Warning: Permanently added '10.128.1.102' (ED25519) to the list of known hosts.
2026/03/04 06:38:05 parsed 1 programs
[   84.300638][ T5771] cgroup: Unknown subsys name 'net'
[   84.433010][ T5771] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   86.227541][ T5771] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   87.267628][  T787] cfg80211: failed to load regulatory.db
[   88.821412][ T5809] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.830914][ T5809] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.838980][ T5809] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.847987][ T5809] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.866668][ T5809] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   88.874222][ T5809] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.182757][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.191795][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.229998][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.237915][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.687276][ T5835] chnl_net:caif_netlink_parms(): no params data found
[   90.760937][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.770263][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.777980][ T5835] bridge_slave_0: entered allmulticast mode
[   90.785146][ T5835] bridge_slave_0: entered promiscuous mode
[   90.796039][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.803431][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.811052][ T5835] bridge_slave_1: entered allmulticast mode
[   90.818268][ T5835] bridge_slave_1: entered promiscuous mode
[   90.848076][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.862684][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.895732][ T5835] team0: Port device team_slave_0 added
[   90.908846][ T5835] team0: Port device team_slave_1 added
[   90.933947][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.941091][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.967805][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.980817][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.987982][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.014994][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.053260][ T5835] hsr_slave_0: entered promiscuous mode
[   91.059650][ T5835] hsr_slave_1: entered promiscuous mode
[   91.236161][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.248094][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.259310][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.279449][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.306437][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.314530][ T5835] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.322907][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.330173][ T5835] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.408855][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.430649][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.441066][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.457430][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[   91.480849][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.488076][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.501465][ T1092] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.508978][ T1092] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.729150][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.782178][ T5835] veth0_vlan: entered promiscuous mode
[   91.793182][ T5835] veth1_vlan: entered promiscuous mode
[   91.833711][ T5835] veth0_macvtap: entered promiscuous mode
[   91.844464][ T5835] veth1_macvtap: entered promiscuous mode
[   91.863511][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.886084][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.901905][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.911371][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.921020][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.931955][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.139631][ T1073] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/03/04 06:38:16 executed programs: 0
[   93.554050][ T5084] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.563675][ T5084] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.572645][ T5084] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.582077][ T5084] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.591275][ T5084] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   93.599256][ T5084] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   93.733644][ T5876] chnl_net:caif_netlink_parms(): no params data found
[   93.794823][ T5876] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.802154][ T5876] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.809653][ T5876] bridge_slave_0: entered allmulticast mode
[   93.817240][ T5876] bridge_slave_0: entered promiscuous mode
[   93.825193][ T5876] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.832869][ T5876] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.840599][ T5876] bridge_slave_1: entered allmulticast mode
[   93.848316][ T5876] bridge_slave_1: entered promiscuous mode
[   93.878581][ T5876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.890684][ T5876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.920389][ T5876] team0: Port device team_slave_0 added
[   93.929672][ T5876] team0: Port device team_slave_1 added
[   93.954370][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.961700][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.988520][ T5876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.001616][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.009160][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.035524][ T5876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.074422][ T5876] hsr_slave_0: entered promiscuous mode
