Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts.
1970/01/01 00:00:42 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:43 parsed 1 programs
[   46.740591][ T6493] cgroup: Unknown subsys name 'net'
[   47.008981][ T6493] cgroup: Unknown subsys name 'cpuset'
[   47.012793][ T6493] cgroup: Unknown subsys name 'rlimit'
[   47.303547][ T6493] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
[   62.305649][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.307771][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.309861][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.312359][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.313431][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.412467][ T6500] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   63.194152][ T6524] chnl_net:caif_netlink_parms(): no params data found
[   63.297143][ T6524] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.299777][ T6524] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.299933][ T6524] bridge_slave_0: entered allmulticast mode
[   63.300980][ T6524] bridge_slave_0: entered promiscuous mode
[   63.304202][ T6524] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.304278][ T6524] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.304374][ T6524] bridge_slave_1: entered allmulticast mode
[   63.305424][ T6524] bridge_slave_1: entered promiscuous mode
[   63.326870][ T6524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.328454][ T6524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.344208][ T6524] team0: Port device team_slave_0 added
[   63.345809][ T6524] team0: Port device team_slave_1 added
[   63.389711][ T6524] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.389767][ T6524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.389796][ T6524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.391262][ T6524] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.391289][ T6524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.391317][ T6524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.425826][ T6524] hsr_slave_0: entered promiscuous mode
[   63.428104][ T6524] hsr_slave_1: entered promiscuous mode
[   63.545224][ T6524] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.551790][ T6524] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.555853][ T6524] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.559836][ T6524] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.575218][ T6524] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.575339][ T6524] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.575665][ T6524] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.575744][ T6524] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.610337][ T6524] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.617849][  T689] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.620155][  T689] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.627866][ T6524] 8021q: adding VLAN 0 to HW filter on device team0
[   63.632264][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.632344][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.641750][ T2210] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.641830][ T2210] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.738911][ T6524] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.760465][ T6524] veth0_vlan: entered promiscuous mode
[   63.763666][ T6524] veth1_vlan: entered promiscuous mode
[   63.780640][ T6524] veth0_macvtap: entered promiscuous mode
[   63.782578][ T6524] veth1_macvtap: entered promiscuous mode
[   63.790513][ T6524] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.792625][ T6524] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.798910][ T6524] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.798997][ T6524] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.799029][ T6524] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.799060][ T6524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.149384][ T2210] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.245422][ T2210] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.358940][ T2210] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.439739][ T2210] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.719219][ T2392] ieee802154 phy0 wpan0: encryption failed: -22
[   64.719327][ T2392] ieee802154 phy1 wpan1: encryption failed: -22
[   64.873240][  T689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.873327][  T689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.893717][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.893773][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
1970/01/01 00:01:05 executed programs: 0
[   65.710723][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   65.711586][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   65.711926][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   65.712561][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   65.713142][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.813859][ T6587] chnl_net:caif_netlink_parms(): no params data found
