid 6550] <... set_robust_list resumed>) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] <... umount2 resumed>) = 0 [pid 6550] chdir("./133" [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6547, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5864] <... restart_syscall resumed>) = 0 [pid 6550] <... chdir resumed>) = 0 [pid 6550] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] getdents64(3, [pid 6550] setpgid(0, 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./132", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6550] <... setpgid resumed>) = 0 [pid 6550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] close(3 [pid 5867] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6550] <... openat resumed>) = 3 [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6550] write(3, "1000", 4) = 4 [pid 5868] rmdir("./135" [pid 5867] newfstatat(AT_FDCWD, "./134/file1", [pid 5864] <... openat resumed>) = 3 [pid 6550] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] newfstatat(3, "", [pid 6550] <... close resumed>) = 0 [pid 5868] mkdir("./136", 0777 [pid 5867] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6550] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6550] <... symlink resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5864] getdents64(3, [pid 6550] write(1, "executing program\n", 18 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] openat(AT_FDCWD, "./134/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6550] <... write resumed>) = 18 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 4 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6550] memfd_create("syzkaller", 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] newfstatat(4, "", [pid 5865] umount2("./131", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6550] <... memfd_create resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] getdents64(4, [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6550] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] close(3 [pid 5867] getdents64(4, [pid 5865] <... openat resumed>) = 3 [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] close(4 [pid 5865] newfstatat(3, "", [pid 6550] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... close resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6551 attached [pid 5867] rmdir("./134/file1" [pid 5865] getdents64(3, [pid 6551] set_robust_list(0x5555593cd660, 24 [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6551] <... set_robust_list resumed>) = 0 [pid 6551] chdir("./136" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6551 [pid 5867] umount2("./134/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6551] <... chdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] newfstatat(AT_FDCWD, "./134/binderfs", [pid 6551] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6551] <... setpgid resumed>) = 0 [pid 6551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] unlink("./134/binderfs") = 0 [pid 6551] <... openat resumed>) = 3 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6551] write(3, "1000", 4 [pid 5867] close(3 [pid 6551] <... write resumed>) = 4 [pid 5867] <... close resumed>) = 0 [pid 6551] close(3) = 0 [pid 5867] rmdir("./134" [pid 6551] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] <... rmdir resumed>) = 0 executing program [pid 6551] write(1, "executing program\n", 18 [pid 6550] <... write resumed>) = 524288 [pid 6551] <... write resumed>) = 18 [pid 6551] memfd_create("syzkaller", 0 [pid 5867] mkdir("./135", 0777 [pid 6551] <... memfd_create resumed>) = 3 [pid 5867] <... mkdir resumed>) = 0 [pid 6551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6552 attached [pid 6550] munmap(0x7f1864095000, 138412032 [pid 6552] set_robust_list(0x5555593cd660, 24) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6552 [pid 6552] chdir("./135" [pid 6550] <... munmap resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 6552] <... chdir resumed>) = 0 [pid 6551] <... write resumed>) = 524288 [pid 5864] <... umount2 resumed>) = 0 [pid 6552] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6550] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6552] <... prctl resumed>) = 0 [pid 6552] setpgid(0, 0 [pid 6550] <... openat resumed>) = 4 [pid 5864] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6552] <... setpgid resumed>) = 0 [pid 5865] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./131/file1", [pid 6552] <... openat resumed>) = 3 [pid 6550] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./131/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6550] <... ioctl resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./132/file1", [pid 6552] write(3, "1000", 4 [pid 6550] close(3 [pid 5865] openat(AT_FDCWD, "./131/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6552] <... write resumed>) = 4 [pid 6551] munmap(0x7f1864095000, 138412032 [pid 5865] <... openat resumed>) = 4 [pid 6550] <... close resumed>) = 0 [pid 5864] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6552] close(3 [pid 6551] <... munmap resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 6552] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6552] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] openat(AT_FDCWD, "./132/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6552] <... symlink resumed>) = 0 [pid 6551] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6550] close(4 [pid 5865] getdents64(4, [pid 6552] write(1, "executing program\n", 18 [pid 6550] <... close resumed>) = 0 executing program [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... openat resumed>) = 4 [pid 6552] <... write resumed>) = 18 [pid 6550] mkdir("./file1", 0777 [pid 5864] newfstatat(4, "", [pid 6552] memfd_create("syzkaller", 0 [pid 5865] getdents64(4, [pid 6550] <... mkdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6552] <... memfd_create resumed>) = 3 [pid 6551] <... openat resumed>) = 4 [pid 6550] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 6552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6551] ioctl(4, LOOP_SET_FD, 3 [pid 6552] <... mmap resumed>) = 0x7f1864095000 [pid 5865] close(4 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 5865] rmdir("./131/file1" [pid 6550] <... mount resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6552] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6551] <... ioctl resumed>) = 0 [ 217.022975][ T6550] loop2: detected capacity change from 0 to 1024 [pid 6551] close(3 [pid 5865] <... rmdir resumed>) = 0 [pid 5865] umount2("./131/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6551] <... close resumed>) = 0 [pid 5865] unlink("./131/binderfs" [pid 6551] close(4 [pid 6550] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... unlink resumed>) = 0 [pid 5864] rmdir("./132/file1" [pid 6551] <... close resumed>) = 0 [pid 5865] getdents64(3, [pid 6551] mkdir("./file1", 0777 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6551] <... mkdir resumed>) = 0 [pid 5865] close(3) = 0 [pid 6550] <... openat resumed>) = 3 [pid 5865] rmdir("./131" [pid 5864] <... rmdir resumed>) = 0 [pid 6550] chdir("./file1" [pid 5864] umount2("./132/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6550] <... chdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6550] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] newfstatat(AT_FDCWD, "./132/binderfs", [pid 6550] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6551] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6550] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] unlink("./132/binderfs" [pid 5865] mkdir("./132", 0777) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] getdents64(3, [pid 6550] <... link resumed>) = 0 [pid 6550] sync( [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6552] <... write resumed>) = 524288 [pid 5865] close(3 [pid 5864] close(3) = 0 [pid 6552] munmap(0x7f1864095000, 138412032 [pid 5864] rmdir("./132" [pid 6552] <... munmap resumed>) = 0 [pid 6551] <... mount resumed>) = 0 [pid 6551] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... rmdir resumed>) = 0 [pid 6552] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6551] <... openat resumed>) = 3 [pid 6552] <... openat resumed>) = 4 [pid 6551] chdir("./file1" [pid 5864] mkdir("./133", 0777 [pid 6551] <... chdir resumed>) = 0 [ 217.070927][ T6551] loop4: detected capacity change from 0 to 1024 [pid 6551] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6552] ioctl(4, LOOP_SET_FD, 3 [pid 6551] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6552] <... ioctl resumed>) = 0 [pid 6551] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6552] close(3) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6552] close(4 [pid 5864] close(3 [pid 6552] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... close resumed>) = 0 [pid 6552] mkdir("./file1", 0777 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6552] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6554 attached ./strace-static-x86_64: Process 6553 attached [pid 6552] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6554 [pid 6554] set_robust_list(0x5555593cd660, 24 [pid 6553] set_robust_list(0x5555593cd660, 24) = 0 [pid 6554] <... set_robust_list resumed>) = 0 [pid 6553] chdir("./132" [pid 6554] chdir("./133" [pid 6553] <... chdir resumed>) = 0 [pid 6553] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6553 [pid 6554] <... chdir resumed>) = 0 [pid 6553] <... prctl resumed>) = 0 [pid 6551] <... link resumed>) = 0 [pid 6554] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6553] setpgid(0, 0 [pid 6552] <... mount resumed>) = 0 [ 217.148150][ T6552] loop3: detected capacity change from 0 to 1024 [pid 6554] <... prctl resumed>) = 0 [pid 6553] <... setpgid resumed>) = 0 [pid 6551] sync( [pid 6554] setpgid(0, 0 [pid 6553] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6552] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6550] <... sync resumed>) = 0 [pid 6554] <... setpgid resumed>) = 0 [pid 6553] <... openat resumed>) = 3 [pid 6554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6552] <... openat resumed>) = 3 [pid 6550] exit_group(0 [pid 6552] chdir("./file1" [pid 6550] <... exit_group resumed>) = ? [pid 6552] <... chdir resumed>) = 0 [pid 6554] <... openat resumed>) = 3 [pid 6553] write(3, "1000", 4 [pid 6552] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6550] +++ exited with 0 +++ [pid 6553] <... write resumed>) = 4 [pid 6552] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6553] close(3) = 0 [pid 6554] write(3, "1000", 4 [pid 6553] symlink("/dev/binderfs", "./binderfs" [pid 6554] <... write resumed>) = 4 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6550, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6554] close(3 [pid 6553] <... symlink resumed>) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...>executing program [pid 6554] <... close resumed>) = 0 [pid 6552] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... restart_syscall resumed>) = 0 [pid 6554] symlink("/dev/binderfs", "./binderfs" [pid 6553] write(1, "executing program\n", 18 [pid 6554] <... symlink resumed>) = 0 [pid 6553] <... write resumed>) = 18 [pid 6553] memfd_create("syzkaller", 0 [pid 5866] umount2("./133", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6553] <... memfd_create resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6554] write(1, "executing program\n", 18 [pid 6553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6553] <... mmap resumed>) = 0x7f1864095000 [pid 6554] <... write resumed>) = 18 [pid 6554] memfd_create("syzkaller", 0 [pid 5866] <... openat resumed>) = 3 [pid 6553] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6554] <... memfd_create resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 6552] <... link resumed>) = 0 [pid 6552] sync( [pid 6554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6554] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6551] <... sync resumed>) = 0 [pid 6554] <... write resumed>) = 524288 [pid 6553] <... write resumed>) = 524288 [pid 6552] <... sync resumed>) = 0 [pid 6551] exit_group(0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6551] <... exit_group resumed>) = ? [pid 6552] exit_group(0 [pid 6551] +++ exited with 0 +++ [pid 5866] getdents64(3, [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6551, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6552] <... exit_group resumed>) = ? [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6554] munmap(0x7f1864095000, 138412032) = 0 [pid 6554] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6553] munmap(0x7f1864095000, 138412032 [pid 6552] +++ exited with 0 +++ [pid 5866] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6553] <... munmap resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6552, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5867] umount2("./135", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./136", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6553] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... openat resumed>) = 3 [pid 6553] <... openat resumed>) = 4 [pid 5868] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 6553] ioctl(4, LOOP_SET_FD, 3 [pid 5868] newfstatat(3, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6554] <... openat resumed>) = 4 [pid 6553] <... ioctl resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, [pid 6554] ioctl(4, LOOP_SET_FD, 3 [pid 6553] close(3 [pid 5868] getdents64(3, [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6554] <... ioctl resumed>) = 0 [pid 6553] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6554] close(3 [pid 6553] close(4 [pid 5868] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6554] <... close resumed>) = 0 [pid 6553] <... close resumed>) = 0 [pid 6553] mkdir("./file1", 0777 [pid 6554] close(4) = 0 [pid 6553] <... mkdir resumed>) = 0 [pid 6554] mkdir("./file1", 0777) = 0 [pid 6554] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6553] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... umount2 resumed>) = 0 [ 217.363769][ T6553] loop1: detected capacity change from 0 to 1024 [ 217.366850][ T6554] loop0: detected capacity change from 0 to 1024 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6554] <... mount resumed>) = 0 [pid 5868] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6553] <... mount resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6553] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] newfstatat(AT_FDCWD, "./136/file1", [pid 5867] newfstatat(AT_FDCWD, "./135/file1", [pid 5866] newfstatat(AT_FDCWD, "./133/file1", [pid 6554] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6553] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6554] <... openat resumed>) = 3 [pid 5868] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6554] chdir("./file1" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6554] <... chdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./136/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./135/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6554] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... openat resumed>) = 4 [pid 5867] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6554] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6553] chdir("./file1" [pid 5868] newfstatat(4, "", [pid 5867] newfstatat(4, "", [pid 6554] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6553] <... chdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "./133/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6553] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] <... openat resumed>) = 4 [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] newfstatat(4, "", [pid 6553] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(4, [pid 5867] close(4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] rmdir("./135/file1" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(4, [pid 5867] <... rmdir resumed>) = 0 [pid 5866] close(4 [pid 6553] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... close resumed>) = 0 [pid 5868] close(4 [pid 5867] umount2("./135/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] rmdir("./133/file1" [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... rmdir resumed>) = 0 [pid 5868] rmdir("./136/file1" [pid 5867] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5866] umount2("./133/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6553] <... link resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] unlink("./135/binderfs" [pid 5866] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5868] umount2("./136/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] unlink("./133/binderfs" [pid 6553] sync( [pid 6554] <... link resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5867] getdents64(3, [pid 5866] <... unlink resumed>) = 0 [pid 6554] sync( [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] getdents64(3, [pid 5868] unlink("./136/binderfs" [pid 5867] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] close(3 [pid 5867] rmdir("./135" [pid 5866] <... close resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] <... rmdir resumed>) = 0 [pid 5866] rmdir("./133") = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] mkdir("./136", 0777 [pid 5866] mkdir("./134", 0777 [pid 5868] close(3) = 0 [pid 5868] rmdir("./136" [pid 5866] <... mkdir resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5868] mkdir("./137", 0777) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] close(3 [pid 6554] <... sync resumed>) = 0 [pid 6553] <... sync resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6554] exit_group(0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6554] <... exit_group resumed>) = ? [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6554] +++ exited with 0 +++ [pid 6553] exit_group(0 [pid 5866] <... ioctl resumed>) = 0 [pid 6553] <... exit_group resumed>) = ? [pid 5866] close(3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6554, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- ./strace-static-x86_64: Process 6555 attached [pid 6553] +++ exited with 0 +++ [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... close resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6555] set_robust_list(0x5555593cd660, 24 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6555 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6553, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] <... restart_syscall resumed>) = 0 [pid 6555] <... set_robust_list resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6555] chdir("./136" [pid 5868] <... ioctl resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6555] <... chdir resumed>) = 0 [pid 5868] close(3 [pid 6555] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] umount2("./133", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6555] <... prctl resumed>) = 0 [pid 6555] setpgid(0, 0) = 0 [pid 6555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./132", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6556 attached [pid 6555] <... openat resumed>) = 3 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6556 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 3 [pid 6555] write(3, "1000", 4) = 4 [pid 6555] close(3) = 0 [pid 6556] set_robust_list(0x5555593cd660, 24 [pid 6555] symlink("/dev/binderfs", "./binderfs" [pid 5865] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] newfstatat(3, "", executing program [pid 6555] <... symlink resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6555] write(1, "executing program\n", 18 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6557 attached [pid 6555] <... write resumed>) = 18 [pid 6557] set_robust_list(0x5555593cd660, 24 [pid 6555] memfd_create("syzkaller", 0) = 3 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6557 [pid 6555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6557] <... set_robust_list resumed>) = 0 [pid 6555] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6556] <... set_robust_list resumed>) = 0 [pid 6557] chdir("./137" [pid 6555] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] newfstatat(3, "", [pid 5864] getdents64(3, [pid 6556] chdir("./134" [pid 6557] <... chdir resumed>) = 0 [pid 6556] <... chdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6557] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6556] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] getdents64(3, [pid 6557] <... prctl resumed>) = 0 [pid 6556] <... prctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6556] setpgid(0, 0 [pid 5864] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6556] <... setpgid resumed>) = 0 [pid 6557] setpgid(0, 0) = 0 [pid 6557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6557] <... openat resumed>) = 3 [pid 6557] write(3, "1000", 4 [pid 6556] <... openat resumed>) = 3 [pid 6556] write(3, "1000", 4) = 4 [pid 6557] <... write resumed>) = 4 [pid 6556] close(3executing program [pid 6557] close(3) = 0 [pid 6557] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6557] write(1, "executing program\n", 18) = 18 [pid 6557] memfd_create("syzkaller", 0) = 3 [pid 6557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6557] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6556] <... close resumed>) = 0 [pid 6556] symlink("/dev/binderfs", "./binderfs" [pid 6555] <... write resumed>) = 524288 [pid 6556] <... symlink resumed>) = 0 [pid 6555] munmap(0x7f1864095000, 138412032 [pid 6556] write(1, "executing program\n", 18 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5864] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6556] <... write resumed>) = 18 [pid 5865] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./133/file1", executing program [pid 6556] memfd_create("syzkaller", 0 [pid 6555] <... munmap resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6556] <... memfd_create resumed>) = 3 [pid 6555] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] newfstatat(AT_FDCWD, "./132/file1", [pid 5864] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./132/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6555] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6555] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./132/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./133/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", [pid 5864] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(4, "", [pid 6556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6557] <... write resumed>) = 524288 [pid 6556] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, [pid 6557] munmap(0x7f1864095000, 138412032 [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6557] <... munmap resumed>) = 0 [pid 6556] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6555] <... ioctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6557] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] getdents64(4, [pid 6557] <... openat resumed>) = 4 [pid 6556] <... write resumed>) = 524288 [pid 6555] close(3 [pid 5865] close(4 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6557] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... close resumed>) = 0 [pid 5864] close(4 [pid 6556] munmap(0x7f1864095000, 138412032 [pid 6557] <... ioctl resumed>) = 0 [pid 6555] <... close resumed>) = 0 [pid 5865] rmdir("./132/file1" [pid 5864] <... close resumed>) = 0 [pid 6557] close(3 [pid 6555] close(4 [pid 6557] <... close resumed>) = 0 [pid 6555] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] rmdir("./133/file1" [pid 6557] close(4 [pid 6555] mkdir("./file1", 0777 [pid 5865] umount2("./132/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6557] <... close resumed>) = 0 [pid 6556] <... munmap resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 6557] mkdir("./file1", 0777 [pid 6556] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] newfstatat(AT_FDCWD, "./132/binderfs", [pid 6556] <... openat resumed>) = 4 [pid 6556] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6557] <... mkdir resumed>) = 0 [pid 6556] <... ioctl resumed>) = 0 [pid 5865] unlink("./132/binderfs" [pid 5864] umount2("./133/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6555] <... mkdir resumed>) = 0 [pid 6556] close(3 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 6555] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [ 217.715470][ T6555] loop3: detected capacity change from 0 to 1024 [ 217.754421][ T6557] loop4: detected capacity change from 0 to 1024 [pid 6557] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6556] <... close resumed>) = 0 [pid 6555] <... mount resumed>) = 0 [pid 5865] close(3 [pid 5864] newfstatat(AT_FDCWD, "./133/binderfs", [pid 6556] close(4 [pid 5865] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6556] <... close resumed>) = 0 [pid 6555] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6556] mkdir("./file1", 0777 [pid 6555] <... openat resumed>) = 3 [pid 5865] rmdir("./132" [pid 5864] unlink("./133/binderfs" [pid 6556] <... mkdir resumed>) = 0 [pid 6555] chdir("./file1" [pid 5865] <... rmdir resumed>) = 0 [pid 6557] <... mount resumed>) = 0 [pid 6556] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6555] <... chdir resumed>) = 0 [pid 5865] mkdir("./133", 0777 [pid 5864] <... unlink resumed>) = 0 [pid 6557] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6555] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... mkdir resumed>) = 0 [pid 5864] getdents64(3, [pid 6557] <... openat resumed>) = 3 [pid 6555] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6557] chdir("./file1" [pid 6555] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6557] <... chdir resumed>) = 0 [pid 6557] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 5864] close(3 [pid 6557] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... close resumed>) = 0 [pid 6557] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... ioctl resumed>) = 0 [pid 5864] rmdir("./133") = 0 [pid 5865] close(3 [pid 5864] mkdir("./134", 0777) = 0 [ 217.773881][ T6556] loop2: detected capacity change from 0 to 1024 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6556] <... mount resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6558 attached [pid 6556] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6557] <... link resumed>) = 0 [pid 6555] <... link resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6556] <... openat resumed>) = 3 [pid 6555] sync( [pid 6558] set_robust_list(0x5555593cd660, 24 [pid 6556] chdir("./file1" [pid 6558] <... set_robust_list resumed>) = 0 [pid 6557] sync( [pid 6556] <... chdir resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6558 [pid 6558] chdir("./134" [pid 6556] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 6559 attached [pid 6558] <... chdir resumed>) = 0 [pid 6557] <... sync resumed>) = 0 [pid 6555] <... sync resumed>) = 0 [pid 6558] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6555] exit_group(0 [pid 6559] set_robust_list(0x5555593cd660, 24 [pid 6558] <... prctl resumed>) = 0 [pid 6557] exit_group(0 [pid 6555] <... exit_group resumed>) = ? [pid 6558] setpgid(0, 0 [pid 6556] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6555] +++ exited with 0 +++ [pid 6559] <... set_robust_list resumed>) = 0 [pid 6557] <... exit_group resumed>) = ? [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6559 [pid 6559] chdir("./133" [pid 6558] <... setpgid resumed>) = 0 [pid 6557] +++ exited with 0 +++ [pid 6556] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6559] <... chdir resumed>) = 0 [pid 6558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6555, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6559] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6558] <... openat resumed>) = 3 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 6559] <... prctl resumed>) = 0 [pid 6558] write(3, "1000", 4 [pid 6556] <... link resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6557, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5867] <... restart_syscall resumed>) = 0 [pid 6559] setpgid(0, 0 [pid 6558] <... write resumed>) = 4 [pid 6556] sync( [pid 5868] umount2("./137", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] <... setpgid resumed>) = 0 [pid 6558] close(3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6558] <... close resumed>) = 0 [pid 6556] <... sync resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] umount2("./136", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] <... openat resumed>) = 3 [pid 6556] exit_group(0 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6559] write(3, "1000", 4 [pid 6558] symlink("/dev/binderfs", "./binderfs" [pid 6556] <... exit_group resumed>) = ? [pid 5868] newfstatat(3, "", [pid 6559] <... write resumed>) = 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6559] close(3 [pid 6558] <... symlink resumed>) = 0 [pid 5868] getdents64(3, [pid 5867] <... openat resumed>) = 3 [pid 6556] +++ exited with 0 +++ [pid 6559] <... close resumed>) = 0 [pid 6558] write(1, "executing program\n", 18 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] newfstatat(3, "", [pid 6559] symlink("/dev/binderfs", "./binderfs" [pid 5868] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6556, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6559] <... symlink resumed>) = 0 [pid 5867] getdents64(3, [pid 6559] write(1, "executing program\n", 18executing program executing program [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6559] <... write resumed>) = 18 [pid 6558] <... write resumed>) = 18 [pid 5867] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] memfd_create("syzkaller", 0 [pid 6558] memfd_create("syzkaller", 0 [pid 6559] <... memfd_create resumed>) = 3 [pid 6558] <... memfd_create resumed>) = 3 [pid 6558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6558] <... mmap resumed>) = 0x7f1864095000 [pid 6559] <... mmap resumed>) = 0x7f1864095000 [pid 6559] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] umount2("./134", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6558] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] <... write resumed>) = 524288 [pid 6558] <... write resumed>) = 524288 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5867] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./136/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6559] munmap(0x7f1864095000, 138412032 [pid 5867] openat(AT_FDCWD, "./136/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6559] <... munmap resumed>) = 0 [pid 6558] munmap(0x7f1864095000, 138412032 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = 0 [pid 6558] <... munmap resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./137/file1", [pid 5867] newfstatat(4, "", [pid 5866] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6558] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6559] <... openat resumed>) = 4 [pid 5868] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(4, [pid 5866] newfstatat(AT_FDCWD, "./134/file1", [pid 6559] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] openat(AT_FDCWD, "./137/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6559] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5867] getdents64(4, [pid 5866] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6558] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6558] ioctl(4, LOOP_SET_FD, 3 [pid 5868] getdents64(4, [pid 5867] close(4 [pid 5866] openat(AT_FDCWD, "./134/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6559] close(3 [pid 6558] <... ioctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 6559] <... close resumed>) = 0 [pid 6558] close(3 [pid 5868] getdents64(4, [pid 5867] rmdir("./136/file1" [pid 5866] newfstatat(4, "", [pid 6559] close(4 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6559] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 6559] mkdir("./file1", 0777 [pid 6558] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./136/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6558] close(4) = 0 [pid 5868] close(4 [pid 6558] mkdir("./file1", 0777 [pid 5868] <... close resumed>) = 0 [pid 6559] <... mkdir resumed>) = 0 [pid 6558] <... mkdir resumed>) = 0 [pid 5868] rmdir("./137/file1" [pid 6558] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] umount2("./137/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5866] getdents64(4, [pid 6559] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5867] unlink("./136/binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./134/file1") = 0 [pid 6558] <... mount resumed>) = 0 [pid 5868] unlink("./137/binderfs" [pid 5866] umount2("./134/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6558] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... unlink resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 218.103466][ T6559] loop1: detected capacity change from 0 to 1024 [ 218.106433][ T6558] loop0: detected capacity change from 0 to 1024 [pid 6558] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6558] chdir("./file1" [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] unlink("./134/binderfs" [pid 6558] <... chdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] rmdir("./136" [pid 5866] <... unlink resumed>) = 0 [pid 6559] <... mount resumed>) = 0 [pid 6558] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] rmdir("./137" [pid 5867] <... rmdir resumed>) = 0 [pid 5866] getdents64(3, [pid 6559] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6558] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... rmdir resumed>) = 0 [pid 6559] <... openat resumed>) = 3 [pid 6559] chdir("./file1" [pid 6558] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6559] <... chdir resumed>) = 0 [pid 5867] mkdir("./137", 0777 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6559] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] mkdir("./138", 0777 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] close(3 [pid 6559] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... close resumed>) = 0 [pid 6559] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] rmdir("./134" [pid 5868] <... mkdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... rmdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] mkdir("./135", 0777 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... mkdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... ioctl resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] close(3 [pid 5866] <... openat resumed>) = 3 [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6560 attached [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... ioctl resumed>) = 0 [pid 6560] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6560 [pid 6560] <... set_robust_list resumed>) = 0 [pid 6558] <... link resumed>) = 0 ./strace-static-x86_64: Process 6561 attached [pid 6560] chdir("./138" [pid 6558] sync( [pid 5866] close(3 [pid 6560] <... chdir resumed>) = 0 [pid 6560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] <... close resumed>) = 0 [pid 6561] set_robust_list(0x5555593cd660, 24 [pid 6560] setpgid(0, 0 [pid 6561] <... set_robust_list resumed>) = 0 [pid 6560] <... setpgid resumed>) = 0 [pid 6561] chdir("./137" [pid 6560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6561 [pid 6561] <... chdir resumed>) = 0 [pid 6561] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6560] <... openat resumed>) = 3 [pid 6559] <... link resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6561] <... prctl resumed>) = 0 [pid 6559] sync( [pid 6561] setpgid(0, 0 [pid 6560] write(3, "1000", 4 [pid 6561] <... setpgid resumed>) = 0 [pid 6560] <... write resumed>) = 4 ./strace-static-x86_64: Process 6562 attached [pid 6561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6562] set_robust_list(0x5555593cd660, 