last executing test programs:
822.347994ms ago: executing program 1 (id=119):
process_mrelease(0xffffffffffffffff, 0x0)
793.611309ms ago: executing program 1 (id=125):
inotify_init()
692.792475ms ago: executing program 1 (id=135):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1', 0x800, 0x0)
467.717818ms ago: executing program 2 (id=153):
syz_open_dev$media(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$media(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$media(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$media(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$media(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$media(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$media(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$media(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$media(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$media(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$media(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$media(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$media(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$media(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$media(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$media(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$media(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$media(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$media(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$media(&(0x7f0000000500), 0x4, 0x800)
466.926986ms ago: executing program 4 (id=156):
finit_module(0xffffffffffffffff, &(0x7f0000000000), 0x0)
439.428107ms ago: executing program 0 (id=157):
futimesat(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000000))
427.178973ms ago: executing program 2 (id=159):
removexattr(&(0x7f0000000000), &(0x7f0000000000))
427.056265ms ago: executing program 4 (id=160):
timer_create(0x0, &(0x7f0000000000), &(0x7f0000000000))
426.940163ms ago: executing program 5 (id=161):
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)
348.124691ms ago: executing program 0 (id=162):
poll(&(0x7f0000000000), 0x0, 0x0)
347.787619ms ago: executing program 5 (id=164):
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), 0x0)
347.627184ms ago: executing program 0 (id=165):
socket$nl_rdma(0x10, 0x3, 0x14)
347.503384ms ago: executing program 2 (id=166):
preadv2(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
347.401016ms ago: executing program 4 (id=167):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/acpi_thermal_rel', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/acpi_thermal_rel', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/acpi_thermal_rel', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/acpi_thermal_rel', 0x800, 0x0)
327.334377ms ago: executing program 5 (id=169):
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x1)
syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x2)
syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x800)
syz_open_dev$MSR(&(0x7f0000000140), 0x1, 0x0)
syz_open_dev$MSR(&(0x7f0000000180), 0x1, 0x1)
syz_open_dev$MSR(&(0x7f00000001c0), 0x1, 0x2)
syz_open_dev$MSR(&(0x7f0000000200), 0x1, 0x800)
syz_open_dev$MSR(&(0x7f0000000240), 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000280), 0x2, 0x1)
syz_open_dev$MSR(&(0x7f00000002c0), 0x2, 0x2)
syz_open_dev$MSR(&(0x7f0000000300), 0x2, 0x800)
syz_open_dev$MSR(&(0x7f0000000340), 0x3, 0x0)
syz_open_dev$MSR(&(0x7f0000000380), 0x3, 0x1)
syz_open_dev$MSR(&(0x7f00000003c0), 0x3, 0x2)
syz_open_dev$MSR(&(0x7f0000000400), 0x3, 0x800)
syz_open_dev$MSR(&(0x7f0000000440), 0x4, 0x0)
syz_open_dev$MSR(&(0x7f0000000480), 0x4, 0x1)
syz_open_dev$MSR(&(0x7f00000004c0), 0x4, 0x2)
syz_open_dev$MSR(&(0x7f0000000500), 0x4, 0x800)
299.386306ms ago: executing program 0 (id=170):
prlimit64(0x0, 0x0, 0x0, 0x0)
299.124285ms ago: executing program 4 (id=171):
personality(0x0)
294.23351ms ago: executing program 2 (id=172):
delete_module(&(0x7f0000000000), 0x0)
294.101183ms ago: executing program 3 (id=173):
set_tid_address(&(0x7f0000000000))
292.594176ms ago: executing program 0 (id=174):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwbinder', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwbinder', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwbinder', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwbinder', 0x800, 0x0)
223.932601ms ago: executing program 3 (id=175):
vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)
223.602152ms ago: executing program 4 (id=176):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/damon/schemes', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/damon/schemes', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/damon/schemes', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/damon/schemes', 0x800, 0x0)
223.410809ms ago: executing program 5 (id=177):
socket$inet_udp(0x2, 0x2, 0x0)
223.341712ms ago: executing program 0 (id=178):
setgid(0x0)
223.131169ms ago: executing program 2 (id=179):
tkill(0x0, 0x0)
223.011706ms ago: executing program 4 (id=180):
socket$rxrpc(0x21, 0x2, 0x0)
222.865703ms ago: executing program 5 (id=181):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sgx_provision', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sgx_provision', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sgx_provision', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sgx_provision', 0x800, 0x0)
222.576327ms ago: executing program 2 (id=182):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/commit_pending_bools', 0x1, 0x0)
123.913273ms ago: executing program 3 (id=184):
socket$pppoe(0x18, 0x1, 0x0)
104.717737ms ago: executing program 3 (id=187):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hpet', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hpet', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hpet', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hpet', 0x800, 0x0)
104.649495ms ago: executing program 5 (id=188):
socket$vsock_dgram(0x28, 0x2, 0x0)
56.666242ms ago: executing program 1 (id=189):
socket$nl_xfrm(0x10, 0x3, 0x6)
38.986923ms ago: executing program 3 (id=190):
munlockall()
38.894612ms ago: executing program 1 (id=191):
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
1.175691ms ago: executing program 3 (id=193):
process_madvise(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
0s ago: executing program 1 (id=194):
socket$l2tp6(0xa, 0x2, 0x73)
kernel console output (not intermixed with test programs):
Warning: Permanently added '[localhost]:50973' (ED25519) to the list of known hosts.