[   65.855081][ T6587] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.855185][ T6587] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.855318][ T6587] bridge_slave_0: entered allmulticast mode
[   65.856232][ T6587] bridge_slave_0: entered promiscuous mode
[   65.857947][ T6587] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.858040][ T6587] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.858163][ T6587] bridge_slave_1: entered allmulticast mode
[   65.859028][ T6587] bridge_slave_1: entered promiscuous mode
[   65.879780][ T6587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.881557][ T6587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.897345][ T6587] team0: Port device team_slave_0 added
[   65.898967][ T6587] team0: Port device team_slave_1 added
[   65.913778][ T6587] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.913837][ T6587] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.913866][ T6587] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.914956][ T6587] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.914981][ T6587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.915016][ T6587] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.945286][ T6587] hsr_slave_0: entered promiscuous mode
[   65.945845][ T6587] hsr_slave_1: entered promiscuous mode
[   65.946891][ T6587] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.947018][ T6587] Cannot create hsr debugfs directory
[   67.333459][ T2210] bridge_slave_1: left allmulticast mode
[   67.333548][ T2210] bridge_slave_1: left promiscuous mode
[   67.333983][ T2210] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.337952][ T2210] bridge_slave_0: left allmulticast mode
[   67.337988][ T2210] bridge_slave_0: left promiscuous mode
[   67.338097][ T2210] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.756741][ T6060] Bluetooth: hci0: command tx timeout
[   68.939777][ T2210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.979055][ T2210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   69.017875][ T2210] bond0 (unregistering): Released all slaves
[   69.098755][ T2210] hsr_slave_0: left promiscuous mode
[   69.100231][ T2210] hsr_slave_1: left promiscuous mode
[   69.100760][ T2210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.100804][ T2210] batman_adv: batadv0: Removing interface: batadv_slave_0
[   69.108392][ T2210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   69.110544][ T2210] batman_adv: batadv0: Removing interface: batadv_slave_1
[   69.121631][ T2210] veth1_macvtap: left promiscuous mode
[   69.123336][ T2210] veth0_macvtap: left promiscuous mode
[   69.125303][ T2210] veth1_vlan: left promiscuous mode
[   69.131467][ T2210] veth0_vlan: left promiscuous mode
[   69.836773][ T6060] Bluetooth: hci0: command tx timeout
[   69.837951][   T24] cfg80211: failed to load regulatory.db
[   71.208276][ T2210] team0 (unregistering): Port device team_slave_1 removed
[   71.397633][ T2210] team0 (unregistering): Port device team_slave_0 removed
[   71.916550][ T6060] Bluetooth: hci0: command tx timeout
[   73.938577][ T6587] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   73.943666][ T6587] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   73.951268][ T6587] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   73.955516][ T6587] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   73.996209][ T6060] Bluetooth: hci0: command tx timeout
[   74.041364][ T6587] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.048504][ T6587] 8021q: adding VLAN 0 to HW filter on device team0
[   74.056407][  T607] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.056483][  T607] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.062078][  T607] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.062167][  T607] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.433995][ T6587] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.451766][ T6587] veth0_vlan: entered promiscuous mode
[   74.454706][ T6587] veth1_vlan: entered promiscuous mode
[   74.468145][ T6587] veth0_macvtap: entered promiscuous mode
[   74.469936][ T6587] veth1_macvtap: entered promiscuous mode
[   74.475435][ T6587] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.485785][ T6587] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.487393][ T6587] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.487432][ T6587] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.487463][ T6587] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.487493][ T6587] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.548795][ T4438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.548853][ T4438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.571049][  T245] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.571108][  T245] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
1970/01/01 00:01:14 executed programs: 2
1970/01/01 00:01:19 executed programs: 225
1970/01/01 00:01:24 executed programs: 447
[   88.261461][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   88.264351][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   88.266631][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   88.267310][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   88.267716][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   88.353589][ T7842] chnl_net:caif_netlink_parms(): no params data found
