last executing test programs:

286.281881ms ago: executing program 0 (id=119):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run', 0x1, 0x0)

241.592676ms ago: executing program 0 (id=124):
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

241.476366ms ago: executing program 4 (id=125):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vtpmx', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vtpmx', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vtpmx', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vtpmx', 0x800, 0x0)

241.411333ms ago: executing program 0 (id=126):
syz_init_net_socket$bt_cmtp(0x1f, 0x3, 0x5)

240.752138ms ago: executing program 1 (id=129):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptp1', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptp1', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptp1', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptp1', 0x800, 0x0)

196.372536ms ago: executing program 4 (id=130):
pkey_free(0xffffffffffffffff)

195.902056ms ago: executing program 3 (id=133):
socket$l2tp(0x2, 0x2, 0x73)

195.641711ms ago: executing program 1 (id=134):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

195.424279ms ago: executing program 4 (id=135):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control', 0x800, 0x0)

195.341523ms ago: executing program 2 (id=136):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/damon/kdamond_pid', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/damon/kdamond_pid', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/damon/kdamond_pid', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/damon/kdamond_pid', 0x800, 0x0)

180.680176ms ago: executing program 1 (id=137):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl', 0x800, 0x0)

180.36656ms ago: executing program 4 (id=138):
setrlimit(0x0, &(0x7f0000000000))

174.227997ms ago: executing program 3 (id=139):
socket$nl_route(0x10, 0x3, 0x0)

128.439843ms ago: executing program 2 (id=140):
lseek(0xffffffffffffffff, 0x0, 0x0)

128.316285ms ago: executing program 4 (id=141):
fchmod(0xffffffffffffffff, 0x0)

128.184155ms ago: executing program 2 (id=142):
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000000))

128.127224ms ago: executing program 0 (id=143):
fchownat(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)

127.990263ms ago: executing program 1 (id=144):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/change-rule', 0x2, 0x0)

127.927406ms ago: executing program 3 (id=145):
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000000), 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0)

123.430402ms ago: executing program 1 (id=146):
syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$vcsu(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$vcsu(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$vcsu(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$vcsu(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$vcsu(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$vcsu(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$vcsu(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$vcsu(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$vcsu(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$vcsu(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$vcsu(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$vcsu(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$vcsu(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$vcsu(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$vcsu(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$vcsu(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$vcsu(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$vcsu(&(0x7f0000000500), 0x4, 0x800)

115.55699ms ago: executing program 2 (id=147):
capset(&(0x7f0000000000), &(0x7f0000000000))

78.454248ms ago: executing program 0 (id=148):
execveat(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), 0x0)

78.317223ms ago: executing program 3 (id=149):
statx(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000000))

78.247197ms ago: executing program 4 (id=150):
sched_setaffinity(0x0, 0x0, &(0x7f0000000000))

78.069502ms ago: executing program 1 (id=151):
syz_open_dev$floppy(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$floppy(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$floppy(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$floppy(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$floppy(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$floppy(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$floppy(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$floppy(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$floppy(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$floppy(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$floppy(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$floppy(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$floppy(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$floppy(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$floppy(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$floppy(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$floppy(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$floppy(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$floppy(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$floppy(&(0x7f0000000500), 0x4, 0x800)

77.995326ms ago: executing program 2 (id=152):
fchdir(0xffffffffffffffff)

77.780713ms ago: executing program 0 (id=153):
listxattr(&(0x7f0000000000), &(0x7f0000000000), 0x0)

77.68827ms ago: executing program 3 (id=154):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hpet', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hpet', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hpet', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hpet', 0x800, 0x0)

24.406926ms ago: executing program 2 (id=155):
mq_unlink(&(0x7f0000000000))

