./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor747888041

<...>
[   97.816136][    T8] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts.
execve("./syz-executor747888041", ["./syz-executor747888041"], 0x7ffe0300f600 /* 10 vars */) = 0
brk(NULL)                               = 0x555585c27000
brk(0x555585c27d00)                     = 0x555585c27d00
arch_prctl(ARCH_SET_FS, 0x555585c27380) = 0
set_tid_address(0x555585c27650)         = 5835
set_robust_list(0x555585c27660, 24)     = 0
rseq(0x555585c27ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor747888041", 4096) = 27
getrandom("\xe7\x86\xd4\xeb\x87\x66\xc8\xa8", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555585c27d00
brk(0x555585c48d00)                     = 0x555585c48d00
brk(0x555585c49000)                     = 0x555585c49000
mprotect(0x7fba95ce7000, 16384, PROT_READ) = 0
mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000
mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000
mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
mkdir("./syzkaller.f83kUp", 0700)       = 0
chmod("./syzkaller.f83kUp", 0777)       = 0
chdir("./syzkaller.f83kUp")             = 0
mkdir("./0", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached
, child_tidptr=0x555585c27650) = 5836
[pid  5836] set_robust_list(0x555585c27660, 24) = 0
[pid  5836] chdir("./0")                = 0
[pid  5836] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5836] setpgid(0, 0)               = 0
[pid  5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5836] write(3, "1000", 4)         = 4
[pid  5836] close(3)                    = 0
[pid  5836] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5836] write(1, "executing program\n", 18) = 18
[pid  5836] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5836] ioctl(3, TIOCSETD, [15])    = 0
[pid  5836] fcntl(3, F_DUPFD, 3)        = 4
[pid  5836] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5836] write(5, "3", 1)            = 1
[   99.343225][ T5836] FAULT_INJECTION: forcing a failure.
[   99.343225][ T5836] name failslab, interval 1, probability 0, space 0, times 1
[   99.356251][ T5836] CPU: 0 UID: 0 PID: 5836 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[   99.356269][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   99.356279][ T5836] Call Trace:
[   99.356283][ T5836]  <TASK>
[   99.356288][ T5836]  dump_stack_lvl+0x241/0x360
[   99.356322][ T5836]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.356334][ T5836]  ? __pfx__printk+0x10/0x10
[   99.356346][ T5836]  ? fs_reclaim_acquire+0x93/0x130
[   99.356359][ T5836]  ? __pfx___might_resched+0x10/0x10
[   99.356376][ T5836]  should_fail_ex+0x40a/0x550
[   99.356394][ T5836]  should_failslab+0xac/0x100
[   99.356410][ T5836]  __kmalloc_noprof+0xdd/0x4c0
[   99.356425][ T5836]  ? tomoyo_encode+0x26f/0x540
[   99.356443][ T5836]  tomoyo_encode+0x26f/0x540
[   99.356463][ T5836]  tomoyo_realpath_from_path+0x59e/0x5e0
[   99.356487][ T5836]  tomoyo_path_number_perm+0x239/0x770
[   99.356503][ T5836]  ? tomoyo_path_number_perm+0x209/0x770
[   99.356517][ T5836]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   99.356543][ T5836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.356576][ T5836]  ? __pfx_ptrace_notify+0x10/0x10
[   99.356593][ T5836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.356616][ T5836]  security_file_ioctl+0xc6/0x2a0
[   99.356629][ T5836]  __se_sys_ioctl+0x46/0x160
[   99.356644][ T5836]  do_syscall_64+0xf3/0x230
[   99.356661][ T5836]  ? clear_bhb_loop+0x45/0xa0
[   99.356678][ T5836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.356691][ T5836] RIP: 0033:0x7fba95c7bc19
[   99.356705][ T5836] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   99.356713][ T5836] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.356724][ T5836] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[pid  5836] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5836] exit_group(0)               = ?
[   99.356731][ T5836] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[   99.356736][ T5836] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[   99.356742][ T5836] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   99.356747][ T5836] R13: 00007ffe25b99ee8 R14: 00007ffe25b99b70 R15: 0000000000000000
[   99.356766][ T5836]  </TASK>
[   99.356781][ T5836] ERROR: Out of memory at tomoyo_realpath_from_path.
[pid  5836] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./0")                            = 0
mkdir("./1", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached
 <unfinished ...>
[pid  5837] set_robust_list(0x555585c27660, 24 <unfinished ...>
[pid  5835] <... clone resumed>, child_tidptr=0x555585c27650) = 5837
[pid  5837] <... set_robust_list resumed>) = 0
[pid  5837] chdir("./1")                = 0
[pid  5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5837] setpgid(0, 0)               = 0
[pid  5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "1000", 4)         = 4
[pid  5837] close(3)                    = 0
[pid  5837] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5837] write(1, "executing program\n", 18) = 18
[pid  5837] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5837] ioctl(3, TIOCSETD, [15])    = 0
[pid  5837] fcntl(3, F_DUPFD, 3)        = 4
[pid  5837] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5837] write(5, "3", 1)            = 1
[pid  5837] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[   99.793213][ T5837] FAULT_INJECTION: forcing a failure.