24 [pid 6561] <... openat resumed>) = 3 [pid 6560] close(3 [pid 6562] <... set_robust_list resumed>) = 0 [pid 6561] write(3, "1000", 4 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6562 [pid 6562] chdir("./135" [pid 6561] <... write resumed>) = 4 [pid 6560] <... close resumed>) = 0 [pid 6561] close(3 [pid 6560] symlink("/dev/binderfs", "./binderfs" [pid 6562] <... chdir resumed>) = 0 [pid 6561] <... close resumed>) = 0 [pid 6560] <... symlink resumed>) = 0 [pid 6562] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6561] symlink("/dev/binderfs", "./binderfs" [pid 6562] <... prctl resumed>) = 0 executing program [pid 6562] setpgid(0, 0 [pid 6560] write(1, "executing program\n", 18executing program [pid 6562] <... setpgid resumed>) = 0 [pid 6561] <... symlink resumed>) = 0 [pid 6560] <... write resumed>) = 18 [pid 6562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6561] write(1, "executing program\n", 18 [pid 6560] memfd_create("syzkaller", 0 [pid 6562] <... openat resumed>) = 3 [pid 6561] <... write resumed>) = 18 [pid 6559] <... sync resumed>) = 0 [pid 6562] write(3, "1000", 4 [pid 6561] memfd_create("syzkaller", 0 [pid 6560] <... memfd_create resumed>) = 3 [pid 6559] exit_group(0 [pid 6558] <... sync resumed>) = 0 [pid 6562] <... write resumed>) = 4 [pid 6561] <... memfd_create resumed>) = 3 [pid 6560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6562] close(3 [pid 6561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6560] <... mmap resumed>) = 0x7f1864095000 [pid 6559] <... exit_group resumed>) = ? [pid 6558] exit_group(0 [pid 6560] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6562] <... close resumed>) = 0 [pid 6561] <... mmap resumed>) = 0x7f1864095000 [pid 6558] <... exit_group resumed>) = ? [pid 6560] <... write resumed>) = 524288 [pid 6559] +++ exited with 0 +++ [pid 6562] symlink("/dev/binderfs", "./binderfs" [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6559, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6562] <... symlink resumed>) = 0 [pid 5865] umount2("./133", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6561] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6562] write(1, "executing program\n", 18 [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", executing program [pid 6560] munmap(0x7f1864095000, 138412032 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6562] <... write resumed>) = 18 [pid 6560] <... munmap resumed>) = 0 [pid 6558] +++ exited with 0 +++ [pid 5865] getdents64(3, [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6558, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] memfd_create("syzkaller", 0 [pid 6560] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6562] <... memfd_create resumed>) = 3 [pid 6560] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6560] close(3) = 0 [pid 6560] close(4) = 0 [pid 6560] mkdir("./file1", 0777) = 0 [pid 5864] umount2("./134", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6560] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6562] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 6562] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6561] <... write resumed>) = 524288 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6561] munmap(0x7f1864095000, 138412032 [pid 5864] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6561] <... munmap resumed>) = 0 [pid 6560] <... mount resumed>) = 0 [pid 6560] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6560] chdir("./file1") = 0 [pid 6560] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6560] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6562] <... write resumed>) = 524288 [pid 6561] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6561] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... umount2 resumed>) = 0 [ 218.368065][ T6560] loop4: detected capacity change from 0 to 1024 [pid 6562] munmap(0x7f1864095000, 138412032 [pid 6561] <... ioctl resumed>) = 0 [pid 6562] <... munmap resumed>) = 0 [pid 6561] close(3 [pid 6562] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6561] <... close resumed>) = 0 [pid 6560] <... link resumed>) = 0 [pid 5865] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] <... openat resumed>) = 4 [pid 6561] close(4 [pid 6560] sync( [pid 6562] ioctl(4, LOOP_SET_FD, 3 [pid 6561] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] <... ioctl resumed>) = 0 [pid 6561] mkdir("./file1", 0777 [pid 5865] newfstatat(AT_FDCWD, "./133/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6561] <... mkdir resumed>) = 0 [pid 6561] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] umount2("./133/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] close(3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 218.428963][ T6561] loop3: detected capacity change from 0 to 1024 [pid 6562] <... close resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./133/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6562] close(4 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 6562] <... close resumed>) = 0 [pid 5864] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] mkdir("./file1", 0777 [pid 5865] newfstatat(4, "", [pid 6562] <... mkdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6561] <... mount resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./134/file1", [pid 6561] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6561] <... openat resumed>) = 3 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6561] chdir("./file1" [pid 5865] getdents64(4, [pid 6561] <... chdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6561] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] openat(AT_FDCWD, "./134/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] close(4) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5865] rmdir("./133/file1" [pid 5864] newfstatat(4, "", [pid 6561] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... rmdir resumed>) = 0 [pid 6561] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6562] <... mount resumed>) = 0 [pid 5865] umount2("./133/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6560] <... sync resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 6562] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6562] chdir("./file1" [pid 5864] getdents64(4, [pid 6562] <... chdir resumed>) = 0 [ 218.461422][ T6562] loop2: detected capacity change from 0 to 1024 [pid 6560] exit_group(0 [pid 5865] unlink("./133/binderfs" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6560] <... exit_group resumed>) = ? [pid 6562] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6560] +++ exited with 0 +++ [pid 6561] <... link resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] close(4 [pid 6562] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6562] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6561] sync( [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6560, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] getdents64(3, [pid 5864] <... close resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] rmdir("./134/file1" [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] close(3 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./133" [pid 5864] umount2("./134/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] mkdir("./134", 0777 [pid 5864] newfstatat(AT_FDCWD, "./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./134/binderfs" [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 5868] umount2("./138", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] close(3 [pid 5868] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 6562] <... link resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] rmdir("./134" [pid 6562] sync( [pid 5868] newfstatat(3, "", [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6561] <... sync resumed>) = 0 [pid 6561] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] close(3 [pid 6561] <... exit_group resumed>) = ? [pid 5864] mkdir("./135", 0777 [pid 6561] +++ exited with 0 +++ [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6561, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] <... sync resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6562] exit_group(0 [pid 5867] umount2("./137", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6562] <... exit_group resumed>) = ? [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... ioctl resumed>) = 0 [pid 6562] +++ exited with 0 +++ [pid 5867] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6563 attached [pid 5864] close(3 [pid 5867] <... openat resumed>) = 3 [pid 5867] newfstatat(3, "", [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6562, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6563] set_robust_list(0x5555593cd660, 24 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5867] getdents64(3, [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6563 [pid 6563] <... set_robust_list resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6563] chdir("./134" [pid 5867] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./135", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6563] <... chdir resumed>) = 0 [pid 6563] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6563] <... prctl resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6563] setpgid(0, 0 [pid 5866] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6564 attached [pid 6563] <... setpgid resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] newfstatat(3, "", [pid 6564] set_robust_list(0x5555593cd660, 24 [pid 6563] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6564] <... set_robust_list resumed>) = 0 [pid 5866] getdents64(3, [pid 6564] chdir("./135" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6564] <... chdir resumed>) = 0 [pid 5866] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6564 [pid 6563] write(3, "1000", 4 [pid 6564] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6563] <... write resumed>) = 4 [pid 5867] <... umount2 resumed>) = 0 [pid 6564] <... prctl resumed>) = 0 [pid 6563] close(3 [pid 5868] <... umount2 resumed>) = 0 [pid 6564] setpgid(0, 0 [pid 5867] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] <... setpgid resumed>) = 0 [pid 6563] <... close resumed>) = 0 [pid 5868] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6564] <... openat resumed>) = 3 [pid 6563] symlink("/dev/binderfs", "./binderfs" [pid 5868] newfstatat(AT_FDCWD, "./138/file1", [pid 5867] newfstatat(AT_FDCWD, "./137/file1", [pid 6564] write(3, "1000", 4 [pid 6563] <... symlink resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6564] <... write resumed>) = 4 [pid 5868] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6564] close(3executing program [pid 6563] write(1, "executing program\n", 18 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] <... close resumed>) = 0 [pid 6563] <... write resumed>) = 18 executing program [pid 6564] symlink("/dev/binderfs", "./binderfs" [pid 5868] openat(AT_FDCWD, "./138/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6563] memfd_create("syzkaller", 0 [pid 6564] <... symlink resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./137/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6564] write(1, "executing program\n", 18 [pid 5868] newfstatat(4, "", [pid 5867] <... openat resumed>) = 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 5867] newfstatat(4, "", [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6564] <... write resumed>) = 18 [pid 5868] getdents64(4, [pid 6564] memfd_create("syzkaller", 0 [pid 6563] <... memfd_create resumed>) = 3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(4, [pid 6564] <... memfd_create resumed>) = 3 [pid 6563] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] close(4 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6563] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... close resumed>) = 0 [pid 5867] getdents64(4, [pid 6564] <... mmap resumed>) = 0x7f1864095000 [pid 5868] rmdir("./138/file1" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] close(4) = 0 [pid 6563] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] rmdir("./137/file1") = 0 [pid 5868] umount2("./138/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./137/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./138/binderfs", [pid 5867] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./135/file1", [pid 5867] unlink("./137/binderfs" [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./138/binderfs" [pid 5867] <... unlink resumed>) = 0 [pid 5866] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./135/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] getdents64(3, [pid 5866] <... openat resumed>) = 4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] getdents64(3, [pid 5866] newfstatat(4, "", [pid 5868] close(3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... close resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6564] <... write resumed>) = 524288 [pid 5868] rmdir("./138" [pid 5867] close(3 [pid 5866] getdents64(4, [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, [pid 5867] rmdir("./137" [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] mkdir("./139", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] close(4 [pid 5868] <... mkdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./135/file1" [pid 5867] mkdir("./138", 0777 [pid 5866] <... rmdir resumed>) = 0 [pid 6563] <... write resumed>) = 524288 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... mkdir resumed>) = 0 [pid 5866] umount2("./135/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6563] munmap(0x7f1864095000, 138412032 [pid 5868] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] newfstatat(AT_FDCWD, "./135/binderfs", [pid 6564] munmap(0x7f1864095000, 138412032 [pid 6563] <... munmap resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6564] <... munmap resumed>) = 0 [pid 6563] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] close(3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] unlink("./135/binderfs" [pid 6564] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6563] <... openat resumed>) = 4 [pid 5868] <... close resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5866] <... unlink resumed>) = 0 [pid 6564] <... openat resumed>) = 4 [pid 5867] close(3 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... close resumed>) = 0 [pid 5866] getdents64(3, [pid 6564] ioctl(4, LOOP_SET_FD, 3 [pid 6563] ioctl(4, LOOP_SET_FD, 3 [pid 6564] <... ioctl resumed>) = 0 [pid 6563] <... ioctl resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6563] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6565 attached [pid 5866] close(3) = 0 [pid 6564] close(3 [pid 6563] <... close resumed>) = 0 [pid 5866] rmdir("./135"./strace-static-x86_64: Process 6566 attached [pid 6564] <... close resumed>) = 0 [pid 6563] close(4 [pid 5866] <... rmdir resumed>) = 0 [pid 6564] close(4) = 0 [pid 6565] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6566 [pid 6564] mkdir("./file1", 0777) = 0 [pid 6564] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6565] <... set_robust_list resumed>) = 0 [pid 5866] mkdir("./136", 0777 [pid 6565] chdir("./138" [pid 5866] <... mkdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6565] <... chdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6566] set_robust_list(0x5555593cd660, 24 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6565 [pid 6566] <... set_robust_list resumed>) = 0 [pid 6565] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 6566] chdir("./139" [pid 6565] <... prctl resumed>) = 0 [pid 6566] <... chdir resumed>) = 0 [pid 6565] setpgid(0, 0 [pid 6563] <... close resumed>) = 0 [pid 5866] close(3 [pid 6566] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6565] <... setpgid resumed>) = 0 [pid 6564] <... mount resumed>) = 0 [pid 6563] mkdir("./file1", 0777 [pid 5866] <... close resumed>) = 0 [pid 6564] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6564] chdir("./file1" [pid 6563] <... mkdir resumed>) = 0 [pid 6565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6564] <... chdir resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6564] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6564] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6566] <... prctl resumed>) = 0 [pid 6565] <... openat resumed>) = 3 [pid 6563] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6566] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 6567 attached [pid 6566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6565] write(3, "1000", 4) = 4 [pid 6565] close(3 [pid 6566] <... openat resumed>) = 3 [pid 6565] <... close resumed>) = 0 [pid 6567] set_robust_list(0x5555593cd660, 24 [pid 6565] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6567 [pid 6567] <... set_robust_list resumed>) = 0 [pid 6566] write(3, "1000", 4 [pid 6565] <... symlink resumed>) = 0 [ 218.821561][ T6563] loop1: detected capacity change from 0 to 1024 [ 218.821633][ T6564] loop0: detected capacity change from 0 to 1024 [pid 6567] chdir("./136" [pid 6566] <... write resumed>) = 4 [pid 6567] <... chdir resumed>) = 0 [pid 6566] close(3 [pid 6565] write(1, "executing program\n", 18 [pid 6564] <... link resumed>) = 0 executing program [pid 6563] <... mount resumed>) = 0 [pid 6567] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6566] <... close resumed>) = 0 [pid 6565] <... write resumed>) = 18 [pid 6564] sync( [pid 6563] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6566] symlink("/dev/binderfs", "./binderfs" [pid 6565] memfd_create("syzkaller", 0 [pid 6566] <... symlink resumed>) = 0 [pid 6567] <... prctl resumed>) = 0 [pid 6566] write(1, "executing program\n", 18executing program [pid 6565] <... memfd_create resumed>) = 3 [pid 6563] <... openat resumed>) = 3 [pid 6567] setpgid(0, 0 [pid 6566] <... write resumed>) = 18 [pid 6565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6563] chdir("./file1" [pid 6566] memfd_create("syzkaller", 0 [pid 6567] <... setpgid resumed>) = 0 [pid 6565] <... mmap resumed>) = 0x7f1864095000 [pid 6563] <... chdir resumed>) = 0 [pid 6563] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6563] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6566] <... memfd_create resumed>) = 3 [pid 6567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6567] <... openat resumed>) = 3 [pid 6566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6564] <... sync resumed>) = 0 [pid 6564] exit_group(0) = ? [pid 6564] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6564, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6565] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6567] write(3, "1000", 4) = 4 [pid 6563] <... link resumed>) = 0 [pid 6567] close(3 [pid 5864] <... restart_syscall resumed>) = 0 [pid 6567] <... close resumed>) = 0 [pid 6563] sync( [pid 6567] symlink("/dev/binderfs", "./binderfs" [pid 6565] <... write resumed>) = 524288 [pid 6567] <... symlink resumed>) = 0 [pid 6566] <... write resumed>) = 524288 [pid 6565] munmap(0x7f1864095000, 138412032executing program [pid 5864] umount2("./135", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6567] write(1, "executing program\n", 18 [pid 6565] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6567] <... write resumed>) = 18 [pid 6566] munmap(0x7f1864095000, 138412032 [pid 5864] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6567] memfd_create("syzkaller", 0 [pid 6566] <... munmap resumed>) = 0 [pid 6565] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... openat resumed>) = 3 [pid 6566] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6565] <... openat resumed>) = 4 [pid 5864] newfstatat(3, "", [pid 6566] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6566] ioctl(4, LOOP_SET_FD, 3 [pid 5864] getdents64(3, [pid 6567] <... memfd_create resumed>) = 3 [pid 6567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6565] ioctl(4, LOOP_SET_FD, 3 [pid 6567] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6563] <... sync resumed>) = 0 [pid 6567] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6563] exit_group(0) = ? [pid 6563] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6563, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6566] <... ioctl resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6565] <... ioctl resumed>) = 0 [pid 6566] close(3) = 0 [pid 6566] close(4 [pid 6565] close(3) = 0 [pid 6567] <... write resumed>) = 524288 [pid 6566] <... close resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6565] close(4 [pid 6566] mkdir("./file1", 0777 [pid 6565] <... close resumed>) = 0 [pid 5865] umount2("./134", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6566] <... mkdir resumed>) = 0 [pid 6565] mkdir("./file1", 0777 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6566] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6565] <... mkdir resumed>) = 0 [pid 6565] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = 0 [pid 6566] <... mount resumed>) = 0 [pid 6566] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6566] chdir("./file1") = 0 [pid 6566] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6567] munmap(0x7f1864095000, 138412032 [pid 6566] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6567] <... munmap resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 218.997741][ T6566] loop4: detected capacity change from 0 to 1024 [ 218.997835][ T6565] loop3: detected capacity change from 0 to 1024 [pid 6567] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5864] newfstatat(AT_FDCWD, "./135/file1", [pid 6565] <... mount resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6567] ioctl(4, LOOP_SET_FD, 3 [pid 6565] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6567] <... ioctl resumed>) = 0 [pid 6565] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6567] close(3 [pid 6566] <... link resumed>) = 0 [pid 6565] chdir("./file1" [pid 5864] openat(AT_FDCWD, "./135/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6567] <... close resumed>) = 0 [pid 6566] sync( [pid 5864] <... openat resumed>) = 4 [pid 6565] <... chdir resumed>) = 0 [pid 5864] newfstatat(4, "", [pid 6567] close(4) = 0 [pid 6567] mkdir("./file1", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6567] <... mkdir resumed>) = 0 [pid 6565] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] getdents64(4, [pid 6567] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6565] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6565] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... umount2 resumed>) = 0 [pid 5864] getdents64(4, [pid 5865] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4) = 0 [pid 5865] newfstatat(AT_FDCWD, "./134/file1", [pid 5864] rmdir("./135/file1" [pid 6567] <... mount resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... rmdir resumed>) = 0 [ 219.074390][ T6567] loop2: detected capacity change from 0 to 1024 [pid 6567] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] umount2("./134/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./135/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6567] <... openat resumed>) = 3 [pid 6566] <... sync resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./134/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] newfstatat(AT_FDCWD, "./135/binderfs", [pid 6567] chdir("./file1" [pid 6566] exit_group(0 [pid 6567] <... chdir resumed>) = 0 [pid 6566] <... exit_group resumed>) = ? [pid 6567] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6566] +++ exited with 0 +++ [pid 6567] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... openat resumed>) = 4 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6567] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6565] <... link resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6566, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] newfstatat(4, "", [pid 5864] unlink("./135/binderfs" [pid 6565] sync( [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] getdents64(4, [pid 5864] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] getdents64(4, [pid 5864] close(3 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] umount2("./139", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(4 [pid 5864] rmdir("./135" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... close resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5865] rmdir("./134/file1" [pid 5868] newfstatat(3, "", [pid 5864] mkdir("./136", 0777 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./134/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6567] <... link resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 6567] sync( [pid 5865] unlink("./134/binderfs" [pid 5864] close(3 [pid 6565] <... sync resumed>) = 0 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5865] getdents64(3, [pid 6565] exit_group(0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6565] <... exit_group resumed>) = ? [pid 6565] +++ exited with 0 +++ [pid 5865] close(3./strace-static-x86_64: Process 6568 attached ) = 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6565, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5865] rmdir("./134" [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... rmdir resumed>) = 0 [pid 6568] set_robust_list(0x5555593cd660, 24 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6568 [pid 5867] umount2("./138", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6568] <... set_robust_list resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] mkdir("./135", 0777 [pid 6568] chdir("./136" [pid 5867] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... mkdir resumed>) = 0 [pid 6568] <... chdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6568] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6567] <... sync resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 6568] <... prctl resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6568] setpgid(0, 0 [pid 5867] getdents64(3, [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6568] <... setpgid resumed>) = 0 [pid 6567] exit_group(0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] close(3) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6567] <... exit_group resumed>) = ? [pid 5867] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6569 attached [pid 6568] <... openat resumed>) = 3 [pid 6567] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6569 [pid 6569] set_robust_list(0x5555593cd660, 24 [pid 6568] write(3, "1000", 4 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6567, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6569] <... set_robust_list resumed>) = 0 [pid 6568] <... write resumed>) = 4 [pid 5868] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6568] close(3 [pid 6569] chdir("./135" [pid 6568] <... close resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6568] symlink("/dev/binderfs", "./binderfs" [pid 5866] umount2("./136", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6568] <... symlink resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6568] write(1, "executing program\n", 18) = 18 [pid 5866] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6568] memfd_create("syzkaller", 0) = 3 [pid 5866] <... openat resumed>) = 3 [pid 6568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6569] <... chdir resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./139/file1", [pid 5866] newfstatat(3, "", [pid 6569] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6568] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6569] <... prctl resumed>) = 0 [pid 6568] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6569] setpgid(0, 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 6569] <... setpgid resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./139/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... openat resumed>) = 4 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6569] <... openat resumed>) = 3 [pid 5868] newfstatat(4, "", [pid 5866] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6569] write(3, "1000", 4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6569] <... write resumed>) = 4 [pid 5868] getdents64(4, [pid 6569] close(3executing program ) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6569] symlink("/dev/binderfs", "./binderfs" [pid 5868] getdents64(4, [pid 6569] <... symlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6569] write(1, "executing program\n", 18 [pid 5868] close(4 [pid 6569] <... write resumed>) = 18 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./139/file1") = 0 [pid 5868] umount2("./139/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./139/binderfs") = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./139") = 0 [pid 5868] mkdir("./140", 0777) = 0 [pid 6569] memfd_create("syzkaller", 0) = 3 [pid 6569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5867] <... umount2 resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6569] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6568] <... write resumed>) = 524288 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6569] <... write resumed>) = 524288 [pid 6568] munmap(0x7f1864095000, 138412032 [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6570 attached [pid 6568] <... munmap resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./138/file1", [pid 6570] set_robust_list(0x5555593cd660, 24 [pid 6568] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6570] <... set_robust_list resumed>) = 0 [pid 6570] chdir("./140" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6570 [pid 5867] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6568] <... openat resumed>) = 4 [pid 6570] <... chdir resumed>) = 0 [pid 6568] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6570] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] newfstatat(AT_FDCWD, "./136/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6570] <... prctl resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./138/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6570] setpgid(0, 0) = 0 [pid 6569] munmap(0x7f1864095000, 138412032 [pid 6568] <... ioctl resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6569] <... munmap resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./136/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", [pid 6569] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6569] <... openat resumed>) = 4 [pid 5866] getdents64(4, [pid 6569] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./136/file1" [pid 6568] close(3 [pid 5867] newfstatat(4, "", [pid 5866] <... rmdir resumed>) = 0 [pid 5866] umount2("./136/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] getdents64(4, [pid 5866] unlink("./136/binderfs" [pid 6570] <... openat resumed>) = 3 [pid 6568] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6570] write(3, "1000", 4 [pid 6568] close(4 [pid 5867] getdents64(4, [pid 5866] <... unlink resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6568] <... close resumed>) = 0 [pid 5867] close(4 [pid 6570] <... write resumed>) = 4 [pid 6568] mkdir("./file1", 0777 [pid 6570] close(3 [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./138/file1" [pid 5866] getdents64(3, [pid 6570] <... close resumed>) = 0 [pid 6569] <... ioctl resumed>) = 0 [pid 6568] <... mkdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 6569] close(3 [pid 6570] symlink("/dev/binderfs", "./binderfs" [pid 6569] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6569] close(4 [pid 5866] rmdir("./136" [pid 6570] <... symlink resumed>) = 0 [pid 5867] umount2("./138/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 6569] <... close resumed>) = 0 [pid 5866] mkdir("./137", 0777 [pid 6569] mkdir("./file1", 0777executing program [pid 6570] write(1, "executing program\n", 18 [pid 6569] <... mkdir resumed>) = 0 [pid 6568] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... mkdir resumed>) = 0 [pid 6569] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6570] <... write resumed>) = 18 [pid 5867] newfstatat(AT_FDCWD, "./138/binderfs", [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6570] memfd_create("syzkaller", 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] unlink("./138/binderfs" [pid 6570] <... memfd_create resumed>) = 3 [pid 6569] <... mount resumed>) = 0 [pid 5866] close(3 [pid 6569] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... close resumed>) = 0 [pid 6570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6569] <... openat resumed>) = 3 [pid 5867] <... unlink resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6569] chdir("./file1"./strace-static-x86_64: Process 6571 attached [pid 6570] <... mmap resumed>) = 0x7f1864095000 [pid 6569] <... chdir resumed>) = 0 [pid 5867] getdents64(3, [pid 6570] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6569] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [ 219.424773][ T6568] loop0: detected capacity change from 0 to 1024 [ 219.453330][ T6569] loop1: detected capacity change from 0 to 1024 [pid 6569] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6571 [pid 6571] set_robust_list(0x5555593cd660, 24 [pid 5867] close(3 [pid 6569] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6571] <... set_robust_list resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6571] chdir("./137" [pid 6568] <... mount resumed>) = 0 [pid 5867] rmdir("./138" [pid 6571] <... chdir resumed>) = 0 [pid 6568] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6568] chdir("./file1" [pid 5867] <... rmdir resumed>) = 0 [pid 6571] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6568] <... chdir resumed>) = 0 [pid 6570] <... write resumed>) = 524288 [pid 6569] <... link resumed>) = 0 [pid 5867] mkdir("./139", 0777 [pid 6569] sync( [pid 5867] <... mkdir resumed>) = 0 [pid 6571] <... prctl resumed>) = 0 [pid 6568] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6571] setpgid(0, 0 [pid 6568] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6571] <... setpgid resumed>) = 0 [pid 6568] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6571] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6569] <... sync resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6571] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 6571] write(3, "1000", 4 [pid 5867] close(3 [pid 6569] exit_group(0 [pid 6571] <... write resumed>) = 4 [pid 6569] <... exit_group resumed>) = ? [pid 5867] <... close resumed>) = 0 [pid 6571] close(3 [pid 6569] +++ exited with 0 +++ [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6571] <... close resumed>) = 0 [pid 6570] munmap(0x7f1864095000, 138412032 [pid 6571] symlink("/dev/binderfs", "./binderfs" [pid 6570] <... munmap resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6569, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6571] <... symlink resumed>) = 0 [pid 5865] umount2("./135", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program ./strace-static-x86_64: Process 6572 attached [pid 6571] write(1, "executing program\n", 18 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6571] <... write resumed>) = 18 [pid 6570] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6568] <... link resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6572 [pid 5865] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6572] set_robust_list(0x5555593cd660, 24 [pid 6571] memfd_create("syzkaller", 0 [pid 6570] <... openat resumed>) = 4 [pid 6568] sync( [pid 5865] <... openat resumed>) = 3 [pid 6572] <... set_robust_list resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 6572] chdir("./139" [pid 6571] <... memfd_create resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6572] <... chdir resumed>) = 0 [pid 6571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] getdents64(3, [pid 