0s ago: executing program 3 (id=159):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vndbinder', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vndbinder', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vndbinder', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vndbinder', 0x800, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.117' (ED25519) to the list of known hosts.
[   60.593445][ T5820] cgroup: Unknown subsys name 'net'
[   60.727630][ T5820] cgroup: Unknown subsys name 'cpuset'
[   60.736226][ T5820] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   62.088980][ T5820] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   65.457139][ T5999] ==================================================================
[   65.465258][ T5999] BUG: KASAN: slab-use-after-free in binder_add_device+0x5f/0xa0
[   65.473023][ T5999] Write of size 8 at addr ffff88802884b008 by task syz-executor/5999
[   65.481124][ T5999] 
[   65.483483][ T5999] CPU: 0 UID: 0 PID: 5999 Comm: syz-executor Not tainted 6.13.0-next-20250128-syzkaller #0
[   65.483503][ T5999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   65.483523][ T5999] Call Trace:
[   65.483530][ T5999]  <TASK>
[   65.483537][ T5999]  dump_stack_lvl+0x241/0x360
[   65.483559][ T5999]  ? __pfx_dump_stack_lvl+0x10/0x10
[   65.483577][ T5999]  ? __pfx__printk+0x10/0x10
[   65.483593][ T5999]  ? _printk+0xd5/0x120
[   65.483608][ T5999]  ? __virt_addr_valid+0x183/0x530
[   65.483631][ T5999]  ? __virt_addr_valid+0x183/0x530
[   65.483654][ T5999]  print_report+0x169/0x550
[   65.483678][ T5999]  ? __virt_addr_valid+0x183/0x530
[   65.483700][ T5999]  ? __virt_addr_valid+0x183/0x530
[   65.483721][ T5999]  ? __virt_addr_valid+0x45f/0x530
[   65.483742][ T5999]  ? __phys_addr+0xba/0x170
[   65.483765][ T5999]  ? binder_add_device+0x5f/0xa0
[   65.483788][ T5999]  kasan_report+0x143/0x180
[   65.483812][ T5999]  ? binder_add_device+0x5f/0xa0
[   65.483837][ T5999]  binder_add_device+0x5f/0xa0
[   65.483860][ T5999]  binderfs_binder_device_create+0x7bf/0x9c0
[   65.483886][ T5999]  binderfs_fill_super+0x944/0xd90
[   65.483911][ T5999]  ? __pfx_binderfs_fill_super+0x10/0x10
[   65.483942][ T5999]  ? shrinker_register+0x160/0x230
[   65.483963][ T5999]  ? sget_fc+0x909/0x9c0
[   65.483981][ T5999]  ? __pfx_set_anon_super_fc+0x10/0x10
[   65.483997][ T5999]  ? __pfx_binderfs_fill_super+0x10/0x10
[   65.484016][ T5999]  get_tree_nodev+0xb7/0x140
[   65.484036][ T5999]  vfs_get_tree+0x90/0x2b0
[   65.484058][ T5999]  do_new_mount+0x2be/0xb40
[   65.484084][ T5999]  ? __pfx_do_new_mount+0x10/0x10
[   65.484103][ T5999]  __se_sys_mount+0x2d6/0x3c0
[   65.484120][ T5999]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   65.484143][ T5999]  ? __pfx___se_sys_mount+0x10/0x10
[   65.484160][ T5999]  ? do_syscall_64+0x100/0x230
[   65.484179][ T5999]  ? __x64_sys_mount+0x20/0xc0
[   65.484196][ T5999]  do_syscall_64+0xf3/0x230
[   65.484213][ T5999]  ? clear_bhb_loop+0x35/0x90
[   65.484236][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.484258][ T5999] RIP: 0033:0x7f2a5bb8e4ca
[   65.484278][ T5999] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.484291][ T5999] RSP: 002b:00007ffe8ec74d28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   65.484310][ T5999] RAX: ffffffffffffffda RBX: 00007f2a5bc0e663 RCX: 00007f2a5bb8e4ca
[   65.484321][ T5999] RDX: 00007f2a5bc1dd57 RSI: 00007f2a5bc0e663 RDI: 00007f2a5bc1dd57
[   65.484333][ T5999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   65.484343][ T5999] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2a5bc28440
[   65.484354][ T5999] R13: 00007ffe8ec74da8 R14: 0000000000000009 R15: 0000000000000000
[   65.484370][ T5999]  </TASK>
[   65.484376][ T5999] 
[   65.756660][ T5999] Allocated by task 5830:
[   65.760982][ T5999]  kasan_save_track+0x3f/0x80
[   65.765754][ T5999]  __kasan_kmalloc+0x98/0xb0
[   65.770614][ T5999]  __kmalloc_cache_noprof+0x243/0x390
[   65.775979][ T5999]  binderfs_binder_device_create+0x16c/0x9c0
[   65.782040][ T5999]  binderfs_fill_super+0x944/0xd90
[   65.787236][ T5999]  get_tree_nodev+0xb7/0x140
