Warning: Permanently added '10.128.1.74' (ED25519) to the list of known hosts.
2026/05/07 00:53:39 parsed 1 programs
[   79.894268][ T5611] cgroup: Unknown subsys name 'net'
[   80.135114][ T5611] cgroup: Unknown subsys name 'cpuset'
[   80.200426][ T5611] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   81.626622][  T820] cfg80211: failed to load regulatory.db
[   82.043970][ T5611] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.716867][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.732508][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.733552][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.734765][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.735467][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.258631][ T5676] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.261544][ T5676] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.261718][ T5676] bridge_slave_0: entered allmulticast mode
[   89.264187][ T5676] bridge_slave_0: entered promiscuous mode
[   89.290057][ T5676] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.290170][ T5676] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.290328][ T5676] bridge_slave_1: entered allmulticast mode
[   89.292207][ T5676] bridge_slave_1: entered promiscuous mode
[   89.335728][ T5676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.338023][ T5676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.371056][ T5676] team0: Port device team_slave_0 added
[   89.374059][ T5676] team0: Port device team_slave_1 added
[   89.401863][ T5676] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.401873][ T5676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.401885][ T5676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.406691][ T5676] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.406703][ T5676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.406724][ T5676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.479749][ T5676] hsr_slave_0: entered promiscuous mode
[   89.481786][ T5676] hsr_slave_1: entered promiscuous mode
[   89.880379][ T5676] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.931751][ T5676] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   90.032749][ T5676] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.062777][ T5676] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   90.065011][ T5676] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.113207][ T5676] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   90.114003][ T5676] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.145517][ T5676] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   90.311849][ T5676] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.361154][ T5676] 8021q: adding VLAN 0 to HW filter on device team0
[   90.391304][ T1126] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.391919][ T1126] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.431414][ T1126] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.433535][ T1126] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.824910][ T5676] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.893656][ T5676] veth0_vlan: entered promiscuous mode
[   90.908531][ T5676] veth1_vlan: entered promiscuous mode
[   90.950918][ T5676] veth0_macvtap: entered promiscuous mode
[   90.954346][ T5676] veth1_macvtap: entered promiscuous mode
[   90.978730][ T5676] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.998581][ T5676] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.022983][ T1126] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.025732][ T1126] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.027118][ T1126] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.063872][ T1126] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.664638][ T1126] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.973900][ T1126] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.079407][ T2956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.079430][ T2956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.165930][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.165949][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.346336][ T1126] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/05/07 00:53:55 executed programs: 0