[   99.793213][ T5837] name failslab, interval 1, probability 0, space 0, times 0
[   99.806521][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[   99.806539][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   99.806545][ T5837] Call Trace:
[   99.806550][ T5837]  <TASK>
[   99.806554][ T5837]  dump_stack_lvl+0x241/0x360
[   99.806573][ T5837]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.806584][ T5837]  ? __pfx__printk+0x10/0x10
[   99.806596][ T5837]  ? fs_reclaim_acquire+0x93/0x130
[   99.806609][ T5837]  ? __pfx___might_resched+0x10/0x10
[   99.806628][ T5837]  should_fail_ex+0x40a/0x550
[   99.806643][ T5837]  should_failslab+0xac/0x100
[   99.806664][ T5837]  __kmalloc_cache_noprof+0x70/0x390
[   99.806688][ T5837]  ? tomoyo_init_log+0x1c1/0x20d0
[   99.806706][ T5837]  ? stack_depot_save_flags+0x37/0x940
[   99.806724][ T5837]  tomoyo_init_log+0x1c1/0x20d0
[   99.806740][ T5837]  ? string+0x270/0x2b0
[   99.806753][ T5837]  ? vsnprintf+0x1181/0x1220
[   99.806773][ T5837]  ? __pfx_tomoyo_init_log+0x10/0x10
[   99.806790][ T5837]  ? tomoyo_profile+0x11/0x50
[   99.806803][ T5837]  ? tomoyo_profile+0x11/0x50
[   99.806828][ T5837]  tomoyo_supervisor+0x3b2/0x1860
[   99.806853][ T5837]  ? __pfx_tomoyo_supervisor+0x10/0x10
[   99.806877][ T5837]  ? tomoyo_realpath_from_path+0x5a9/0x5e0
[   99.806893][ T5837]  ? tomoyo_print_ulong+0x27/0xa0
[   99.806911][ T5837]  ? __pfx_snprintf+0x10/0x10
[   99.806925][ T5837]  ? tomoyo_check_acl+0x37e/0x3f0
[   99.806942][ T5837]  tomoyo_path_number_perm+0x538/0x770
[   99.806959][ T5837]  ? tomoyo_path_number_perm+0x209/0x770
[   99.806973][ T5837]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   99.806998][ T5837]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.807032][ T5837]  ? __pfx_ptrace_notify+0x10/0x10
[   99.807049][ T5837]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.807066][ T5837]  security_file_ioctl+0xc6/0x2a0
[   99.807080][ T5837]  __se_sys_ioctl+0x46/0x160
[   99.807098][ T5837]  do_syscall_64+0xf3/0x230
[   99.807116][ T5837]  ? clear_bhb_loop+0x45/0xa0
[   99.807133][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.807145][ T5837] RIP: 0033:0x7fba95c7bc19
[   99.807156][ T5837] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   99.807163][ T5837] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.807174][ T5837] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[   99.807181][ T5837] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[   99.807186][ T5837] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[   99.807192][ T5837] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[   99.807198][ T5837] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000001
[   99.807217][ T5837]  </TASK>
[pid  5837] exit_group(0)               = ?
[pid  5837] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  100.094130][ T3004] Bluetooth: (null): Invalid header checksum
[  100.100476][ T3004] Bluetooth: (null): Invalid header checksum
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./1")                            = 0
mkdir("./2", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5838 attached
 <unfinished ...>
[pid  5838] set_robust_list(0x555585c27660, 24 <unfinished ...>
[pid  5835] <... clone resumed>, child_tidptr=0x555585c27650) = 5838
[pid  5838] <... set_robust_list resumed>) = 0
[pid  5838] chdir("./2")                = 0
[pid  5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5838] setpgid(0, 0)               = 0
[pid  5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5838] write(3, "1000", 4)         = 4
[pid  5838] close(3)                    = 0
[pid  5838] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid  5838] write(1, "executing program\n", 18) = 18
[pid  5838] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5838] ioctl(3, TIOCSETD, [15])    = 0
[pid  5838] fcntl(3, F_DUPFD, 3)        = 4
[pid  5838] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5838] write(5, "3", 1)            = 1
[pid  5838] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5838] exit_group(0)               = ?
[  100.313546][ T5838] FAULT_INJECTION: forcing a failure.