[   65.791825][ T5999]  vfs_get_tree+0x90/0x2b0
[   65.796245][ T5999]  do_new_mount+0x2be/0xb40
[   65.800739][ T5999]  __se_sys_mount+0x2d6/0x3c0
[   65.805409][ T5999]  do_syscall_64+0xf3/0x230
[   65.809901][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.815803][ T5999] 
[   65.818129][ T5999] Freed by task 5830:
[   65.822095][ T5999]  kasan_save_track+0x3f/0x80
[   65.826771][ T5999]  kasan_save_free_info+0x40/0x50
[   65.831786][ T5999]  __kasan_slab_free+0x59/0x70
[   65.836546][ T5999]  kfree+0x196/0x430
[   65.840432][ T5999]  evict+0x4e8/0x9a0
[   65.844320][ T5999]  __dentry_kill+0x20d/0x630
[   65.848905][ T5999]  shrink_kill+0xa9/0x2c0
[   65.853233][ T5999]  shrink_dentry_list+0x2c0/0x5b0
[   65.858334][ T5999]  shrink_dcache_parent+0xcb/0x3b0
[   65.863435][ T5999]  do_one_tree+0x23/0xe0
[   65.867666][ T5999]  shrink_dcache_for_umount+0xb4/0x180
[   65.873118][ T5999]  generic_shutdown_super+0x6a/0x2d0
[   65.878412][ T5999]  kill_litter_super+0x76/0xb0
[   65.883314][ T5999]  binderfs_kill_super+0x44/0x90
[   65.888249][ T5999]  deactivate_locked_super+0xc4/0x130
[   65.893650][ T5999]  cleanup_mnt+0x41f/0x4b0
[   65.898056][ T5999]  task_work_run+0x24f/0x310
[   65.902643][ T5999]  do_exit+0xa2a/0x28e0
[   65.906789][ T5999]  do_group_exit+0x207/0x2c0
[   65.911408][ T5999]  get_signal+0x16b2/0x1750
[   65.915898][ T5999]  arch_do_signal_or_restart+0x96/0x860
[   65.921468][ T5999]  syscall_exit_to_user_mode+0xce/0x340
[   65.927007][ T5999]  do_syscall_64+0x100/0x230
[   65.931594][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.937479][ T5999] 
[   65.939792][ T5999] The buggy address belongs to the object at ffff88802884b000
[   65.939792][ T5999]  which belongs to the cache kmalloc-512 of size 512
[   65.953833][ T5999] The buggy address is located 8 bytes inside of
[   65.953833][ T5999]  freed 512-byte region [ffff88802884b000, ffff88802884b200)
[   65.967445][ T5999] 
[   65.969773][ T5999] The buggy address belongs to the physical page:
[   65.976270][ T5999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28848
[   65.985026][ T5999] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   65.993697][ T5999] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   66.001840][ T5999] page_type: f5(slab)
[   66.005810][ T5999] raw: 00fff00000000040 ffff88801ac41c80 0000000000000000 dead000000000001
[   66.014390][ T5999] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   66.022978][ T5999] head: 00fff00000000040 ffff88801ac41c80 0000000000000000 dead000000000001
[   66.031641][ T5999] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   66.040299][ T5999] head: 00fff00000000002 ffffea0000a21201 ffffffffffffffff 0000000000000000
[   66.048977][ T5999] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   66.057630][ T5999] page dumped because: kasan: bad access detected
[   66.064125][ T5999] page_owner tracks the page as allocated
[   66.069829][ T5999] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 34092901370, free_ts 34050311789
[   66.090741][ T5999]  post_alloc_hook+0x1f4/0x240
[   66.095503][ T5999]  get_page_from_freelist+0x365c/0x37a0
[   66.101054][ T5999]  __alloc_frozen_pages_noprof+0x292/0x710
[   66.106858][ T5999]  alloc_pages_mpol+0x311/0x660
[   66.111695][ T5999]  allocate_slab+0x8f/0x3a0
[   66.116195][ T5999]  ___slab_alloc+0xc27/0x14a0
[   66.120866][ T5999]  __slab_alloc+0x58/0xa0
[   66.125187][ T5999]  __kmalloc_cache_noprof+0x27b/0x390
[   66.130546][ T5999]  kernfs_fop_open+0x3e0/0xd10
[   66.135299][ T5999]  do_dentry_open+0xdec/0x1960
[   66.140141][ T5999]  vfs_open+0x3b/0x370
[   66.144459][ T5999]  path_openat+0x2c81/0x3590
[   66.149040][ T5999]  do_filp_open+0x27f/0x4e0
[   66.153534][ T5999]  do_sys_openat2+0x13e/0x1d0
[   66.158198][ T5999]  __x64_sys_openat+0x247/0x2a0
[   66.163042][ T5999]  do_syscall_64+0xf3/0x230
[   66.167537][ T5999] page last free pid 5217 tgid 5217 stack trace:
[   66.173846][ T5999]  free_frozen_pages+0xe0d/0x10e0
[   66.178951][ T5999]  __slab_free+0x2c2/0x380
[   66.183365][ T5999]  qlist_free_all+0x9a/0x140
[   66.187951][ T5999]  kasan_quarantine_reduce+0x14f/0x170