6572] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6571] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6572] <... prctl resumed>) = 0 [pid 6571] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6570] ioctl(4, LOOP_SET_FD, 3 [pid 5865] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] setpgid(0, 0) = 0 [pid 6572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6570] <... ioctl resumed>) = 0 [pid 6572] write(3, "1000", 4) = 4 [pid 6572] close(3 [pid 6568] <... sync resumed>) = 0 [pid 6570] close(3) = 0 [pid 6568] exit_group(0 [pid 6570] close(4 [pid 6568] <... exit_group resumed>) = ? [pid 6572] <... close resumed>) = 0 [pid 6570] <... close resumed>) = 0 [pid 6572] symlink("/dev/binderfs", "./binderfs" [pid 6568] +++ exited with 0 +++ [pid 6572] <... symlink resumed>) = 0 [pid 6570] mkdir("./file1", 0777 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6568, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- executing program [pid 6572] write(1, "executing program\n", 18 [pid 6570] <... mkdir resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6570] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... restart_syscall resumed>) = 0 [pid 6572] <... write resumed>) = 18 [pid 6572] memfd_create("syzkaller", 0 [pid 5864] umount2("./136", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] <... memfd_create resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6572] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... openat resumed>) = 3 [ 219.621682][ T6570] loop4: detected capacity change from 0 to 1024 [pid 5864] newfstatat(3, "", [pid 6571] <... write resumed>) = 524288 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 6571] munmap(0x7f1864095000, 138412032 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6571] <... munmap resumed>) = 0 [pid 5864] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6571] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6571] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6570] <... mount resumed>) = 0 [pid 6571] close(3 [pid 5865] <... umount2 resumed>) = 0 [pid 6572] <... write resumed>) = 524288 [pid 6571] <... close resumed>) = 0 [pid 6570] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] munmap(0x7f1864095000, 138412032 [pid 6571] close(4 [pid 6570] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6571] <... close resumed>) = 0 [pid 6570] chdir("./file1" [pid 5865] newfstatat(AT_FDCWD, "./135/file1", [pid 6572] <... munmap resumed>) = 0 [pid 6571] mkdir("./file1", 0777 [pid 6570] <... chdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6572] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6570] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6571] <... mkdir resumed>) = 0 [pid 6570] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] umount2("./135/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] <... openat resumed>) = 4 [pid 6571] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6570] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6572] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6572] <... ioctl resumed>) = 0 [ 219.702232][ T6571] loop2: detected capacity change from 0 to 1024 [pid 5865] openat(AT_FDCWD, "./135/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6572] close(3 [pid 5864] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6572] close(4 [pid 5864] newfstatat(AT_FDCWD, "./136/file1", [pid 6572] <... close resumed>) = 0 [pid 5865] newfstatat(4, "", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6572] mkdir("./file1", 0777 [pid 6571] <... mount resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] <... mkdir resumed>) = 0 [pid 6571] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] getdents64(4, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6572] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6571] <... openat resumed>) = 3 [pid 6570] <... link resumed>) = 0 [pid 6571] chdir("./file1" [pid 6570] sync( [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] openat(AT_FDCWD, "./136/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6571] <... chdir resumed>) = 0 [pid 5865] getdents64(4, [pid 6571] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6571] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] close(4 [pid 5864] newfstatat(4, "", [pid 6571] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... close resumed>) = 0 [ 219.758505][ T6572] loop3: detected capacity change from 0 to 1024 [pid 5865] rmdir("./135/file1") = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6572] <... mount resumed>) = 0 [pid 5864] getdents64(4, [pid 5865] umount2("./135/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6572] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] close(4 [pid 5865] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5864] <... close resumed>) = 0 [pid 6572] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] rmdir("./136/file1" [pid 6572] chdir("./file1") = 0 [pid 5865] unlink("./135/binderfs" [pid 6572] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6572] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] getdents64(3, [pid 5864] umount2("./136/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6571] <... link resumed>) = 0 [pid 5865] close(3 [pid 5864] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5865] <... close resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] rmdir("./135") = 0 [pid 5864] unlink("./136/binderfs" [pid 6571] sync( [pid 5864] <... unlink resumed>) = 0 [pid 6570] <... sync resumed>) = 0 [pid 6570] exit_group(0 [pid 5865] mkdir("./136", 0777 [pid 5864] getdents64(3, [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] rmdir("./136" [pid 6570] <... exit_group resumed>) = ? [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... rmdir resumed>) = 0 [pid 6572] <... link resumed>) = 0 [pid 6570] +++ exited with 0 +++ [pid 5865] <... ioctl resumed>) = 0 [pid 5864] mkdir("./137", 0777 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6570, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] close(3 [pid 5864] <... mkdir resumed>) = 0 [pid 6572] sync( [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] umount2("./140", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 3 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5868] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... ioctl resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... close resumed>) = 0 [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6573 attached [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6573 ./strace-static-x86_64: Process 6574 attached [pid 6573] set_robust_list(0x5555593cd660, 24) = 0 [pid 6574] set_robust_list(0x5555593cd660, 24 [pid 6573] chdir("./137" [pid 6574] <... set_robust_list resumed>) = 0 [pid 6574] chdir("./136" [pid 6573] <... chdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6574 [pid 6574] <... chdir resumed>) = 0 [pid 6573] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6574] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6573] <... prctl resumed>) = 0 [pid 6574] <... prctl resumed>) = 0 [pid 6573] setpgid(0, 0 [pid 6574] setpgid(0, 0 [pid 6573] <... setpgid resumed>) = 0 [pid 6574] <... setpgid resumed>) = 0 [pid 6573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6573] <... openat resumed>) = 3 [pid 6573] write(3, "1000", 4 [pid 6574] <... openat resumed>) = 3 [pid 6573] <... write resumed>) = 4 [pid 6574] write(3, "1000", 4 [pid 6573] close(3 [pid 6574] <... write resumed>) = 4 [pid 6573] <... close resumed>) = 0 [pid 6574] close(3 [pid 6573] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6574] <... close resumed>) = 0 [pid 6574] symlink("/dev/binderfs", "./binderfs") = 0 executing program executing program [pid 6574] write(1, "executing program\n", 18 [pid 6573] write(1, "executing program\n", 18 [pid 6572] <... sync resumed>) = 0 [pid 6574] <... write resumed>) = 18 [pid 6573] <... write resumed>) = 18 [pid 6571] <... sync resumed>) = 0 [pid 6574] memfd_create("syzkaller", 0 [pid 6573] memfd_create("syzkaller", 0 [pid 6571] exit_group(0 [pid 6574] <... memfd_create resumed>) = 3 [pid 6573] <... memfd_create resumed>) = 3 [pid 6572] exit_group(0 [pid 6571] <... exit_group resumed>) = ? [pid 6572] <... exit_group resumed>) = ? [pid 6574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6574] <... mmap resumed>) = 0x7f1864095000 [pid 6573] <... mmap resumed>) = 0x7f1864095000 [pid 6573] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6571] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6571, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6572] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6572, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5867] umount2("./139", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6574] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... umount2 resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./137", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6574] <... write resumed>) = 524288 [pid 5868] newfstatat(AT_FDCWD, "./140/file1", [pid 5866] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./140/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, [pid 6573] <... write resumed>) = 524288 [pid 6574] munmap(0x7f1864095000, 138412032 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6574] <... munmap resumed>) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4) = 0 [pid 5868] rmdir("./140/file1" [pid 6574] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... rmdir resumed>) = 0 [pid 6574] <... openat resumed>) = 4 [pid 6573] munmap(0x7f1864095000, 138412032 [pid 5866] <... umount2 resumed>) = 0 [pid 6574] ioctl(4, LOOP_SET_FD, 3 [pid 6573] <... munmap resumed>) = 0 [pid 5868] umount2("./140/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6574] <... ioctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6573] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] unlink("./140/binderfs" [pid 5867] <... umount2 resumed>) = 0 [pid 6574] close(3 [pid 6573] <... openat resumed>) = 4 [pid 5868] <... unlink resumed>) = 0 [pid 6574] <... close resumed>) = 0 [pid 6573] ioctl(4, LOOP_SET_FD, 3 [pid 5868] getdents64(3, [pid 5866] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6574] close(4 [pid 6573] <... ioctl resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./137/file1", [pid 6574] <... close resumed>) = 0 [pid 5868] close(3 [pid 5867] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6574] mkdir("./file1", 0777 [pid 6573] close(3 [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6574] <... mkdir resumed>) = 0 [pid 6573] <... close resumed>) = 0 [pid 5868] rmdir("./140" [pid 6573] close(4 [pid 5867] newfstatat(AT_FDCWD, "./139/file1", [pid 6573] <... close resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6574] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6573] mkdir("./file1", 0777 [pid 5868] mkdir("./141", 0777 [pid 5867] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6573] <... mkdir resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6573] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] openat(AT_FDCWD, "./139/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "./137/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... openat resumed>) = 4 [pid 5868] <... ioctl resumed>) = 0 [pid 5867] newfstatat(4, "", [pid 5868] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] getdents64(4, [pid 6574] <... mount resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6574] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] getdents64(4, [pid 5866] <... openat resumed>) = 4 [pid 5866] newfstatat(4, "", ./strace-static-x86_64: Process 6575 attached [pid 6574] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 6574] chdir("./file1" [pid 5867] close(4 [pid 6574] <... chdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6574] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] rmdir("./139/file1" [pid 6575] set_robust_list(0x5555593cd660, 24 [pid 6573] <... mount resumed>) = 0 [ 220.059452][ T6574] loop1: detected capacity change from 0 to 1024 [ 220.070344][ T6573] loop0: detected capacity change from 0 to 1024 [pid 6575] <... set_robust_list resumed>) = 0 [pid 6574] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6573] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6575 [pid 5867] <... rmdir resumed>) = 0 [pid 6575] chdir("./141" [pid 6574] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6573] <... openat resumed>) = 3 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6575] <... chdir resumed>) = 0 [pid 5867] umount2("./139/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] getdents64(4, [pid 6575] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6573] chdir("./file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6573] <... chdir resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5866] close(4 [pid 6573] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... close resumed>) = 0 [pid 6575] <... prctl resumed>) = 0 [pid 6573] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] unlink("./139/binderfs" [pid 5866] rmdir("./137/file1" [pid 6575] setpgid(0, 0 [pid 6573] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6575] <... setpgid resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] umount2("./137/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6574] <... link resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6575] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] newfstatat(AT_FDCWD, "./137/binderfs", [pid 6575] write(3, "1000", 4 [pid 6574] sync( [pid 5867] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6575] <... write resumed>) = 4 [pid 5867] <... close resumed>) = 0 [pid 5866] unlink("./137/binderfs" [pid 6575] close(3 [pid 5867] rmdir("./139" [pid 5866] <... unlink resumed>) = 0 [pid 6575] <... close resumed>) = 0 [pid 6573] <... link resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] getdents64(3, [pid 6575] symlink("/dev/binderfs", "./binderfs" [pid 6573] sync( [pid 6575] <... symlink resumed>) = 0 [pid 5867] mkdir("./140", 0777 [pid 6575] write(1, "executing program\n", 18 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 executing program [pid 6575] <... write resumed>) = 18 [pid 5866] close(3 [pid 6575] memfd_create("syzkaller", 0 [pid 5866] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] rmdir("./137" [pid 6575] <... memfd_create resumed>) = 3 [pid 6575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... openat resumed>) = 3 [pid 6575] <... mmap resumed>) = 0x7f1864095000 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... rmdir resumed>) = 0 [pid 5866] mkdir("./138", 0777./strace-static-x86_64: Process 6576 attached ) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... openat resumed>) = 3 [pid 6576] set_robust_list(0x5555593cd660, 24 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6576] <... set_robust_list resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 6576] chdir("./140") = 0 [pid 5866] close(3) = 0 [pid 6574] <... sync resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6577 attached [pid 6576] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6574] exit_group(0 [pid 6573] <... sync resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6576 [pid 6574] <... exit_group resumed>) = ? [pid 6576] <... prctl resumed>) = 0 [pid 6573] exit_group(0) = ? [pid 6577] set_robust_list(0x5555593cd660, 24 [pid 6576] setpgid(0, 0 [pid 6574] +++ exited with 0 +++ [pid 6573] +++ exited with 0 +++ [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6577 [pid 6576] <... setpgid resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6574, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6576] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6577] <... set_robust_list resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6573, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6576] <... openat resumed>) = 3 [pid 6576] write(3, "1000", 4 [pid 5865] umount2("./136", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6576] <... write resumed>) = 4 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./137", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6576] close(3 [pid 5865] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6576] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6576] symlink("/dev/binderfs", "./binderfs" [pid 5865] newfstatat(3, "", [pid 5864] <... openat resumed>) = 3 [pid 6576] <... symlink resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(3, "", [pid 6576] write(1, "executing program\n", 18 [pid 5865] getdents64(3, [pid 6576] <... write resumed>) = 18 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6577] chdir("./138" [pid 6576] memfd_create("syzkaller", 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] getdents64(3, [pid 6577] <... chdir resumed>) = 0 [pid 6575] <... write resumed>) = 524288 [pid 6577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6575] munmap(0x7f1864095000, 138412032 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6577] setpgid(0, 0) = 0 [pid 6575] <... munmap resumed>) = 0 [pid 5864] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6576] <... memfd_create resumed>) = 3 [pid 6575] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6575] <... openat resumed>) = 4 [pid 6577] <... openat resumed>) = 3 [pid 6576] <... mmap resumed>) = 0x7f1864095000 [pid 6575] ioctl(4, LOOP_SET_FD, 3 [pid 6577] write(3, "1000", 4) = 4 [pid 6577] close(3) = 0 [pid 6577] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6577] write(1, "executing program\n", 18 [pid 6575] <... ioctl resumed>) = 0 [pid 6577] <... write resumed>) = 18 [pid 6577] memfd_create("syzkaller", 0 [pid 6575] close(3 [pid 6577] <... memfd_create resumed>) = 3 [pid 6577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6576] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6575] <... close resumed>) = 0 [pid 6577] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6576] <... write resumed>) = 524288 [pid 6575] close(4) = 0 [pid 6575] mkdir("./file1", 0777) = 0 [pid 6575] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6576] munmap(0x7f1864095000, 138412032) = 0 [pid 6576] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6576] ioctl(4, LOOP_SET_FD, 3) = 0 [ 220.316963][ T6575] loop4: detected capacity change from 0 to 1024 [pid 6576] close(3) = 0 [pid 6577] <... write resumed>) = 524288 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6576] close(4) = 0 [pid 6576] mkdir("./file1", 0777 [pid 5864] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6576] <... mkdir resumed>) = 0 [pid 6575] <... mount resumed>) = 0 [pid 5865] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6575] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./137/file1", [pid 6575] <... openat resumed>) = 3 [pid 5865] newfstatat(AT_FDCWD, "./136/file1", [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6575] chdir("./file1" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6575] <... chdir resumed>) = 0 [pid 5865] umount2("./136/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6575] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6575] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./137/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6576] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6575] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] openat(AT_FDCWD, "./136/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 4 [pid 5865] <... openat resumed>) = 4 [ 220.368445][ T6576] loop3: detected capacity change from 0 to 1024 [pid 5864] newfstatat(4, "", [pid 6577] munmap(0x7f1864095000, 138412032 [pid 5865] newfstatat(4, "", [pid 6577] <... munmap resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6577] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, [pid 5865] close(4 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6577] <... openat resumed>) = 4 [pid 5865] <... close resumed>) = 0 [pid 5864] getdents64(4, [pid 6577] ioctl(4, LOOP_SET_FD, 3 [pid 6576] <... mount resumed>) = 0 [pid 5865] rmdir("./136/file1" [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] close(4 [pid 6577] <... ioctl resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6577] close(3 [pid 6576] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] umount2("./136/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./137/file1" [pid 6577] <... close resumed>) = 0 [pid 6576] <... openat resumed>) = 3 [pid 6575] <... link resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... rmdir resumed>) = 0 [pid 6577] close(4 [pid 6576] chdir("./file1" [pid 6575] sync( [pid 5865] newfstatat(AT_FDCWD, "./136/binderfs", [pid 6577] <... close resumed>) = 0 [pid 6576] <... chdir resumed>) = 0 [pid 5864] umount2("./137/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6577] mkdir("./file1", 0777 [pid 6576] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6577] <... mkdir resumed>) = 0 [pid 6576] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6576] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] unlink("./136/binderfs" [pid 5864] newfstatat(AT_FDCWD, "./137/binderfs", [pid 6577] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./137/binderfs" [pid 5865] getdents64(3, [pid 5864] <... unlink resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] close(3 [pid 5864] getdents64(3, [pid 5865] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] rmdir("./136" [pid 5864] close(3) = 0 [ 220.466400][ T6577] loop2: detected capacity change from 0 to 1024 [pid 5865] <... rmdir resumed>) = 0 [pid 6577] <... mount resumed>) = 0 [pid 6576] <... link resumed>) = 0 [pid 5864] rmdir("./137" [pid 6577] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6576] sync( [pid 6575] <... sync resumed>) = 0 [pid 5865] mkdir("./137", 0777 [pid 5864] <... rmdir resumed>) = 0 [pid 6577] <... openat resumed>) = 3 [pid 6575] exit_group(0 [pid 6577] chdir("./file1" [pid 6575] <... exit_group resumed>) = ? [pid 5865] <... mkdir resumed>) = 0 [pid 6577] <... chdir resumed>) = 0 [pid 6575] +++ exited with 0 +++ [pid 6577] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] mkdir("./138", 0777 [pid 6577] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6575, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5865] <... openat resumed>) = 3 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6577] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... mkdir resumed>) = 0 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6576] <... sync resumed>) = 0 [pid 5865] close(3 [pid 6576] exit_group(0 [pid 5865] <... close resumed>) = 0 [pid 6576] <... exit_group resumed>) = ? [pid 5864] <... openat resumed>) = 3 [pid 5868] umount2("./141", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... ioctl resumed>) = 0 [pid 6576] +++ exited with 0 +++ [pid 5868] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6576, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6577] <... link resumed>) = 0 ./strace-static-x86_64: Process 6578 attached [pid 6577] sync( [pid 5868] getdents64(3, [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6578 [pid 6578] set_robust_list(0x5555593cd660, 24 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] umount2("./140", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6578] <... set_robust_list resumed>) = 0 [pid 5868] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6579 attached [pid 6578] chdir("./138") = 0 [pid 5867] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6579 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6578] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6579] set_robust_list(0x5555593cd660, 24 [pid 5867] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6578] <... prctl resumed>) = 0 [pid 6578] setpgid(0, 0 [pid 6579] <... set_robust_list resumed>) = 0 [pid 6578] <... setpgid resumed>) = 0 [pid 6579] chdir("./137" [pid 6578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6579] <... chdir resumed>) = 0 [pid 6577] <... sync resumed>) = 0 [pid 6577] exit_group(0) = ? [pid 6579] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6577] +++ exited with 0 +++ [pid 6579] <... prctl resumed>) = 0 [pid 6578] <... openat resumed>) = 3 [pid 6579] setpgid(0, 0) = 0 [pid 6578] write(3, "1000", 4 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6577, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6578] <... write resumed>) = 4 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6579] <... openat resumed>) = 3 [pid 6578] close(3 [pid 5866] <... restart_syscall resumed>) = 0 [pid 6578] <... close resumed>) = 0 [pid 6578] symlink("/dev/binderfs", "./binderfs" [pid 6579] write(3, "1000", 4 [pid 6578] <... symlink resumed>) = 0 executing program [pid 5868] <... umount2 resumed>) = 0 [pid 6579] <... write resumed>) = 4 [pid 6578] write(1, "executing program\n", 18 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] umount2("./138", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6579] close(3 [pid 6578] <... write resumed>) = 18 [pid 5868] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6579] <... close resumed>) = 0 [pid 6578] memfd_create("syzkaller", 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] newfstatat(AT_FDCWD, "./141/file1", [pid 5867] newfstatat(AT_FDCWD, "./140/file1", [pid 6578] <... memfd_create resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 6579] symlink("/dev/binderfs", "./binderfs" [pid 6578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(3, "", [pid 5867] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6579] <... symlink resumed>) = 0 [pid 6578] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5868] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./140/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] openat(AT_FDCWD, "./141/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... openat resumed>) = 4 [pid 5866] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 5868] newfstatat(4, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] getdents64(4, [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4) = 0 [pid 5867] close(4 [pid 5868] rmdir("./141/file1" [pid 5867] <... close resumed>) = 0 executing program [pid 5867] rmdir("./140/file1" [pid 6579] write(1, "executing program\n", 18 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6579] <... write resumed>) = 18 [pid 5868] umount2("./141/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6579] memfd_create("syzkaller", 0 [pid 6578] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] umount2("./140/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6579] <... memfd_create resumed>) = 3 [pid 6579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6579] <... mmap resumed>) = 0x7f1864095000 [pid 5868] newfstatat(AT_FDCWD, "./141/binderfs", [pid 5867] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./141/binderfs") = 0 [pid 5867] unlink("./140/binderfs" [pid 5868] getdents64(3, [pid 5867] <... unlink resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 6579] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] getdents64(3, [pid 5868] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] rmdir("./141" [pid 5867] close(3 [pid 6578] <... write resumed>) = 524288 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5867] rmdir("./140") = 0 [pid 5868] mkdir("./142", 0777 [pid 5867] mkdir("./141", 0777 [pid 5868] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... mkdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5868] <... close resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 6578] munmap(0x7f1864095000, 138412032 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] close(3) = 0 ./strace-static-x86_64: Process 6580 attached [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6579] <... write resumed>) = 524288 [pid 6580] set_robust_list(0x5555593cd660, 24) = 0 [pid 6580] chdir("./142" [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6580 [pid 6580] <... chdir resumed>) = 0 [pid 6580] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6579] munmap(0x7f1864095000, 138412032 [pid 6578] <... munmap resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6580] <... prctl resumed>) = 0 [pid 6579] <... munmap resumed>) = 0 [pid 6578] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6580] setpgid(0, 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6580] <... setpgid resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./138/file1", ./strace-static-x86_64: Process 6581 attached [pid 6580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6579] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6580] <... openat resumed>) = 3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6581] set_robust_list(0x5555593cd660, 24 [pid 6580] write(3, "1000", 4 [pid 6579] <... openat resumed>) = 4 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6581 [pid 5866] openat(AT_FDCWD, "./138/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6581] <... set_robust_list resumed>) = 0 [pid 6579] ioctl(4, LOOP_SET_FD, 3 [pid 6578] <... openat resumed>) = 4 [pid 6581] chdir("./141" [pid 6580] <... write resumed>) = 4 [pid 6579] <... ioctl resumed>) = 0 [pid 6578] ioctl(4, LOOP_SET_FD, 3 [pid 5866] <... openat resumed>) = 4 [pid 6580] close(3) = 0 [pid 6578] <... ioctl resumed>) = 0 [pid 6580] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6580] write(1, "executing program\n", 18executing program ) = 18 [pid 5866] newfstatat(4, "", [pid 6581] <... chdir resumed>) = 0 [pid 6580] memfd_create("syzkaller", 0 [pid 6579] close(3 [pid 6578] close(3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6581] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6580] <... memfd_create resumed>) = 3 [pid 6579] <... close resumed>) = 0 [pid 6578] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 6581] <... prctl resumed>) = 0 [pid 6579] close(4 [pid 6578] close(4 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6581] setpgid(0, 0 [pid 6578] <... close resumed>) = 0 [pid 6579] <... close resumed>) = 0 [pid 6578] mkdir("./file1", 0777 [pid 5866] getdents64(4, [pid 6581] <... setpgid resumed>) = 0 [pid 6580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6579] mkdir("./file1", 0777 [pid 6581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6578] <... mkdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6579] <... mkdir resumed>) = 0 [pid 5866] close(4 [pid 6580] <... mmap resumed>) = 0x7f1864095000 [pid 6578] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] <... close resumed>) = 0 [pid 6581] <... openat resumed>) = 3 [pid 6579] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] rmdir("./138/file1" [pid 6581] write(3, "1000", 4 [pid 5866] <... rmdir resumed>) = 0 [pid 6581] <... write resumed>) = 4 [pid 5866] umount2("./138/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6581] close(3) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6581] symlink("/dev/binderfs", "./binderfs" [pid 5866] newfstatat(AT_FDCWD, "./138/binderfs", [pid 6581] <... symlink resumed>) = 0 [pid 6580] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6578] <... mount resumed>) = 0 executing program [pid 6581] write(1, "executing program\n", 18 [pid 6578] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] unlink("./138/binderfs" [pid 6581] <... write resumed>) = 18 [pid 6578] <... openat resumed>) = 3 [pid 5866] <... unlink resumed>) = 0 [ 220.806902][ T6579] loop1: detected capacity change from 0 to 1024 [ 220.812990][ T6578] loop0: detected capacity change from 0 to 1024 [pid 6581] memfd_create("syzkaller", 0 [pid 5866] getdents64(3, [pid 6581] <... memfd_create resumed>) = 3 [pid 6579] <... mount resumed>) = 0 [pid 6578] chdir("./file1" [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 6581] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6579] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6578] <... chdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6581] <... mmap resumed>) = 0x7f1864095000 [pid 6579] <... openat resumed>) = 3 [pid 6578] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6579] chdir("./file1" [pid 6578] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] rmdir("./138") = 0 [pid 6581] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6580] <... write resumed>) = 524288 [pid 6579] <... chdir resumed>) = 0 [pid 6578] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6579] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5866] mkdir("./139", 0777) = 0 [pid 6580] munmap(0x7f1864095000, 138412032 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6579] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... ioctl resumed>) = 0 [pid 6580] <... munmap resumed>) = 0 [pid 5866] close(3 [pid 6580] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... close resumed>) = 0 [pid 6580] <... openat resumed>) = 4 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6580] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6582 attached ) = 0 [pid 6578] <... link resumed>) = 0 [pid 6580] close(3 [pid 6578] sync( [pid 6580] <... close resumed>) = 0 [pid 6580] close(4 [pid 6582] set_robust_list(0x5555593cd660, 24 [pid 6580] <... close resumed>) = 0 [pid 6580] mkdir("./file1", 0777 [pid 6582] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6582 [pid 6582] chdir("./139") = 0 [pid 6582] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6582] setpgid(0, 0) = 0 [pid 6580] <... mkdir resumed>) = 0 [pid 6582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6581] <... write resumed>) = 524288 [pid 6580] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6582] <... openat resumed>) = 3 [pid 6581] munmap(0x7f1864095000, 138412032 [pid 6579] <... link resumed>) = 0 [pid 6582] write(3, "1000", 4 [pid 6581] <... munmap resumed>) = 0 [pid 6579] sync( [pid 6582] <... write resumed>) = 4 [pid 6581] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6580] <... mount resumed>) = 0 [pid 6582] close(3) = 0 [pid 6582] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6580] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6581] <... openat resumed>) = 4 [pid 6581] ioctl(4, LOOP_SET_FD, 3 [pid 6580] <... openat resumed>) = 3 [pid 6582] write(1, "executing program\n", 18) = 18 [pid 6581] <... ioctl resumed>) = 0 [ 220.924611][ T6580] loop4: detected capacity change from 0 to 1024 [pid 6580] chdir("./file1" [pid 6582] memfd_create("syzkaller", 0 [pid 6581] close(3 [pid 6580] <... chdir resumed>) = 0 [pid 6582] <... memfd_create resumed>) = 3 [pid 6582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6581] <... close resumed>) = 0 [pid 6580] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6582] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6581] close(4 [pid 6580] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6579] <... sync resumed>) = 0 [pid 6578] <... sync resumed>) = 0 [pid 6580] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6579] exit_group(0 [pid 6578] exit_group(0 [pid 6579] <... exit_group resumed>) = ? [pid 6578] <... exit_group resumed>) = ? [pid 6581] <... close resumed>) = 0 [pid 6579] +++ exited with 0 +++ [pid 6581] mkdir("./file1", 0777 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6579, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6581] <... mkdir resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6581] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6580] <... link resumed>) = 0 [pid 6578] +++ exited with 0 +++ [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6578, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6580] sync( [pid 5865] umount2("./137", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 220.977005][ T6581] loop3: detected capacity change from 0 to 1024 [pid 5865] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6582] <... write