[  100.313546][ T5838] name failslab, interval 1, probability 0, space 0, times 0
[  100.326291][ T5838] CPU: 1 UID: 0 PID: 5838 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  100.326311][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  100.326320][ T5838] Call Trace:
[  100.326326][ T5838]  <TASK>
[  100.326333][ T5838]  dump_stack_lvl+0x241/0x360
[  100.326362][ T5838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.326392][ T5838]  ? __wake_up_klogd+0xcc/0x110
[  100.326422][ T5838]  should_fail_ex+0x40a/0x550
[  100.326454][ T5838]  should_failslab+0xac/0x100
[  100.326487][ T5838]  __kmalloc_cache_noprof+0x70/0x390
[  100.326509][ T5838]  ? tomoyo_init_log+0x1c1/0x20d0
[  100.326539][ T5838]  tomoyo_init_log+0x1c1/0x20d0
[  100.326564][ T5838]  ? string+0x270/0x2b0
[  100.326587][ T5838]  ? vsnprintf+0x1181/0x1220
[  100.326624][ T5838]  ? __pfx_tomoyo_init_log+0x10/0x10
[  100.326644][ T5838]  ? tomoyo_profile+0x11/0x50
[  100.326670][ T5838]  ? tomoyo_profile+0x11/0x50
[  100.326704][ T5838]  tomoyo_supervisor+0x3b2/0x1860
[  100.326741][ T5838]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  100.326774][ T5838]  ? tomoyo_print_ulong+0x27/0xa0
[  100.326785][ T5838]  ? __pfx_snprintf+0x10/0x10
[  100.326806][ T5838]  ? tomoyo_check_acl+0x37e/0x3f0
[  100.326823][ T5838]  tomoyo_path_number_perm+0x538/0x770
[  100.326839][ T5838]  ? tomoyo_path_number_perm+0x209/0x770
[  100.326853][ T5838]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  100.326879][ T5838]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.326913][ T5838]  ? __pfx_ptrace_notify+0x10/0x10
[  100.326931][ T5838]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.326948][ T5838]  security_file_ioctl+0xc6/0x2a0
[  100.326961][ T5838]  __se_sys_ioctl+0x46/0x160
[  100.326976][ T5838]  do_syscall_64+0xf3/0x230
[  100.326990][ T5838]  ? clear_bhb_loop+0x45/0xa0
[  100.327006][ T5838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.327018][ T5838] RIP: 0033:0x7fba95c7bc19
[  100.327029][ T5838] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  100.327036][ T5838] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  100.327048][ T5838] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[  100.327054][ T5838] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  100.327060][ T5838] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[pid  5838] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./2")                            = 0
mkdir("./3", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5839 attached
 <unfinished ...>
[pid  5839] set_robust_list(0x555585c27660, 24) = 0
[pid  5835] <... clone resumed>, child_tidptr=0x555585c27650) = 5839
[pid  5839] chdir("./3")                = 0
[pid  5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5839] setpgid(0, 0)               = 0
[pid  5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5839] write(3, "1000", 4)         = 4
[pid  5839] close(3)                    = 0
[  100.327066][ T5838] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  100.327071][ T5838] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000002
[  100.327090][ T5838]  </TASK>
[pid  5839] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5839] write(1, "executing program\n", 18executing program
) = 18
[pid  5839] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5839] ioctl(3, TIOCSETD, [15])    = 0
[pid  5839] fcntl(3, F_DUPFD, 3)        = 4
[pid  5839] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5839] write(5, "3", 1)            = 1
[pid  5839] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[  100.631854][ T5839] FAULT_INJECTION: forcing a failure.
[  100.631854][ T5839] name failslab, interval 1, probability 0, space 0, times 0
[  100.644702][ T5839] CPU: 0 UID: 0 PID: 5839 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  100.644725][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  100.644736][ T5839] Call Trace:
[  100.644743][ T5839]  <TASK>
[  100.644750][ T5839]  dump_stack_lvl+0x241/0x360
[  100.644770][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.644782][ T5839]  ? __pfx__printk+0x10/0x10
[  100.644795][ T5839]  ? fs_reclaim_acquire+0x93/0x130
[  100.644808][ T5839]  ? __pfx___might_resched+0x10/0x10
[  100.644827][ T5839]  should_fail_ex+0x40a/0x550
[  100.644842][ T5839]  should_failslab+0xac/0x100
[  100.644863][ T5839]  __kmalloc_cache_noprof+0x70/0x390
[  100.644878][ T5839]  ? tomoyo_init_log+0x1c1/0x20d0
[  100.644893][ T5839]  ? stack_depot_save_flags+0x37/0x940
[  100.644907][ T5839]  tomoyo_init_log+0x1c1/0x20d0
[  100.644923][ T5839]  ? string+0x270/0x2b0
[  100.644936][ T5839]  ? vsnprintf+0x1181/0x1220
[  100.644957][ T5839]  ? __pfx_tomoyo_init_log+0x10/0x10
[  100.644970][ T5839]  ? tomoyo_profile+0x11/0x50
[  100.644984][ T5839]  ? tomoyo_profile+0x11/0x50
[  100.645005][ T5839]  tomoyo_supervisor+0x3b2/0x1860
[  100.645030][ T5839]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  100.645054][ T5839]  ? tomoyo_realpath_from_path+0x5a9/0x5e0
[  100.645070][ T5839]  ? tomoyo_print_ulong+0x27/0xa0
[  100.645081][ T5839]  ? __pfx_snprintf+0x10/0x10
[  100.645095][ T5839]  ? tomoyo_check_acl+0x37e/0x3f0
[  100.645112][ T5839]  tomoyo_path_number_perm+0x538/0x770
[  100.645128][ T5839]  ? tomoyo_path_number_perm+0x209/0x770
[  100.645143][ T5839]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  100.645168][ T5839]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.645203][ T5839]  ? __pfx_ptrace_notify+0x10/0x10
[  100.645220][ T5839]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.645241][ T5839]  security_file_ioctl+0xc6/0x2a0
[  100.645255][ T5839]  __se_sys_ioctl+0x46/0x160
[  100.645269][ T5839]  do_syscall_64+0xf3/0x230
[  100.645284][ T5839]  ? clear_bhb_loop+0x45/0xa0
[  100.645301][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.645313][ T5839] RIP: 0033:0x7fba95c7bc19
[  100.645324][ T5839] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  100.645331][ T5839] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5839] exit_group(0)               = ?