[   66.193402][ T5999]  __kasan_slab_alloc+0x23/0x80
[   66.198250][ T5999]  __kmalloc_noprof+0x236/0x4c0
[   66.203090][ T5999]  tomoyo_realpath_from_path+0xcf/0x5e0
[   66.208718][ T5999]  tomoyo_path_perm+0x2b7/0x740
[   66.213660][ T5999]  security_inode_getattr+0x130/0x330
[   66.219144][ T5999]  vfs_getattr+0x2a/0x3a0
[   66.223486][ T5999]  vfs_fstatat+0xa8/0x130
[   66.227808][ T5999]  __x64_sys_newfstatat+0x117/0x190
[   66.233010][ T5999]  do_syscall_64+0xf3/0x230
[   66.237679][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.243580][ T5999] 
[   66.245911][ T5999] Memory state around the buggy address:
[   66.251533][ T5999]  ffff88802884af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   66.259584][ T5999]  ffff88802884af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.267642][ T5999] >ffff88802884b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.275729][ T5999]                       ^
[   66.280074][ T5999]  ffff88802884b080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.288134][ T5999]  ffff88802884b100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.296182][ T5999] ==================================================================
[   66.408830][ T5999] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   66.416078][ T5999] CPU: 0 UID: 0 PID: 5999 Comm: syz-executor Not tainted 6.13.0-next-20250128-syzkaller #0
[   66.426265][ T5999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   66.436425][ T5999] Call Trace:
[   66.439711][ T5999]  <TASK>
[   66.442649][ T5999]  dump_stack_lvl+0x241/0x360
[   66.447530][ T5999]  ? __pfx_dump_stack_lvl+0x10/0x10
[   66.452743][ T5999]  ? __pfx__printk+0x10/0x10
[   66.457350][ T5999]  ? vscnprintf+0x5d/0x90
[   66.461700][ T5999]  panic+0x349/0x880
[   66.465608][ T5999]  ? check_panic_on_warn+0x21/0xb0
[   66.470722][ T5999]  ? __pfx_panic+0x10/0x10
[   66.475141][ T5999]  ? check_panic_on_warn+0x21/0xb0
[   66.480513][ T5999]  ? check_panic_on_warn+0x72/0xb0
[   66.485626][ T5999]  check_panic_on_warn+0x86/0xb0
[   66.490572][ T5999]  ? binder_add_device+0x5f/0xa0
[   66.495510][ T5999]  end_report+0x77/0x160
[   66.499752][ T5999]  kasan_report+0x154/0x180
[   66.504341][ T5999]  ? binder_add_device+0x5f/0xa0
[   66.509363][ T5999]  binder_add_device+0x5f/0xa0
[   66.514158][ T5999]  binderfs_binder_device_create+0x7bf/0x9c0
[   66.520261][ T5999]  binderfs_fill_super+0x944/0xd90
[   66.525516][ T5999]  ? __pfx_binderfs_fill_super+0x10/0x10
[   66.531185][ T5999]  ? shrinker_register+0x160/0x230
[   66.536321][ T5999]  ? sget_fc+0x909/0x9c0
[   66.540670][ T5999]  ? __pfx_set_anon_super_fc+0x10/0x10
[   66.546172][ T5999]  ? __pfx_binderfs_fill_super+0x10/0x10
[   66.551831][ T5999]  get_tree_nodev+0xb7/0x140
[   66.556430][ T5999]  vfs_get_tree+0x90/0x2b0
[   66.560864][ T5999]  do_new_mount+0x2be/0xb40
[   66.565385][ T5999]  ? __pfx_do_new_mount+0x10/0x10
[   66.570430][ T5999]  __se_sys_mount+0x2d6/0x3c0
[   66.575378][ T5999]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   66.581369][ T5999]  ? __pfx___se_sys_mount+0x10/0x10
[   66.586577][ T5999]  ? do_syscall_64+0x100/0x230
[   66.591338][ T5999]  ? __x64_sys_mount+0x20/0xc0
[   66.596131][ T5999]  do_syscall_64+0xf3/0x230
[   66.600628][ T5999]  ? clear_bhb_loop+0x35/0x90
[   66.605305][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.611193][ T5999] RIP: 0033:0x7f2a5bb8e4ca
[   66.615616][ T5999] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.635651][ T5999] RSP: 002b:00007ffe8ec74d28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.644091][ T5999] RAX: ffffffffffffffda RBX: 00007f2a5bc0e663 RCX: 00007f2a5bb8e4ca
[   66.652238][ T5999] RDX: 00007f2a5bc1dd57 RSI: 00007f2a5bc0e663 RDI: 00007f2a5bc1dd57
[   66.660477][ T5999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   66.668458][ T5999] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2a5bc28440
[   66.676439][ T5999] R13: 00007ffe8ec74da8 R14: 0000000000000009 R15: 0000000000000000
[   66.684521][ T5999]  </TASK>
[   66.687812][ T5999] Kernel Offset: disabled
[   66.692211][ T5999] Rebooting in 86400 seconds..