resumed>) = 524288 [pid 6582] munmap(0x7f1864095000, 138412032 [pid 5865] getdents64(3, [pid 6582] <... munmap resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./138", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6581] <... mount resumed>) = 0 [pid 5865] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6581] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6582] <... openat resumed>) = 4 [pid 6581] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 6582] ioctl(4, LOOP_SET_FD, 3 [pid 6581] chdir("./file1" [pid 6582] <... ioctl resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 6581] <... chdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6582] close(3 [pid 5864] getdents64(3, [pid 6582] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6582] close(4 [pid 5864] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6582] <... close resumed>) = 0 [pid 6582] mkdir("./file1", 0777 [pid 6581] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6582] <... mkdir resumed>) = 0 [pid 6580] <... sync resumed>) = 0 [pid 6580] exit_group(0) = ? [pid 6582] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6580] +++ exited with 0 +++ [pid 6581] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... umount2 resumed>) = 0 [pid 6581] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] <... umount2 resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6580, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 221.061064][ T6582] loop2: detected capacity change from 0 to 1024 [pid 6582] <... mount resumed>) = 0 [pid 5864] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6582] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5865] newfstatat(AT_FDCWD, "./137/file1", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] <... openat resumed>) = 3 [pid 5868] umount2("./142", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] newfstatat(AT_FDCWD, "./138/file1", [pid 6582] chdir("./file1" [pid 6581] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./137/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6582] <... chdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6582] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6581] sync( [pid 5868] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./137/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] newfstatat(3, "", [pid 5865] <... openat resumed>) = 4 [pid 5864] openat(AT_FDCWD, "./138/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5864] <... openat resumed>) = 4 [pid 6582] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] newfstatat(4, "", [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4) = 0 [pid 5864] close(4 [pid 6582] <... link resumed>) = 0 [pid 6581] <... sync resumed>) = 0 [pid 5865] rmdir("./137/file1" [pid 5864] <... close resumed>) = 0 [pid 6581] exit_group(0 [pid 5864] rmdir("./138/file1" [pid 6581] <... exit_group resumed>) = ? [pid 6582] sync( [pid 5864] <... rmdir resumed>) = 0 [pid 6581] +++ exited with 0 +++ [pid 5864] umount2("./138/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6581, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = 0 [pid 5868] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./142/file1", [pid 5867] <... restart_syscall resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./138/binderfs", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] unlink("./138/binderfs" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./141", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... unlink resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./142/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... openat resumed>) = 4 [pid 5867] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] getdents64(3, [pid 5868] newfstatat(4, "", [pid 5867] <... openat resumed>) = 3 [pid 6582] <... sync resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5865] umount2("./137/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6582] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] <... exit_group resumed>) = ? [pid 5868] getdents64(4, [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] close(3 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(3, [pid 5865] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5868] getdents64(4, [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./138" [pid 5868] close(4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./142/file1") = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6582] +++ exited with 0 +++ [pid 5865] unlink("./137/binderfs" [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6582, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5866] umount2("./139", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... unlink resumed>) = 0 [pid 5868] umount2("./142/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5864] mkdir("./139", 0777 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] newfstatat(AT_FDCWD, "./142/binderfs", [pid 5864] <... mkdir resumed>) = 0 [pid 5865] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5868] unlink("./142/binderfs" [pid 5866] newfstatat(3, "", [pid 5865] <... close resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... unlink resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] rmdir("./137" [pid 5864] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5866] getdents64(3, [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5868] close(3 [pid 5866] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] mkdir("./138", 0777 [pid 5868] <... close resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5868] rmdir("./142" [pid 5864] close(3 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6583 attached ) = 3 [pid 5868] mkdir("./143", 0777 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6583] set_robust_list(0x5555593cd660, 24 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 6583] <... set_robust_list resumed>) = 0 [pid 5865] close(3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6583 [pid 6583] chdir("./139" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5865] <... close resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] close(3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6583] <... chdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] newfstatat(AT_FDCWD, "./141/file1", [pid 6583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6583] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./141/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6583] <... setpgid resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6584 attached [pid 5867] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] getdents64(4, [pid 6584] set_robust_list(0x5555593cd660, 24 [pid 6583] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6584 ./strace-static-x86_64: Process 6585 attached [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6585 [pid 6585] set_robust_list(0x5555593cd660, 24 [pid 6583] write(3, "1000", 4 [pid 5867] close(4 [pid 6584] <... set_robust_list resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] <... write resumed>) = 4 [pid 6585] <... set_robust_list resumed>) = 0 [pid 6584] chdir("./138" [pid 5867] rmdir("./141/file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6585] chdir("./143" [pid 6584] <... chdir resumed>) = 0 [pid 6583] close(3 [pid 5867] <... rmdir resumed>) = 0 [pid 6585] <... chdir resumed>) = 0 [pid 6585] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6584] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6583] <... close resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./139/file1", executing program [pid 6585] <... prctl resumed>) = 0 [pid 6584] <... prctl resumed>) = 0 [pid 6583] symlink("/dev/binderfs", "./binderfs" [pid 6585] setpgid(0, 0 [pid 6584] setpgid(0, 0 [pid 5867] umount2("./141/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6584] <... setpgid resumed>) = 0 [pid 6583] <... symlink resumed>) = 0 [pid 6585] <... setpgid resumed>) = 0 [pid 6585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6583] write(1, "executing program\n", 18 [pid 6585] <... openat resumed>) = 3 [pid 6583] <... write resumed>) = 18 [pid 6585] write(3, "1000", 4) = 4 [pid 6584] <... openat resumed>) = 3 [pid 6583] memfd_create("syzkaller", 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6584] write(3, "1000", 4 [pid 6585] close(3 [pid 6584] <... write resumed>) = 4 [pid 6583] <... memfd_create resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./141/binderfs", [pid 6585] <... close resumed>) = 0 [pid 6584] close(3 [pid 6583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6585] symlink("/dev/binderfs", "./binderfs" [pid 6584] <... close resumed>) = 0 [pid 6583] <... mmap resumed>) = 0x7f1864095000 [pid 5866] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6584] symlink("/dev/binderfs", "./binderfs" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6585] <... symlink resumed>) = 0 [pid 6584] <... symlink resumed>) = 0 executing program [pid 6585] write(1, "executing program\n", 18 [pid 5866] openat(AT_FDCWD, "./139/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6585] <... write resumed>) = 18 [pid 6584] write(1, "executing program\n", 18 executing program [pid 5867] unlink("./141/binderfs" [pid 5866] <... openat resumed>) = 4 [pid 6584] <... write resumed>) = 18 [pid 5866] newfstatat(4, "", [pid 6585] memfd_create("syzkaller", 0 [pid 6584] memfd_create("syzkaller", 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6585] <... memfd_create resumed>) = 3 [pid 5867] <... unlink resumed>) = 0 [pid 5866] getdents64(4, [pid 6585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6584] <... memfd_create resumed>) = 3 [pid 6583] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] getdents64(3, [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6585] <... mmap resumed>) = 0x7f1864095000 [pid 6584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./139/file1") = 0 [pid 6584] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] umount2("./139/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] newfstatat(AT_FDCWD, "./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./139/binderfs") = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5866] close(3 [pid 5867] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5867] rmdir("./141" [pid 6584] <... write resumed>) = 524288 [pid 5866] rmdir("./139") = 0 [pid 5866] mkdir("./140", 0777 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 6585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6584] munmap(0x7f1864095000, 138412032 [pid 6583] <... write resumed>) = 524288 [pid 5867] mkdir("./142", 0777 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6584] <... munmap resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] close(3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... mkdir resumed>) = 0 [pid 6584] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6584] <... openat resumed>) = 4 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 6584] ioctl(4, LOOP_SET_FD, 3 [pid 5867] close(3 [pid 6583] munmap(0x7f1864095000, 138412032./strace-static-x86_64: Process 6586 attached [pid 6585] <... write resumed>) = 524288 [pid 6584] <... ioctl resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6586 [pid 6586] set_robust_list(0x5555593cd660, 24 [pid 6583] <... munmap resumed>) = 0 [pid 6586] <... set_robust_list resumed>) = 0 [pid 6584] close(3) = 0 [pid 6586] chdir("./140" [pid 6584] close(4 [pid 6586] <... chdir resumed>) = 0 [pid 6585] munmap(0x7f1864095000, 138412032 [pid 6584] <... close resumed>) = 0 [pid 6583] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6586] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6584] mkdir("./file1", 0777 [pid 6586] <... prctl resumed>) = 0 [pid 6585] <... munmap resumed>) = 0 [pid 6584] <... mkdir resumed>) = 0 [pid 6583] <... openat resumed>) = 4 [pid 6586] setpgid(0, 0 [pid 6583] ioctl(4, LOOP_SET_FD, 3 [pid 6586] <... setpgid resumed>) = 0 [pid 6586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6583] <... ioctl resumed>) = 0 [pid 6585] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6584] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6583] close(3 [pid 6586] <... openat resumed>) = 3 [pid 6583] <... close resumed>) = 0 [pid 6583] close(4 [pid 6585] <... openat resumed>) = 4 [pid 5867] <... close resumed>) = 0 [pid 6586] write(3, "1000", 4 [pid 6585] ioctl(4, LOOP_SET_FD, 3 [pid 6586] <... write resumed>) = 4 [pid 6585] <... ioctl resumed>) = 0 [pid 6583] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6586] close(3 [pid 6585] close(3 [pid 6586] <... close resumed>) = 0 [pid 6585] <... close resumed>) = 0 [pid 6583] mkdir("./file1", 0777./strace-static-x86_64: Process 6587 attached [pid 6586] symlink("/dev/binderfs", "./binderfs" [pid 6585] close(4) = 0 [pid 6583] <... mkdir resumed>) = 0 [pid 6587] set_robust_list(0x5555593cd660, 24 [pid 6586] <... symlink resumed>) = 0 [pid 6585] mkdir("./file1", 0777 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6587 [pid 6587] <... set_robust_list resumed>) = 0 [pid 6586] write(1, "executing program\n", 18 [pid 6585] <... mkdir resumed>) = 0 [pid 6584] <... mount resumed>) = 0 executing program [pid 6583] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6587] chdir("./142" [pid 6586] <... write resumed>) = 18 [pid 6584] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6587] <... chdir resumed>) = 0 [pid 6586] memfd_create("syzkaller", 0 [pid 6584] <... openat resumed>) = 3 [pid 6587] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6586] <... memfd_create resumed>) = 3 [pid 6584] chdir("./file1" [ 221.440960][ T6584] loop1: detected capacity change from 0 to 1024 [ 221.467799][ T6583] loop0: detected capacity change from 0 to 1024 [ 221.485486][ T6585] loop4: detected capacity change from 0 to 1024 [pid 6585] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6587] <... prctl resumed>) = 0 [pid 6586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6584] <... chdir resumed>) = 0 [pid 6587] setpgid(0, 0 [pid 6586] <... mmap resumed>) = 0x7f1864095000 [pid 6584] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6587] <... setpgid resumed>) = 0 [pid 6584] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6584] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6587] <... openat resumed>) = 3 [pid 6583] <... mount resumed>) = 0 [pid 6587] write(3, "1000", 4) = 4 [pid 6587] close(3 [pid 6583] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6587] <... close resumed>) = 0 [pid 6583] <... openat resumed>) = 3 [pid 6587] symlink("/dev/binderfs", "./binderfs" [pid 6583] chdir("./file1" [pid 6586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6583] <... chdir resumed>) = 0 [pid 6587] <... symlink resumed>) = 0 [pid 6586] <... write resumed>) = 524288 [pid 6587] write(1, "executing program\n", 18 [pid 6585] <... mount resumed>) = 0 executing program [pid 6583] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6587] <... write resumed>) = 18 [pid 6585] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6583] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6583] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6587] memfd_create("syzkaller", 0 [pid 6585] <... openat resumed>) = 3 [pid 6587] <... memfd_create resumed>) = 3 [pid 6585] chdir("./file1" [pid 6587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6585] <... chdir resumed>) = 0 [pid 6584] <... link resumed>) = 0 [pid 6587] <... mmap resumed>) = 0x7f1864095000 [pid 6585] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6584] sync( [pid 6587] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6585] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6585] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6586] munmap(0x7f1864095000, 138412032) = 0 [pid 6586] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6586] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6586] close(3) = 0 [pid 6586] close(4 [pid 6585] <... link resumed>) = 0 [pid 6586] <... close resumed>) = 0 [pid 6586] mkdir("./file1", 0777) = 0 [pid 6585] sync( [pid 6586] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6583] <... link resumed>) = 0 [pid 6583] sync( [pid 6587] <... write resumed>) = 524288 [pid 6587] munmap(0x7f1864095000, 138412032) = 0 [ 221.619745][ T6586] loop2: detected capacity change from 0 to 1024 [pid 6587] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6586] <... mount resumed>) = 0 [pid 6586] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6584] <... sync resumed>) = 0 [pid 6586] <... openat resumed>) = 3 [pid 6586] chdir("./file1") = 0 [pid 6584] exit_group(0 [pid 6586] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6584] <... exit_group resumed>) = ? [pid 6587] <... openat resumed>) = 4 [pid 6586] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6587] ioctl(4, LOOP_SET_FD, 3 [pid 6586] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6584] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6584, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6585] <... sync resumed>) = 0 [pid 6583] <... sync resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6587] <... ioctl resumed>) = 0 [pid 6585] exit_group(0 [pid 6587] close(3 [pid 6585] <... exit_group resumed>) = ? [pid 6583] exit_group(0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6587] <... close resumed>) = 0 [pid 6585] +++ exited with 0 +++ [pid 6583] <... exit_group resumed>) = ? [pid 6587] close(4 [pid 6583] +++ exited with 0 +++ [pid 5865] umount2("./138", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6585, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6583, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6587] <... close resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5865] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6587] mkdir("./file1", 0777 [pid 5868] <... restart_syscall resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6587] <... mkdir resumed>) = 0 [pid 5865] newfstatat(3, "", [pid 5864] umount2("./139", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./143", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6587] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6586] <... link resumed>) = 0 [pid 6586] sync( [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] getdents64(3, [pid 5868] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... openat resumed>) = 3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [ 221.716727][ T6587] loop3: detected capacity change from 0 to 1024 [pid 5864] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 5865] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(3, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5864] getdents64(3, [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6587] <... mount resumed>) = 0 [pid 6587] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6587] chdir("./file1") = 0 [pid 6587] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6587] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5868] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6587] sync( [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./138/file1", [pid 5864] newfstatat(AT_FDCWD, "./139/file1", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./138/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./143/file1", [pid 5865] openat(AT_FDCWD, "./138/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] openat(AT_FDCWD, "./139/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 4 [pid 5864] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", [pid 5864] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(4, [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 6587] <... sync resumed>) = 0 [pid 6586] <... sync resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./143/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6587] exit_group(0 [pid 6586] exit_group(0 [pid 5865] getdents64(4, [pid 5864] getdents64(4, [pid 6587] <... exit_group resumed>) = ? [pid 6586] <... exit_group resumed>) = ? [pid 5868] <... openat resumed>) = 4 [pid 6586] +++ exited with 0 +++ [pid 5868] newfstatat(4, "", [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6587] +++ exited with 0 +++ [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6587, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5865] close(4 [pid 5864] close(4 [pid 5868] getdents64(4, [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6586, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5865] rmdir("./138/file1" [pid 5864] rmdir("./139/file1" [pid 5868] <... close resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5868] rmdir("./143/file1" [pid 5865] umount2("./138/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./138/binderfs", [pid 5864] umount2("./139/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... rmdir resumed>) = 0 [pid 5867] umount2("./142", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] unlink("./138/binderfs" [pid 5864] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] umount2("./143/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5867] <... openat resumed>) = 3 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] newfstatat(3, "", [pid 5866] umount2("./140", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] getdents64(3, [pid 5868] unlink("./143/binderfs" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] unlink("./139/binderfs" [pid 5868] <... unlink resumed>) = 0 [pid 5867] getdents64(3, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] getdents64(3, [pid 5866] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] close(3 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... unlink resumed>) = 0 [pid 5868] close(3) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5865] <... close resumed>) = 0 [pid 5864] getdents64(3, [pid 5868] rmdir("./143" [pid 5866] newfstatat(3, "", [pid 5865] rmdir("./138" [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, [pid 5864] close(3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] mkdir("./144", 0777 [pid 5866] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./139" [pid 5865] mkdir("./139", 0777 [pid 5864] <... rmdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] mkdir("./140", 0777 [pid 5868] <... mkdir resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5868] close(3 [pid 5865] close(3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3) = 0 ./strace-static-x86_64: Process 6588 attached [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6588 [pid 6588] set_robust_list(0x5555593cd660, 24./strace-static-x86_64: Process 6589 attached ) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6589 [pid 6588] chdir("./144" [pid 6589] set_robust_list(0x5555593cd660, 24) = 0 [pid 6588] <... chdir resumed>) = 0 [pid 6588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6588] setpgid(0, 0) = 0 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6589] chdir("./140") = 0 [pid 6588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6589] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6590 attached [pid 6589] <... prctl resumed>) = 0 [pid 6588] <... openat resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./140/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6590 [pid 5866] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./140/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6589] setpgid(0, 0 [pid 5867] newfstatat(AT_FDCWD, "./142/file1", [pid 6589] <... setpgid resumed>) = 0 [pid 6588] write(3, "1000", 4 [pid 6590] set_robust_list(0x5555593cd660, 24 [pid 6589] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6588] <... write resumed>) = 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(4 [pid 6590] <... set_robust_list resumed>) = 0 [pid 6589] <... openat resumed>) = 3 [pid 6588] close(3 [pid 5867] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 6590] chdir("./139" [pid 6589] write(3, "1000", 4 [pid 6588] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] rmdir("./140/file1" [pid 6590] <... chdir resumed>) = 0 [pid 6589] <... write resumed>) = 4 [pid 6588] symlink("/dev/binderfs", "./binderfs" [pid 5867] openat(AT_FDCWD, "./142/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6590] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6589] close(3 [pid 6588] <... symlink resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6588] write(1, "executing program\n", 18 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6588] <... write resumed>) = 18 [pid 5867] getdents64(4, [pid 6588] memfd_create("syzkaller", 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6590] <... prctl resumed>) = 0 [pid 6588] <... memfd_create resumed>) = 3 [pid 5867] getdents64(4, [pid 6588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6590] setpgid(0, 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6590] <... setpgid resumed>) = 0 [pid 6589] <... close resumed>) = 0 [pid 6588] <... mmap resumed>) = 0x7f1864095000 [pid 5867] close(4 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5866] umount2("./140/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5867] rmdir("./142/file1" [pid 6589] symlink("/dev/binderfs", "./binderfs" [pid 6590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5866] unlink("./140/binderfs" [pid 6589] <... symlink resumed>) = 0 executing program [pid 6590] <... openat resumed>) = 3 [pid 6589] write(1, "executing program\n", 18 [pid 5867] umount2("./142/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... unlink resumed>) = 0 [pid 6590] write(3, "1000", 4 [pid 6589] <... write resumed>) = 18 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 6590] <... write resumed>) = 4 [pid 6589] memfd_create("syzkaller", 0 [pid 5867] newfstatat(AT_FDCWD, "./142/binderfs", [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6590] close(3 [pid 6589] <... memfd_create resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] close(3 [pid 6590] <... close resumed>) = 0 [pid 6589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6588] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] unlink("./142/binderfs" [pid 5866] <... close resumed>) = 0 [pid 6590] symlink("/dev/binderfs", "./binderfs" [pid 6589] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... unlink resumed>) = 0 [pid 6590] <... symlink resumed>) = 0 [pid 6589] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6588] <... write resumed>) = 524288 [pid 5867] getdents64(3, [pid 5866] rmdir("./140" [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6590] write(1, "executing program\n", 18 [pid 5867] close(3) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5867] rmdir("./142"executing program [pid 5866] mkdir("./141", 0777 [pid 6590] <... write resumed>) = 18 [pid 5867] <... rmdir resumed>) = 0 [pid 6590] memfd_create("syzkaller", 0 [pid 6588] munmap(0x7f1864095000, 138412032 [pid 5867] mkdir("./143", 0777 [pid 5866] <... mkdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6588] <... munmap resumed>) = 0 [pid 5867] <... mkdir resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 6590] <... memfd_create resumed>) = 3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... openat resumed>) = 3 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6590] <... mmap resumed>) = 0x7f1864095000 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5866] <... ioctl resumed>) = 0 [pid 6588] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... ioctl resumed>) = 0 [pid 5866] close(3 [pid 6588] <... openat resumed>) = 4 [pid 5867] close(3 [pid 6588] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... close resumed>) = 0 [pid 6588] <... ioctl resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6589] <... write resumed>) = 524288 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6590] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6588] close(3) = 0 [pid 6588] close(4) = 0 [pid 6588] mkdir("./file1", 0777./strace-static-x86_64: Process 6591 attached [pid 6589] munmap(0x7f1864095000, 138412032 [pid 6588] <... mkdir resumed>) = 0 [pid 6591] set_robust_list(0x5555593cd660, 24 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6591 [pid 6591] <... set_robust_list resumed>) = 0 [pid 6591] chdir("./141") = 0 [pid 6591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6591] setpgid(0, 0) = 0 [pid 6591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6590] <... write resumed>) = 524288 [pid 6589] <... munmap resumed>) = 0 [pid 6588] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6589] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6590] munmap(0x7f1864095000, 138412032 [pid 6591] <... openat resumed>) = 3 [pid 6589] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6592 attached [pid 6591] write(3, "1000", 4 [pid 6590] <... munmap resumed>) = 0 [pid 6589] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6592 [pid 6591] <... write resumed>) = 4 [pid 6590] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6589] <... ioctl resumed>) = 0 [pid 6592] set_robust_list(0x5555593cd660, 24 [pid 6591] close(3 [pid 6590] <... openat resumed>) = 4 [pid 6589] close(3 [pid 6588] <... mount resumed>) = 0 [pid 6592] <... set_robust_list resumed>) = 0 [pid 6591] <... close resumed>) = 0 [pid 6590] ioctl(4, LOOP_SET_FD, 3 [pid 6589] <... close resumed>) = 0 [ 222.105509][ T6588] loop4: detected capacity change from 0 to 1024 [pid 6588] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6592] chdir("./143" [pid 6591] symlink("/dev/binderfs", "./binderfs" [pid 6589] close(4 [pid 6592] <... chdir resumed>) = 0 [pid 6591] <... symlink resumed>) = 0 [pid 6589] <... close resumed>) = 0 executing program [pid 6592] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6591] write(1, "executing program\n", 18 [pid 6589] mkdir("./file1", 0777 [pid 6592] <... prctl resumed>) = 0 [pid 6591] <... write resumed>) = 18 [pid 6589] <... mkdir resumed>) = 0 [pid 6588] <... openat resumed>) = 3 [pid 6590] <... ioctl resumed>) = 0 [pid 6592] setpgid(0, 0 [pid 6591] memfd_create("syzkaller", 0 [pid 6590] close(3 [pid 6588] chdir("./file1" [pid 6592] <... setpgid resumed>) = 0 [pid 6591] <... memfd_create resumed>) = 3 [pid 6590] <... close resumed>) = 0 [pid 6588] <... chdir resumed>) = 0 [pid 6592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6590] close(4 [pid 6589] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6588] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6592] <... openat resumed>) = 3 [pid 6591] <... mmap resumed>) = 0x7f1864095000 [pid 6590] <... close resumed>) = 0 [pid 6588] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6592] write(3, "1000", 4 [pid 6590] mkdir("./file1", 0777 [pid 6588] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6592] <... write resumed>) = 4 [pid 6591] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6590] <... mkdir resumed>) = 0 [pid 6592] close(3 [pid 6590] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""executing program [pid 6592] <... close resumed>) = 0 [pid 6592] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6592] write(1, "executing program\n", 18) = 18 [pid 6592] memfd_create("syzkaller", 0 [pid 6589] <... mount resumed>) = 0 [pid 6592] <... memfd_create resumed>) = 3 [ 222.151593][ T6589] loop0: detected capacity change from 0 to 1024 [ 222.159939][ T6590] loop1: detected capacity change from 0 to 1024 [pid 6589] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6589] chdir("./file1" [pid 6592] <... mmap resumed>) = 0x7f1864095000 [pid 6589] <... chdir resumed>) = 0 [pid 6592] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6589] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6588] <... link resumed>) = 0 [pid 6590] <... mount resumed>) = 0 [pid 6589] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6588] sync( [pid 6590] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6591] <... write resumed>) = 524288 [pid 6590] <... openat resumed>) = 3 [pid 6589] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6591] munmap(0x7f1864095000, 138412032 [pid 6590] chdir("./file1" [pid 6591] <... munmap resumed>) = 0 [pid 6590] <... chdir resumed>) = 0 [pid 6590] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6591] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6590] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6591] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6590] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6591] close(3) = 0 [pid 6591] close(4) = 0 [pid 6591] mkdir("./file1", 0777) = 0 [pid 6589] <... link resumed>) = 0 [pid 6592] <... write resumed>) = 524288 [pid 6589] sync( [pid 6591] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6590] <... link resumed>) = 0 [pid 6590] sync( [pid 6592] munmap(0x7f1864095000, 138412032) = 0 [pid 6591] <... mount resumed>) = 0 [pid 6588] <... sync resumed>) = 0 [ 222.263241][ T6591] loop2: detected capacity change from 0 to 1024 [pid 6592] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6588] exit_group(0 [pid 6591] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6592] ioctl(4, LOOP_SET_FD, 3 [pid 6591] <... openat resumed>) = 3 [pid 6588] <... exit_group resumed>) = ? [pid 6592] <... ioctl resumed>) = 0 [pid 6591] chdir("./file1") = 0 [pid 6592] close(3 [pid 6591] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6592] <... close resumed>) = 0 [pid 6591] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6592] close(4 [pid 6591] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6592] <... close resumed>) = 0 [pid 6588] +++ exited with 0 +++ [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6588, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6592] mkdir("./file1", 0777) = 0 [pid 6589] <... sync resumed>) = 0 [pid 5868] umount2("./144", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6589] exit_group(0 [pid 6592] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6589] <... exit_group resumed>) = ? [pid 5868] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6589] +++ exited with 0 +++ [pid 5868] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6589, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [ 222.351744][ T6592] loop3: detected capacity change from 0 to 1024 [pid 5864] umount2("./140", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6592] <... mount resumed>) = 0 [pid 6591] <... link resumed>) = 0 [pid 6590] <... sync resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6591] sync( [pid 6590] exit_group(0 [pid 5864] <... openat resumed>) = 3 [pid 6590] <... exit_group resumed>) = ? [pid 5864] newfstatat(3, "", [pid 6592] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6592] <... openat resumed>) = 3 [pid 6590] +++ exited with 0 +++ [pid 5864] getdents64(3, [pid 6592] chdir("./file1" [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6592] <... chdir resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6590, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6592] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... restart_syscall resumed>) = 0 [pid 6592] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6592] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] umount2("./139", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5868] <... umount2 resumed>) = 0 [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6591] <... sync resumed>) = 0 [pid 5868] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./144/file1", [pid 6591] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6591] <... exit_group resumed>) = ? [pid 5868] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6591] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6591, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] openat(AT_FDCWD, "./144/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5868] newfstatat(4, "", [pid 5866] <... restart_syscall resumed>) = 0 [pid 6592] <... link resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6592] sync( [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] umount2("./141", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] getdents64(4, [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] close(4) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5868] rmdir("./144/file1" [pid 5866] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... rmdir resumed>) = 0 [pid 6592] <... sync resumed>) = 0 [pid 5868] umount2("./144/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5864] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6592] exit_group(0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(AT_FDCWD, "./140/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6592] <... exit_group resumed>) = ? [pid 5865] newfstatat(AT_FDCWD, "./139/file1", [pid 5864] openat(AT_FDCWD, "./140/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6592] +++ exited with 0 +++ [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6592, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] umount2("./139/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] newfstatat(AT_FDCWD, "./144/binderfs", [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(4, [pid 5865] openat(AT_FDCWD, "./139/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... openat resumed>) = 4 [pid 5864] getdents64(4, [pid 5865] newfstatat(4, "", [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] close(4 [pid 5865] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5865] rmdir("./139/file1" [pid 5864] rmdir("./140/file1" [pid 5868] unlink("./144/binderfs" [pid 5867] <... restart_syscall resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 5864] umount2("./140/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... unlink resumed>) = 0 [pid 5868] getdents64(3, [pid 5866] <... umount2 resumed>) = 0 [pid 5865] umount2("./139/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] umount2("./143", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] close(3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5864] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5868] <... close resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] newfstatat(AT_FDCWD, "./141/file1", [pid 5868] rmdir("./144" [pid 5867] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5866] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] unlink("./139/binderfs" [pid 5868] mkdir("./145", 0777 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(3, [pid 5866] openat(AT_FDCWD, "./141/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... unlink resumed>) = 0 [pid 5864] unlink("./140/binderfs" [pid 5866] <... openat resumed>) = 4 [pid 5864] <... unlink resumed>) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] newfstatat(4, "", [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] getdents64(3, [pid 5867] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5868] <... openat resumed>) = 3 [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] close(3 [pid 5864] close(3 [pid 5868] <... ioctl resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] close(3 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] rmdir("./139" [pid 5864] rmdir("./140" [pid 5868] <... close resumed>) = 0 [pid 5866] close(4) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] rmdir("./141/file1" [pid 5864] <... rmdir resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6593 attached [pid 5866] umount2("./141/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 5864] mkdir("./141", 0777 [pid 5865] mkdir("./140", 0777 [pid 5864] <... mkdir resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6593] set_robust_list(0x5555593cd660, 24 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6593 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] <... ioctl resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./141/binderfs", [pid 6593] <... set_robust_list resumed>) = 0 [pid 6593] chdir("./145" [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6593] <... chdir resumed>) = 0 [pid 5866] unlink("./141/binderfs" [pid 5865] close(3 [pid 6593] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... unlink resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6594 attached [pid 6593] <... prctl resumed>) = 0 [pid 5866] getdents64(3, [pid 6593] setpgid(0, 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6594] set_robust_list(0x5555593cd660, 24 [pid 6593] <... setpgid resumed>) = 0 [pid 5866] close(3 [pid 6594] <... set_robust_list resumed>) = 0 [pid 6593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... umount2 resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 6594] chdir("./141" [pid 5866] rmdir("./141" [pid 6594] <... chdir resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6594 [pid 6594] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6594] setpgid(0, 0 [pid 5866] <... rmdir resumed>) = 0 [pid 5866] mkdir("./142", 0777 [pid 6594] <... setpgid resumed>) = 0 [pid 6594] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6593] <... openat resumed>) = 3 [pid 5866] <... mkdir resumed>) = 0 [pid 5867] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6594] <... openat resumed>) = 3 [pid 6593] write(3, "1000", 4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6593] <... write resumed>) = 4 [pid 5867] newfstatat(AT_FDCWD, "./143/file1", [pid 6594] write(3, "1000", 4 [pid 5866] <... openat resumed>) = 3 [pid 6593] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6593] <... close resumed>) = 0 [pid 6594] <... write resumed>) = 4 [pid 5867] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... ioctl resumed>) = 0 [pid 6593] symlink("/dev/binderfs", "./binderfs" [pid 6594] close(3 [pid 6593] <... symlink resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] close(3 [pid 5867] openat(AT_FDCWD, "./143/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY executing program [pid 5866] <... close resumed>) = 0 [pid 6594] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6594] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... openat resumed>) = 4 [pid 6594] <... symlink resumed>) = 0 [pid 6594] write(1, "executing program\n", 18) = 18 [pid 6594] memfd_create("syzkaller", 0) = 3 [pid 6594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 executing program ./strace-static-x86_64: Process 6595 attached [pid 6594] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6593] write(1, "executing program\n", 18 [pid 5867] newfstatat(4, "", [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6593] <... write resumed>) = 18 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6595] set_robust_list(0x5555593cd660, 24 [pid 6593] memfd_create("syzkaller", 0 [pid 5867] getdents64(4, [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6595 [pid 6595] <... set_robust_list resumed>) = 0 [pid 6593] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 6596 attached [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6595] chdir("./142" [pid 5867] getdents64(4, [pid 6595] <... chdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6595] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6595] <... prctl resumed>) = 0 [pid 5867] close(4 [pid 6596] set_robust_list(0x5555593cd660, 24 [pid 6595] setpgid(0, 0 [pid 5867] <... close resumed>) = 0 [pid 6596] <... set_robust_list resumed>) = 0 [pid 6595] <... setpgid resumed>) = 0 [pid 5867] rmdir("./143/file1" [pid 6593] <... mmap resumed>) = 0x7f1864095000 [pid 6596] chdir("./140" [pid 5867] <... rmdir resumed>) = 0 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6596 [pid 6596] <... chdir resumed>) = 0 [pid 6596] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6596] setpgid(0, 0) = 0 [pid 6596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6595] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] umount2("./143/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6595] <... openat resumed>) = 3 [pid 6593] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] newfstatat(AT_FDCWD, "./143/binderfs", [pid 6596] write(3, "1000", 4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6596] <... write resumed>) = 4 [pid 6596] close(3) = 0 [pid 6595] write(3, "1000", 4 [pid 5867] unlink("./143/binderfs" [pid 6596] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6595] <... write resumed>) = 4 [pid 5867] <... unlink resumed>) = 0 [pid 6596] write(1, "executing program\n", 18executing program [pid 6595] close(3 [pid 5867] getdents64(3, [pid 6596] <... write resumed>) = 18 [pid 6594] <... write resumed>) = 524288 [pid 6595] <... close resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6595] symlink("/dev/binderfs", "./binderfs" [pid 5867] close(3 [pid 6596] memfd_create("syzkaller", 0) = 3 [pid 6595] <... symlink resumed>) = 0 [pid 6594] munmap(0x7f1864095000, 138412032 [pid 5867] <... close resumed>) = 0 [pid 6596] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6594] <... munmap resumed>) = 0 [pid 5867] rmdir("./143" [pid 6596] <... mmap resumed>) = 0x7f1864095000 [pid 6595] write(1, "executing program\n", 18 [pid 5867] <... rmdir resumed>) = 0 executing program [pid 6595] <... write resumed>) = 18 [pid 5867] mkdir("./144", 0777 [pid 6596] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6595] memfd_create("syzkaller", 0 [pid 6594] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6593] <... write resumed>) = 524288 [pid 5867] <... mkdir resumed>) = 0 [pid 6594] <... openat resumed>) = 4 [pid 6595] <... memfd_create resumed>) = 3 [pid 6594] ioctl(4, LOOP_SET_FD, 3 [pid 6595] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6594] <... ioctl resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6595] <... mmap resumed>) = 0x7f1864095000 [pid 6595] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6594] close(3 [pid 5867] <... openat resumed>) = 3 [pid 6594] <... close resumed>) = 0 [pid 6594] close(4) = 0 [pid 6594] mkdir("./file1", 0777) = 0 [pid 6593] munmap(0x7f1864095000, 138412032 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6594] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6593] <... munmap resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 6593] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] close(3 [pid 6593] <... openat resumed>) = 4 [pid 6593] ioctl(4, LOOP_SET_FD, 3 [pid 6596] <... write resumed>) = 524288 [pid 6596] munmap(0x7f1864095000, 138412032) = 0 [pid 6596] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6593] <... ioctl resumed>) = 0 [pid 6596] ioctl(4, LOOP_SET_FD, 3 [pid 6593] close(3) = 0 [pid 6593] close(4) = 0 [pid 6596] <... ioctl resumed>) = 0 [ 222.721800][ T6594] loop0: detected capacity change from 0 to 1024 [ 222.765795][ T6593] loop4: detected capacity change from 0 to 1024 [pid 6593] mkdir("./file1", 0777 [pid 6596] close(3 [pid 6593] <... mkdir resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6594] <... mount resumed>) = 0 [pid 6596] <... close resumed>) = 0 [pid 6594] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6596] close(4 [pid 6594] <... openat resumed>) = 3 [pid 6596] <... close resumed>) = 0 [pid 6593] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6596] mkdir("./file1", 0777 [pid 6594] chdir("./file1" [pid 6595] <... write resumed>) = 524288 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6596] <... mkdir resumed>) = 0 [pid 6595] munmap(0x7f1864095000, 138412032) = 0 ./strace-static-x86_64: Process 6597 attached [pid 6595] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6594] <... chdir resumed>) = 0 [pid 6595] <... openat resumed>) = 4 [pid 6594] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6595] ioctl(4, LOOP_SET_FD, 3 [pid 6594] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6597] set_robust_list(0x5555593cd660, 24 [pid 6596] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6595] <... ioctl resumed>) = 0 [pid 6594] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6597] <... set_robust_list resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6597 [pid 6597] chdir("./144") = 0 [pid 6595] close(3 [pid 6597] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6597] setpgid(0, 0 [pid 6595] <... close resumed>) = 0 [pid 6595] close(4) = 0 [pid 6597] <... setpgid resumed>) = 0 [pid 6595] mkdir("./file1", 0777 [pid 6597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6595] <... mkdir resumed>) = 0 [pid 6597] <... openat resumed>) = 3 [pid 6593] <... mount resumed>) = 0 [pid 6596] <... mount resumed>) = 0 [pid 6595] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 222.781517][ T6596] loop1: detected capacity change from 0 to 1024 [ 222.813324][ T6595] loop2: detected capacity change from 0 to 1024 [pid 6593] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6597] write(3, "1000", 4 [pid 6596] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6593] <... openat resumed>) = 3 [pid 6597] <... write resumed>) = 4 [pid 6596] <... openat resumed>) = 3 [pid 6594] <... link resumed>) = 0 [pid 6593] chdir("./file1" [pid 6594] sync( [pid 6593] <... chdir resumed>) = 0 [pid 6597] close(3 [pid 6593] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6597] <... close resumed>) = 0 [pid 6596] chdir("./file1" [pid 6597] symlink("/dev/binderfs", "./binderfs" [pid 6596] <... chdir resumed>) = 0 [pid 6596] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6597] <... symlink resumed>) = 0 executing program [pid 6597] write(1, "executing program\n", 18 [pid 6596] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6595] <... mount resumed>) = 0 [pid 6593] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6597] <... write resumed>) = 18 [pid 6596] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6595] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6593] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6597] memfd_create("syzkaller", 0 [pid 6595] <... openat resumed>) = 3 [pid 6597] <... memfd_create resumed>) = 3 [pid 6595] chdir("./file1" [pid 6597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6595] <... chdir resumed>) = 0 [pid 6597] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6595] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6594] <... sync resumed>) = 0 [pid 6594] exit_group(0 [pid 6595] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6594] <... exit_group resumed>) = ? [pid 6595] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6594] +++ exited with 0 +++ [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6594, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5864] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6596] <... link resumed>) = 0 [pid 6593] <... link resumed>) = 0 [pid 6596] sync( [pid 6595] <... link resumed>) = 0 [pid 6593] sync( [pid 6595] sync( [pid 6597] <... write resumed>) = 524288 [pid 5864] umount2("./141", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6595] <... sync resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 6593] <... sync resumed>) = 0 [pid 6596] <... sync resumed>) = 0 [pid 6595] exit_group(0 [pid 6593] exit_group(0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6597] munmap(0x7f1864095000, 138412032 [pid 5864] getdents64(3, [pid 6597] <... munmap resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6593] <... exit_group resumed>) = ? [pid 6597] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6593] +++ exited with 0 +++ [pid 6597] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6595] <... exit_group resumed>) = ? [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6593, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6597] close(3 [pid 6596] exit_group(0 [pid 6595] +++ exited with 0 +++ [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6596] <... exit_group resumed>) = ? [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6595, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6597] <... close resumed>) = 0 [pid 6596] +++ exited with 0 +++ [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6596, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6597] close(4 [pid 5865] umount2("./140", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./142", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./145", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6597] <... close resumed>) = 0 [pid 6597] mkdir("./file1", 0777 [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 6597] <... mkdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6597] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... openat resumed>) = 3 [pid 5868] newfstatat(3, "", [pid 5866] getdents64(3, [pid 5865] <... openat resumed>) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] newfstatat(3, "", [pid 5868] getdents64(3, [pid 5866] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] getdents64(3, [ 223.011105][ T6597] loop3: detected capacity change from 0 to 1024 [pid 5868] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... umount2 resumed>) = 0 [pid 5865] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] <... mount resumed>) = 0 [pid 6597] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6597] chdir("./file1" [pid 5864] newfstatat(AT_FDCWD, "./141/file1", [pid 6597] <... chdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6597] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6597] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5864] openat(AT_FDCWD, "./141/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5864] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5864] rmdir("./141/file1") = 0 [pid 5866] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./142/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./141/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./141/binderfs", [pid 6597] <... link resumed>) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] openat(AT_FDCWD, "./142/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] unlink("./141/binderfs" [pid 5866] <... openat resumed>) = 4 [pid 5864] <... unlink resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 5865] <... umount2 resumed>) = 0 [pid 5864] getdents64(3, [pid 6597] sync( [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] close(3 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... close resumed>) = 0 [pid 5868] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] close(4 [pid 5864] rmdir("./141" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... close resumed>) = 0 [pid 5865] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./145/file1", [pid 5866] rmdir("./142/file1" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(AT_FDCWD, "./140/file1", [pid 5864] mkdir("./142", 0777 [pid 5868] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./140/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] openat(AT_FDCWD, "./145/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] umount2("./142/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... openat resumed>) = 4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./140/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 6597] <... sync resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5866] newfstatat(AT_FDCWD, "./142/binderfs", [pid 5865] <... openat resumed>) = 4 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6597] exit_group(0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] newfstatat(4, "", [pid 6597] <... exit_group resumed>) = ? [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5868] getdents64(4, [pid 5866] unlink("./142/binderfs" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, [pid 5866] <... unlink resumed>) = 0 [pid 5865] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6597] +++ exited with 0 +++ [pid 5868] close(4 [pid 5866] getdents64(3, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./145/file1" [pid 5865] close(4 [pid 5868] <... rmdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] umount2("./145/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6597, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5866] close(3 [pid 5865] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] rmdir("./140/file1" [pid 5866] rmdir("./142" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5867] umount2("./144", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] unlink("./145/binderfs") = 0 [pid 5867] <... openat resumed>) = 3 [pid 5868] getdents64(3, [pid 5866] mkdir("./143", 0777 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] newfstatat(3, "", [pid 5866] <... mkdir resumed>) = 0 [pid 5865] umount2("./140/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5868] rmdir("./145" [pid 5867] getdents64(3, [pid 5866] <... openat resumed>) = 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] unlink("./140/binderfs" [pid 5867] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6598 attached [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6598 [pid 6598] set_robust_list(0x5555593cd660, 24 [pid 5866] <... ioctl resumed>) = 0 [pid 5868] mkdir("./146", 0777 [pid 5865] getdents64(3, [pid 6598] <... set_robust_list resumed>) = 0 [pid 5866] close(3 [pid 6598] chdir("./142" [pid 5868] <... mkdir resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] close(3 [pid 6598] <... chdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6598] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6599 ./strace-static-x86_64: Process 6599 attached [pid 6598] <... prctl resumed>) = 0 [pid 5865] rmdir("./140" [pid 6599] set_robust_list(0x5555593cd660, 24 [pid 6598] setpgid(0, 0 [pid 5868] <... openat resumed>) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 6599] <... set_robust_list resumed>) = 0 [pid 6598] <... setpgid resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] mkdir("./141", 0777 [pid 6599] chdir("./143" [pid 5868] <... ioctl resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 6598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] close(3 [pid 5867] <... umount2 resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6599] <... chdir resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5867] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6599] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6599] <... prctl resumed>) = 0 [pid 6599] setpgid(0, 0 [pid 5867] newfstatat(AT_FDCWD, "./144/file1", [pid 6599] <... setpgid resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6598] <... openat resumed>) = 3 [pid 5867] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6600 attached [pid 6599] <... openat resumed>) = 3 [pid 6598] write(3, "1000", 4 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6600] set_robust_list(0x5555593cd660, 24 [pid 6598] <... write resumed>) = 4 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6600 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... ioctl resumed>) = 0 [pid 6599] write(3, "1000", 4 [pid 6598] close(3 [pid 5867] openat(AT_FDCWD, "./144/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] close(3 [pid 6600] <... set_robust_list resumed>) = 0 [pid 6599] <... write resumed>) = 4 [pid 6599] close(3 [pid 5867] <... openat resumed>) = 4 [pid 6599] <... close resumed>) = 0 [pid 6599] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6599] write(1, "executing program\n", 18) = 18 [pid 5867] newfstatat(4, "", [pid 6599] memfd_create("syzkaller", 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6599] <... memfd_create resumed>) = 3 [pid 5867] getdents64(4, [pid 6599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6599] <... mmap resumed>) = 0x7f1864095000 [pid 5867] getdents64(4, [pid 6600] chdir("./146" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] close(4 [pid 6600] <... chdir resumed>) = 0 [pid 6599] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6598] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6600] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6598] symlink("/dev/binderfs", "./binderfs" [pid 5867] rmdir("./144/file1") = 0 [pid 5867] umount2("./144/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) executing program [pid 5867] newfstatat(AT_FDCWD, "./144/binderfs", [pid 6598] <... symlink resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6600] <... prctl resumed>) = 0 [pid 6598] write(1, "executing program\n", 18 [pid 6600] setpgid(0, 0 [pid 6598] <... write resumed>) = 18 [pid 6600] <... setpgid resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6598] memfd_create("syzkaller", 0 [pid 5867] unlink("./144/binderfs" [pid 6600] <... openat resumed>) = 3 [pid 6598] <... memfd_create resumed>) = 3 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6601 [pid 5867] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6601 attached [pid 5867] getdents64(3, [pid 6601] set_robust_list(0x5555593cd660, 24) = 0 [pid 6600] write(3, "1000", 4 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6601] chdir("./141" [pid 6600] <... write resumed>) = 4 [pid 6598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] close(3 [pid 6601] <... chdir resumed>) = 0 [pid 6600] close(3 [pid 6599] <... write resumed>) = 524288 [pid 6598] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... close resumed>) = 0 [pid 6600] <... close resumed>) = 0 [pid 6601] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] rmdir("./144" [pid 6601] <... prctl resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 6601] setpgid(0, 0) = 0 [pid 6601] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6600] symlink("/dev/binderfs", "./binderfs" [pid 6598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288executing program [pid 6601] <... openat resumed>) = 3 [pid 6600] <... symlink resumed>) = 0 [pid 5867] mkdir("./145", 0777 [pid 6601] write(3, "1000", 4 [pid 6600] write(1, "executing program\n", 18 [pid 5867] <... mkdir resumed>) = 0 [pid 6601] <... write resumed>) = 4 [pid 6600] <... write resumed>) = 18 [pid 6601] close(3 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6601] <... close resumed>) = 0 [pid 6600] memfd_create("syzkaller", 0 [pid 6601] symlink("/dev/binderfs", "./binderfs" [pid 6600] <... memfd_create resumed>) = 3 [pid 6599] munmap(0x7f1864095000, 138412032 [pid 5867] <... openat resumed>) = 3 [pid 6600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6599] <... munmap resumed>) = 0 [pid 6601] <... symlink resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FDexecuting program ) = 0 [pid 6601] write(1, "executing program\n", 18 [pid 6599] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] close(3 [pid 6601] <... write resumed>) = 18 [pid 6599] <... openat resumed>) = 4 [pid 6601] memfd_create("syzkaller", 0 [pid 6599] ioctl(4, LOOP_SET_FD, 3 [pid 6601] <... memfd_create resumed>) = 3 [pid 6601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6601] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6599] <... ioctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6601] <... write resumed>) = 524288 [pid 6600] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6599] close(3 [pid 6598] <... write resumed>) = 524288 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6599] <... close resumed>) = 0 [pid 6599] close(4 [pid 6598] munmap(0x7f1864095000, 138412032./strace-static-x86_64: Process 6602 attached [pid 6599] <... close resumed>) = 0 [pid 6602] set_robust_list(0x5555593cd660, 24 [pid 6599] mkdir("./file1", 0777 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6602 [ 223.369776][ T6599] loop2: detected capacity change from 0 to 1024 [pid 6602] <... set_robust_list resumed>) = 0 [pid 6601] munmap(0x7f1864095000, 138412032 [pid 6599] <... mkdir resumed>) = 0 [pid 6598] <... munmap resumed>) = 0 [pid 6602] chdir("./145" [pid 6601] <... munmap resumed>) = 0 [pid 6599] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6598] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6602] <... chdir resumed>) = 0 [pid 6601] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6598] <... openat resumed>) = 4 [pid 6602] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6601] <... openat resumed>) = 4 [pid 6598] ioctl(4, LOOP_SET_FD, 3 [pid 6602] <... prctl resumed>) = 0 [pid 6601] ioctl(4, LOOP_SET_FD, 3 [pid 6602] setpgid(0, 0 [pid 6600] <... write resumed>) = 524288 [pid 6602] <... setpgid resumed>) = 0 [pid 6602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6602] write(3, "1000", 4 [pid 6599] <... mount resumed>) = 0 [pid 6602] <... write resumed>) = 4 [pid 6599] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6602] close(3 [pid 6601] <... ioctl resumed>) = 0 [pid 6598] <... ioctl resumed>) = 0 [pid 6602] <... close resumed>) = 0 [pid 6601] close(3 [pid 6600] munmap(0x7f1864095000, 138412032 [pid 6599] <... openat resumed>) = 3 [pid 6602] symlink("/dev/binderfs", "./binderfs" [pid 6601] <... close resumed>) = 0 [pid 6600] <... munmap resumed>) = 0 [pid 6599] chdir("./file1" [pid 6598] close(3 [pid 6602] <... symlink resumed>) = 0 [pid 6601] close(4 [pid 6598] <... close resumed>) = 0 [pid 6600] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6599] <... chdir resumed>) = 0 [pid 6598] close(4) = 0 [pid 6601] <... close resumed>) = 0 [pid 6600] <... openat resumed>) = 4 [pid 6599] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6598] mkdir("./file1", 0777 [pid 6602] write(1, "executing program\n", 18 executing program [pid 6601] mkdir("./file1", 0777 [pid 6600] ioctl(4, LOOP_SET_FD, 3 [pid 6599] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6598] <... mkdir resumed>) = 0 [pid 6602] <... write resumed>) = 18 [ 223.439614][ T6598] loop0: detected capacity change from 0 to 1024 [ 223.445130][ T6601] loop1: detected capacity change from 0 to 1024 [pid 6602] memfd_create("syzkaller", 0 [pid 6601] <... mkdir resumed>) = 0 [pid 6600] <... ioctl resumed>) = 0 [pid 6599] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6598] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6602] <... memfd_create resumed>) = 3 [pid 6601] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6600] close(3 [pid 6602] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6600] <... close resumed>) = 0 [pid 6600] close(4) = 0 [pid 6600] mkdir("./file1", 0777) = 0 [pid 6599] <... link resumed>) = 0 [pid 6602] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6600] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [ 223.496438][ T6600] loop4: detected capacity change from 0 to 1024 [pid 6599] sync( [pid 6598] <... mount resumed>) = 0 [pid 6601] <... mount resumed>) = 0 [pid 6598] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6601] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6598] chdir("./file1" [pid 6602] <... write resumed>) = 524288 [pid 6601] <... openat resumed>) = 3 [pid 6600] <... mount resumed>) = 0 [pid 6598] <... chdir resumed>) = 0 [pid 6602] munmap(0x7f1864095000, 138412032 [pid 6601] chdir("./file1" [pid 6598] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6602] <... munmap resumed>) = 0 [pid 6601] <... chdir resumed>) = 0 [pid 6600] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6598] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6601] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6600] <... openat resumed>) = 3 [pid 6598] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6602] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6601] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6600] chdir("./file1" [pid 6602] ioctl(4, LOOP_SET_FD, 3 [pid 6601] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6600] <... chdir resumed>) = 0 [pid 6602] <... ioctl resumed>) = 0 [pid 6600] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6602] close(3) = 0 [pid 6600] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6602] close(4 [pid 6600] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6602] <... close resumed>) = 0 [pid 6602] mkdir("./file1", 0777) = 0 [pid 6598] <... link resumed>) = 0 [pid 6602] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6598] sync( [pid 6601] <... link resumed>) = 0 [ 223.611632][ T6602] loop3: detected capacity change from 0 to 1024 [pid 6601] sync( [pid 6600] <... link resumed>) = 0 [pid 6600] sync( [pid 6602] <... mount resumed>) = 0 [pid 6602] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6599] <... sync resumed>) = 0 [pid 6602] <... openat resumed>) = 3 [pid 6599] exit_group(0 [pid 6602] chdir("./file1" [pid 6599] <... exit_group resumed>) = ? [pid 6602] <... chdir resumed>) = 0 [pid 6602] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6599] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6599, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6602] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] umount2("./143", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 6600] <... sync resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6601] <... sync resumed>) = 0 [pid 6600] exit_group(0 [pid 6598] <... sync resumed>) = 0 [pid 5866] getdents64(3, [pid 6600] <... exit_group resumed>) = ? [pid 6601] exit_group(0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6601] <... exit_group resumed>) = ? [pid 6602] <... link resumed>) = 0 [pid 6600] +++ exited with 0 +++ [pid 5866] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6600, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6598] exit_group(0 [pid 6602] sync( [pid 6601] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6601, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5865] umount2("./141", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6598] <... exit_group resumed>) = ? [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./146", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6598] +++ exited with 0 +++ [pid 5868] newfstatat(3, "", [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6598, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5868] getdents64(3, [pid 6602] <... sync resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6602] exit_group(0 [pid 5868] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... restart_syscall resumed>) = 0 [pid 6602] <... exit_group resumed>) = ? [pid 6602] +++ exited with 0 +++ [pid 5864] umount2("./142", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6602, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5864] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... openat resumed>) = 3 [pid 5865] <... umount2 resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 5867] <... restart_syscall resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./141/file1", [pid 5866] newfstatat(AT_FDCWD, "./143/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] getdents64(3, [pid 5867] umount2("./145", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./141/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./143/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] openat(AT_FDCWD, "./141/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... openat resumed>) = 4 [pid 5864] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] newfstatat(4, "", [pid 5865] <... openat resumed>) = 4 [pid 5867] <... openat resumed>) = 3 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] newfstatat(4, "", [pid 5867] newfstatat(3, "", [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 5868] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] getdents64(3, [pid 5866] getdents64(4, [pid 5865] getdents64(4, [pid 5868] newfstatat(AT_FDCWD, "./146/file1", [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... close resumed>) = 0 [pid 5865] close(4 [pid 5866] rmdir("./143/file1" [pid 5865] <... close resumed>) = 0 [pid 5867] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5865] rmdir("./141/file1" [pid 5866] umount2("./143/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... rmdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5865] umount2("./141/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] unlink("./143/binderfs" [pid 