[  100.645342][ T5839] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[  100.645349][ T5839] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  100.645355][ T5839] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  100.645360][ T5839] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  100.645366][ T5839] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000003
[  100.645396][ T5839]  </TASK>
[pid  5839] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./3")                            = 0
mkdir("./4", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached
 <unfinished ...>
[pid  5840] set_robust_list(0x555585c27660, 24 <unfinished ...>
[pid  5835] <... clone resumed>, child_tidptr=0x555585c27650) = 5840
[pid  5840] <... set_robust_list resumed>) = 0
[pid  5840] chdir("./4")                = 0
[pid  5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5840] setpgid(0, 0)               = 0
[pid  5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1000", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5840] write(1, "executing program\n", 18) = 18
[pid  5840] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5840] ioctl(3, TIOCSETD, [15])    = 0
[pid  5840] fcntl(3, F_DUPFD, 3)        = 4
[pid  5840] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5840] write(5, "3", 1)            = 1
[pid  5840] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5840] exit_group(0)               = ?
[  101.095615][ T5840] FAULT_INJECTION: forcing a failure.
[  101.095615][ T5840] name failslab, interval 1, probability 0, space 0, times 0
[  101.108362][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  101.108381][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  101.108390][ T5840] Call Trace:
[  101.108397][ T5840]  <TASK>
[  101.108403][ T5840]  dump_stack_lvl+0x241/0x360
[  101.108433][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.108449][ T5840]  ? __pfx__printk+0x10/0x10
[  101.108470][ T5840]  ? fs_reclaim_acquire+0x93/0x130
[  101.108489][ T5840]  ? __pfx___might_resched+0x10/0x10
[  101.108516][ T5840]  should_fail_ex+0x40a/0x550
[  101.108549][ T5840]  should_failslab+0xac/0x100
[  101.108575][ T5840]  __kmalloc_cache_noprof+0x70/0x390
[  101.108597][ T5840]  ? tomoyo_init_log+0x1c1/0x20d0
[  101.108617][ T5840]  ? stack_depot_save_flags+0x37/0x940
[  101.108640][ T5840]  tomoyo_init_log+0x1c1/0x20d0
[  101.108666][ T5840]  ? string+0x270/0x2b0
[  101.108688][ T5840]  ? vsnprintf+0x1181/0x1220
[  101.108724][ T5840]  ? __pfx_tomoyo_init_log+0x10/0x10
[  101.108745][ T5840]  ? tomoyo_profile+0x11/0x50
[  101.108765][ T5840]  ? tomoyo_profile+0x11/0x50
[  101.108800][ T5840]  tomoyo_supervisor+0x3b2/0x1860
[  101.108842][ T5840]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  101.108879][ T5840]  ? tomoyo_realpath_from_path+0x5a9/0x5e0
[  101.108894][ T5840]  ? tomoyo_print_ulong+0x27/0xa0
[  101.108905][ T5840]  ? __pfx_snprintf+0x10/0x10
[  101.108919][ T5840]  ? tomoyo_check_acl+0x37e/0x3f0
[  101.108936][ T5840]  tomoyo_path_number_perm+0x538/0x770
[  101.108953][ T5840]  ? tomoyo_path_number_perm+0x209/0x770
[  101.108967][ T5840]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  101.108992][ T5840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  101.109026][ T5840]  ? __pfx_ptrace_notify+0x10/0x10
[  101.109043][ T5840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  101.109060][ T5840]  security_file_ioctl+0xc6/0x2a0
[  101.109073][ T5840]  __se_sys_ioctl+0x46/0x160
[  101.109088][ T5840]  do_syscall_64+0xf3/0x230
[  101.109103][ T5840]  ? clear_bhb_loop+0x45/0xa0
[  101.109119][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.109132][ T5840] RIP: 0033:0x7fba95c7bc19
[  101.109142][ T5840] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  101.109149][ T5840] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5840] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  101.109160][ T5840] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[  101.109166][ T5840] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  101.109172][ T5840] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  101.109178][ T5840] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  101.109183][ T5840] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000004
[  101.109202][ T5840]  </TASK>
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./4")                            = 0
mkdir("./5", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555585c27650) = 5842
./strace-static-x86_64: Process 5842 attached
[pid  5842] set_robust_list(0x555585c27660, 24) = 0
[pid  5842] chdir("./5")                = 0
[pid  5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5842] setpgid(0, 0)               = 0
[pid  5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5842] write(3, "1000", 4)         = 4
[pid  5842] close(3)                    = 0
[pid  5842] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5842] write(1, "executing program\n", 18) = 18
[pid  5842] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5842] ioctl(3, TIOCSETD, [15])    = 0
[pid  5842] fcntl(3, F_DUPFD, 3)        = 4
[pid  5842] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5842] write(5, "3", 1)            = 1
[pid  5842] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5842] exit_group(0)               = ?
[  101.585713][ T5842] FAULT_INJECTION: forcing a failure.
