no interfaces have a carrier
[   64.747985][ T5260] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.773891][ T5260] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK

syzkaller
syzkaller login: [   91.924365][ T1631] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts.
2026/05/06 21:10:08 parsed 1 programs
[  101.678083][ T5613] cgroup: Unknown subsys name 'net'
[  101.878981][ T5613] cgroup: Unknown subsys name 'cpuset'
[  101.924344][ T5613] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  103.936451][ T5613] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  108.819656][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.821410][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  108.822276][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  108.829156][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  108.831492][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  110.777125][ T5666] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.777307][ T5666] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.777459][ T5666] bridge_slave_0: entered allmulticast mode
[  110.780411][ T5666] bridge_slave_0: entered promiscuous mode
[  110.808331][ T5666] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.808442][ T5666] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.808593][ T5666] bridge_slave_1: entered allmulticast mode
[  110.819758][ T5666] bridge_slave_1: entered promiscuous mode
[  110.879630][ T5666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.882966][ T5666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.932191][ T5666] team0: Port device team_slave_0 added
[  110.947487][ T5666] team0: Port device team_slave_1 added
[  110.983942][ T5666] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.983956][ T5666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.983976][ T5666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.990143][ T5666] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.990164][ T5666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.990184][ T5666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.133715][ T5666] hsr_slave_0: entered promiscuous mode
[  111.134893][ T5666] hsr_slave_1: entered promiscuous mode
[  111.380482][ T5666] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  111.409052][ T5666] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  111.410254][ T5666] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  111.439227][ T5666] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  111.440593][ T5666] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  111.479754][ T5666] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  111.480796][ T5666] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  111.527616][ T5666] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  111.832229][ T5666] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.881460][ T5666] 8021q: adding VLAN 0 to HW filter on device team0
[  111.910405][ T3377] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.910572][ T3377] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.982239][ T3377] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.982365][ T3377] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.809733][ T5666] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.875482][ T5666] veth0_vlan: entered promiscuous mode
[  112.902039][ T5666] veth1_vlan: entered promiscuous mode
[  112.948371][ T5666] veth0_macvtap: entered promiscuous mode
[  112.961242][ T5666] veth1_macvtap: entered promiscuous mode
[  112.990652][ T5666] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.012443][ T5666] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.035822][ T3377] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.037460][ T3377] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.087090][ T3377] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.089622][ T3377] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.708946][ T1180] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.979066][ T1180] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.879075][ T1180] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.528424][ T1180] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.466274][ T1180] bridge_slave_1: left allmulticast mode
