Warning: Permanently added '[localhost]:50232' (ED25519) to the list of known hosts.
1970/01/01 00:03:19 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:03:19 ignoring optional flag "type"="qemu"
1970/01/01 00:03:21 parsed 1 programs
[  202.546111][ T3439] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
1970/01/01 00:03:22 executed programs: 0
[  206.431199][ T3445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.442445][ T3445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.960561][ T3445] hsr_slave_0: entered promiscuous mode
[  207.967175][ T3445] hsr_slave_1: entered promiscuous mode
[  210.153963][ T3445] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  210.206149][ T3445] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  210.240335][ T3445] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  210.264304][ T3445] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  211.710928][ T3445] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.463813][ T3445] veth0_vlan: entered promiscuous mode
[  216.491293][ T3445] veth1_vlan: entered promiscuous mode
[  216.710433][ T3445] veth0_macvtap: entered promiscuous mode
[  216.747174][ T3445] veth1_macvtap: entered promiscuous mode
[  217.036978][ T3445] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.039712][ T3445] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.040917][ T3445] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.041974][ T3445] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.290887][ T3445] ==================================================================
[  217.299959][ T3445] BUG: KASAN: invalid-access in binder_add_device+0x14/0x2c
[  217.301573][ T3445] Write at addr f8f000000463ac08 by task syz-executor.0/3445
[  217.302668][ T3445] Pointer tag: [f8], memory tag: [f9]
[  217.304191][ T3445] 
[  217.305299][ T3445] CPU: 0 UID: 0 PID: 3445 Comm: syz-executor.0 Not tainted 6.13.0-syzkaller-gebbb8be421ee #0
[  217.305632][ T3445] Hardware name: linux,dummy-virt (DT)
[  217.305846][ T3445] Call trace:
[  217.306047][ T3445]  show_stack+0x18/0x24 (C)
[  217.306367][ T3445]  dump_stack_lvl+0x78/0x90
[  217.306520][ T3445]  print_report+0x108/0x618
[  217.306668][ T3445]  kasan_report+0x88/0xac
[  217.306776][ T3445]  __do_kernel_fault+0x170/0x1c8
[  217.306886][ T3445]  do_tag_check_fault+0x78/0x8c
[  217.307020][ T3445]  do_mem_abort+0x44/0x94
[  217.307128][ T3445]  el1_abort+0x40/0x60
[  217.307237][ T3445]  el1h_64_sync_handler+0xa4/0x120
[  217.307352][ T3445]  el1h_64_sync+0x6c/0x70
[  217.307521][ T3445]  binder_add_device+0x14/0x2c (P)
[  217.307635][ T3445]  binderfs_fill_super+0x220/0x4f8
[  217.307743][ T3445]  get_tree_nodev+0x70/0xb8
[  217.307916][ T3445]  binderfs_fs_context_get_tree+0x18/0x24
[  217.308024][ T3445]  vfs_get_tree+0x28/0xec
[  217.308151][ T3445]  path_mount+0x3f8/0xa7c
[  217.308266][ T3445]  __arm64_sys_mount+0x1d4/0x2b4
[  217.308392][ T3445]  invoke_syscall+0x48/0x110
[  217.308532][ T3445]  el0_svc_common.constprop.0+0x40/0xe0
[  217.308670][ T3445]  do_el0_svc+0x1c/0x28
[  217.308777][ T3445]  el0_svc+0x30/0xe0
[  217.308885][ T3445]  el0t_64_sync_handler+0x10c/0x138
[  217.308994][ T3445]  el0t_64_sync+0x1a4/0x1a8
[  217.309243][ T3445] 
[  217.316691][ T3445] The buggy address belongs to the object at fff000000463ac00
[  217.316691][ T3445]  which belongs to the cache kmalloc-192 of size 192
[  217.317496][ T3445] The buggy address is located 8 bytes inside of
[  217.317496][ T3445]  160-byte region [fff000000463ac00, fff000000463aca0)
[  217.318287][ T3445] 
[  217.318840][ T3445] The buggy address belongs to the physical page:
[  217.319570][ T3445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4463a
[  217.320320][ T3445] flags: 0x1ffc00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x0)
[  217.321361][ T3445] page_type: f5(slab)
[  217.322090][ T3445] raw: 01ffc00000000000 fdf0000003001300 ffffc1ffc00ef300 dead000000000004
[  217.322755][ T3445] raw: 0000000000000000 0000000000150015 00000000f5000000 0000000000000000
[  217.323298][ T3445] page dumped because: kasan: bad access detected
[  217.323696][ T3445] 
[  217.323969][ T3445] Memory state around the buggy address:
[  217.324538][ T3445]  fff000000463aa00: f6 f6 f6 f6 f6 f6 f6 f6 f7 f7 f7 f7 f7 f7 f7 f7
[  217.325027][ T3445]  fff000000463ab00: f7 f7 fe fe f3 f3 f3 f3 f3 f3 f3 f3 f3 f3 fe fe
[  217.325505][ T3445] >fff000000463ac00: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 fe fe fc fc fc fc
[  217.325971][ T3445]                    ^
[  217.326515][ T3445]  fff000000463ad00: fc fc fc fc fc fc fc fe f3 f3 f3 f3 f3 f3 f3 f3
[  217.327178][ T3445]  fff000000463ae00: f3 f3 f3 fe f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 fe
[  217.327675][ T3445] ==================================================================
[  217.329847][ T3445] Disabling lock debugging due to kernel taint
1970/01/01 00:03:37 executed programs: 1
1970/01/01 00:03:43 executed programs: 10
1970/01/01 00:03:48 executed programs: 22
1970/01/01 00:03:54 executed programs: 34
1970/01/01 00:03:59 executed programs: 46
1970/01/01 00:04:04 executed programs: 58