[   93.867878][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.885626][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.886691][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.887641][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.888265][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.385833][ T5740] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.385961][ T5740] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.386053][ T5740] bridge_slave_0: entered allmulticast mode
[   94.387426][ T5740] bridge_slave_0: entered promiscuous mode
[   94.392044][ T5740] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.392228][ T5740] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.392379][ T5740] bridge_slave_1: entered allmulticast mode
[   94.394992][ T5740] bridge_slave_1: entered promiscuous mode
[   94.468604][ T5740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.473611][ T5740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.504605][ T5740] team0: Port device team_slave_0 added
[   94.506640][ T5740] team0: Port device team_slave_1 added
[   94.688907][ T1126] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.743998][ T5740] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.744013][ T5740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   94.744035][ T5740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.747918][ T5740] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.747931][ T5740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   94.747944][ T5740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.033292][ T5740] hsr_slave_0: entered promiscuous mode
[   95.034039][ T5740] hsr_slave_1: entered promiscuous mode
[   95.034598][ T5740] debugfs: 'hsr0' already exists in 'hsr'
[   95.034659][ T5740] Cannot create hsr debugfs directory
[   95.670266][ T1126] bridge_slave_1: left allmulticast mode
[   95.670444][ T1126] bridge_slave_1: left promiscuous mode
[   95.676199][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.760935][ T1126] bridge_slave_0: left allmulticast mode
[   95.760957][ T1126] bridge_slave_0: left promiscuous mode
[   95.761110][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.021855][   T59] Bluetooth: hci0: command tx timeout
[   96.450777][ T1126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   96.510513][ T1126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   96.551843][ T1126] bond0 (unregistering): Released all slaves
[   96.919973][ T1126] hsr_slave_0: left promiscuous mode
[   96.959963][ T1126] hsr_slave_1: left promiscuous mode
[   96.964100][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.964174][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.017904][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.017930][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.092512][ T1126] veth1_macvtap: left promiscuous mode
[   97.092683][ T1126] veth0_macvtap: left promiscuous mode
[   97.092830][ T1126] veth1_vlan: left promiscuous mode
[   97.092993][ T1126] veth0_vlan: left promiscuous mode
[   97.790809][ T1126] team0 (unregistering): Port device team_slave_1 removed
[   97.850483][ T1126] team0 (unregistering): Port device team_slave_0 removed
[   98.045224][ T5261] 8021q: adding VLAN 0 to HW filter on device eth1
[   98.099949][   T59] Bluetooth: hci0: command tx timeout
[   98.879541][ T5740] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.947841][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   98.949629][ T5740] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   99.001877][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   99.003569][ T5740] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   99.054802][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   99.056453][ T5740] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   99.094015][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   99.225592][ T5740] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.257881][ T5740] 8021q: adding VLAN 0 to HW filter on device team0
[   99.274620][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.274740][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.296465][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.304771][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.050043][ T5740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.114917][ T5740] veth0_vlan: entered promiscuous mode