[ 64.777446][ T5295] cgroup: Unknown subsys name 'net'
[ 64.846622][ T5295] cgroup: Unknown subsys name 'cpuset'
[ 64.850425][ T5295] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 66.275340][ T5295] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 71.291405][ T5389] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 71.687591][ T5433] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 72.832985][ T5513] ==================================================================
[ 72.836091][ T5513] BUG: KASAN: slab-use-after-free in binder_add_device+0x5f/0xa0
[ 72.839165][ T5513] Write of size 8 at addr ffff888045f7b408 by task syz-executor/5513
[ 72.843300][ T5513]
[ 72.844265][ T5513] CPU: 0 UID: 0 PID: 5513 Comm: syz-executor Not tainted 6.13.0-syzkaller-09147-ge2ee2e9b1590 #0
[ 72.844277][ T5513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 72.844284][ T5513] Call Trace:
[ 72.844290][ T5513]
[ 72.844295][ T5513] dump_stack_lvl+0x241/0x360
[ 72.844312][ T5513] ? __pfx_dump_stack_lvl+0x10/0x10
[ 72.844323][ T5513] ? __pfx__printk+0x10/0x10
[ 72.844338][ T5513] ? _printk+0xd5/0x120
[ 72.844351][ T5513] ? __virt_addr_valid+0x183/0x530
[ 72.844365][ T5513] ? __virt_addr_valid+0x183/0x530
[ 72.844379][ T5513] print_report+0x169/0x550
[ 72.844393][ T5513] ? __virt_addr_valid+0x183/0x530
[ 72.844407][ T5513] ? __virt_addr_valid+0x183/0x530
[ 72.844420][ T5513] ? __virt_addr_valid+0x45f/0x530
[ 72.844434][ T5513] ? __phys_addr+0xba/0x170
[ 72.844448][ T5513] ? binder_add_device+0x5f/0xa0
[ 72.844460][ T5513] kasan_report+0x143/0x180
[ 72.844471][ T5513] ? binder_add_device+0x5f/0xa0
[ 72.844483][ T5513] binder_add_device+0x5f/0xa0
[ 72.844502][ T5513] binderfs_binder_device_create+0x7bf/0x9c0
[ 72.844517][ T5513] binderfs_fill_super+0x944/0xd90
[ 72.844531][ T5513] ? __pfx_binderfs_fill_super+0x10/0x10
[ 72.844546][ T5513] ? shrinker_register+0x160/0x230
[ 72.844559][ T5513] ? sget_fc+0x909/0x9c0
[ 72.844571][ T5513] ? __pfx_set_anon_super_fc+0x10/0x10
[ 72.844584][ T5513] ? __pfx_binderfs_fill_super+0x10/0x10
[ 72.844595][ T5513] get_tree_nodev+0xb7/0x140
[ 72.844607][ T5513] vfs_get_tree+0x90/0x2b0
[ 72.844621][ T5513] do_new_mount+0x2be/0xb40
[ 72.844633][ T5513] ? __pfx_do_new_mount+0x10/0x10
[ 72.844645][ T5513] __se_sys_mount+0x2d6/0x3c0
[ 72.844655][ T5513] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 72.844668][ T5513] ? __pfx___se_sys_mount+0x10/0x10
[ 72.844674][ T5513] ? do_syscall_64+0x100/0x230
[ 72.844683][ T5513] ? __x64_sys_mount+0x20/0xc0
[ 72.844689][ T5513] do_syscall_64+0xf3/0x230
[ 72.844697][ T5513] ? clear_bhb_loop+0x35/0x90
[ 72.844708][ T5513] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 72.844721][ T5513] RIP: 0033:0x7faaed38e54a
[ 72.844731][ T5513] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 72.844765][ T5513] RSP: 002b:00007ffda049bb78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 72.844777][ T5513] RAX: ffffffffffffffda RBX: 00007faaed40e663 RCX: 00007faaed38e54a
[ 72.844785][ T5513] RDX: 00007faaed41dda7 RSI: 00007faaed40e663 RDI: 00007faaed41dda7
[ 72.844792][ T5513] RBP: 00007faaed40e8ac R08: 0000000000000000 R09: 00000000000001ff