[  101.585713][ T5842] name failslab, interval 1, probability 0, space 0, times 0
[  101.598413][ T5842] CPU: 0 UID: 0 PID: 5842 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  101.598427][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  101.598433][ T5842] Call Trace:
[  101.598439][ T5842]  <TASK>
[  101.598444][ T5842]  dump_stack_lvl+0x241/0x360
[  101.598468][ T5842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.598479][ T5842]  ? __pfx__printk+0x10/0x10
[  101.598492][ T5842]  ? fs_reclaim_acquire+0x93/0x130
[  101.598505][ T5842]  ? __pfx___might_resched+0x10/0x10
[  101.598524][ T5842]  should_fail_ex+0x40a/0x550
[  101.598539][ T5842]  should_failslab+0xac/0x100
[  101.598556][ T5842]  __kmalloc_cache_noprof+0x70/0x390
[  101.598570][ T5842]  ? tomoyo_init_log+0x1c1/0x20d0
[  101.598584][ T5842]  ? stack_depot_save_flags+0x37/0x940
[  101.598598][ T5842]  tomoyo_init_log+0x1c1/0x20d0
[  101.598614][ T5842]  ? string+0x270/0x2b0
[  101.598627][ T5842]  ? vsnprintf+0x1181/0x1220
[  101.598647][ T5842]  ? __pfx_tomoyo_init_log+0x10/0x10
[  101.598660][ T5842]  ? tomoyo_profile+0x11/0x50
[  101.598673][ T5842]  ? tomoyo_profile+0x11/0x50
[  101.598694][ T5842]  tomoyo_supervisor+0x3b2/0x1860
[  101.598719][ T5842]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  101.598743][ T5842]  ? tomoyo_realpath_from_path+0x5a9/0x5e0
[  101.598759][ T5842]  ? tomoyo_print_ulong+0x27/0xa0
[  101.598770][ T5842]  ? __pfx_snprintf+0x10/0x10
[  101.598784][ T5842]  ? tomoyo_check_acl+0x37e/0x3f0
[  101.598801][ T5842]  tomoyo_path_number_perm+0x538/0x770
[  101.598817][ T5842]  ? tomoyo_path_number_perm+0x209/0x770
[  101.598831][ T5842]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  101.598857][ T5842]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  101.598891][ T5842]  ? __pfx_ptrace_notify+0x10/0x10
[  101.598908][ T5842]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  101.598924][ T5842]  security_file_ioctl+0xc6/0x2a0
[  101.598938][ T5842]  __se_sys_ioctl+0x46/0x160
[  101.598953][ T5842]  do_syscall_64+0xf3/0x230
[  101.598968][ T5842]  ? clear_bhb_loop+0x45/0xa0
[  101.598984][ T5842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.598997][ T5842] RIP: 0033:0x7fba95c7bc19
[  101.599007][ T5842] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  101.599014][ T5842] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5842] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5842, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  101.599025][ T5842] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[  101.599032][ T5842] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  101.599037][ T5842] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  101.599043][ T5842] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  101.599048][ T5842] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000005
[  101.599067][ T5842]  </TASK>
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./5")                            = 0
mkdir("./6", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5843 attached
, child_tidptr=0x555585c27650) = 5843
[pid  5843] set_robust_list(0x555585c27660, 24) = 0
[pid  5843] chdir("./6")                = 0
[pid  5843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5843] setpgid(0, 0)               = 0
[pid  5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5843] write(3, "1000", 4)         = 4
[pid  5843] close(3)                    = 0
[pid  5843] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5843] write(1, "executing program\n", 18executing program
) = 18
[pid  5843] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5843] ioctl(3, TIOCSETD, [15])    = 0
[pid  5843] fcntl(3, F_DUPFD, 3)        = 4
[pid  5843] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5843] write(5, "3", 1)            = 1
[  102.144553][ T5843] FAULT_INJECTION: forcing a failure.
[  102.144553][ T5843] name failslab, interval 1, probability 0, space 0, times 0
[  102.157395][ T5843] CPU: 1 UID: 0 PID: 5843 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  102.157426][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  102.157436][ T5843] Call Trace:
[  102.157443][ T5843]  <TASK>
[  102.157450][ T5843]  dump_stack_lvl+0x241/0x360
[  102.157479][ T5843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.157498][ T5843]  ? __pfx__printk+0x10/0x10
[  102.157520][ T5843]  ? fs_reclaim_acquire+0x93/0x130
[  102.157541][ T5843]  ? __pfx___might_resched+0x10/0x10
[  102.157570][ T5843]  should_fail_ex+0x40a/0x550
[  102.157596][ T5843]  should_failslab+0xac/0x100
[  102.157623][ T5843]  __kmalloc_noprof+0xdd/0x4c0
[  102.157645][ T5843]  ? tomoyo_encode+0x26f/0x540
[  102.157674][ T5843]  tomoyo_encode+0x26f/0x540
[  102.157705][ T5843]  tomoyo_realpath_from_path+0x59e/0x5e0
[  102.157744][ T5843]  tomoyo_path_number_perm+0x239/0x770
[  102.157764][ T5843]  ? tomoyo_path_number_perm+0x209/0x770
[  102.157778][ T5843]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  102.157803][ T5843]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.157837][ T5843]  ? __pfx_ptrace_notify+0x10/0x10
[  102.157854][ T5843]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.157871][ T5843]  security_file_ioctl+0xc6/0x2a0
[  102.157885][ T5843]  __se_sys_ioctl+0x46/0x160
[  102.157899][ T5843]  do_syscall_64+0xf3/0x230
[  102.157914][ T5843]  ? clear_bhb_loop+0x45/0xa0
[  102.157931][ T5843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.157943][ T5843] RIP: 0033:0x7fba95c7bc19
[  102.157954][ T5843] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  102.157961][ T5843] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.157972][ T5843] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[pid  5843] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5843] exit_group(0)               = ?
[  102.157979][ T5843] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  102.157985][ T5843] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  102.157991][ T5843] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  102.157996][ T5843] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000006
[  102.158015][ T5843]  </TASK>
[  102.158030][ T5843] ERROR: Out of memory at tomoyo_realpath_from_path.