[  116.466347][ T1180] bridge_slave_1: left promiscuous mode
[  116.494928][ T1180] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.594964][ T1180] bridge_slave_0: left allmulticast mode
[  116.595001][ T1180] bridge_slave_0: left promiscuous mode
[  116.595263][ T1180] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.383997][ T1180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.443862][ T1180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.485760][ T1180] bond0 (unregistering): Released all slaves
[  117.518344][ T5260] 8021q: adding VLAN 0 to HW filter on device eth1
[  117.873171][ T1180] hsr_slave_0: left promiscuous mode
[  117.914608][ T1180] hsr_slave_1: left promiscuous mode
[  117.918358][ T1180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.918425][ T1180] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.973796][ T1180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.973825][ T1180] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.237199][ T1180] veth1_macvtap: left promiscuous mode
[  118.237418][ T1180] veth0_macvtap: left promiscuous mode
[  118.237689][ T1180] veth1_vlan: left promiscuous mode
[  118.268103][ T1180] veth0_vlan: left promiscuous mode
[  119.033987][ T1180] team0 (unregistering): Port device team_slave_1 removed
[  119.084091][ T1180] team0 (unregistering): Port device team_slave_0 removed
[  119.310960][ T5260] 8021q: adding VLAN 0 to HW filter on device eth2
[  119.590887][ T3377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.590907][ T3377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.720708][ T3377] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.720731][ T3377] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.153805][ T5260] 8021q: adding VLAN 0 to HW filter on device eth3
2026/05/06 21:10:32 executed programs: 0
[  121.174828][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  121.178716][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  121.193903][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.206712][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.209506][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  121.569453][ T5260] 8021q: adding VLAN 0 to HW filter on device eth4
[  122.343918][ T5795] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.344116][ T5795] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.344228][ T5795] bridge_slave_0: entered allmulticast mode
[  122.346132][ T5795] bridge_slave_0: entered promiscuous mode
[  122.351418][ T5795] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.351559][ T5795] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.351918][ T5795] bridge_slave_1: entered allmulticast mode
[  122.356150][ T5795] bridge_slave_1: entered promiscuous mode
[  122.437654][ T5795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  122.440890][ T5795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  122.492025][ T5795] team0: Port device team_slave_0 added
[  122.501263][ T5795] team0: Port device team_slave_1 added
[  122.555906][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_0
[  122.555922][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.555947][ T5795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  122.557991][ T5795] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.558005][ T5795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.558029][ T5795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.950695][ T5795] hsr_slave_0: entered promiscuous mode
[  122.951642][ T5795] hsr_slave_1: entered promiscuous mode
[  123.355095][ T4915] Bluetooth: hci0: command tx timeout
[  125.434285][ T4915] Bluetooth: hci0: command tx timeout
[  125.599214][ T5795] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  125.641558][ T5795] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  125.642973][ T5795] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  125.689478][ T5795] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  125.691743][ T5795] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  125.735851][ T5795] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  125.737388][ T5795] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  125.777831][ T5795] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  125.980942][ T5795] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.013830][ T5795] 8021q: adding VLAN 0 to HW filter on device team0