[ 72.844798][ T5513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaed3eb1a8
[ 72.844803][ T5513] R13: 00007faaed3eb180 R14: 0000000000000009 R15: 0000000000000000
[ 72.844814][ T5513]
[ 72.844818][ T5513]
[ 72.949467][ T5513] Allocated by task 5315:
[ 72.951200][ T5513] kasan_save_track+0x3f/0x80
[ 72.953055][ T5513] __kasan_kmalloc+0x98/0xb0
[ 72.954986][ T5513] __kmalloc_cache_noprof+0x243/0x390
[ 72.957090][ T5513] binderfs_binder_device_create+0x16c/0x9c0
[ 72.959544][ T5513] binderfs_fill_super+0x944/0xd90
[ 72.961553][ T5513] get_tree_nodev+0xb7/0x140
[ 72.963336][ T5513] vfs_get_tree+0x90/0x2b0
[ 72.965143][ T5513] do_new_mount+0x2be/0xb40
[ 72.966935][ T5513] __se_sys_mount+0x2d6/0x3c0
[ 72.968825][ T5513] do_syscall_64+0xf3/0x230
[ 72.970407][ T5513] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 72.972719][ T5513]
[ 72.973669][ T5513] Freed by task 5315:
[ 72.975127][ T5513] kasan_save_track+0x3f/0x80
[ 72.976974][ T5513] kasan_save_free_info+0x40/0x50
[ 72.978994][ T5513] __kasan_slab_free+0x59/0x70
[ 72.980830][ T5513] kfree+0x196/0x430
[ 72.982349][ T5513] evict+0x4e8/0x9a0
[ 72.983843][ T5513] __dentry_kill+0x20d/0x630
[ 72.985635][ T5513] shrink_kill+0xa9/0x2c0
[ 72.987267][ T5513] shrink_dentry_list+0x2c0/0x5b0
[ 72.989203][ T5513] shrink_dcache_parent+0xcb/0x3b0
[ 72.991160][ T5513] do_one_tree+0x23/0xe0
[ 72.992793][ T5513] shrink_dcache_for_umount+0xb4/0x180
[ 72.994862][ T5513] generic_shutdown_super+0x6a/0x2d0
[ 72.996851][ T5513] kill_litter_super+0x76/0xb0
[ 72.998692][ T5513] binderfs_kill_super+0x44/0x90
[ 73.000582][ T5513] deactivate_locked_super+0xc4/0x130
[ 73.002610][ T5513] cleanup_mnt+0x41f/0x4b0
[ 73.004309][ T5513] task_work_run+0x24f/0x310
[ 73.006077][ T5513] do_exit+0xa2a/0x28e0
[ 73.007663][ T5513] do_group_exit+0x207/0x2c0
[ 73.009408][ T5513] get_signal+0x16b2/0x1750
[ 73.011179][ T5513] arch_do_signal_or_restart+0x96/0x860
[ 73.013280][ T5513] syscall_exit_to_user_mode+0xce/0x340
[ 73.015287][ T5513] do_syscall_64+0x100/0x230
[ 73.017049][ T5513] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 73.019268][ T5513]
[ 73.020185][ T5513] The buggy address belongs to the object at ffff888045f7b400
[ 73.020185][ T5513] which belongs to the cache kmalloc-512 of size 512
[ 73.025352][ T5513] The buggy address is located 8 bytes inside of
[ 73.025352][ T5513] freed 512-byte region [ffff888045f7b400, ffff888045f7b600)
[ 73.030365][ T5513]
[ 73.031310][ T5513] The buggy address belongs to the physical page:
[ 73.033749][ T5513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45f7a
[ 73.037011][ T5513] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 73.040209][ T5513] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 73.043025][ T5513] page_type: f5(slab)
[ 73.044502][ T5513] raw: 04fff00000000040 ffff88801ac41c80 ffffea00010e6000 dead000000000002
[ 73.047723][ T5513] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 73.050949][ T5513] head: 04fff00000000040 ffff88801ac41c80 ffffea00010e6000 dead000000000002
[ 73.054218][ T5513] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 73.057455][ T5513] head: 04fff00000000001 ffffea000117de81 ffffffffffffffff 0000000000000000