[  100.125733][ T5740] veth1_vlan: entered promiscuous mode
[  100.174525][ T5740] veth0_macvtap: entered promiscuous mode
[  100.179421][ T5740] veth1_macvtap: entered promiscuous mode
[  100.179983][   T59] Bluetooth: hci0: command tx timeout
[  100.213945][ T5740] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.218283][ T5740] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.241104][   T56] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.242085][   T56] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.242141][   T56] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.242172][   T56] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.842501][ T1388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.842520][ T1388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.152951][ T1388] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.152971][ T1388] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/07 00:54:02 executed programs: 2
[  101.397598][ T5817] ==================================================================
[  101.397598][ T5817] ==================================================================
[  101.397612][ T5817] BUG: KASAN: slab-use-after-free in dvb_device_open+0xc4/0x360
[  101.397646][ T5817] Read of size 8 at addr ffff88802c7cac18 by task syz.0.19/5817
[  101.397660][ T5817] 
[  101.397683][ T5817] CPU: 1 UID: 0 PID: 5817 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  101.397702][ T5817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  101.397719][ T5817] Call Trace:
[  101.397725][ T5817]  <TASK>
[  101.397732][ T5817]  dump_stack_lvl+0xe8/0x150
[  101.397751][ T5817]  print_address_description+0x55/0x1e0
[  101.397770][ T5817]  ? dvb_device_open+0xc4/0x360
[  101.397788][ T5817]  print_report+0x58/0x70
[  101.397804][ T5817]  kasan_report+0x117/0x150
[  101.397823][ T5817]  ? dvb_device_open+0xc4/0x360
[  101.397844][ T5817]  dvb_device_open+0xc4/0x360
[  101.397863][ T5817]  ? rt_spin_unlock+0x160/0x200
[  101.397887][ T5817]  chrdev_open+0x4d0/0x5f0
[  101.397909][ T5817]  ? __pfx_chrdev_open+0x10/0x10
[  101.397929][ T5817]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[  101.397950][ T5817]  ? __pfx_chrdev_open+0x10/0x10
[  101.397968][ T5817]  do_dentry_open+0x83d/0x13e0
[  101.397993][ T5817]  vfs_open+0x3b/0x350
[  101.398013][ T5817]  ? path_openat+0x2e2b/0x38a0
[  101.398032][ T5817]  path_openat+0x2e43/0x38a0
[  101.398062][ T5817]  ? __pfx_path_openat+0x10/0x10
[  101.398081][ T5817]  ? kasan_save_track+0x4f/0x80
[  101.398096][ T5817]  ? kasan_save_track+0x3e/0x80
[  101.398111][ T5817]  ? __kasan_slab_alloc+0x6c/0x80
[  101.398127][ T5817]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  101.398148][ T5817]  ? do_raw_spin_lock+0x12b/0x2f0
[  101.398171][ T5817]  do_file_open+0x23e/0x4a0
[  101.398188][ T5817]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  101.398208][ T5817]  ? __pfx_do_file_open+0x10/0x10
[  101.398225][ T5817]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  101.398263][ T5817]  ? alloc_fd+0x64e/0x6c0
[  101.398290][ T5817]  do_sys_openat2+0x113/0x200
[  101.398313][ T5817]  ? __pfx_do_sys_openat2+0x10/0x10
[  101.398338][ T5817]  ? __task_pid_nr_ns+0x28/0x470
[  101.398364][ T5817]  __x64_sys_openat+0x138/0x170
[  101.398388][ T5817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.398405][ T5817]  do_syscall_64+0x15f/0xf80
[  101.398422][ T5817]  ? trace_irq_disable+0x3b/0x140
[  101.398441][ T5817]  ? clear_bhb_loop+0x40/0x90
[  101.398460][ T5817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.398476][ T5817] RIP: 0033:0x7f066b92d60e
[  101.398501][ T5817] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  101.398515][ T5817] RSP: 002b:00007ffcabd656e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  101.398534][ T5817] RAX: ffffffffffffffda RBX: 000055558b0cd500 RCX: 00007f066b92d60e
[  101.398547][ T5817] RDX: 0000000000000002 RSI: 00007ffcabd657c0 RDI: ffffffffffffff9c
[  101.398558][ T5817] RBP: 00007ffcabd657c0 R08: 0000000000000000 R09: 0000000000000000