[  126.032274][ T3430] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.032487][ T3430] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.069032][ T3430] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.069245][ T3430] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.815507][ T5795] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.900049][ T5795] veth0_vlan: entered promiscuous mode
[  126.920873][ T5795] veth1_vlan: entered promiscuous mode
[  126.991550][ T5795] veth0_macvtap: entered promiscuous mode
[  127.003736][ T5795] veth1_macvtap: entered promiscuous mode
[  127.052571][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.089354][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.140577][ T3430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.141698][ T3430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.171510][ T3430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.184230][ T3430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.515772][ T4915] Bluetooth: hci0: command tx timeout
[  127.781465][  T209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.781487][  T209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.864779][  T209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.864800][  T209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/06 21:10:38 executed programs: 2
[  128.528575][ T5928] loop0: detected capacity change from 0 to 32768
[  129.538669][ T5949] loop0: detected capacity change from 0 to 32768
[  129.593237][ T4915] Bluetooth: hci0: command tx timeout
[  130.041053][ T5957] loop0: detected capacity change from 0 to 32768
[  130.520050][ T5958] loop0: detected capacity change from 0 to 32768
[  130.959037][ T5960] loop0: detected capacity change from 0 to 32768
[  131.376863][ T5964] loop0: detected capacity change from 0 to 32768
[  131.848949][ T5966] loop0: detected capacity change from 0 to 32768
[  132.280224][ T5967] loop0: detected capacity change from 0 to 32768
[  132.669055][ T5968] loop0: detected capacity change from 0 to 32768
[  132.889182][ T1333] ieee802154 phy0 wpan0: encryption failed: -22
[  132.889277][ T1333] ieee802154 phy1 wpan1: encryption failed: -22
[  133.092300][ T5969] loop0: detected capacity change from 0 to 32768
2026/05/06 21:10:44 executed programs: 12
[  133.541984][ T5970] loop0: detected capacity change from 0 to 32768
[  133.982639][ T5971] loop0: detected capacity change from 0 to 32768
[  134.378593][ T5972] loop0: detected capacity change from 0 to 32768
[  134.792756][ T5973] loop0: detected capacity change from 0 to 32768
[  135.197188][ T5974] loop0: detected capacity change from 0 to 32768
[  135.589225][ T5975] loop0: detected capacity change from 0 to 32768
[  135.999030][ T5976] loop0: detected capacity change from 0 to 32768
[  136.472604][ T5977] loop0: detected capacity change from 0 to 32768
[  136.872879][ T5978] loop0: detected capacity change from 0 to 32768
[  137.310633][ T5979] loop0: detected capacity change from 0 to 32768
2026/05/06 21:10:49 executed programs: 24
[  138.557333][ T5982] set_capacity_and_notify: 2 callbacks suppressed
[  138.557351][ T5982] loop0: detected capacity change from 0 to 32768
[  138.968281][ T5983] loop0: detected capacity change from 0 to 32768
[  139.420181][ T5984] loop0: detected capacity change from 0 to 32768
[  139.873787][ T5985] loop0: detected capacity change from 0 to 32768
[  139.961407][    C0] ==================================================================
[  139.961424][    C0] BUG: KASAN: slab-use-after-free in lbmIODone+0x1312/0x16c0
[  139.961486][    C0] Read of size 4 at addr ffff88802e109408 by task rcuc/0/20
[  139.961505][    C0] 
[  139.961533][    C0] CPU: 0 UID: 0 PID: 20 Comm: rcuc/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  139.961560][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  139.961582][    C0] Call Trace:
[  139.961590][    C0]  <TASK>
[  139.961600][    C0]  dump_stack_lvl+0xe8/0x150
[  139.961630][    C0]  print_address_description+0x55/0x1e0
[  139.961676][    C0]  ? lbmIODone+0x1312/0x16c0
[  139.961705][    C0]  print_report+0x58/0x70
[  139.961728][    C0]  kasan_report+0x117/0x150