[pid  5843] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./6")                            = 0
mkdir("./7", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5844 attached
 <unfinished ...>
[pid  5844] set_robust_list(0x555585c27660, 24 <unfinished ...>
[pid  5835] <... clone resumed>, child_tidptr=0x555585c27650) = 5844
[pid  5844] <... set_robust_list resumed>) = 0
[pid  5844] chdir("./7")                = 0
[pid  5844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5844] setpgid(0, 0)               = 0
[pid  5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5844] write(3, "1000", 4)         = 4
[pid  5844] close(3)                    = 0
[pid  5844] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5844] write(1, "executing program\n", 18) = 18
[pid  5844] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5844] ioctl(3, TIOCSETD, [15])    = 0
[pid  5844] fcntl(3, F_DUPFD, 3)        = 4
[pid  5844] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5844] write(5, "3", 1)            = 1
[  102.581883][ T5844] FAULT_INJECTION: forcing a failure.
[  102.581883][ T5844] name failslab, interval 1, probability 0, space 0, times 0
[  102.594901][ T5844] CPU: 1 UID: 0 PID: 5844 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  102.594924][ T5844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  102.594934][ T5844] Call Trace:
[  102.594942][ T5844]  <TASK>
[  102.594949][ T5844]  dump_stack_lvl+0x241/0x360
[  102.594978][ T5844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.594997][ T5844]  ? __pfx__printk+0x10/0x10
[  102.595018][ T5844]  ? fs_reclaim_acquire+0x93/0x130
[  102.595037][ T5844]  ? __pfx___might_resched+0x10/0x10
[  102.595063][ T5844]  should_fail_ex+0x40a/0x550
[  102.595085][ T5844]  should_failslab+0xac/0x100
[  102.595102][ T5844]  __kmalloc_noprof+0xdd/0x4c0
[  102.595117][ T5844]  ? tomoyo_encode+0x26f/0x540
[  102.595135][ T5844]  tomoyo_encode+0x26f/0x540
[  102.595154][ T5844]  tomoyo_realpath_from_path+0x59e/0x5e0
[  102.595181][ T5844]  tomoyo_path_number_perm+0x239/0x770
[  102.595210][ T5844]  ? tomoyo_path_number_perm+0x209/0x770
[  102.595224][ T5844]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  102.595250][ T5844]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.595284][ T5844]  ? __pfx_ptrace_notify+0x10/0x10
[  102.595301][ T5844]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.595318][ T5844]  security_file_ioctl+0xc6/0x2a0
[  102.595332][ T5844]  __se_sys_ioctl+0x46/0x160
[  102.595347][ T5844]  do_syscall_64+0xf3/0x230
[  102.595362][ T5844]  ? clear_bhb_loop+0x45/0xa0
[  102.595378][ T5844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.595390][ T5844] RIP: 0033:0x7fba95c7bc19
[  102.595409][ T5844] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  102.595416][ T5844] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.595427][ T5844] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[pid  5844] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5844] exit_group(0)               = ?
[  102.595434][ T5844] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  102.595439][ T5844] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  102.595445][ T5844] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  102.595450][ T5844] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000007
[  102.595469][ T5844]  </TASK>
[  102.595486][ T5844] ERROR: Out of memory at tomoyo_realpath_from_path.
[pid  5844] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./7")                            = 0
mkdir("./8", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5845 attached
, child_tidptr=0x555585c27650) = 5845
[pid  5845] set_robust_list(0x555585c27660, 24) = 0
[pid  5845] chdir("./8")                = 0
[pid  5845] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5845] setpgid(0, 0)               = 0
[pid  5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5845] write(3, "1000", 4)         = 4
[pid  5845] close(3)                    = 0
[pid  5845] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5845] write(1, "executing program\n", 18) = 18
[pid  5845] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5845] ioctl(3, TIOCSETD, [15])    = 0
[pid  5845] fcntl(3, F_DUPFD, 3)        = 4
[pid  5845] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5845] write(5, "3", 1)            = 1
[  103.150913][ T5845] FAULT_INJECTION: forcing a failure.
[  103.150913][ T5845] name failslab, interval 1, probability 0, space 0, times 0
[  103.163894][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  103.163915][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  103.163924][ T5845] Call Trace:
[  103.163931][ T5845]  <TASK>
[  103.163937][ T5845]  dump_stack_lvl+0x241/0x360
[  103.163966][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.163985][ T5845]  ? __pfx__printk+0x10/0x10
[  103.164007][ T5845]  ? fs_reclaim_acquire+0x93/0x130
[  103.164028][ T5845]  ? __pfx___might_resched+0x10/0x10
[  103.164055][ T5845]  should_fail_ex+0x40a/0x550
[  103.164081][ T5845]  should_failslab+0xac/0x100
[  103.164107][ T5845]  __kmalloc_noprof+0xdd/0x4c0
[  103.164129][ T5845]  ? tomoyo_encode+0x26f/0x540
[  103.164156][ T5845]  tomoyo_encode+0x26f/0x540
[  103.164178][ T5845]  tomoyo_realpath_from_path+0x59e/0x5e0
[  103.164203][ T5845]  tomoyo_path_number_perm+0x239/0x770
[  103.164220][ T5845]  ? tomoyo_path_number_perm+0x209/0x770
[  103.164234][ T5845]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  103.164259][ T5845]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  103.164292][ T5845]  ? __pfx_ptrace_notify+0x10/0x10
[  103.164309][ T5845]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  103.164326][ T5845]  security_file_ioctl+0xc6/0x2a0
[  103.164340][ T5845]  __se_sys_ioctl+0x46/0x160
[  103.164357][ T5845]  do_syscall_64+0xf3/0x230
[  103.164379][ T5845]  ? clear_bhb_loop+0x45/0xa0
[  103.164396][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.164408][ T5845] RIP: 0033:0x7fba95c7bc19
[  103.164418][ T5845] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  103.164425][ T5845] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.164436][ T5845] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[pid  5845] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = 0
[pid  5845] exit_group(0)               = ?