[  101.398569][ T5817] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  101.398581][ T5817] R13: 00007f066bbe5fac R14: 00007f066bbe5fa0 R15: 00007f066bbe5fa0
[  101.398600][ T5817]  </TASK>
[  101.398606][ T5817] 
[  101.398614][ T5817] Allocated by task 1:
[  101.398623][ T5817]  kasan_save_track+0x3e/0x80
[  101.398638][ T5817]  __kasan_kmalloc+0x93/0xb0
[  101.398652][ T5817]  __kmalloc_cache_noprof+0x3a6/0x690
[  101.398668][ T5817]  dvb_register_device+0x2fd/0x21e0
[  101.398685][ T5817]  dvb_register_frontend+0x631/0x920
[  101.398701][ T5817]  vidtv_bridge_probe+0x9aa/0xf80
[  101.398720][ T5817]  platform_probe+0xf9/0x190
[  101.398736][ T5817]  really_probe+0x267/0xaf0
[  101.398752][ T5817]  __driver_probe_device+0x1ef/0x380
[  101.398769][ T5817]  driver_probe_device+0x4f/0x240
[  101.398786][ T5817]  __driver_attach+0x34c/0x640
[  101.398802][ T5817]  bus_for_each_dev+0x23e/0x2c0
[  101.398822][ T5817]  bus_add_driver+0x348/0x670
[  101.398841][ T5817]  driver_register+0x23a/0x320
[  101.398859][ T5817]  vidtv_bridge_init+0x28/0x50
[  101.398875][ T5817]  do_one_initcall+0x250/0x870
[  101.398892][ T5817]  do_initcall_level+0x104/0x190
[  101.398910][ T5817]  do_initcalls+0x59/0xa0
[  101.398926][ T5817]  kernel_init_freeable+0x2a6/0x3e0
[  101.398943][ T5817]  kernel_init+0x1d/0x1d0
[  101.398962][ T5817]  ret_from_fork+0x514/0xb70
[  101.398978][ T5817]  ret_from_fork_asm+0x1a/0x30
[  101.398995][ T5817] 
[  101.398999][ T5817] Freed by task 5816:
[  101.399006][ T5817]  kasan_save_track+0x3e/0x80
[  101.399020][ T5817]  kasan_save_free_info+0x46/0x50
[  101.399039][ T5817]  __kasan_slab_free+0x5c/0x80
[  101.399053][ T5817]  kfree+0x1c5/0x6c0
[  101.399066][ T5817]  dvb_device_open+0x2d6/0x360
[  101.399083][ T5817]  chrdev_open+0x4d0/0x5f0
[  101.399100][ T5817]  do_dentry_open+0x83d/0x13e0
[  101.399119][ T5817]  vfs_open+0x3b/0x350
[  101.399137][ T5817]  path_openat+0x2e43/0x38a0
[  101.399152][ T5817]  do_file_open+0x23e/0x4a0
[  101.399167][ T5817]  do_sys_openat2+0x113/0x200
[  101.399186][ T5817]  __x64_sys_openat+0x138/0x170
[  101.399207][ T5817]  do_syscall_64+0x15f/0xf80
[  101.399222][ T5817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.399242][ T5817] 
[  101.399246][ T5817] The buggy address belongs to the object at ffff88802c7cac00
[  101.399246][ T5817]  which belongs to the cache kmalloc-512 of size 512
[  101.399260][ T5817] The buggy address is located 24 bytes inside of
[  101.399260][ T5817]  freed 512-byte region [ffff88802c7cac00, ffff88802c7cae00)
[  101.399277][ T5817] 
[  101.399281][ T5817] The buggy address belongs to the physical page:
[  101.399297][ T5817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2c7c8
[  101.399313][ T5817] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  101.399327][ T5817] flags: 0x80000000000040(head|node=0|zone=1)
[  101.399347][ T5817] page_type: f5(slab)
[  101.399362][ T5817] raw: 0080000000000040 ffff88801a00bc80 dead000000000100 dead000000000122
[  101.399376][ T5817] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  101.399391][ T5817] head: 0080000000000040 ffff88801a00bc80 dead000000000100 dead000000000122
[  101.399405][ T5817] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  101.399419][ T5817] head: 0080000000000002 ffffffffffffff01 00000000ffffffff 00000000ffffffff
[  101.399431][ T5817] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000004
[  101.399439][ T5817] page dumped because: kasan: bad access detected
[  101.399454][ T5817] page_owner tracks the page as allocated
[  101.399460][ T5817] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 14028135008, free_ts 0
[  101.399487][ T5817]  post_alloc_hook+0x231/0x280
[  101.399504][ T5817]  get_page_from_freelist+0x27c8/0x2840
[  101.399523][ T5817]  __alloc_frozen_pages_noprof+0x18d/0x380
[  101.399541][ T5817]  allocate_slab+0x77/0x660
[  101.399560][ T5817]  refill_objects+0x33c/0x3d0
[  101.399578][ T5817]  __pcs_replace_empty_main+0x373/0x720
[  101.399599][ T5817]  __kmalloc_cache_noprof+0x44e/0x690
[  101.399614][ T5817]  bus_add_driver+0x165/0x670
[  101.399633][ T5817]  driver_register+0x23a/0x320
[  101.399650][ T5817]  usb_register_driver+0x1e4/0x390
[  101.399668][ T5817]  pvr_init+0x4c/0xb0
[  101.399682][ T5817]  do_one_initcall+0x250/0x870
[  101.399698][ T5817]  do_initcall_level+0x104/0x190