[ 73.060683][ T5513] head: 0000000700000002 0000000000000000 00000000ffffffff 0000000000000000
[ 73.063766][ T5513] page dumped because: kasan: bad access detected
[ 73.066168][ T5513] page_owner tracks the page as allocated
[ 73.068386][ T5513] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5295, tgid 5295 (syz-executor), ts 64958846338, free_ts 64060222585
[ 73.076514][ T5513] post_alloc_hook+0x1f4/0x240
[ 73.078477][ T5513] get_page_from_freelist+0x365c/0x37a0
[ 73.080619][ T5513] __alloc_frozen_pages_noprof+0x292/0x710
[ 73.082916][ T5513] alloc_pages_mpol+0x311/0x660
[ 73.084806][ T5513] allocate_slab+0x8f/0x3a0
[ 73.086612][ T5513] ___slab_alloc+0xc27/0x14a0
[ 73.088582][ T5513] __slab_alloc+0x58/0xa0
[ 73.090294][ T5513] __kmalloc_cache_noprof+0x27b/0x390
[ 73.092312][ T5513] inetdev_init+0x81/0x4e0
[ 73.094057][ T5513] inetdev_event+0x340/0x1550
[ 73.095816][ T5513] notifier_call_chain+0x1a5/0x3f0
[ 73.097708][ T5513] register_netdevice+0x1696/0x1b10
[ 73.099628][ T5513] lowpan_newlink+0x336/0x530
[ 73.101475][ T5513] rtnl_newlink_create+0x2ee/0xa40
[ 73.103527][ T5513] rtnl_newlink+0x1c7e/0x2210
[ 73.105373][ T5513] rtnetlink_rcv_msg+0x791/0xcf0
[ 73.107203][ T5513] page last free pid 5295 tgid 5295 stack trace:
[ 73.109680][ T5513] free_unref_folios+0xe40/0x18b0
[ 73.111574][ T5513] folios_put_refs+0x76c/0x860
[ 73.113393][ T5513] free_pages_and_swap_cache+0x2e5/0x690
[ 73.115556][ T5513] tlb_flush_mmu+0x3a3/0x680
[ 73.117372][ T5513] tlb_finish_mmu+0xd4/0x200
[ 73.119155][ T5513] vms_clear_ptes+0x432/0x530
[ 73.120875][ T5513] vms_complete_munmap_vmas+0x210/0x8f0
[ 73.122867][ T5513] do_vmi_align_munmap+0x5ef/0x6f0
[ 73.124756][ T5513] do_vmi_munmap+0x24e/0x2d0
[ 73.126455][ T5513] __vm_munmap+0x372/0x510
[ 73.128057][ T5513] __x64_sys_munmap+0x60/0x70
[ 73.129752][ T5513] do_syscall_64+0xf3/0x230
[ 73.131584][ T5513] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 73.133953][ T5513]
[ 73.134897][ T5513] Memory state around the buggy address:
[ 73.137037][ T5513] ffff888045f7b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 73.140156][ T5513] ffff888045f7b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 73.143173][ T5513] >ffff888045f7b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.146054][ T5513] ^
[ 73.147673][ T5513] ffff888045f7b480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.150603][ T5513] ffff888045f7b500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.153682][ T5513] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 73.413786][ T5513] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 73.416527][ T5513] CPU: 0 UID: 0 PID: 5513 Comm: syz-executor Not tainted 6.13.0-syzkaller-09147-ge2ee2e9b1590 #0
[ 73.420359][ T5513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 73.424284][ T5513] Call Trace:
[ 73.425496][ T5513]
[ 73.426599][ T5513] dump_stack_lvl+0x241/0x360
[ 73.428366][ T5513] ? __pfx_dump_stack_lvl+0x10/0x10
[ 73.430322][ T5513] ? __pfx__printk+0x10/0x10
[ 73.431995][ T5513] ? preempt_schedule+0xe1/0xf0
[ 73.433826][ T5513] ? vscnprintf+0x5d/0x90
[ 73.435416][ T5513] panic+0x349/0x880
[ 73.436859][ T5513] ? check_panic_on_warn+0x21/0xb0
[ 73.438753][ T5513] ? __pfx_panic+0x10/0x10