[  139.961756][    C0]  ? lbmIODone+0x1312/0x16c0
[  139.961790][    C0]  lbmIODone+0x1312/0x16c0
[  139.961819][    C0]  ? blkg_put+0x22/0x240
[  139.961841][    C0]  ? blkg_put+0x22/0x240
[  139.961862][    C0]  ? blkg_put+0x18d/0x240
[  139.961884][    C0]  ? bio_endio+0x989/0x9d0
[  139.961911][    C0]  blk_update_request+0x57e/0xe60
[  139.961945][    C0]  blk_mq_end_request+0x3e/0x70
[  139.961972][    C0]  blk_done_softirq+0x10a/0x160
[  139.962004][    C0]  handle_softirqs+0x1de/0x6d0
[  139.962035][    C0]  __local_bh_enable_ip+0x170/0x2b0
[  139.962060][    C0]  ? rcu_cpu_kthread+0x205/0x1470
[  139.962091][    C0]  rcu_cpu_kthread+0x9e8/0x1470
[  139.962126][    C0]  ? rcu_cpu_kthread+0x205/0x1470
[  139.962162][    C0]  ? __pfx_rcu_cpu_kthread+0x10/0x10
[  139.962194][    C0]  ? schedule+0x90/0x360
[  139.962220][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  139.962246][    C0]  smpboot_thread_fn+0x541/0xa50
[  139.962274][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  139.962305][    C0]  kthread+0x388/0x470
[  139.962335][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  139.962362][    C0]  ? __pfx_kthread+0x10/0x10
[  139.962392][    C0]  ret_from_fork+0x514/0xb70
[  139.962418][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  139.962443][    C0]  ? __switch_to+0xc79/0x1410
[  139.962478][    C0]  ? __pfx_kthread+0x10/0x10
[  139.962508][    C0]  ret_from_fork_asm+0x1a/0x30
[  139.962544][    C0]  </TASK>
[  139.962552][    C0] 
[  139.962563][    C0] Allocated by task 5985:
[  139.962574][    C0]  kasan_save_track+0x3e/0x80
[  139.962595][    C0]  __kasan_kmalloc+0x93/0xb0
[  139.962616][    C0]  __kmalloc_cache_noprof+0x3a6/0x690
[  139.962640][    C0]  lmLogInit+0x3e5/0x1a00
[  139.962668][    C0]  lmLogOpen+0x4e1/0xfa0
[  139.962692][    C0]  jfs_mount_rw+0xee/0x670
[  139.962716][    C0]  jfs_fill_super+0x754/0xd80
[  139.962734][    C0]  get_tree_bdev_flags+0x431/0x4f0
[  139.962758][    C0]  vfs_get_tree+0x92/0x2a0
[  139.962781][    C0]  do_new_mount+0x341/0xd30
[  139.962811][    C0]  __se_sys_mount+0x31d/0x420
[  139.962841][    C0]  do_syscall_64+0x15f/0xf80
[  139.962864][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.962886][    C0] 
[  139.962891][    C0] Freed by task 5795:
[  139.962900][    C0]  kasan_save_track+0x3e/0x80
[  139.962920][    C0]  kasan_save_free_info+0x46/0x50
[  139.962948][    C0]  __kasan_slab_free+0x5c/0x80
[  139.962968][    C0]  kfree+0x1c5/0x6c0
[  139.962993][    C0]  lmLogShutdown+0x456/0x850
[  139.963019][    C0]  lmLogClose+0x28a/0x520
[  139.963043][    C0]  jfs_umount+0x2fb/0x3d0
[  139.963066][    C0]  jfs_put_super+0x8c/0x190
[  139.963084][    C0]  generic_shutdown_super+0x13d/0x2d0
[  139.963103][    C0]  kill_block_super+0x44/0x90
[  139.963124][    C0]  deactivate_locked_super+0xbc/0x130
[  139.963143][    C0]  cleanup_mnt+0x437/0x4d0
[  139.963165][    C0]  task_work_run+0x1d9/0x270
[  139.963194][    C0]  exit_to_user_mode_loop+0xed/0x480
[  139.963220][    C0]  do_syscall_64+0x33e/0xf80
[  139.963242][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.963263][    C0] 
[  139.963268][    C0] The buggy address belongs to the object at ffff88802e109400
[  139.963268][    C0]  which belongs to the cache kmalloc-256 of size 256
[  139.963288][    C0] The buggy address is located 8 bytes inside of
[  139.963288][    C0]  freed 256-byte region [ffff88802e109400, ffff88802e109500)
[  139.963312][    C0] 
[  139.963318][    C0] The buggy address belongs to the physical page:
[  139.963340][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2e108
[  139.963359][    C0] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  139.963378][    C0] flags: 0x80000000000040(head|node=0|zone=1)
[  139.963401][    C0] page_type: f5(slab)
[  139.963423][    C0] raw: 0080000000000040 ffff88801a00bb40 dead000000000100 dead000000000122
[  139.963442][    C0] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  139.963463][    C0] head: 0080000000000040 ffff88801a00bb40 dead000000000100 dead000000000122
[  139.963481][    C0] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  139.963502][    C0] head: 0080000000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[  139.963520][    C0] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000002