[  101.399715][ T5817]  do_initcalls+0x59/0xa0
[  101.399730][ T5817]  kernel_init_freeable+0x2a6/0x3e0
[  101.399747][ T5817]  kernel_init+0x1d/0x1d0
[  101.399765][ T5817] page_owner free stack trace missing
[  101.399771][ T5817] 
[  101.399775][ T5817] Memory state around the buggy address:
[  101.399784][ T5817]  ffff88802c7cab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  101.399793][ T5817]  ffff88802c7cab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  101.399802][ T5817] >ffff88802c7cac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  101.399809][ T5817]                             ^
[  101.399816][ T5817]  ffff88802c7cac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  101.399826][ T5817]  ffff88802c7cad00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  101.399833][ T5817] ==================================================================
[  101.407018][ T5817] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  101.407037][ T5817] CPU: 1 UID: 0 PID: 5817 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  101.407056][ T5817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  101.407066][ T5817] Call Trace:
[  101.407073][ T5817]  <TASK>
[  101.407079][ T5817]  vpanic+0x56c/0xa60
[  101.407105][ T5817]  ? __pfx_vpanic+0x10/0x10
[  101.407122][ T5817]  ? __pfx___schedule+0x10/0x10
[  101.407142][ T5817]  panic+0xc5/0xd0
[  101.407159][ T5817]  ? __pfx_panic+0x10/0x10
[  101.407177][ T5817]  ? preempt_schedule_thunk+0x16/0x30
[  101.407203][ T5817]  ? dvb_device_open+0xc4/0x360
[  101.407221][ T5817]  check_panic_on_warn+0x89/0xb0
[  101.407249][ T5817]  ? dvb_device_open+0xc4/0x360
[  101.407266][ T5817]  end_report+0x73/0x170
[  101.407284][ T5817]  ? dvb_device_open+0xc4/0x360
[  101.407301][ T5817]  kasan_report+0x128/0x150
[  101.407319][ T5817]  ? dvb_device_open+0xc4/0x360
[  101.407340][ T5817]  dvb_device_open+0xc4/0x360
[  101.407358][ T5817]  ? rt_spin_unlock+0x160/0x200
[  101.407380][ T5817]  chrdev_open+0x4d0/0x5f0
[  101.407402][ T5817]  ? __pfx_chrdev_open+0x10/0x10
[  101.407421][ T5817]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[  101.407441][ T5817]  ? __pfx_chrdev_open+0x10/0x10
[  101.407460][ T5817]  do_dentry_open+0x83d/0x13e0
[  101.407487][ T5817]  vfs_open+0x3b/0x350
[  101.407506][ T5817]  ? path_openat+0x2e2b/0x38a0
[  101.407524][ T5817]  path_openat+0x2e43/0x38a0
[  101.407554][ T5817]  ? __pfx_path_openat+0x10/0x10
[  101.407572][ T5817]  ? kasan_save_track+0x4f/0x80
[  101.407587][ T5817]  ? kasan_save_track+0x3e/0x80
[  101.407601][ T5817]  ? __kasan_slab_alloc+0x6c/0x80
[  101.407616][ T5817]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  101.407636][ T5817]  ? do_raw_spin_lock+0x12b/0x2f0
[  101.407657][ T5817]  do_file_open+0x23e/0x4a0
[  101.407673][ T5817]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  101.407692][ T5817]  ? __pfx_do_file_open+0x10/0x10
[  101.407712][ T5817]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  101.407742][ T5817]  ? alloc_fd+0x64e/0x6c0
[  101.407767][ T5817]  do_sys_openat2+0x113/0x200
[  101.407790][ T5817]  ? __pfx_do_sys_openat2+0x10/0x10
[  101.407814][ T5817]  ? __task_pid_nr_ns+0x28/0x470
[  101.407836][ T5817]  __x64_sys_openat+0x138/0x170
[  101.407859][ T5817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.407875][ T5817]  do_syscall_64+0x15f/0xf80
[  101.407892][ T5817]  ? trace_irq_disable+0x3b/0x140
[  101.407910][ T5817]  ? clear_bhb_loop+0x40/0x90
[  101.407927][ T5817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.407943][ T5817] RIP: 0033:0x7f066b92d60e
[  101.407958][ T5817] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  101.407971][ T5817] RSP: 002b:00007ffcabd656e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  101.407989][ T5817] RAX: ffffffffffffffda RBX: 000055558b0cd500 RCX: 00007f066b92d60e
[  101.408000][ T5817] RDX: 0000000000000002 RSI: 00007ffcabd657c0 RDI: ffffffffffffff9c
[  101.408011][ T5817] RBP: 00007ffcabd657c0 R08: 0000000000000000 R09: 0000000000000000
[  101.408021][ T5817] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  101.408031][ T5817] R13: 00007f066bbe5fac R14: 00007f066bbe5fa0 R15: 00007f066bbe5fa0
[  101.408047][ T5817]  </TASK>
[  101.408377][ T5817] Kernel Offset: disabled