[  103.164443][ T5845] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  103.164448][ T5845] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  103.164454][ T5845] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[  103.164459][ T5845] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000008
[  103.164478][ T5845]  </TASK>
[  103.164494][ T5845] ERROR: Out of memory at tomoyo_realpath_from_path.
[pid  5845] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5845, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555585c286f0 /* 3 entries */, 32768) = 80
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs")                  = 0
getdents64(3, 0x555585c286f0 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./8")                            = 0
mkdir("./9", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5846 attached
, child_tidptr=0x555585c27650) = 5846
[pid  5846] set_robust_list(0x555585c27660, 24) = 0
[pid  5846] chdir("./9")                = 0
[pid  5846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5846] setpgid(0, 0)               = 0
[pid  5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5846] write(3, "1000", 4)         = 4
[pid  5846] close(3)                    = 0
[pid  5846] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5846] write(1, "executing program\n", 18) = 18
[pid  5846] openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
[pid  5846] ioctl(3, TIOCSETD, [15])    = 0
[pid  5846] fcntl(3, F_DUPFD, 3)        = 4
[pid  5846] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid  5846] write(5, "3", 1)            = 1
[  103.613463][ T5846] FAULT_INJECTION: forcing a failure.
[  103.613463][ T5846] name failslab, interval 1, probability 0, space 0, times 0
[  103.626860][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  103.626882][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  103.626891][ T5846] Call Trace:
[  103.626899][ T5846]  <TASK>
[  103.626906][ T5846]  dump_stack_lvl+0x241/0x360
[  103.626935][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.626952][ T5846]  ? __pfx__printk+0x10/0x10
[  103.626972][ T5846]  ? __kmalloc_noprof+0xb5/0x4c0
[  103.626989][ T5846]  ? __pfx___might_resched+0x10/0x10
[  103.627007][ T5846]  should_fail_ex+0x40a/0x550
[  103.627022][ T5846]  should_failslab+0xac/0x100
[  103.627039][ T5846]  __kmalloc_noprof+0xdd/0x4c0
[  103.627053][ T5846]  ? hci_alloc_dev_priv+0x27/0x2030
[  103.627068][ T5846]  hci_alloc_dev_priv+0x27/0x2030
[  103.627086][ T5846]  hci_uart_tty_ioctl+0x3f5/0xa00
[  103.627106][ T5846]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  103.627122][ T5846]  tty_ioctl+0x998/0xdc0
[  103.627136][ T5846]  ? __pfx_tty_ioctl+0x10/0x10
[  103.627149][ T5846]  __se_sys_ioctl+0xf1/0x160
[  103.627164][ T5846]  do_syscall_64+0xf3/0x230
[  103.627178][ T5846]  ? clear_bhb_loop+0x45/0xa0
[  103.627195][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.627208][ T5846] RIP: 0033:0x7fba95c7bc19
[  103.627217][ T5846] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  103.627225][ T5846] RSP: 002b:00007ffe25b99b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.627236][ T5846] RAX: ffffffffffffffda RBX: 00007ffe25b99b50 RCX: 00007fba95c7bc19
[  103.627242][ T5846] RDX: 0000000000000002 RSI: 00000000400455c8 RDI: 0000000000000004
[  103.627248][ T5846] RBP: 0000000000000001 R08: 00007ffe25b998c7 R09: 00007fba95c371a8
[  103.627254][ T5846] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffe25b99b4c
[pid  5846] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x2) = -1 ENOMEM (Cannot allocate memory)
[pid  5846] exit_group(0)               = ?