[   88.431338][ T7842] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.431443][ T7842] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.431560][ T7842] bridge_slave_0: entered allmulticast mode
[   88.432423][ T7842] bridge_slave_0: entered promiscuous mode
[   88.433962][ T7842] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.434042][ T7842] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.434140][ T7842] bridge_slave_1: entered allmulticast mode
[   88.434997][ T7842] bridge_slave_1: entered promiscuous mode
[   88.452098][ T7842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.453889][ T7842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.467243][ T7842] team0: Port device team_slave_0 added
[   88.469958][ T7842] team0: Port device team_slave_1 added
[   88.483504][ T7842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.483557][ T7842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.483586][ T7842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.484764][ T7842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.484791][ T7842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.484819][ T7842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.517788][ T7842] hsr_slave_0: entered promiscuous mode
[   88.518357][ T7842] hsr_slave_1: entered promiscuous mode
[   88.898429][  T245] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.978264][  T245] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.058337][  T245] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.148705][  T245] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.352807][  T245] bridge_slave_1: left allmulticast mode
[   89.352876][  T245] bridge_slave_1: left promiscuous mode
[   89.353016][  T245] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.358854][  T245] bridge_slave_0: left allmulticast mode
[   89.358888][  T245] bridge_slave_0: left promiscuous mode
[   89.359015][  T245] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.316271][   T55] Bluetooth: hci1: command tx timeout
[   90.938849][  T245] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   90.979245][  T245] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   91.047689][  T245] bond0 (unregistering): Released all slaves
[   91.595551][  T245] hsr_slave_0: left promiscuous mode
[   91.597892][  T245] hsr_slave_1: left promiscuous mode
[   91.598289][  T245] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   91.598327][  T245] batman_adv: batadv0: Removing interface: batadv_slave_0
[   91.599849][  T245] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   91.599880][  T245] batman_adv: batadv0: Removing interface: batadv_slave_1
[   91.614575][  T245] veth1_macvtap: left promiscuous mode
[   91.614670][  T245] veth0_macvtap: left promiscuous mode
[   91.614764][  T245] veth1_vlan: left promiscuous mode
[   91.614834][  T245] veth0_vlan: left promiscuous mode
[   92.396712][   T55] Bluetooth: hci1: command tx timeout
[   93.447981][  T245] team0 (unregistering): Port device team_slave_1 removed
[   93.667702][  T245] team0 (unregistering): Port device team_slave_0 removed
[   94.476215][   T55] Bluetooth: hci1: command tx timeout
[   96.149087][ T7842] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   96.150816][ T7842] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.153127][ T7842] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.155225][ T7842] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.201114][ T7842] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.209192][ T7842] 8021q: adding VLAN 0 to HW filter on device team0
[   96.213653][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.213729][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.220513][ T2210] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.220784][ T2210] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.315384][ T7842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.374581][ T7842] veth0_vlan: entered promiscuous mode
[   96.379029][ T7842] veth1_vlan: entered promiscuous mode
[   96.390868][ T7842] veth0_macvtap: entered promiscuous mode
[   96.392647][ T7842] veth1_macvtap: entered promiscuous mode
[   96.402979][ T7842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.407989][ T7842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.409468][ T7842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.409508][ T7842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.409539][ T7842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.409569][ T7842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.452765][  T245] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.452822][  T245] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.467677][  T245] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.469642][  T245] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.479923][ T7842] ==================================================================
[   96.479949][ T7842] BUG: KASAN: slab-use-after-free in binder_add_device+0x64/0xac
[   96.479975][ T7842] Write of size 8 at addr ffff0000da230408 by task syz-executor/7842