5865] newfstatat(AT_FDCWD, "./141/binderfs", [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... unlink resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./141/binderfs" [pid 5868] openat(AT_FDCWD, "./146/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] <... openat resumed>) = 4 [pid 5865] <... unlink resumed>) = 0 [pid 5868] newfstatat(4, "", [pid 5866] close(3 [pid 5865] getdents64(3, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] getdents64(4, [pid 5866] rmdir("./143" [pid 5865] close(3 [pid 5867] <... umount2 resumed>) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 5867] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] getdents64(4, [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] mkdir("./144", 0777 [pid 5864] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5867] newfstatat(AT_FDCWD, "./145/file1", [pid 5865] rmdir("./141" [pid 5868] close(4 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5867] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... rmdir resumed>) = 0 [pid 5868] rmdir("./146/file1" [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] mkdir("./142", 0777 [pid 5864] newfstatat(AT_FDCWD, "./142/file1", [pid 5868] <... rmdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./145/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5868] umount2("./146/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... openat resumed>) = 3 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5868] newfstatat(AT_FDCWD, "./146/binderfs", [pid 5867] <... openat resumed>) = 4 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] newfstatat(4, "", [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./142/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5866] close(3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5867] getdents64(4, [pid 5864] newfstatat(4, "", [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] <... ioctl resumed>) = 0 [pid 5868] unlink("./146/binderfs" [pid 5865] close(3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(4, [pid 5867] getdents64(4, [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 5867] close(4) = 0 [pid 5867] rmdir("./145/file1") = 0 [pid 5868] getdents64(3, [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5864] getdents64(4, [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 5867] umount2("./145/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] rmdir("./142/file1"./strace-static-x86_64: Process 6604 attached ./strace-static-x86_64: Process 6603 attached [pid 5868] close(3 [pid 5867] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5864] <... rmdir resumed>) = 0 [pid 6604] set_robust_list(0x5555593cd660, 24 [pid 6603] set_robust_list(0x5555593cd660, 24 [pid 5868] <... close resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6604 [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6603 [pid 6604] <... set_robust_list resumed>) = 0 [pid 6603] <... set_robust_list resumed>) = 0 [pid 5868] rmdir("./146" [pid 6604] chdir("./144" [pid 6603] chdir("./142" [pid 5868] <... rmdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./142/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6604] <... chdir resumed>) = 0 [pid 6603] <... chdir resumed>) = 0 [pid 5868] mkdir("./147", 0777 [pid 6604] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6603] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] <... mkdir resumed>) = 0 [pid 5867] unlink("./145/binderfs" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6604] <... prctl resumed>) = 0 [pid 6603] <... prctl resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... unlink resumed>) = 0 [pid 5864] newfstatat(AT_FDCWD, "./142/binderfs", [pid 6604] setpgid(0, 0 [pid 6603] setpgid(0, 0 [pid 5867] getdents64(3, [pid 6604] <... setpgid resumed>) = 0 [pid 6603] <... setpgid resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6604] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6604] <... openat resumed>) = 3 [pid 6603] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] close(3 [pid 5864] unlink("./142/binderfs" [pid 6603] write(3, "1000", 4 [pid 5868] <... ioctl resumed>) = 0 [pid 6604] write(3, "1000", 4 [pid 5867] <... close resumed>) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 5867] rmdir("./145" [pid 5864] getdents64(3, [pid 6604] <... write resumed>) = 4 [pid 6603] <... write resumed>) = 4 [pid 5868] close(3 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6604] close(3 [pid 6603] close(3 [pid 5868] <... close resumed>) = 0 [pid 5867] mkdir("./146", 0777 [pid 5864] close(3 [pid 6604] <... close resumed>) = 0 [pid 6603] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6603] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] <... mkdir resumed>) = 0 executing program [pid 5864] rmdir("./142" [pid 6603] write(1, "executing program\n", 18 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6603] <... write resumed>) = 18 [pid 6603] memfd_create("syzkaller", 0 [pid 6604] symlink("/dev/binderfs", "./binderfs" [pid 6603] <... memfd_create resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 6604] <... symlink resumed>) = 0 [pid 6603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 ./strace-static-x86_64: Process 6605 attached executing program [pid 6604] write(1, "executing program\n", 18 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] mkdir("./143", 0777 [pid 6605] set_robust_list(0x5555593cd660, 24 [pid 6604] <... write resumed>) = 18 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6605 [pid 6605] <... set_robust_list resumed>) = 0 [pid 6604] memfd_create("syzkaller", 0 [pid 6603] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... openat resumed>) = 3 [pid 5864] <... mkdir resumed>) = 0 [pid 6605] chdir("./147" [pid 6604] <... memfd_create resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 5867] close(3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6605] <... chdir resumed>) = 0 [pid 6604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6603] <... write resumed>) = 524288 [pid 6603] munmap(0x7f1864095000, 138412032 [pid 6605] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6604] <... mmap resumed>) = 0x7f1864095000 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6605] <... prctl resumed>) = 0 [pid 6604] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6605] setpgid(0, 0 [pid 6603] <... munmap resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... ioctl resumed>) = 0 [pid 6603] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] close(3 [pid 6605] <... setpgid resumed>) = 0 [pid 6603] <... openat resumed>) = 4 [pid 6605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6606 attached ) = 3 [pid 6603] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6606 [pid 5864] <... close resumed>) = 0 [pid 6605] write(3, "1000", 4) = 4 [pid 6605] close(3 [pid 6603] <... ioctl resumed>) = 0 executing program [pid 6606] set_robust_list(0x5555593cd660, 24 [pid 6605] <... close resumed>) = 0 [pid 6604] <... write resumed>) = 524288 [pid 6606] <... set_robust_list resumed>) = 0 [pid 6605] symlink("/dev/binderfs", "./binderfs" [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6605] <... symlink resumed>) = 0 [pid 6606] chdir("./146"./strace-static-x86_64: Process 6607 attached ) = 0 [pid 6605] write(1, "executing program\n", 18 [pid 6606] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6605] <... write resumed>) = 18 [pid 6606] <... prctl resumed>) = 0 [pid 6605] memfd_create("syzkaller", 0 [pid 6606] setpgid(0, 0 [pid 6605] <... memfd_create resumed>) = 3 [pid 6606] <... setpgid resumed>) = 0 [pid 6605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6607] set_robust_list(0x5555593cd660, 24 [pid 6606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6605] <... mmap resumed>) = 0x7f1864095000 [pid 6607] <... set_robust_list resumed>) = 0 [pid 6606] <... openat resumed>) = 3 [pid 6605] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6604] munmap(0x7f1864095000, 138412032 [pid 6603] close(3 [pid 6607] chdir("./143" [pid 6603] <... close resumed>) = 0 [pid 6603] close(4 [pid 6606] write(3, "1000", 4 [pid 6603] <... close resumed>) = 0 [pid 6607] <... chdir resumed>) = 0 [pid 6606] <... write resumed>) = 4 [pid 6604] <... munmap resumed>) = 0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6607 [pid 6607] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6606] close(3 [pid 6607] <... prctl resumed>) = 0 [pid 6606] <... close resumed>) = 0 [pid 6604] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6607] setpgid(0, 0 [pid 6606] symlink("/dev/binderfs", "./binderfs" [pid 6604] <... openat resumed>) = 4 [pid 6607] <... setpgid resumed>) = 0 [pid 6607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6606] <... symlink resumed>) = 0 [pid 6603] mkdir("./file1", 0777 [pid 6607] <... openat resumed>) = 3 [pid 6604] ioctl(4, LOOP_SET_FD, 3executing program ) = 0 [pid 6603] <... mkdir resumed>) = 0 [pid 6607] write(3, "1000", 4 [pid 6606] write(1, "executing program\n", 18 [pid 6607] <... write resumed>) = 4 [pid 6606] <... write resumed>) = 18 [pid 6607] close(3 [pid 6606] memfd_create("syzkaller", 0 [pid 6603] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6606] <... memfd_create resumed>) = 3 [pid 6607] <... close resumed>) = 0 [pid 6606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6604] close(3 [pid 6607] symlink("/dev/binderfs", "./binderfs" [pid 6606] <... mmap resumed>) = 0x7f1864095000 [pid 6604] <... close resumed>) = 0 executing program [pid 6607] <... symlink resumed>) = 0 [pid 6606] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6604] close(4 [pid 6607] write(1, "executing program\n", 18) = 18 [pid 6607] memfd_create("syzkaller", 0 [pid 6605] <... write resumed>) = 524288 [pid 6604] <... close resumed>) = 0 [pid 6605] munmap(0x7f1864095000, 138412032 [pid 6604] mkdir("./file1", 0777 [pid 6605] <... munmap resumed>) = 0 [pid 6604] <... mkdir resumed>) = 0 [pid 6607] <... memfd_create resumed>) = 3 [pid 6607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6605] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6605] ioctl(4, LOOP_SET_FD, 3 [ 224.055779][ T6603] loop1: detected capacity change from 0 to 1024 [ 224.091484][ T6604] loop2: detected capacity change from 0 to 1024 [pid 6604] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6605] <... ioctl resumed>) = 0 [pid 6607] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6605] close(3) = 0 [pid 6605] close(4) = 0 [pid 6605] mkdir("./file1", 0777) = 0 [pid 6605] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6606] <... write resumed>) = 524288 [pid 6603] <... mount resumed>) = 0 [pid 6604] <... mount resumed>) = 0 [pid 6604] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6604] chdir("./file1") = 0 [pid 6604] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6606] munmap(0x7f1864095000, 138412032 [pid 6604] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6607] <... write resumed>) = 524288 [pid 6606] <... munmap resumed>) = 0 [pid 6604] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6603] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6603] chdir("./file1" [pid 6606] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6603] <... chdir resumed>) = 0 [pid 6607] munmap(0x7f1864095000, 138412032 [pid 6605] <... mount resumed>) = 0 [pid 6603] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6606] <... openat resumed>) = 4 [pid 6603] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6603] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6607] <... munmap resumed>) = 0 [pid 6606] ioctl(4, LOOP_SET_FD, 3 [ 224.117230][ T6605] loop4: detected capacity change from 0 to 1024 [pid 6605] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6606] <... ioctl resumed>) = 0 [pid 6605] <... openat resumed>) = 3 [pid 6605] chdir("./file1" [pid 6607] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6606] close(3 [pid 6605] <... chdir resumed>) = 0 [pid 6607] <... openat resumed>) = 4 [pid 6604] <... link resumed>) = 0 [pid 6605] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6604] sync( [pid 6607] ioctl(4, LOOP_SET_FD, 3 [pid 6605] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6607] <... ioctl resumed>) = 0 [pid 6606] <... close resumed>) = 0 [pid 6605] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6606] close(4 [pid 6607] close(3 [pid 6606] <... close resumed>) = 0 [pid 6603] <... link resumed>) = 0 [pid 6603] sync( [pid 6607] <... close resumed>) = 0 [pid 6607] close(4) = 0 [pid 6606] mkdir("./file1", 0777 [pid 6607] mkdir("./file1", 0777) = 0 [pid 6606] <... mkdir resumed>) = 0 [pid 6607] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6606] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6605] <... link resumed>) = 0 [pid 6605] sync( [pid 6607] <... mount resumed>) = 0 [pid 6606] <... mount resumed>) = 0 [pid 6607] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 224.178799][ T6606] loop3: detected capacity change from 0 to 1024 [ 224.193450][ T6607] loop0: detected capacity change from 0 to 1024 [pid 6607] chdir("./file1" [pid 6606] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6607] <... chdir resumed>) = 0 [pid 6606] <... openat resumed>) = 3 [pid 6607] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6606] chdir("./file1") = 0 [pid 6607] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6606] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6606] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6605] <... sync resumed>) = 0 [pid 6604] <... sync resumed>) = 0 [pid 6603] <... sync resumed>) = 0 [pid 6604] exit_group(0 [pid 6603] exit_group(0 [pid 6605] exit_group(0 [pid 6604] <... exit_group resumed>) = ? [pid 6603] <... exit_group resumed>) = ? [pid 6605] <... exit_group resumed>) = ? [pid 6603] +++ exited with 0 +++ [pid 6604] +++ exited with 0 +++ [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6603, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6607] <... link resumed>) = 0 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6604, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6607] sync( [pid 6605] +++ exited with 0 +++ [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6605, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] <... restart_syscall resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5866] umount2("./144", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... restart_syscall resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5866] newfstatat(3, "", [pid 5868] umount2("./147", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] getdents64(3, [pid 5868] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./142", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6606] <... link resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5866] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5865] newfstatat(3, "", [pid 6606] sync( [pid 5868] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] getdents64(3, [pid 5868] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5865] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... umount2 resumed>) = 0 [pid 5866] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./144/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] openat(AT_FDCWD, "./144/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5866] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] close(4) = 0 [pid 5866] rmdir("./144/file1") = 0 [pid 5866] umount2("./144/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6607] <... sync resumed>) = 0 [pid 6606] <... sync resumed>) = 0 [pid 6606] exit_group(0 [pid 6607] exit_group(0 [pid 5866] newfstatat(AT_FDCWD, "./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] unlink("./144/binderfs") = 0 [pid 6607] <... exit_group resumed>) = ? [pid 5866] getdents64(3, [pid 6607] +++ exited with 0 +++ [pid 6606] <... exit_group resumed>) = ? [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5866] close(3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6607, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6606] +++ exited with 0 +++ [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6606, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5867] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5866] rmdir("./144" [pid 5867] umount2("./146", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... rmdir resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] umount2("./143", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... openat resumed>) = 3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(3, "", [pid 5866] mkdir("./145", 0777 [pid 5864] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... mkdir resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5867] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] newfstatat(3, "", [pid 5867] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... openat resumed>) = 3 [pid 5864] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5868] <... umount2 resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5866] close(3 [pid 5865] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] newfstatat(AT_FDCWD, "./142/file1", ./strace-static-x86_64: Process 6608 attached [pid 5868] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./142/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(AT_FDCWD, "./147/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] openat(AT_FDCWD, "./142/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6608 [pid 5865] <... openat resumed>) = 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] openat(AT_FDCWD, "./147/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] getdents64(4, [pid 5868] <... openat resumed>) = 4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6608] set_robust_list(0x5555593cd660, 24 [pid 5868] newfstatat(4, "", [pid 5867] <... umount2 resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 5868] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, [pid 5865] close(4 [pid 6608] <... set_robust_list resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] <... close resumed>) = 0 [pid 5868] close(4 [pid 5867] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] rmdir("./142/file1" [pid 6608] chdir("./145" [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6608] <... chdir resumed>) = 0 [pid 5868] rmdir("./147/file1" [pid 5865] <... rmdir resumed>) = 0 [pid 6608] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] newfstatat(AT_FDCWD, "./146/file1", [pid 5868] <... rmdir resumed>) = 0 [pid 5865] umount2("./142/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] umount2("./147/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6608] <... prctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./142/binderfs", [pid 6608] setpgid(0, 0 [pid 5868] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6608] <... setpgid resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] openat(AT_FDCWD, "./146/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5865] unlink("./142/binderfs" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] unlink("./147/binderfs") = 0 [pid 5864] newfstatat(AT_FDCWD, "./143/file1", [pid 6608] <... openat resumed>) = 3 [pid 5865] <... unlink resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] getdents64(3, [pid 5867] newfstatat(4, "", [pid 5864] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6608] write(3, "1000", 4 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(3, [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] close(3 [pid 5867] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] openat(AT_FDCWD, "./143/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] <... close resumed>) = 0 [pid 5868] rmdir("./147" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] close(3 [pid 5864] <... openat resumed>) = 4 [pid 6608] <... write resumed>) = 4 [pid 5868] <... rmdir resumed>) = 0 [pid 5867] getdents64(4, [pid 5865] <... close resumed>) = 0 [pid 5868] mkdir("./148", 0777 [pid 5864] newfstatat(4, "", [pid 6608] close(3 [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] rmdir("./142" [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] close(4 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] getdents64(4, [pid 5867] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6608] <... close resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program [pid 5867] rmdir("./146/file1" [pid 5864] getdents64(4, [pid 6608] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... openat resumed>) = 3 [pid 5865] mkdir("./143", 0777 [pid 6608] <... symlink resumed>) = 0 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6608] write(1, "executing program\n", 18) = 18 [pid 5868] <... ioctl resumed>) = 0 [pid 6608] memfd_create("syzkaller", 0 [pid 5868] close(3 [pid 5865] <... mkdir resumed>) = 0 [pid 5864] close(4 [pid 6608] <... memfd_create resumed>) = 3 [pid 5868] <... close resumed>) = 0 [pid 5867] umount2("./146/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... close resumed>) = 0 [pid 6608] <... mmap resumed>) = 0x7f1864095000 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./146/binderfs", [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] rmdir("./143/file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5864] <... rmdir resumed>) = 0 [pid 6608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] unlink("./146/binderfs" [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6609 [pid 5867] <... unlink resumed>) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5864] umount2("./143/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] newfstatat(AT_FDCWD, "./143/binderfs", ./strace-static-x86_64: Process 6609 attached [pid 6609] set_robust_list(0x5555593cd660, 24 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6610 attached [pid 5867] getdents64(3, [pid 5864] unlink("./143/binderfs") = 0 [pid 6610] set_robust_list(0x5555593cd660, 24 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6610] <... set_robust_list resumed>) = 0 [pid 6609] <... set_robust_list resumed>) = 0 [pid 5867] close(3 [pid 5864] getdents64(3, [pid 6610] chdir("./143" [pid 6609] chdir("./148") = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6610] <... chdir resumed>) = 0 [pid 5867] rmdir("./146" [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6610 [pid 5864] close(3 [pid 6610] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6609] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] <... rmdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6609] <... prctl resumed>) = 0 [pid 6610] <... prctl resumed>) = 0 [pid 6609] setpgid(0, 0 [pid 5864] rmdir("./143" [pid 6610] setpgid(0, 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6610] <... setpgid resumed>) = 0 [pid 6609] <... setpgid resumed>) = 0 [pid 6608] <... write resumed>) = 524288 [pid 5867] mkdir("./147", 0777 [pid 6610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] mkdir("./144", 0777 [pid 6610] <... openat resumed>) = 3 [pid 6609] <... openat resumed>) = 3 [pid 5864] <... mkdir resumed>) = 0 [pid 6609] write(3, "1000", 4 [pid 6608] munmap(0x7f1864095000, 138412032 [pid 5867] <... mkdir resumed>) = 0 [pid 6610] write(3, "1000", 4 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6610] <... write resumed>) = 4 [pid 6609] <... write resumed>) = 4 [pid 6608] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 6610] close(3 [pid 6609] close(3 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6610] <... close resumed>) = 0 [pid 6609] <... close resumed>) = 0 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6609] symlink("/dev/binderfs", "./binderfs" [pid 6608] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6610] symlink("/dev/binderfs", "./binderfs" [pid 5867] close(3 [pid 6610] <... symlink resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6610] write(1, "executing program\n", 18./strace-static-x86_64: Process 6611 attached ) = 18 [pid 6610] memfd_create("syzkaller", 0) = 3 [pid 6610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6609] <... symlink resumed>) = 0 [pid 6610] <... mmap resumed>) = 0x7f1864095000 [pid 6611] set_robust_list(0x5555593cd660, 24) = 0 [pid 6611] chdir("./147"executing program [pid 6610] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6609] write(1, "executing program\n", 18 [pid 6611] <... chdir resumed>) = 0 [pid 6609] <... write resumed>) = 18 [pid 6608] <... openat resumed>) = 4 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6611 [pid 6611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6609] memfd_create("syzkaller", 0 [pid 6608] ioctl(4, LOOP_SET_FD, 3 [pid 6611] <... prctl resumed>) = 0 [pid 6609] <... memfd_create resumed>) = 3 [pid 6611] setpgid(0, 0 [pid 6609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6611] <... setpgid resumed>) = 0 [pid 6611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6609] <... mmap resumed>) = 0x7f1864095000 [pid 6611] <... openat resumed>) = 3 [pid 6611] write(3, "1000", 4) = 4 [pid 6611] close(3) = 0 [pid 6609] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6610] <... write resumed>) = 524288 [pid 6608] <... ioctl resumed>) = 0 [pid 6611] write(1, "executing program\n", 18executing program [pid 6608] close(3 [pid 6610] munmap(0x7f1864095000, 138412032 [pid 6608] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 6608] close(4 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6608] <... close resumed>) = 0 [pid 6611] <... write resumed>) = 18 [pid 6610] <... munmap resumed>) = 0 [pid 6611] memfd_create("syzkaller", 0) = 3 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6612 ./strace-static-x86_64: Process 6612 attached [pid 6611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6610] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6609] <... write resumed>) = 524288 [pid 6608] mkdir("./file1", 0777 [pid 6611] <... mmap resumed>) = 0x7f1864095000 [pid 6610] <... openat resumed>) = 4 [pid 6608] <... mkdir resumed>) = 0 [pid 6609] munmap(0x7f1864095000, 138412032 [pid 6612] set_robust_list(0x5555593cd660, 24 [pid 6610] ioctl(4, LOOP_SET_FD, 3 [pid 6609] <... munmap resumed>) = 0 [pid 6612] <... set_robust_list resumed>) = 0 [pid 6609] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6608] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6612] chdir("./144" [pid 6610] <... ioctl resumed>) = 0 [pid 6609] <... openat resumed>) = 4 [pid 6612] <... chdir resumed>) = 0 [pid 6610] close(3 [pid 6609] ioctl(4, LOOP_SET_FD, 3 [pid 6610] <... close resumed>) = 0 [pid 6609] <... ioctl resumed>) = 0 [ 224.670348][ T6608] loop2: detected capacity change from 0 to 1024 [ 224.711481][ T6610] loop1: detected capacity change from 0 to 1024 [pid 6612] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6610] close(4 [pid 6611] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6610] <... close resumed>) = 0 [pid 6612] <... prctl resumed>) = 0 [pid 6610] mkdir("./file1", 0777 [pid 6612] setpgid(0, 0 [pid 6610] <... mkdir resumed>) = 0 [pid 6609] close(3 [pid 6608] <... mount resumed>) = 0 [pid 6609] <... close resumed>) = 0 [pid 6609] close(4) = 0 [pid 6608] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6612] <... setpgid resumed>) = 0 [pid 6609] mkdir("./file1", 0777 [pid 6612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6611] <... write resumed>) = 524288 [pid 6608] <... openat resumed>) = 3 [pid 6612] <... openat resumed>) = 3 [pid 6608] chdir("./file1" [pid 6609] <... mkdir resumed>) = 0 [pid 6608] <... chdir resumed>) = 0 [pid 6610] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6608] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6612] write(3, "1000", 4 [pid 6611] munmap(0x7f1864095000, 138412032 [pid 6609] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6608] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6612] <... write resumed>) = 4 [pid 6611] <... munmap resumed>) = 0 [pid 6608] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6612] close(3) = 0 [pid 6612] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6611] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6612] write(1, "executing program\n", 18 [pid 6611] <... openat resumed>) = 4 executing program [pid 6611] ioctl(4, LOOP_SET_FD, 3 [pid 6612] <... write resumed>) = 18 [ 224.717156][ T6609] loop4: detected capacity change from 0 to 1024 [pid 6612] memfd_create("syzkaller", 0 [pid 6611] <... ioctl resumed>) = 0 [pid 6611] close(3) = 0 [pid 6612] <... memfd_create resumed>) = 3 [pid 6610] <... mount resumed>) = 0 [pid 6609] <... mount resumed>) = 0 [pid 6608] <... link resumed>) = 0 [pid 6612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6610] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6611] close(4 [pid 6610] <... openat resumed>) = 3 [pid 6609] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6608] sync( [pid 6612] <... mmap resumed>) = 0x7f1864095000 [pid 6610] chdir("./file1" [pid 6609] <... openat resumed>) = 3 [pid 6610] <... chdir resumed>) = 0 [pid 6610] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6610] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6609] chdir("./file1" [pid 6611] <... close resumed>) = 0 [pid 6609] <... chdir resumed>) = 0 [pid 6611] mkdir("./file1", 0777 [pid 6609] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6611] <... mkdir resumed>) = 0 [pid 6609] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6611] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6609] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6612] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6610] <... link resumed>) = 0 [ 224.759661][ T6611] loop3: detected capacity change from 0 to 1024 [pid 6610] sync( [pid 6609] <... link resumed>) = 0 [pid 6612] <... write resumed>) = 524288 [pid 6611] <... mount resumed>) = 0 [pid 6609] sync( [pid 6612] munmap(0x7f1864095000, 138412032 [pid 6611] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6612] <... munmap resumed>) = 0 [pid 6612] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6611] <... openat resumed>) = 3 [pid 6611] chdir("./file1" [pid 6612] <... openat resumed>) = 4 [pid 6611] <... chdir resumed>) = 0 [pid 6612] ioctl(4, LOOP_SET_FD, 3 [pid 6611] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6612] <... ioctl resumed>) = 0 [pid 6611] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6610] <... sync resumed>) = 0 [pid 6609] <... sync resumed>) = 0 [pid 6608] <... sync resumed>) = 0 [pid 6609] exit_group(0) = ? [pid 6610] exit_group(0 [pid 6612] close(3 [pid 6610] <... exit_group resumed>) = ? [pid 6609] +++ exited with 0 +++ [pid 6608] exit_group(0 [pid 6612] <... close resumed>) = 0 [pid 6608] <... exit_group resumed>) = ? [pid 6612] close(4 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6609, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6608] +++ exited with 0 +++ [pid 6612] <... close resumed>) = 0 [pid 6610] +++ exited with 0 +++ [pid 5868] <... restart_syscall resumed>) = 0 [pid 6612] mkdir("./file1", 0777 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6608, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6612] <... mkdir resumed>) = 0 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6610, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5868] umount2("./148", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... restart_syscall resumed>) = 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... restart_syscall resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] umount2("./145", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] newfstatat(3, "", [pid 6612] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6611] <... link resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6611] sync( [pid 5866] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] umount2("./143", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5866] <... openat resumed>) = 3 [pid 5865] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] newfstatat(3, "", [pid 5865] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(3, [pid 5865] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] getdents64(3, [pid 5868] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [ 224.863014][ T6612] loop0: detected capacity change from 0 to 1024 [pid 5866] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6612] <... mount resumed>) = 0 [pid 6612] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6612] chdir("./file1") = 0 [pid 6612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6612] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 6612] sync( [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... umount2 resumed>) = 0 [pid 5866] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./143/file1", [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] newfstatat(AT_FDCWD, "./145/file1", [pid 5865] umount2("./143/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... umount2 resumed>) = 0 [pid 5868] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./148/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./148/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5868] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./143/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6611] <... sync resumed>) = 0 [pid 5868] close(4 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 4 [pid 6611] exit_group(0 [pid 5868] <... close resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./145/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] newfstatat(4, "", [pid 6612] <... sync resumed>) = 0 [pid 5868] rmdir("./148/file1" [pid 5866] <... openat resumed>) = 4 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] newfstatat(4, "", [pid 5865] getdents64(4, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6612] exit_group(0 [pid 6611] <... exit_group resumed>) = ? [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6611] +++ exited with 0 +++ [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5865] getdents64(4, [pid 6612] <... exit_group resumed>) = ? [pid 5868] <... rmdir resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6612] +++ exited with 0 +++ [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6611, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 5866] close(4 [pid 5865] <... close resumed>) = 0 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6612, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5866] <... close resumed>) = 0 [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 5866] rmdir("./145/file1" [pid 5865] rmdir("./143/file1" [pid 5868] umount2("./148/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5864] <... restart_syscall resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... restart_syscall resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./147", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5867] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] unlink("./148/binderfs" [pid 5867] getdents64(3, [pid 5868] <... unlink resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] getdents64(3, [pid 5867] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./148") = 0 [pid 5868] mkdir("./149", 0777) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD) = 0 [pid 5868] close(3) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] umount2("./145/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] umount2("./143/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6613 attached [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6613 [pid 5864] umount2("./144", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5866] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] unlink("./143/binderfs" [pid 5864] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6613] set_robust_list(0x5555593cd660, 24 [pid 5864] <... openat resumed>) = 3 [pid 6613] <... set_robust_list resumed>) = 0 [pid 6613] chdir("./149" [pid 5866] unlink("./145/binderfs" [pid 