[ 73.440387][ T5513] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 73.442588][ T5513] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 73.444920][ T5513] ? print_report+0x502/0x550
[ 73.446639][ T5513] check_panic_on_warn+0x86/0xb0
[ 73.448491][ T5513] ? binder_add_device+0x5f/0xa0
[ 73.450336][ T5513] end_report+0x77/0x160
[ 73.451859][ T5513] kasan_report+0x154/0x180
[ 73.453536][ T5513] ? binder_add_device+0x5f/0xa0
[ 73.455349][ T5513] binder_add_device+0x5f/0xa0
[ 73.457099][ T5513] binderfs_binder_device_create+0x7bf/0x9c0
[ 73.459267][ T5513] binderfs_fill_super+0x944/0xd90
[ 73.461102][ T5513] ? __pfx_binderfs_fill_super+0x10/0x10
[ 73.463139][ T5513] ? shrinker_register+0x160/0x230
[ 73.465063][ T5513] ? sget_fc+0x909/0x9c0
[ 73.466634][ T5513] ? __pfx_set_anon_super_fc+0x10/0x10
[ 73.468626][ T5513] ? __pfx_binderfs_fill_super+0x10/0x10
[ 73.470728][ T5513] get_tree_nodev+0xb7/0x140
[ 73.472434][ T5513] vfs_get_tree+0x90/0x2b0
[ 73.474076][ T5513] do_new_mount+0x2be/0xb40
[ 73.475735][ T5513] ? __pfx_do_new_mount+0x10/0x10
[ 73.477652][ T5513] __se_sys_mount+0x2d6/0x3c0
[ 73.479349][ T5513] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 73.481527][ T5513] ? __pfx___se_sys_mount+0x10/0x10
[ 73.483455][ T5513] ? do_syscall_64+0x100/0x230
[ 73.485299][ T5513] ? __x64_sys_mount+0x20/0xc0
[ 73.487043][ T5513] do_syscall_64+0xf3/0x230
[ 73.488769][ T5513] ? clear_bhb_loop+0x35/0x90
[ 73.490502][ T5513] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 73.492606][ T5513] RIP: 0033:0x7faaed38e54a
[ 73.494239][ T5513] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 73.501267][ T5513] RSP: 002b:00007ffda049bb78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 73.504293][ T5513] RAX: ffffffffffffffda RBX: 00007faaed40e663 RCX: 00007faaed38e54a
[ 73.507188][ T5513] RDX: 00007faaed41dda7 RSI: 00007faaed40e663 RDI: 00007faaed41dda7
[ 73.510143][ T5513] RBP: 00007faaed40e8ac R08: 0000000000000000 R09: 00000000000001ff
[ 73.513120][ T5513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaed3eb1a8
[ 73.515689][ T5513] R13: 00007faaed3eb180 R14: 0000000000000009 R15: 0000000000000000
[ 73.518274][ T5513]
[ 73.519505][ T5513] Kernel Offset: disabled
[ 73.521180][ T5513] Rebooting in 86400 seconds..
VM DIAGNOSIS:
17:43:17 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000061 RBX=ffffffff9a74c0e0 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000d8cf1d0
R8 =ffffffff8576b96b R9 =1ffff11003c88046 R10=dffffc0000000000 R11=ffffffff8576b920
R12=dffffc0000000000 R13=ffffffff9a446f4b R14=0000000000000061 R15=00000000000003f8
RIP=ffffffff8576b99e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055556b96a500 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007faaed41dda0 CR3=0000000041d3e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000eee0c0c0 Opmask01=000000000000000f Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda049bb90 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2029706d742d7a79 73287269646b6d00 706d742d7a79732f 2e00303030303031
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 050c554851085f5c 560d574c414e4800 554851085f5c560a 0b00151515151514
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000