[   96.479992][ T7842] 
[   96.480003][ T7842] CPU: 1 UID: 0 PID: 7842 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller-ge0f4c8dd9d2d #0 PREEMPT 
[   96.480017][ T7842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   96.480034][ T7842] Call trace:
[   96.480038][ T7842]  show_stack+0x2c/0x3c (C)
[   96.480051][ T7842]  __dump_stack+0x30/0x40
[   96.480063][ T7842]  dump_stack_lvl+0xd8/0x12c
[   96.480073][ T7842]  print_address_description+0xa8/0x254
[   96.480088][ T7842]  print_report+0x68/0x84
[   96.480101][ T7842]  kasan_report+0xb0/0x110
[   96.480117][ T7842]  __asan_report_store8_noabort+0x20/0x2c
[   96.480128][ T7842]  binder_add_device+0x64/0xac
[   96.480142][ T7842]  binderfs_binder_device_create+0x7d0/0x9d0
[   96.480156][ T7842]  binderfs_fill_super+0x7c8/0xc54
[   96.480170][ T7842]  get_tree_nodev+0xb4/0x144
[   96.480182][ T7842]  binderfs_fs_context_get_tree+0x28/0x38
[   96.480196][ T7842]  vfs_get_tree+0x90/0x28c
[   96.480207][ T7842]  do_new_mount+0x228/0x814
[   96.480219][ T7842]  path_mount+0x5b4/0xde0
[   96.480230][ T7842]  __arm64_sys_mount+0x3e8/0x468
[   96.480242][ T7842]  invoke_syscall+0x98/0x2b8
[   96.480252][ T7842]  el0_svc_common+0x130/0x23c
[   96.480262][ T7842]  do_el0_svc+0x48/0x58
[   96.480272][ T7842]  el0_svc+0x58/0x150
[   96.480284][ T7842]  el0t_64_sync_handler+0x78/0x108
[   96.480297][ T7842]  el0t_64_sync+0x198/0x19c
[   96.480308][ T7842] 
[   96.480432][ T7842] Allocated by task 6587:
[   96.480444][ T7842]  kasan_save_track+0x40/0x78
[   96.480462][ T7842]  kasan_save_alloc_info+0x44/0x54
[   96.480477][ T7842]  __kasan_kmalloc+0x9c/0xb4
[   96.480494][ T7842]  __kmalloc_cache_noprof+0x2a4/0x3fc
[   96.480512][ T7842]  binderfs_binder_device_create+0x174/0x9d0
[   96.480531][ T7842]  binderfs_fill_super+0x7c8/0xc54
[   96.480548][ T7842]  get_tree_nodev+0xb4/0x144
[   96.480564][ T7842]  binderfs_fs_context_get_tree+0x28/0x38
[   96.480582][ T7842]  vfs_get_tree+0x90/0x28c
[   96.480597][ T7842]  do_new_mount+0x228/0x814
[   96.480612][ T7842]  path_mount+0x5b4/0xde0
[   96.480627][ T7842]  __arm64_sys_mount+0x3e8/0x468
[   96.480643][ T7842]  invoke_syscall+0x98/0x2b8
[   96.480657][ T7842]  el0_svc_common+0x130/0x23c
[   96.480671][ T7842]  do_el0_svc+0x48/0x58
[   96.480685][ T7842]  el0_svc+0x58/0x150
[   96.480700][ T7842]  el0t_64_sync_handler+0x78/0x108
[   96.480717][ T7842]  el0t_64_sync+0x198/0x19c
[   96.480731][ T7842] 
[   96.480740][ T7842] Freed by task 26:
1970/01/01 00:01:36 executed programs: 602
[   96.480751][ T7842]  kasan_save_track+0x40/0x78
[   96.480768][ T7842]  kasan_save_free_info+0x58/0x70
[   96.480783][ T7842]  __kasan_slab_free+0x68/0x88
[   96.480800][ T7842]  kfree+0x17c/0x474
[   96.480817][ T7842]  binder_proc_dec_tmpref+0x1e0/0x458
[   96.480833][ T7842]  binder_deferred_func+0x10a8/0x11f0
[   96.480875][ T7842]  process_one_work+0x7e8/0x156c
[   96.480895][ T7842]  worker_thread+0x958/0xed8
[   96.480917][ T7842]  kthread+0x5fc/0x75c
[   96.480934][ T7842]  ret_from_fork+0x10/0x20
[   96.480950][ T7842] 
[   96.480959][ T7842] The buggy address belongs to the object at ffff0000da230400
[   96.480959][ T7842]  which belongs to the cache kmalloc-512 of size 512
[   96.480975][ T7842] The buggy address is located 8 bytes inside of
[   96.480975][ T7842]  freed 512-byte region [ffff0000da230400, ffff0000da230600)
[   96.480993][ T7842] 
[   96.481002][ T7842] The buggy address belongs to the physical page:
[   96.481013][ T7842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11a230
[   96.481048][ T7842] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   96.481064][ T7842] anon flags: 0x5ffc00000000040(head|node=0|zone=2|lastcpupid=0x7ff)
[   96.481082][ T7842] page_type: f5(slab)
[   96.481098][ T7842] raw: 05ffc00000000040 ffff0000c0001c80 0000000000000000 dead000000000001
[   96.481115][ T7842] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   96.481132][ T7842] head: 05ffc00000000040 ffff0000c0001c80 0000000000000000 dead000000000001
[   96.481148][ T7842] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   96.481165][ T7842] head: 05ffc00000000002 fffffdffc3688c01 00000000ffffffff 00000000ffffffff
[   96.481181][ T7842] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   96.481195][ T7842] page dumped because: kasan: bad access detected
[   96.481206][ T7842] 
[   96.481216][ T7842] Memory state around the buggy address:
[   96.481228][ T7842]  ffff0000da230300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   96.481242][ T7842]  ffff0000da230380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   96.481255][ T7842] >ffff0000da230400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   96.481267][ T7842]                       ^
[   96.481279][ T7842]  ffff0000da230480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   96.481293][ T7842]  ffff0000da230500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   96.481305][ T7842] ==================================================================
[   96.487611][ T7842] Disabling lock debugging due to kernel taint
[   96.557030][   T55] Bluetooth: hci1: command tx timeout
1970/01/01 00:01:41 executed programs: 824