[  103.627259][ T5846] R13: 00007ffe25b99b90 R14: 00007ffe25b99b70 R15: 0000000000000009
[  103.627278][ T5846]  </TASK>
[  103.627338][ T5846] Bluetooth: Can't allocate HCI device
[  103.845926][ T5846] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000067: 0000 [#1] PREEMPT SMP KASAN PTI
[  103.858538][ T5846] KASAN: null-ptr-deref in range [0x0000000000000338-0x000000000000033f]
[  103.866939][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz-executor747 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  103.877525][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  103.887578][ T5846] RIP: 0010:__lock_acquire+0x6a/0x2100
[  103.893035][ T5846] Code: b6 04 30 84 c0 0f 85 f8 16 00 00 45 31 f6 83 3d 2b c3 a0 0e 00 0f 84 c8 13 00 00 89 54 24 60 89 5c 24 38 4c 89 f8 48 c1 e8 03 <80> 3c 30 00 74 12 4c 89 ff e8 58 6c 8c 00 48 be 00 00 00 00 00 fc
[  103.912662][ T5846] RSP: 0018:ffffc90003f9f6d0 EFLAGS: 00010002
[  103.918724][ T5846] RAX: 0000000000000067 RBX: 0000000000000000 RCX: 0000000000000000
[  103.926697][ T5846] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000000338
[  103.934652][ T5846] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000001
[  103.942605][ T5846] R10: dffffc0000000000 R11: fffffbfff207b48f R12: ffff888032a68000
[  103.950580][ T5846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000338
[  103.958725][ T5846] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  103.967649][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  103.974215][ T5846] CR2: 00007fba95cee1d0 CR3: 000000000e938000 CR4: 00000000003526f0
[  103.982177][ T5846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  103.990137][ T5846] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  103.998111][ T5846] Call Trace:
[  104.001377][ T5846]  <TASK>
[  104.004303][ T5846]  ? __die_body+0x5f/0xb0
[  104.008632][ T5846]  ? die_addr+0xb0/0xe0
[  104.012774][ T5846]  ? exc_general_protection+0x3dd/0x5d0
[  104.018351][ T5846]  ? asm_exc_general_protection+0x26/0x30
[  104.024071][ T5846]  ? __lock_acquire+0x6a/0x2100
[  104.028926][ T5846]  ? __pfx_lock_release+0x10/0x10
[  104.033947][ T5846]  ? rcu_read_lock_any_held+0x8d/0x160
[  104.039392][ T5846]  lock_acquire+0x1ed/0x550
[  104.043891][ T5846]  ? __timer_delete_sync+0x12f/0x310
[  104.049616][ T5846]  ? rcu_is_watching+0x15/0xb0
[  104.054373][ T5846]  ? __pfx_lock_acquire+0x10/0x10
[  104.059400][ T5846]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  104.065416][ T5846]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  104.071734][ T5846]  ? __timer_delete_sync+0x12f/0x310
[  104.077006][ T5846]  __timer_delete_sync+0x148/0x310
[  104.082106][ T5846]  ? __timer_delete_sync+0x12f/0x310
[  104.087384][ T5846]  ? __pfx___timer_delete_sync+0x10/0x10
[  104.093002][ T5846]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  104.098984][ T5846]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  104.105307][ T5846]  h5_close+0x4b/0x170
[  104.109362][ T5846]  hci_uart_tty_close+0x205/0x290
[  104.114391][ T5846]  tty_ldisc_kill+0xa3/0x1a0
[  104.118969][ T5846]  tty_ldisc_release+0x1a1/0x200
[  104.123896][ T5846]  tty_release_struct+0x2b/0xe0
[  104.128735][ T5846]  tty_release+0xd06/0x12c0
[  104.133231][ T5846]  ? __pfx_tty_release+0x10/0x10
[  104.138168][ T5846]  __fput+0x3e9/0x9f0
[  104.142173][ T5846]  task_work_run+0x24f/0x310
[  104.146786][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  104.151907][ T5846]  ? switch_task_namespaces+0xe4/0x110
[  104.157366][ T5846]  do_exit+0xa2a/0x28e0
[  104.161515][ T5846]  ? __pfx_do_exit+0x10/0x10
[  104.166107][ T5846]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  104.172089][ T5846]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  104.178403][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  104.183586][ T5846]  ? lockdep_hardirqs_on+0x99/0x150
[  104.188770][ T5846]  do_group_exit+0x207/0x2c0
[  104.193352][ T5846]  __x64_sys_exit_group+0x3f/0x40
[  104.198379][ T5846]  x64_sys_call+0x26c3/0x26d0
[  104.203153][ T5846]  do_syscall_64+0xf3/0x230
[  104.207644][ T5846]  ? clear_bhb_loop+0x45/0xa0
[  104.212310][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.218200][ T5846] RIP: 0033:0x7fba95c79b79
[  104.222599][ T5846] Code: Unable to access opcode bytes at 0x7fba95c79b4f.
[  104.229595][ T5846] RSP: 002b:00007ffe25b99ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  104.237994][ T5846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fba95c79b79
[  104.245955][ T5846] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[  104.253919][ T5846] RBP: 00007fba95ced370 R08: ffffffffffffffb8 R09: 00007fba95c371a8
[  104.261894][ T5846] R10: 0000000000000001 R11: 0000000000000246 R12: 00007fba95ced370
[  104.269856][ T5846] R13: 0000000000000000 R14: 00007fba95ceddc0 R15: 00007fba95c43240
[  104.277827][ T5846]  </TASK>
[  104.280835][ T5846] Modules linked in:
[  104.284728][ T5846] ---[ end trace 0000000000000000 ]---
[  104.290164][ T5846] RIP: 0010:__lock_acquire+0x6a/0x2100
[  104.295619][ T5846] Code: b6 04 30 84 c0 0f 85 f8 16 00 00 45 31 f6 83 3d 2b c3 a0 0e 00 0f 84 c8 13 00 00 89 54 24 60 89 5c 24 38 4c 89 f8 48 c1 e8 03 <80> 3c 30 00 74 12 4c 89 ff e8 58 6c 8c 00 48 be 00 00 00 00 00 fc
[  104.315215][ T5846] RSP: 0018:ffffc90003f9f6d0 EFLAGS: 00010002
[  104.321269][ T5846] RAX: 0000000000000067 RBX: 0000000000000000 RCX: 0000000000000000
[  104.329227][ T5846] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000000338
[  104.337201][ T5846] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000001
[  104.345588][ T5846] R10: dffffc0000000000 R11: fffffbfff207b48f R12: ffff888032a68000
[  104.353555][ T5846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000338
[  104.361607][ T5846] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  104.370524][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  104.377092][ T5846] CR2: 00007fba95cee1d0 CR3: 000000000e938000 CR4: 00000000003526f0
[  104.385070][ T5846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  104.393031][ T5846] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  104.400998][ T5846] Kernel panic - not syncing: Fatal exception
[  104.407319][ T5846] Kernel Offset: disabled
[  104.411626][ T5846] Rebooting in 86400 seconds..