[  139.963532][    C0] page dumped because: kasan: bad access detected
[  139.963551][    C0] page_owner tracks the page as allocated
[  139.963560][    C0] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 23222097832, free_ts 0
[  139.963599][    C0]  post_alloc_hook+0x231/0x280
[  139.963622][    C0]  get_page_from_freelist+0x27c8/0x2840
[  139.963650][    C0]  __alloc_frozen_pages_noprof+0x18d/0x380
[  139.963677][    C0]  allocate_slab+0x77/0x660
[  139.963706][    C0]  refill_objects+0x33c/0x3d0
[  139.963733][    C0]  __pcs_replace_empty_main+0x373/0x720
[  139.963764][    C0]  __kvmalloc_node_noprof+0x6f4/0x8e0
[  139.963788][    C0]  v4l2_ctrl_new+0xa60/0x1860
[  139.963812][    C0]  v4l2_ctrl_new_std+0x24e/0x300
[  139.963835][    C0]  handler_new_ref+0x153/0x9c0
[  139.963856][    C0]  v4l2_ctrl_add_handler+0x19f/0x290
[  139.963881][    C0]  vivid_create_controls+0x30a9/0x3bd0
[  139.963914][    C0]  vivid_probe+0x425f/0x72c0
[  139.963938][    C0]  platform_probe+0xf9/0x190
[  139.963960][    C0]  really_probe+0x267/0xaf0
[  139.963992][    C0]  __driver_probe_device+0x1ef/0x380
[  139.964016][    C0] page_owner free stack trace missing
[  139.964024][    C0] 
[  139.964029][    C0] Memory state around the buggy address:
[  139.964041][    C0]  ffff88802e109300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  139.964057][    C0]  ffff88802e109380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  139.964072][    C0] >ffff88802e109400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  139.964084][    C0]                       ^
[  139.964095][    C0]  ffff88802e109480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  139.964110][    C0]  ffff88802e109500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  139.964122][    C0] ==================================================================
[  139.970610][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  139.970666][    C0] CPU: 0 UID: 0 PID: 20 Comm: rcuc/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  139.970734][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  139.970769][    C0] Call Trace:
[  139.970791][    C0]  <TASK>
[  139.970813][    C0]  vpanic+0x56c/0xa60
[  139.970895][    C0]  ? __pfx_vpanic+0x10/0x10
[  139.970970][    C0]  ? __pfx___schedule+0x10/0x10
[  139.971047][    C0]  panic+0xc5/0xd0
[  139.971120][    C0]  ? __pfx_panic+0x10/0x10
[  139.971187][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  139.971294][    C0]  ? lbmIODone+0x1312/0x16c0
[  139.971364][    C0]  check_panic_on_warn+0x89/0xb0
[  139.971457][    C0]  ? lbmIODone+0x1312/0x16c0
[  139.971552][    C0]  end_report+0x73/0x170
[  139.971621][    C0]  ? lbmIODone+0x1312/0x16c0
[  139.971698][    C0]  kasan_report+0x128/0x150
[  139.971743][    C0]  ? lbmIODone+0x1312/0x16c0
[  139.971803][    C0]  lbmIODone+0x1312/0x16c0
[  139.971879][    C0]  ? blkg_put+0x22/0x240
[  139.971934][    C0]  ? blkg_put+0x22/0x240
[  139.971990][    C0]  ? blkg_put+0x18d/0x240
[  139.972055][    C0]  ? bio_endio+0x989/0x9d0
[  139.972129][    C0]  blk_update_request+0x57e/0xe60
[  139.972217][    C0]  blk_mq_end_request+0x3e/0x70
[  139.972284][    C0]  blk_done_softirq+0x10a/0x160
[  139.972351][    C0]  handle_softirqs+0x1de/0x6d0
[  139.972428][    C0]  __local_bh_enable_ip+0x170/0x2b0
[  139.972497][    C0]  ? rcu_cpu_kthread+0x205/0x1470
[  139.972527][    C0]  rcu_cpu_kthread+0x9e8/0x1470
[  139.972561][    C0]  ? rcu_cpu_kthread+0x205/0x1470
[  139.972596][    C0]  ? __pfx_rcu_cpu_kthread+0x10/0x10
[  139.972628][    C0]  ? schedule+0x90/0x360
[  139.972652][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  139.972678][    C0]  smpboot_thread_fn+0x541/0xa50
[  139.972706][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  139.972737][    C0]  kthread+0x388/0x470
[  139.972768][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  139.972793][    C0]  ? __pfx_kthread+0x10/0x10
[  139.972824][    C0]  ret_from_fork+0x514/0xb70
[  139.972850][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  139.972875][    C0]  ? __switch_to+0xc79/0x1410
[  139.972909][    C0]  ? __pfx_kthread+0x10/0x10
[  139.972940][    C0]  ret_from_fork_asm+0x1a/0x30
[  139.972977][    C0]  </TASK>
[  139.973811][    C0] Kernel Offset: disabled