5865] <... unlink resumed>) = 0 [pid 5864] newfstatat(3, "", [pid 6613] <... chdir resumed>) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6613] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 5866] getdents64(3, [pid 5865] getdents64(3, [pid 6613] <... prctl resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] close(3 [pid 6613] setpgid(0, 0 [pid 5865] <... close resumed>) = 0 [pid 6613] <... setpgid resumed>) = 0 [pid 5865] rmdir("./143" [pid 6613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5865] <... rmdir resumed>) = 0 [pid 6613] write(3, "1000", 4) = 4 [pid 6613] close(3executing program ) = 0 [pid 6613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6613] write(1, "executing program\n", 18) = 18 [pid 5866] close(3) = 0 [pid 5866] rmdir("./145") = 0 [pid 5865] mkdir("./144", 0777 [pid 5866] mkdir("./146", 0777) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6613] memfd_create("syzkaller", 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... openat resumed>) = 3 [pid 6613] <... memfd_create resumed>) = 3 [pid 5866] <... openat resumed>) = 3 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6613] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... ioctl resumed>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 6613] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... umount2 resumed>) = 0 [pid 5866] close(3 [pid 5865] close(3 [pid 5867] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] newfstatat(AT_FDCWD, "./147/file1", ./strace-static-x86_64: Process 6614 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6614 [pid 5867] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6615 attached [pid 6614] set_robust_list(0x5555593cd660, 24 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6614] <... set_robust_list resumed>) = 0 [pid 6615] set_robust_list(0x5555593cd660, 24 [pid 6614] chdir("./146" [pid 6615] <... set_robust_list resumed>) = 0 [pid 6614] <... chdir resumed>) = 0 [pid 6615] chdir("./144") = 0 [pid 6614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6614] <... prctl resumed>) = 0 [pid 6615] <... prctl resumed>) = 0 [pid 6615] setpgid(0, 0 [pid 6614] setpgid(0, 0 [pid 6615] <... setpgid resumed>) = 0 [pid 6614] <... setpgid resumed>) = 0 [pid 5867] openat(AT_FDCWD, "./147/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6615 [pid 5864] <... umount2 resumed>) = 0 [pid 6615] <... openat resumed>) = 3 [pid 6614] <... openat resumed>) = 3 [pid 5867] <... openat resumed>) = 4 [pid 6615] write(3, "1000", 4 [pid 6614] write(3, "1000", 4 [pid 5867] newfstatat(4, "", [pid 5864] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6614] <... write resumed>) = 4 [pid 6615] <... write resumed>) = 4 [pid 6614] close(3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6615] close(3 [pid 6614] <... close resumed>) = 0 [pid 6613] <... write resumed>) = 524288 [pid 5867] getdents64(4, [pid 6615] <... close resumed>) = 0 [pid 6614] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] newfstatat(AT_FDCWD, "./144/file1", [pid 6615] symlink("/dev/binderfs", "./binderfs" [pid 6614] <... symlink resumed>) = 0 [pid 5867] getdents64(4, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6613] munmap(0x7f1864095000, 138412032 [pid 6615] <... symlink resumed>) = 0 [pid 6614] write(1, "executing program\n", 18 [pid 6613] <... munmap resumed>) = 0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 executing program [pid 5864] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] close(4 [pid 6615] write(1, "executing program\n", 18executing program [pid 6614] <... write resumed>) = 18 [pid 6613] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6615] <... write resumed>) = 18 [pid 6614] memfd_create("syzkaller", 0 [pid 6613] <... openat resumed>) = 4 [pid 5867] rmdir("./147/file1" [pid 6615] memfd_create("syzkaller", 0 [pid 6614] <... memfd_create resumed>) = 3 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./144/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6613] ioctl(4, LOOP_SET_FD, 3 [pid 5867] umount2("./147/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... openat resumed>) = 4 [pid 6615] <... memfd_create resumed>) = 3 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] newfstatat(AT_FDCWD, "./147/binderfs", [pid 6615] <... mmap resumed>) = 0x7f1864095000 [pid 6613] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] newfstatat(4, "", [pid 6615] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6614] <... mmap resumed>) = 0x7f1864095000 [pid 6613] ioctl(4, LOOP_CLR_FD [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] unlink("./147/binderfs" [pid 6613] <... ioctl resumed>) = 0 [pid 5867] <... unlink resumed>) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4) = 0 [pid 5864] rmdir("./144/file1") = 0 [pid 6613] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6613] close(4) = 0 [pid 5864] umount2("./144/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6614] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6613] close(3 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./144/binderfs") = 0 [pid 6615] <... write resumed>) = 524288 [pid 5867] getdents64(3, [pid 5864] getdents64(3, [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 6613] <... close resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5864] rmdir("./144" [pid 5867] rmdir("./147" [pid 5864] <... rmdir resumed>) = 0 [pid 6614] <... write resumed>) = 524288 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] mkdir("./145", 0777 [pid 5867] mkdir("./148", 0777 [pid 5864] <... mkdir resumed>) = 0 [pid 6613] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6613] sync( [pid 5867] <... mkdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3 [pid 5867] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6616 attached [pid 5867] <... ioctl resumed>) = 0 [pid 6615] munmap(0x7f1864095000, 138412032) = 0 [pid 6616] set_robust_list(0x5555593cd660, 24 [pid 5867] close(3 [pid 6616] <... set_robust_list resumed>) = 0 [pid 6614] munmap(0x7f1864095000, 138412032 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6616 [pid 6616] chdir("./145" [pid 6614] <... munmap resumed>) = 0 [pid 6616] <... chdir resumed>) = 0 [pid 6615] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6614] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6615] <... openat resumed>) = 4 [pid 6614] <... openat resumed>) = 4 [pid 5867] <... close resumed>) = 0 [pid 6616] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6615] ioctl(4, LOOP_SET_FD, 3 [pid 6614] ioctl(4, LOOP_SET_FD, 3 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6616] <... prctl resumed>) = 0 [pid 6614] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6617 attached [pid 6616] setpgid(0, 0 [pid 6614] ioctl(4, LOOP_CLR_FD [pid 6615] <... ioctl resumed>) = 0 [pid 6614] <... ioctl resumed>) = 0 [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6617 [pid 6616] <... setpgid resumed>) = 0 [pid 6615] close(3 [pid 6616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6615] <... close resumed>) = 0 [pid 6616] <... openat resumed>) = 3 [pid 6615] close(4 [pid 6614] ioctl(4, LOOP_SET_FD, 3 [pid 6616] write(3, "1000", 4 [pid 6614] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 6616] <... write resumed>) = 4 [pid 6614] close(4 [pid 6613] <... sync resumed>) = 0 [pid 6616] close(3 [pid 6617] set_robust_list(0x5555593cd660, 24 [pid 6614] <... close resumed>) = 0 [pid 6616] <... close resumed>) = 0 [pid 6615] <... close resumed>) = 0 [pid 6614] close(3 [pid 6613] exit_group(0 [pid 6615] mkdir("./file1", 0777 [pid 6613] <... exit_group resumed>) = ? [pid 6617] <... set_robust_list resumed>) = 0 [pid 6616] symlink("/dev/binderfs", "./binderfs" [pid 6615] <... mkdir resumed>) = 0 [pid 6614] <... close resumed>) = 0 [pid 6613] +++ exited with 0 +++ executing program [pid 6616] <... symlink resumed>) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6613, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 6617] chdir("./148" [pid 6616] write(1, "executing program\n", 18) = 18 [pid 6616] memfd_create("syzkaller", 0 [pid 5868] umount2("./149", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6615] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6616] <... memfd_create resumed>) = 3 [pid 6616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6617] <... chdir resumed>) = 0 [pid 6616] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... openat resumed>) = 3 [pid 6617] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] newfstatat(3, "", [pid 6617] <... prctl resumed>) = 0 [pid 6614] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6617] setpgid(0, 0 [pid 6614] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6617] <... setpgid resumed>) = 0 [pid 6614] sync( [pid 5868] getdents64(3, [pid 6617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6617] <... openat resumed>) = 3 [pid 6616] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] umount2("./149/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6617] write(3, "1000", 4 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6617] <... write resumed>) = 4 [pid 5868] newfstatat(AT_FDCWD, "./149/binderfs", [pid 6617] close(3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6617] <... close resumed>) = 0 [pid 5868] unlink("./149/binderfs" [ 225.232185][ T6615] loop1: detected capacity change from 0 to 1024 [pid 6617] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5868] <... unlink resumed>) = 0 [pid 6617] write(1, "executing program\n", 18 [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] close(3 [pid 6617] <... write resumed>) = 18 [pid 6617] memfd_create("syzkaller", 0 [pid 6615] <... mount resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 6617] <... memfd_create resumed>) = 3 [pid 5868] rmdir("./149" [pid 6617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6616] <... write resumed>) = 524288 [pid 6615] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6617] <... mmap resumed>) = 0x7f1864095000 [pid 6615] <... openat resumed>) = 3 [pid 6615] chdir("./file1") = 0 [pid 6615] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6615] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] <... rmdir resumed>) = 0 [pid 6616] munmap(0x7f1864095000, 138412032) = 0 [pid 5868] mkdir("./150", 0777) = 0 [pid 6616] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6617] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6614] <... sync resumed>) = 0 [pid 6616] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... openat resumed>) = 3 [pid 6616] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] ioctl(3, LOOP_CLR_FD [pid 6614] exit_group(0 [pid 6616] ioctl(4, LOOP_CLR_FD [pid 5868] <... ioctl resumed>) = 0 [pid 6614] <... exit_group resumed>) = ? [pid 6616] <... ioctl resumed>) = 0 [pid 5868] close(3) = 0 [pid 6614] +++ exited with 0 +++ [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6614, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6616] ioctl(4, LOOP_SET_FD, 3 [pid 5866] umount2("./146", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6616] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6616] close(4 [pid 5866] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6616] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6618 attached [pid 6616] close(3 [pid 6618] set_robust_list(0x5555593cd660, 24 [pid 6615] <... link resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 6618] <... set_robust_list resumed>) = 0 [pid 6615] sync( [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6618 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6618] chdir("./150" [pid 5866] getdents64(3, [pid 6618] <... chdir resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] umount2("./146/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6618] setpgid(0, 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6618] <... setpgid resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./146/binderfs", [pid 6616] <... close resumed>) = 0 [pid 6618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6616] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOENT (No such file or directory) [pid 6618] write(3, "1000", 4 [pid 6617] <... write resumed>) = 524288 [pid 6616] sync( [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6618] <... write resumed>) = 4 [pid 6618] close(3) = 0 [pid 6618] symlink("/dev/binderfs", "./binderfs" [pid 5866] unlink("./146/binderfs" [pid 6616] <... sync resumed>) = 0 [pid 6615] <... sync resumed>) = 0 [pid 6616] exit_group(0 [pid 6615] exit_group(0 [pid 6616] <... exit_group resumed>) = ? [pid 6615] <... exit_group resumed>) = ? [pid 6618] <... symlink resumed>) = 0 [pid 6616] +++ exited with 0 +++ [pid 6615] +++ exited with 0 +++ executing program [pid 6618] write(1, "executing program\n", 18 [pid 6617] munmap(0x7f1864095000, 138412032 [pid 5866] <... unlink resumed>) = 0 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6615, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6618] <... write resumed>) = 18 [pid 6617] <... munmap resumed>) = 0 [pid 5866] getdents64(3, [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6616, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6618] memfd_create("syzkaller", 0 [pid 5865] umount2("./144", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] restart_syscall(<... resuming interrupted clone ...> [pid 6618] <... memfd_create resumed>) = 3 [pid 6617] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... restart_syscall resumed>) = 0 [pid 6618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6617] <... openat resumed>) = 4 [pid 5866] close(3 [pid 5865] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6618] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... close resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 6618] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6617] ioctl(4, LOOP_SET_FD, 3 [pid 5866] rmdir("./146" [pid 5865] newfstatat(3, "", [pid 5864] umount2("./145", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6617] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... rmdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6618] <... write resumed>) = 524288 [pid 6617] ioctl(4, LOOP_CLR_FD [pid 5866] mkdir("./147", 0777 [pid 5865] getdents64(3, [pid 5864] <... openat resumed>) = 3 [pid 5866] <... mkdir resumed>) = 0 [pid 6617] <... ioctl resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5866] <... openat resumed>) = 3 [pid 5865] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] ioctl(3, LOOP_CLR_FD [pid 6617] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5866] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5866] close(3 [pid 6617] close(4 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5864] umount2("./145/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./145/binderfs") = 0 [pid 5864] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 5866] <... close resumed>) = 0 [pid 5864] rmdir("./145") = 0 [pid 6618] munmap(0x7f1864095000, 138412032) = 0 [pid 6618] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6618] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] mkdir("./146", 0777./strace-static-x86_64: Process 6619 attached [pid 6618] close(3 [pid 6617] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6619 [pid 6619] set_robust_list(0x5555593cd660, 24 [pid 6618] <... close resumed>) = 0 [pid 6617] close(3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6618] close(4 [pid 6619] <... set_robust_list resumed>) = 0 [pid 6618] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6619] chdir("./147" [pid 6618] mkdir("./file1", 0777 [pid 6617] <... close resumed>) = 0 [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6619] <... chdir resumed>) = 0 [pid 6619] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6618] <... mkdir resumed>) = 0 [pid 5864] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 225.489861][ T6618] loop4: detected capacity change from 0 to 1024 [pid 6619] <... prctl resumed>) = 0 [pid 6618] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] <... umount2 resumed>) = 0 [pid 5864] close(3) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6620 attached [pid 6619] setpgid(0, 0 [pid 6618] <... mount resumed>) = 0 [pid 6617] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6620 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6619] <... setpgid resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./144/file1", [pid 6617] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6620] set_robust_list(0x5555593cd660, 24) = 0 [pid 6619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6618] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6617] sync( [pid 5865] umount2("./144/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6620] chdir("./146" [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6620] <... chdir resumed>) = 0 [pid 6620] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] openat(AT_FDCWD, "./144/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6620] <... prctl resumed>) = 0 [pid 6618] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = 4 [pid 6619] <... openat resumed>) = 3 [pid 6618] chdir("./file1" [pid 5865] newfstatat(4, "", [pid 6618] <... chdir resumed>) = 0 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6618] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6620] setpgid(0, 0 [pid 5865] getdents64(4, [pid 6620] <... setpgid resumed>) = 0 [pid 6620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6618] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6620] <... openat resumed>) = 3 [pid 6619] write(3, "1000", 4 [pid 6618] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6619] <... write resumed>) = 4 [pid 5865] getdents64(4, [pid 6620] write(3, "1000", 4) = 4 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6619] close(3 [pid 5865] close(4 [pid 6620] close(3 [pid 6619] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 6619] symlink("/dev/binderfs", "./binderfs" [pid 5865] rmdir("./144/file1" [pid 6619] <... symlink resumed>) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6619] write(1, "executing program\n", 18 [pid 5865] umount2("./144/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] newfstatat(AT_FDCWD, "./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6620] <... close resumed>) = 0 [pid 5865] unlink("./144/binderfs"executing program [pid 6618] <... link resumed>) = 0 [pid 6620] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6619] <... write resumed>) = 18 [pid 6618] sync( [pid 5865] <... unlink resumed>) = 0 [pid 6619] memfd_create("syzkaller", 0 [pid 6620] write(1, "executing program\n", 18 [pid 5865] getdents64(3, [pid 6620] <... write resumed>) = 18 [pid 6620] memfd_create("syzkaller", 0 [pid 6619] <... memfd_create resumed>) = 3 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6620] <... memfd_create resumed>) = 3 [pid 6620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 executing program [pid 6620] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6617] <... sync resumed>) = 0 [pid 5865] close(3) = 0 [pid 5865] rmdir("./144" [pid 6619] <... mmap resumed>) = 0x7f1864095000 [pid 6617] exit_group(0 [pid 5865] <... rmdir resumed>) = 0 [pid 6617] <... exit_group resumed>) = ? [pid 5865] mkdir("./145", 0777) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6619] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6618] <... sync resumed>) = 0 [pid 6617] +++ exited with 0 +++ [pid 5865] <... openat resumed>) = 3 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6617, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6619] <... write resumed>) = 524288 [pid 6618] exit_group(0 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... ioctl resumed>) = 0 [pid 5865] close(3 [pid 6620] <... write resumed>) = 524288 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6618] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6621 attached [pid 6618] +++ exited with 0 +++ [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6621 [pid 5867] umount2("./148", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6618, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 6621] set_robust_list(0x5555593cd660, 24 [pid 6620] munmap(0x7f1864095000, 138412032 [pid 6619] munmap(0x7f1864095000, 138412032 [pid 5867] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6621] <... set_robust_list resumed>) = 0 [pid 6620] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6620] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6621] chdir("./145" [pid 6620] <... openat resumed>) = 4 [pid 5867] newfstatat(3, "", [pid 6619] <... munmap resumed>) = 0 [pid 6621] <... chdir resumed>) = 0 [pid 6620] ioctl(4, LOOP_SET_FD, 3 [pid 6619] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6621] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6620] <... ioctl resumed>) = 0 [pid 6619] <... openat resumed>) = 4 [pid 5867] getdents64(3, [pid 6621] setpgid(0, 0 [pid 6619] ioctl(4, LOOP_SET_FD, 3 [pid 6621] <... setpgid resumed>) = 0 [pid 6620] close(3 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 6620] <... close resumed>) = 0 [pid 5868] umount2("./150", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6619] <... ioctl resumed>) = 0 [pid 5867] umount2("./148/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6620] close(4) = 0 [pid 6620] mkdir("./file1", 0777 [pid 6621] <... openat resumed>) = 3 [pid 6620] <... mkdir resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6620] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6621] write(3, "1000", 4 [pid 6619] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5867] newfstatat(AT_FDCWD, "./148/binderfs", [pid 6621] <... write resumed>) = 4 [pid 6621] close(3 [pid 6620] <... mount resumed>) = 0 [pid 6619] <... close resumed>) = 0 [pid 5868] newfstatat(3, "", [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6620] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] unlink("./148/binderfs" [pid 6621] <... close resumed>) = 0 [pid 6620] <... openat resumed>) = 3 [pid 6619] close(4 [pid 5868] getdents64(3, [pid 6620] chdir("./file1" [pid 6621] symlink("/dev/binderfs", "./binderfs" [pid 6620] <... chdir resumed>) = 0 [pid 6619] <... close resumed>) = 0 [pid 6620] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5867] <... unlink resumed>) = 0 [pid 6621] <... symlink resumed>) = 0 [pid 6620] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6619] mkdir("./file1", 0777 [pid 6621] write(1, "executing program\n", 18 [pid 6620] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"executing program [pid 6619] <... mkdir resumed>) = 0 [pid 5868] umount2("./150/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 6621] <... write resumed>) = 18 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6619] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] close(3 [pid 6621] memfd_create("syzkaller", 0 [pid 5867] <... close resumed>) = 0 [pid 6621] <... memfd_create resumed>) = 3 [pid 6621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 5867] rmdir("./148" [pid 6621] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5867] <... rmdir resumed>) = 0 [pid 6621] <... write resumed>) = 524288 [pid 6620] <... link resumed>) = 0 [pid 6619] <... mount resumed>) = 0 [pid 5867] mkdir("./149", 0777 [ 225.687971][ T6620] loop0: detected capacity change from 0 to 1024 [ 225.700357][ T6619] loop2: detected capacity change from 0 to 1024 [pid 6621] munmap(0x7f1864095000, 138412032 [pid 6620] sync( [pid 6619] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... mkdir resumed>) = 0 [pid 6619] <... openat resumed>) = 3 [pid 6621] <... munmap resumed>) = 0 [pid 6619] chdir("./file1" [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6621] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6619] <... chdir resumed>) = 0 [pid 5867] <... openat resumed>) = 3 [pid 6619] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6621] <... openat resumed>) = 4 [pid 6619] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6621] ioctl(4, LOOP_SET_FD, 3 [pid 6619] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] close(3 [pid 6621] <... ioctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6621] close(3) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6621] close(4) = 0 [pid 5868] <... umount2 resumed>) = 0 [pid 6621] mkdir("./file1", 0777 [pid 5868] umount2("./150/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./150/file1", ./strace-static-x86_64: Process 6622 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] umount2("./150/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./150/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6621] <... mkdir resumed>) = 0 [pid 5868] <... openat resumed>) = 4 [pid 6622] set_robust_list(0x5555593cd660, 24 [pid 6621] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5868] newfstatat(4, "", [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6622 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6622] <... set_robust_list resumed>) = 0 [pid 6620] <... sync resumed>) = 0 [pid 6622] chdir("./149" [pid 6620] exit_group(0 [pid 6619] <... link resumed>) = 0 [pid 5868] getdents64(4, [pid 6622] <... chdir resumed>) = 0 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6622] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6620] <... exit_group resumed>) = ? [pid 6619] sync( [ 225.780190][ T6621] loop1: detected capacity change from 0 to 1024 [pid 5868] getdents64(4, [pid 6622] <... prctl resumed>) = 0 [pid 6620] +++ exited with 0 +++ [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6621] <... mount resumed>) = 0 [pid 6621] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6620, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 6622] setpgid(0, 0 [pid 5868] close(4) = 0 [pid 6622] <... setpgid resumed>) = 0 [pid 6622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] rmdir("./150/file1" [pid 5864] umount2("./146", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... openat resumed>) = 3 [pid 6621] chdir("./file1" [pid 5868] <... rmdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6621] <... chdir resumed>) = 0 [pid 6622] write(3, "1000", 4 [pid 6621] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6622] <... write resumed>) = 4 [pid 6621] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6619] <... sync resumed>) = 0 [pid 5864] <... openat resumed>) = 3 [pid 6622] close(3 [pid 6621] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] umount2("./150/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] newfstatat(3, "", [pid 6619] exit_group(0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6622] <... close resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5864] getdents64(3, [pid 6619] <... exit_group resumed>) = ? [pid 6622] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] unlink("./150/binderfs") = 0 [pid 5864] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... symlink resumed>) = 0 [pid 6619] +++ exited with 0 +++ [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6622] write(1, "executing program\n", 18 [pid 5868] close(3 [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6619, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- executing program [pid 5868] <... close resumed>) = 0 [pid 6622] <... write resumed>) = 18 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 6622] memfd_create("syzkaller", 0 [pid 5868] rmdir("./150" [pid 5866] <... restart_syscall resumed>) = 0 [pid 6622] <... memfd_create resumed>) = 3 [pid 5868] <... rmdir resumed>) = 0 [pid 6622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] mkdir("./151", 0777 [pid 5866] umount2("./147", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... mmap resumed>) = 0x7f1864095000 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... mkdir resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6621] <... link resumed>) = 0 [pid 5866] newfstatat(3, "", [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6621] sync( [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5866] getdents64(3, [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] <... ioctl resumed>) = 0 [pid 5866] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] close(3 [pid 6622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5868] <... close resumed>) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6623 attached [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6623 [pid 5864] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6623] set_robust_list(0x5555593cd660, 24 [pid 5864] newfstatat(AT_FDCWD, "./146/file1", [pid 6623] <... set_robust_list resumed>) = 0 [pid 6622] <... write resumed>) = 524288 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6623] chdir("./151" [pid 5864] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6622] munmap(0x7f1864095000, 138412032 [pid 5864] openat(AT_FDCWD, "./146/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6623] <... chdir resumed>) = 0 [pid 6622] <... munmap resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 6621] <... sync resumed>) = 0 [pid 6622] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] newfstatat(4, "", [pid 6623] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6622] <... openat resumed>) = 4 [pid 6621] exit_group(0 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6623] <... prctl resumed>) = 0 [pid 6622] ioctl(4, LOOP_SET_FD, 3 [pid 6621] <... exit_group resumed>) = ? [pid 5864] getdents64(4, [pid 6623] setpgid(0, 0) = 0 [pid 6622] <... ioctl resumed>) = 0 [pid 6621] +++ exited with 0 +++ [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6621, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5864] getdents64(4, [pid 6623] <... openat resumed>) = 3 [pid 6622] close(3 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 6622] <... close resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 5865] <... restart_syscall resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5866] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] rmdir("./146/file1" [pid 6622] close(4) = 0 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] umount2("./145", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... rmdir resumed>) = 0 [pid 6622] mkdir("./file1", 0777 [pid 5866] newfstatat(AT_FDCWD, "./147/file1", [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./146/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6623] write(3, "1000", 4 [pid 6622] <... mkdir resumed>) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6622] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./146/binderfs", [pid 6623] <... write resumed>) = 4 [pid 5865] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6623] close(3 [pid 5866] openat(AT_FDCWD, "./147/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... openat resumed>) = 3 [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 225.986729][ T6622] loop3: detected capacity change from 0 to 1024 [pid 6623] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5865] newfstatat(3, "", [pid 5864] unlink("./146/binderfs" [pid 6623] symlink("/dev/binderfs", "./binderfs" [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... unlink resumed>) = 0 [pid 6623] <... symlink resumed>) = 0 [pid 5866] newfstatat(4, "", [pid 5865] getdents64(3, [pid 5864] getdents64(3, [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6623] write(1, "executing program\n", 18 [pid 5866] getdents64(4, [pid 5865] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] close(3executing program [pid 6623] <... write resumed>) = 18 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5864] rmdir("./146" [pid 6623] memfd_create("syzkaller", 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6623] <... memfd_create resumed>) = 3 [pid 5866] close(4 [pid 5864] mkdir("./147", 0777 [pid 6623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] <... close resumed>) = 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6623] <... mmap resumed>) = 0x7f1864095000 [pid 6622] <... mount resumed>) = 0 [pid 5866] rmdir("./147/file1" [pid 6622] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] <... rmdir resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6622] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 6622] chdir("./file1" [pid 5864] ioctl(3, LOOP_CLR_FD [pid 6622] <... chdir resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6622] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 6622] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] umount2("./147/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6624 attached [pid 6622] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] newfstatat(AT_FDCWD, "./147/binderfs", [pid 6624] set_robust_list(0x5555593cd660, 24 [pid 5866] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6624] <... set_robust_list resumed>) = 0 [pid 6623] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5866] unlink("./147/binderfs" [pid 6624] chdir("./147" [pid 5866] <... unlink resumed>) = 0 [pid 6624] <... chdir resumed>) = 0 [pid 5866] getdents64(3, [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6624 [pid 6624] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6624] <... prctl resumed>) = 0 [pid 5866] close(3 [pid 6624] setpgid(0, 0 [pid 5866] <... close resumed>) = 0 [pid 6624] <... setpgid resumed>) = 0 [pid 5866] rmdir("./147" [pid 6624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5866] <... rmdir resumed>) = 0 [pid 6624] <... openat resumed>) = 3 [pid 6622] <... link resumed>) = 0 [pid 6622] sync( [pid 5866] mkdir("./148", 0777 [pid 6624] write(3, "1000", 4 [pid 5866] <... mkdir resumed>) = 0 [pid 6624] <... write resumed>) = 4 [pid 6624] close(3) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6624] symlink("/dev/binderfs", "./binderfs" [pid 6623] <... write resumed>) = 524288 [pid 5866] <... openat resumed>) = 3 [pid 6624] <... symlink resumed>) = 0 [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] <... umount2 resumed>) = 0 [pid 6623] munmap(0x7f1864095000, 138412032 [pid 5866] <... ioctl resumed>) = 0 executing program [pid 5866] close(3 [pid 6624] write(1, "executing program\n", 18) = 18 [pid 6624] memfd_create("syzkaller", 0) = 3 [pid 6624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6623] <... munmap resumed>) = 0 [pid 5865] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6624] <... mmap resumed>) = 0x7f1864095000 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6623] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5865] newfstatat(AT_FDCWD, "./145/file1", [pid 6623] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] umount2("./145/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] openat(AT_FDCWD, "./145/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6624] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5865] <... openat resumed>) = 4 [pid 5865] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] getdents64(4, [pid 6623] <... ioctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6623] close(3 [pid 5865] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5865] close(4 [pid 6623] <... close resumed>) = 0 [pid 5866] <... close resumed>) = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] rmdir("./145/file1" [pid 6623] close(4) = 0 [pid 6622] <... sync resumed>) = 0 [pid 6623] mkdir("./file1", 0777 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] <... rmdir resumed>) = 0 [pid 5865] umount2("./145/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6625 attached ) = -1 EINVAL (Invalid argument) [pid 6623] <... mkdir resumed>) = 0 [pid 6622] exit_group(0 [pid 5865] newfstatat(AT_FDCWD, "./145/binderfs", [pid 6623] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6622] <... exit_group resumed>) = ? [pid 6625] set_robust_list(0x5555593cd660, 24 [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6625] <... set_robust_list resumed>) = 0 [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6625 [pid 5865] unlink("./145/binderfs" [pid 6625] chdir("./148" [pid 5865] <... unlink resumed>) = 0 [pid 6625] <... chdir resumed>) = 0 [pid 5865] getdents64(3, [pid 6625] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6622] +++ exited with 0 +++ [pid 6625] <... prctl resumed>) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6625] setpgid(0, 0 [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6622, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5865] close(3 [pid 6625] <... setpgid resumed>) = 0 [pid 6624] <... write resumed>) = 524288 [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... close resumed>) = 0 [pid 6625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] <... restart_syscall resumed>) = 0 [pid 5865] rmdir("./145" [pid 6625] <... openat resumed>) = 3 [pid 6625] write(3, "1000", 4 [pid 6623] <... mount resumed>) = 0 [pid 5867] umount2("./149", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... rmdir resumed>) = 0 [pid 6625] <... write resumed>) = 4 [pid 6624] munmap(0x7f1864095000, 138412032 [pid 6623] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] mkdir("./146", 0777 [pid 6625] close(3 [pid 6624] <... munmap resumed>) = 0 [pid 6623] <... openat resumed>) = 3 [pid 5867] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6625] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 6625] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... openat resumed>) = 3 [pid 6625] <... symlink resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 6625] write(1, "executing program\n", 18 [pid 6623] chdir("./file1" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6625] <... write resumed>) = 18 [pid 5865] <... openat resumed>) = 3 [pid 5867] getdents64(3, [pid 6624] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6625] memfd_create("syzkaller", 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 6624] <... openat resumed>) = 4 [pid 5867] umount2("./149/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6625] <... memfd_create resumed>) = 3 [pid 6624] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... ioctl resumed>) = 0 [ 226.179664][ T6623] loop4: detected capacity change from 0 to 1024 [pid 6625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6624] <... ioctl resumed>) = 0 [pid 6623] <... chdir resumed>) = 0 [pid 5865] close(3 [pid 6625] <... mmap resumed>) = 0x7f1864095000 [pid 6623] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5865] <... close resumed>) = 0 [pid 6625] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6623] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6624] close(3 [pid 6623] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6624] <... close resumed>) = 0 [pid 6624] close(4) = 0 [pid 6624] mkdir("./file1", 0777) = 0 [pid 6625] <... write resumed>) = 524288 [ 226.236511][ T6624] loop0: detected capacity change from 0 to 1024 [pid 6624] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6626 attached [pid 5867] umount2("./149/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5867] newfstatat(AT_FDCWD, "./149/file1", [pid 6626] set_robust_list(0x5555593cd660, 24 [pid 6623] <... link resumed>) = 0 [pid 6626] <... set_robust_list resumed>) = 0 [pid 6623] sync( [pid 5865] <... clone resumed>, child_tidptr=0x5555593cd650) = 6626 [pid 6626] chdir("./146") = 0 [pid 6626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6626] setpgid(0, 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] umount2("./149/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] <... setpgid resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6625] munmap(0x7f1864095000, 138412032 [pid 5867] openat(AT_FDCWD, "./149/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6626] <... openat resumed>) = 3 [pid 6625] <... munmap resumed>) = 0 [pid 5867] <... openat resumed>) = 4 [pid 5867] newfstatat(4, "", [pid 6626] write(3, "1000", 4 [pid 6625] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6624] <... mount resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6624] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] getdents64(4, [pid 6626] <... write resumed>) = 4 [pid 6625] <... openat resumed>) = 4 [pid 6624] <... openat resumed>) = 3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6624] chdir("./file1" [pid 6623] <... sync resumed>) = 0 [pid 5867] getdents64(4, [pid 6624] <... chdir resumed>) = 0 [pid 6626] close(3 [pid 6625] ioctl(4, LOOP_SET_FD, 3 [pid 6624] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6623] exit_group(0 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6624] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6623] <... exit_group resumed>) = ? [pid 6624] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"executing program [pid 6626] <... close resumed>) = 0 [pid 6625] <... ioctl resumed>) = 0 [pid 5867] close(4 [pid 6626] symlink("/dev/binderfs", "./binderfs" [pid 6625] close(3 [pid 5867] <... close resumed>) = 0 [pid 6626] <... symlink resumed>) = 0 [pid 6625] <... close resumed>) = 0 [pid 5867] rmdir("./149/file1" [pid 6626] write(1, "executing program\n", 18 [pid 6625] close(4 [pid 6626] <... write resumed>) = 18 [pid 6623] +++ exited with 0 +++ [pid 5867] <... rmdir resumed>) = 0 [pid 6626] memfd_create("syzkaller", 0 [pid 6625] <... close resumed>) = 0 [pid 5867] umount2("./149/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] <... memfd_create resumed>) = 3 [pid 6626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6625] mkdir("./file1", 0777 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6623, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6626] <... mmap resumed>) = 0x7f1864095000 [pid 6625] <... mkdir resumed>) = 0 [pid 5868] restart_syscall(<... resuming interrupted clone ...> [pid 5867] newfstatat(AT_FDCWD, "./149/binderfs", [pid 5868] <... restart_syscall resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] unlink("./149/binderfs" [pid 6625] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] <... unlink resumed>) = 0 [pid 5868] umount2("./151", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] getdents64(3, [pid 6626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6624] <... link resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] close(3 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... close resumed>) = 0 [pid 6624] sync( [pid 5868] newfstatat(3, "", [pid 5867] rmdir("./149" [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... rmdir resumed>) = 0 [ 226.363596][ T6625] loop2: detected capacity change from 0 to 1024 [pid 5868] getdents64(3, [pid 5867] mkdir("./150", 0777) = 0 [pid 6625] <... mount resumed>) = 0 [pid 6625] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6625] chdir("./file1") = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6625] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5868] umount2("./151/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] <... write resumed>) = 524288 [pid 6626] munmap(0x7f1864095000, 138412032) = 0 [pid 6626] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6626] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5867] ioctl(3, LOOP_CLR_FD) = 0 [pid 6626] close(3 [pid 5867] close(3) = 0 [pid 6626] <... close resumed>) = 0 [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6626] close(4 [pid 6625] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6626] <... close resumed>) = 0 [pid 6626] mkdir("./file1", 0777) = 0 [pid 6625] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6626] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, ""./strace-static-x86_64: Process 6627 attached [pid 5867] <... clone resumed>, child_tidptr=0x5555593cd650) = 6627 [pid 6627] set_robust_list(0x5555593cd660, 24) = 0 [pid 6624] <... sync resumed>) = 0 [pid 6624] exit_group(0) = ? [pid 6627] chdir("./150" [pid 6624] +++ exited with 0 +++ [pid 5868] <... umount2 resumed>) = 0 [pid 6625] <... link resumed>) = 0 [pid 5868] umount2("./151/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] <... chdir resumed>) = 0 [pid 6625] sync( [pid 6627] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6624, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6627] <... prctl resumed>) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./147", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] setpgid(0, 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6627] <... setpgid resumed>) = 0 [pid 5868] newfstatat(AT_FDCWD, "./151/file1", [pid 5864] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] newfstatat(3, "", [pid 5868] umount2("./151/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] getdents64(3, [pid 6627] write(3, "1000", 4 [pid 5868] openat(AT_FDCWD, "./151/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [ 226.462850][ T6626] loop1: detected capacity change from 0 to 1024 [pid 5868] <... openat resumed>) = 4 [pid 6627] <... write resumed>) = 4 [pid 5864] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] close(3 [pid 5868] newfstatat(4, "", [pid 6627] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6627] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6627] write(1, "executing program\n", 18) = 18 [pid 6627] memfd_create("syzkaller", 0 [pid 5868] getdents64(4, [pid 6627] <... memfd_create resumed>) = 3 [pid 6626] <... mount resumed>) = 0 [pid 6626] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 6626] chdir("./file1" [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6626] <... chdir resumed>) = 0 [pid 5868] getdents64(4, [pid 5864] <... umount2 resumed>) = 0 [pid 6627] <... mmap resumed>) = 0x7f1864095000 [pid 5868] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5868] close(4) = 0 [pid 5868] rmdir("./151/file1" [pid 6626] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5868] <... rmdir resumed>) = 0 [pid 5868] umount2("./151/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] newfstatat(AT_FDCWD, "./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./151/binderfs") = 0 [pid 6626] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] getdents64(3, 0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6626] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] close(3) = 0 [pid 5868] rmdir("./151" [pid 6625] <... sync resumed>) = 0 [pid 5868] <... rmdir resumed>) = 0 [pid 5864] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6625] exit_group(0) = ? [pid 6627] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./147/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] umount2("./147/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6625] +++ exited with 0 +++ [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./147/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6625, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5864] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", [pid 5868] mkdir("./152", 0777 [pid 5866] restart_syscall(<... resuming interrupted clone ...> [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... mkdir resumed>) = 0 [pid 5864] getdents64(4, 0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5866] <... restart_syscall resumed>) = 0 [pid 5864] close(4) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] rmdir("./147/file1" [pid 5868] <... openat resumed>) = 3 [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5864] <... rmdir resumed>) = 0 [pid 6626] <... link resumed>) = 0 [pid 5866] umount2("./148", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] sync( [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(3 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] umount2("./147/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] <... write resumed>) = 524288 [pid 5866] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5864] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5866] newfstatat(3, "", [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] unlink("./147/binderfs" [pid 5866] getdents64(3, ./strace-static-x86_64: Process 6628 attached [pid 5864] <... unlink resumed>) = 0 [pid 5864] getdents64(3, [pid 6628] set_robust_list(0x5555593cd660, 24 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5864] close(3) = 0 [pid 6628] <... set_robust_list resumed>) = 0 [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6628 [pid 5864] rmdir("./147" [pid 6628] chdir("./152" [pid 5866] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6628] <... chdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6628] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6627] munmap(0x7f1864095000, 138412032 [pid 6628] <... prctl resumed>) = 0 [pid 6627] <... munmap resumed>) = 0 [pid 5864] mkdir("./148", 0777 [pid 6628] setpgid(0, 0 [pid 5864] <... mkdir resumed>) = 0 [pid 6628] <... setpgid resumed>) = 0 [pid 6628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6628] <... openat resumed>) = 3 [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3 [pid 6628] write(3, "1000", 4 [pid 5864] <... close resumed>) = 0 [pid 6628] <... write resumed>) = 4 [pid 6627] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6629 attached [pid 6628] close(3) = 0 [pid 6628] symlink("/dev/binderfs", "./binderfs" [pid 6627] <... openat resumed>) = 4 [pid 6629] set_robust_list(0x5555593cd660, 24 [pid 6628] <... symlink resumed>) = 0 [pid 6627] ioctl(4, LOOP_SET_FD, 3 [pid 6629] <... set_robust_list resumed>) = 0 [pid 6626] <... sync resumed>) = 0 [pid 6629] chdir("./148" [pid 6626] exit_group(0 [pid 5864] <... clone resumed>, child_tidptr=0x5555593cd650) = 6629 [pid 6629] <... chdir resumed>) = 0 [pid 6628] write(1, "executing program\n", 18 [pid 6626] <... exit_group resumed>) = ? executing program [pid 6629] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6628] <... write resumed>) = 18 [pid 6629] <... prctl resumed>) = 0 [pid 6628] memfd_create("syzkaller", 0 [pid 6629] setpgid(0, 0 [pid 6628] <... memfd_create resumed>) = 3 [pid 6627] <... ioctl resumed>) = 0 [pid 5866] <... umount2 resumed>) = 0 [pid 6627] close(3 [pid 6629] <... setpgid resumed>) = 0 [pid 6626] +++ exited with 0 +++ [pid 6627] <... close resumed>) = 0 [pid 6629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6627] close(4 [pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6626, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6628] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] restart_syscall(<... resuming interrupted clone ...> [pid 6627] <... close resumed>) = 0 [pid 6628] <... mmap resumed>) = 0x7f1864095000 [pid 6629] <... openat resumed>) = 3 [pid 6628] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6629] write(3, "1000", 4) = 4 [pid 6627] mkdir("./file1", 0777 [pid 6629] close(3) = 0 [pid 6629] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6629] write(1, "executing program\n", 18 [pid 6627] <... mkdir resumed>) = 0 [pid 6629] <... write resumed>) = 18 [pid 5865] <... restart_syscall resumed>) = 0 [pid 6629] memfd_create("syzkaller", 0 [pid 6627] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5866] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6629] <... memfd_create resumed>) = 3 [pid 6629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6628] <... write resumed>) = 524288 [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6629] <... mmap resumed>) = 0x7f1864095000 [ 226.686539][ T6627] loop3: detected capacity change from 0 to 1024 [pid 6629] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6628] munmap(0x7f1864095000, 138412032 [pid 5866] newfstatat(AT_FDCWD, "./148/file1", [pid 5865] umount2("./146", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6628] <... munmap resumed>) = 0 [pid 6628] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6628] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 6628] ioctl(4, LOOP_CLR_FD) = 0 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... openat resumed>) = 3 [pid 6628] ioctl(4, LOOP_SET_FD, 3 [pid 5865] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "./148/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6628] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... openat resumed>) = 4 [pid 5865] getdents64(3, [pid 5866] newfstatat(4, "", [pid 6628] close(4 [pid 5866] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6628] <... close resumed>) = 0 [pid 5866] getdents64(4, [pid 5865] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6628] close(3) = 0 [pid 5866] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5866] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 6629] <... write resumed>) = 524288 [pid 5866] close(4 [pid 6628] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5866] <... close resumed>) = 0 [pid 6629] munmap(0x7f1864095000, 138412032 [pid 6627] <... mount resumed>) = 0 [pid 6627] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5866] rmdir("./148/file1" [pid 6629] <... munmap resumed>) = 0 [pid 6628] <... link resumed>) = -1 ENOENT (No such file or directory) [pid 6627] <... openat resumed>) = 3 [pid 5866] <... rmdir resumed>) = 0 [pid 5866] umount2("./148/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] chdir("./file1" [pid 5866] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6627] <... chdir resumed>) = 0 [pid 5866] newfstatat(AT_FDCWD, "./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6629] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6628] sync( [pid 5866] unlink("./148/binderfs" [pid 6627] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5865] <... umount2 resumed>) = 0 [pid 6629] <... openat resumed>) = 4 [pid 6627] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6629] ioctl(4, LOOP_SET_FD, 3 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... unlink resumed>) = 0 [pid 5865] newfstatat(AT_FDCWD, "./146/file1", [pid 5866] getdents64(3, [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6629] <... ioctl resumed>) = 0 [pid 5866] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6629] close(3 [pid 5866] close(3) = 0 [pid 5866] rmdir("./148" [pid 6629] <... close resumed>) = 0 [pid 5866] <... rmdir resumed>) = 0 [pid 6629] close(4) = 0 [pid 6629] mkdir("./file1", 0777 [pid 5865] umount2("./146/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6629] <... mkdir resumed>) = 0 [pid 5866] mkdir("./149", 0777 [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6627] <... link resumed>) = 0 [pid 6628] <... sync resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./146/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6627] sync( [pid 6629] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6628] exit_group(0 [pid 5866] <... mkdir resumed>) = 0 [pid 5865] <... openat resumed>) = 4 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6628] <... exit_group resumed>) = ? [pid 5866] ioctl(3, LOOP_CLR_FD [pid 5865] newfstatat(4, "", [pid 6628] +++ exited with 0 +++ [pid 5865] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6628, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5868] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5866] <... ioctl resumed>) = 0 [pid 5868] umount2("./152", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5868] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5866] close(3 [pid 5868] newfstatat(3, "", [pid 5866] <... close resumed>) = 0 [pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5865] getdents64(4, [pid 5868] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5868] getdents64(3, [pid 5865] getdents64(4, [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 3 entries */, 32768) = 80 [pid 5868] umount2("./152/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... clone resumed>, child_tidptr=0x5555593cd650) = 6630 [pid 5865] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6630 attached [pid 5868] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(4 [pid 5868] newfstatat(AT_FDCWD, "./152/binderfs", [pid 5865] <... close resumed>) = 0 [pid 5868] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5868] unlink("./152/binderfs") = 0 [ 226.824049][ T6629] loop0: detected capacity change from 0 to 1024 [pid 5865] rmdir("./146/file1" [pid 6630] set_robust_list(0x5555593cd660, 24 [pid 6629] <... mount resumed>) = 0 [pid 6627] <... sync resumed>) = 0 [pid 5868] getdents64(3, [pid 6630] <... set_robust_list resumed>) = 0 [pid 6629] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6627] exit_group(0 [pid 5868] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 5868] close(3) = 0 [pid 5868] rmdir("./152") = 0 [pid 5868] mkdir("./153", 0777) = 0 [pid 6630] chdir("./149" [pid 6629] <... openat resumed>) = 3 [pid 6627] <... exit_group resumed>) = ? [pid 5865] umount2("./146/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6630] <... chdir resumed>) = 0 [pid 6627] +++ exited with 0 +++ [pid 5865] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6630] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5867] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6627, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5865] newfstatat(AT_FDCWD, "./146/binderfs", [pid 6629] chdir("./file1" [pid 5868] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5867] restart_syscall(<... resuming interrupted clone ...> [pid 5865] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6629] <... chdir resumed>) = 0 [pid 5868] <... openat resumed>) = 3 [pid 5867] <... restart_syscall resumed>) = 0 [pid 5865] unlink("./146/binderfs" [pid 6630] <... prctl resumed>) = 0 [pid 6629] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5868] ioctl(3, LOOP_CLR_FD [pid 5865] <... unlink resumed>) = 0 [pid 6630] setpgid(0, 0 [pid 6629] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6630] <... setpgid resumed>) = 0 [pid 5865] getdents64(3, [pid 6630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6629] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5868] close(3 [pid 5867] umount2("./150", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6630] <... openat resumed>) = 3 [pid 5868] <... close resumed>) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5868] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6630] write(3, "1000", 4 [pid 5867] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] close(3 [pid 6630] <... write resumed>) = 4 [pid 6630] close(3 [pid 5867] <... openat resumed>) = 3 [pid 5865] <... close resumed>) = 0 ./strace-static-x86_64: Process 6631 attached [pid 5865] rmdir("./146" [pid 6630] <... close resumed>) = 0 [pid 5867] newfstatat(3, "", [pid 5868] <... clone resumed>, child_tidptr=0x5555593cd650) = 6631 [pid 6630] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6631] set_robust_list(0x5555593cd660, 24 [pid 5867] getdents64(3, [pid 6631] <... set_robust_list resumed>) = 0 [pid 6631] chdir("./153") = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 6631] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6629] <... link resumed>) = 0 [pid 6631] <... prctl resumed>) = 0 [pid 6629] sync( [pid 6631] setpgid(0, 0) = 0 [pid 6631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] umount2("./150/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6631] <... openat resumed>) = 3 [pid 6631] write(3, "1000", 4) = 4 [pid 6631] close(3) = 0 [pid 5865] <... rmdir resumed>) = 0 [pid 6631] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6630] <... symlink resumed>) = 0 [pid 5865] mkdir("./147", 0777 [pid 6631] write(1, "executing program\n", 18) = 18 [pid 6631] memfd_create("syzkaller", 0) = 3 [pid 6631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1864095000 [pid 6629] <... sync resumed>) = 0 [pid 6629] exit_group(0) = ? [pid 6630] write(1, "executing program\n", 18 [pid 6629] +++ exited with 0 +++ executing program [pid 5865] <... mkdir resumed>) = 0 [pid 6630] <... write resumed>) = 18 [pid 5865] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6629, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 6630] memfd_create("syzkaller", 0 [pid 5865] <... openat resumed>) = 3 [pid 6631] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6630] <... memfd_create resumed>) = 3 [pid 6630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] ioctl(3, LOOP_CLR_FD [pid 5864] umount2("./148", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5865] <... ioctl resumed>) = 0 [pid 6630] <... mmap resumed>) = 0x7f1864095000 [pid 5864] <... openat resumed>) = 3 [pid 5864] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] getdents64(3, [pid 5865] close(3) = 0 [pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6632 attached , child_tidptr=0x5555593cd650) = 6632 [pid 6630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 4 entries */, 32768) = 112 [pid 5864] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6632] set_robust_list(0x5555593cd660, 24 [pid 5867] <... umount2 resumed>) = 0 [pid 6632] <... set_robust_list resumed>) = 0 [pid 5867] umount2("./150/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6632] chdir("./147") = 0 [pid 6632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6632] setpgid(0, 0) = 0 [pid 6632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5867] newfstatat(AT_FDCWD, "./150/file1", [pid 6632] <... openat resumed>) = 3 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6632] write(3, "1000", 4 [pid 5867] umount2("./150/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6632] <... write resumed>) = 4 [pid 6631] <... write resumed>) = 524288 [pid 6630] <... write resumed>) = 524288 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6632] close(3 [pid 5867] openat(AT_FDCWD, "./150/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6632] <... close resumed>) = 0 [pid 6631] munmap(0x7f1864095000, 138412032 [pid 6632] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... openat resumed>) = 4 [pid 6631] <... munmap resumed>) = 0 [pid 5867] newfstatat(4, "", [pid 6630] munmap(0x7f1864095000, 138412032 [pid 6632] <... symlink resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6630] <... munmap resumed>) = 0 [pid 5867] getdents64(4, executing program [pid 6632] write(1, "executing program\n", 18 [pid 6631] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6630] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 6632] <... write resumed>) = 18 [pid 6631] <... openat resumed>) = 4 [pid 5867] getdents64(4, [pid 6632] memfd_create("syzkaller", 0) = 3 [pid 6631] ioctl(4, LOOP_SET_FD, 3 [pid 5867] <... getdents64 resumed>0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] <... umount2 resumed>) = 0 [pid 6630] <... openat resumed>) = 4 [pid 6632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5867] close(4 [pid 6630] ioctl(4, LOOP_SET_FD, 3 [pid 6632] <... mmap resumed>) = 0x7f1864095000 [pid 6631] <... ioctl resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 6632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 6631] close(3 [pid 5867] rmdir("./150/file1" [pid 5864] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6631] <... close resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... rmdir resumed>) = 0 [pid 5867] umount2("./150/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6631] close(4 [pid 5867] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./148/file1", [pid 6631] <... close resumed>) = 0 [pid 6630] <... ioctl resumed>) = 0 [pid 6631] mkdir("./file1", 0777 [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6631] <... mkdir resumed>) = 0 [pid 6630] close(3 [pid 5867] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5864] umount2("./148/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6630] <... close resumed>) = 0 [pid 5867] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6631] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6630] close(4 [pid 5867] unlink("./150/binderfs" [pid 5864] openat(AT_FDCWD, "./148/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6630] <... close resumed>) = 0 [pid 6630] mkdir("./file1", 0777 [pid 5867] <... unlink resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5864] newfstatat(4, "", [pid 6630] <... mkdir resumed>) = 0 [pid 5867] getdents64(3, [pid 5864] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5864] getdents64(4, [pid 5867] <... close resumed>) = 0 [pid 5864] <... getdents64 resumed>0x5555593d6730 /* 2 entries */, 32768) = 48 [pid 5864] getdents64(4, 0x5555593d6730 /* 0 entries */, 32768) = 0 [pid 5864] close(4 [pid 6630] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 5867] rmdir("./150" [pid 5864] <... close resumed>) = 0 [pid 5867] <... rmdir resumed>) = 0 [pid 5864] rmdir("./148/file1") = 0 [pid 5867] mkdir("./151", 0777 [pid 5864] umount2("./148/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6632] <... write resumed>) = 524288 [pid 5867] <... mkdir resumed>) = 0 [pid 5864] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] newfstatat(AT_FDCWD, "./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] unlink("./148/binderfs") = 0 [pid 6632] munmap(0x7f1864095000, 138412032 [pid 6631] <... mount resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6632] <... munmap resumed>) = 0 [pid 6631] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 6630] <... mount resumed>) = 0 [ 227.104194][ T6631] loop4: detected capacity change from 0 to 1024 [ 227.118111][ T6630] loop2: detected capacity change from 0 to 1024 [pid 5867] <... openat resumed>) = 3 [pid 5864] getdents64(3, [pid 6631] <... openat resumed>) = 3 [pid 6632] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6631] chdir("./file1" [pid 6630] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] <... getdents64 resumed>0x5555593ce6f0 /* 0 entries */, 32768) = 0 [pid 6632] <... openat resumed>) = 4 [pid 6631] <... chdir resumed>) = 0 [pid 5867] ioctl(3, LOOP_CLR_FD [pid 6631] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6630] <... openat resumed>) = 3 [pid 5867] <... ioctl resumed>) = 0 [pid 5864] close(3 [pid 6632] ioctl(4, LOOP_SET_FD, 3 [pid 6631] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5864] <... close resumed>) = 0 [pid 6632] <... ioctl resumed>) = 0 [pid 6631] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5867] close(3 [pid 5864] rmdir("./148" [pid 6632] close(3 [pid 6630] chdir("./file1" [pid 6632] <... close resumed>) = 0 [pid 6630] <... chdir resumed>) = 0 [pid 5864] <... rmdir resumed>) = 0 [pid 6630] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6632] close(4) = 0 [pid 6632] mkdir("./file1", 0777 [pid 6630] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6632] <... mkdir resumed>) = 0 [pid 5864] mkdir("./149", 0777) = 0 [pid 6632] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_NODIRATIME|MS_REC|MS_I_VERSION|MS_STRICTATIME, "" [pid 6630] link("./file1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 6631] <... link resumed>) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6631] sync( [pid 5864] <... openat resumed>) = 3 [pid 5864] ioctl(3, LOOP_CLR_FD) = 0 [pid 5864] close(3 [pid 5867] <... close resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5864] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5867] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6633 attached ./strace-static-x86_64: Process 6634 attached [ 227.177759][ T6632] loop1: detected capacity change from 0 to 1024 [ 227.261499][ T3515] ------------[ cut here ]------------ [ 227.261512][ T3515] kernel BUG at fs/hfsplus/bnode.c:716! [ 227.261558][ T3515] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 227.261594][ T3515] CPU: 0 UID: 0 PID: 3515 Comm: kworker/u8:11 Tainted: G W 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT_{RT,(full)} [ 227.261627][ T3515] Tainted: [W]=WARN [ 227.261634][ T3515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 227.261646][ T3515] Workqueue: writeback wb_workfn (flush-7:2) [ 227.261691][ T3515] RIP: 0010:hfsplus_bnode_put+0x54a/0x560 [ 227.261722][ T3515] Code: 8f ff e9 b2 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c f0 fe ff ff 48 89 df e8 a1 d4 8f ff e9 e3 fe ff ff e8 a7 a1 30 ff 90 <0f> 0b e8 9f a1 30 ff 90 0f 0b 66 66 66 2e 0f 1f 84 00 00 00 00 00 [ 227.261739][ T3515] RSP: 0018:ffffc9000d3e7218 EFLAGS: 00010293 [ 227.261756][ T3515] RAX: ffffffff828db999 RBX: ffff8880287dc800 RCX: ffff888031033b80 [ 227.261771][ T3515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 227.261783][ T3515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 227.261795][ T3515] R10: dffffc0000000000 R11: ffffed10050fb919 R12: ffff8880287dc8c0 [ 227.261810][ T3515] R13: ffff88804140b034 R14: dffffc0000000000 R15: ffff88802133c000 [ 227.261826][ T3515] FS: 0000000000000000(0000) GS:ffff8881268c5000(0000) knlGS:0000000000000000 [ 227.261843][ T3515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.261858][ T3515] CR2: 00007f6f2abe5000 CR3: 00000000412dc000 CR4: 00000000003526f0 [ 227.261877][ T3515] Call Trace: [ 227.261884][ T3515] [ 227.261893][ T3515] ? block_dirty_folio+0x163/0x1d0 [ 227.261928][ T3515] hfsplus_btree_write+0x379/0x7b0 [ 227.261959][ T3515] hfsplus_write_inode+0x4c9/0x5f0 [ 227.261981][ T3515] __writeback_single_inode+0x6f4/0x1000 [ 227.262011][ T3515] writeback_sb_inodes+0x6b7/0xf60 [ 227.262038][ T3515] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 227.262073][ T3515] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 227.262116][ T3515] ? rcu_is_watching+0x15/0xb0 [ 227.262151][ T3515] wb_writeback+0x43b/0xaf0 [ 227.262177][ T3515] ? queue_io+0x331/0x560 [ 227.262200][ T3515] ? __pfx_wb_writeback+0x10/0x10 [ 227.262228][ T3515] wb_workfn+0x40e/0xf00 [ 227.262253][ T3515] ? __pfx_wb_workfn+0x10/0x10 [ 227.262273][ T3515] ? __lock_acquire+0xab9/0xd20 [ 227.262303][ T3515] ? process_scheduled_works+0x9ef/0x17b0 [ 227.262333][ T3515] ? _raw_spin_unlock_irq+0x23/0x50 [ 227.262356][ T3515] ? process_scheduled_works+0x9ef/0x17b0 [ 227.262380][ T3515] ? process_scheduled_works+0x9ef/0x17b0 [ 227.262412][ T3515] process_scheduled_works+0xae1/0x17b0 [ 227.262451][ T3515] ? __pfx_process_scheduled_works+0x10/0x10 [ 227.262483][ T3515] worker_thread+0x8a0/0xda0 [ 227.262510][ T3515] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 227.262539][ T3515] ? __kthread_parkme+0x7b/0x200 [ 227.262570][ T3515] kthread+0x711/0x8a0 [ 227.262601][ T3515] ? __pfx_worker_thread+0x10/0x10 [ 227.262626][ T3515] ? __pfx_kthread+0x10/0x10 [ 227.262656][ T3515] ? __pfx_kthread+0x10/0x10 [ 227.262686][ T3515] ret_from_fork+0x3fc/0x770 [ 227.262713][ T3515] ? __pfx_ret_from_fork+0x10/0x10 [ 227.262742][ T3515] ? __switch_to_asm+0x39/0x70 [ 227.262761][ T3515] ? __switch_to_asm+0x33/0x70 [ 227.262780][ T3515] ? __pfx_kthread+0x10/0x10 [ 227.262810][ T3515] ret_from_fork_asm+0x1a/0x30 [ 227.262837][ T3515] [ 227.262845][ T3515] Modules linked in: [ 227.262865][ T3515] ---[ end trace 0000000000000000 ]--- [ 227.262879][ T3515] RIP: 0010:hfsplus_bnode_put+0x54a/0x560 [ 227.262910][ T3515] Code: 8f ff e9 b2 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c f0 fe ff ff 48 89 df e8 a1 d4 8f ff e9 e3 fe ff ff e8 a7 a1 30 ff 90 <0f> 0b e8 9f a1 30 ff 90 0f 0b 66 66 66 2e 0f 1f 84 00 00 00 00 00 [ 227.262926][ T3515] RSP: 0018:ffffc9000d3e7218 EFLAGS: 00010293 [ 227.262944][ T3515] RAX: ffffffff828db999 RBX: ffff8880287dc800 RCX: ffff888031033b80 [ 227.262960][ T3515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 227.262972][ T3515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 227.262983][ T3515] R10: dffffc0000000000 R11: ffffed10050fb919 R12: ffff8880287dc8c0 [ 227.262999][ T3515] R13: ffff88804140b034 R14: dffffc0000000000 R15: ffff88802133c000 [ 227.263015][ T3515] FS: 0000000000000000(0000) GS:ffff8881268c5000(0000) knlGS:0000000000000000 [ 227.263031][ T3515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.263045][ T3515] CR2: 00007f6f2abe5000 CR3: 00000000412dc000 CR4: 00000000003526f0 [ 227.263064][ T3515] Kernel panic - not syncing: Fatal exception [ 227.263421][ T3515] Kernel Offset: disabled