[   94.080865][ T5876] hsr_slave_1: entered promiscuous mode
[   94.087265][ T5876] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.095136][ T5876] Cannot create hsr debugfs directory
[   94.589690][ T1073] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.667594][ T5084] Bluetooth: hci0: command tx timeout
[   96.806508][ T1073] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.859168][ T1073] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.745647][ T5084] Bluetooth: hci0: command tx timeout
[   97.783816][ T1073] hsr_slave_0: left promiscuous mode
[   97.790740][ T1073] hsr_slave_1: left promiscuous mode
[   97.800136][ T1073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.808801][ T1073] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.821197][ T1073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.829922][ T1073] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.840982][ T1073] bridge_slave_1: left allmulticast mode
[   97.847186][ T1073] bridge_slave_1: left promiscuous mode
[   97.853865][ T1073] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.870365][ T1073] bridge_slave_0: left allmulticast mode
[   97.877832][ T1073] bridge_slave_0: left promiscuous mode
[   97.883835][ T1073] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.919799][ T1073] veth1_macvtap: left promiscuous mode
[   97.927180][ T1073] veth0_macvtap: left promiscuous mode
[   97.933695][ T1073] veth1_vlan: left promiscuous mode
[   97.942534][ T1073] veth0_vlan: left promiscuous mode
[   98.388032][ T1073] team0 (unregistering): Port device team_slave_1 removed
[   98.422209][ T1073] team0 (unregistering): Port device team_slave_0 removed
[   98.456540][ T1073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.494235][ T1073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.736684][ T1073] bond0 (unregistering): Released all slaves
[   98.827392][ T5876] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.837057][ T5876] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.848649][ T5876] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.860725][ T5876] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.966942][ T5876] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.988868][ T5876] 8021q: adding VLAN 0 to HW filter on device team0
[   99.015921][ T2906] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.023096][ T2906] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.042374][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.049705][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.270925][ T5876] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.358278][ T5876] veth0_vlan: entered promiscuous mode
[   99.380746][ T5876] veth1_vlan: entered promiscuous mode
[   99.430231][ T5876] veth0_macvtap: entered promiscuous mode
[   99.439625][ T5876] veth1_macvtap: entered promiscuous mode
[   99.456771][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.472192][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.484460][ T5876] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.494181][ T5876] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.503361][ T5876] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.512342][ T5876] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.574822][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.589376][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.638255][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.648217][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/03/04 06:38:22 executed programs: 2
[   99.735642][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.551943][ T5922] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  100.695314][    C0] sched: RT throttling activated
[  100.696090][ T5084] Bluetooth: hci0: command tx timeout
[  102.316907][ T5926] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  102.786306][ T5084] Bluetooth: hci0: command tx timeout
[  103.455816][ T5930] ==================================================================
[  103.464127][ T5930] BUG: KASAN: slab-use-after-free in dvb_device_open+0xca/0x370
[  103.471996][ T5930] Read of size 8 at addr ffff888026a5a618 by task syz.0.19/5930
[  103.480202][ T5930] 
[  103.482598][ T5930] CPU: 0 PID: 5930 Comm: syz.0.19 Not tainted syzkaller #0
[  103.490088][ T5930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  103.500355][ T5930] Call Trace:
[  103.503669][ T5930]  <TASK>
[  103.506704][ T5930]  dump_stack_lvl+0x18c/0x250
[  103.511436][ T5930]  ? __lock_acquire+0x7d40/0x7d40
[  103.516842][ T5930]  ? show_regs_print_info+0x20/0x20
[  103.522083][ T5930]  ? load_image+0x400/0x400
[  103.526623][ T5930]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  103.532119][ T5930]  ? __virt_addr_valid+0x18c/0x540
[  103.537270][ T5930]  ? __virt_addr_valid+0x469/0x540
[  103.542599][ T5930]  print_report+0xa8/0x210
[  103.547066][ T5930]  ? dvb_device_open+0xca/0x370
[  103.551951][ T5930]  kasan_report+0x117/0x150
[  103.556497][ T5930]  ? chrdev_open+0x3e3/0x6a0
[  103.561388][ T5930]  ? dvb_device_open+0xca/0x370
[  103.566460][ T5930]  dvb_device_open+0xca/0x370
[  103.571618][ T5930]  ? do_raw_spin_unlock+0x121/0x230
[  103.577128][ T5930]  chrdev_open+0x5cc/0x6a0
[  103.581596][ T5930]  ? cd_forget+0x160/0x160
[  103.586144][ T5930]  ? fsnotify_perm+0x3ed/0x5e0
[  103.591206][ T5930]  ? cd_forget+0x160/0x160
[  103.595663][ T5930]  do_dentry_open+0x8c6/0x1500
[  103.600578][ T5930]  path_openat+0x27f1/0x3230
[  103.605311][ T5930]  ? do_sys_openat2+0xda/0x1d0
[  103.610110][ T5930]  ? verify_lock_unused+0x140/0x140
[  103.615437][ T5930]  ? do_filp_open+0x430/0x430
[  103.620147][ T5930]  ? __virt_addr_valid+0x18c/0x540
[  103.625393][ T5930]  do_filp_open+0x1f5/0x430
[  103.630365][ T5930]  ? vfs_tmpfile+0x490/0x490
[  103.635080][ T5930]  ? _raw_spin_unlock+0x28/0x40
[  103.639968][ T5930]  ? alloc_fd+0x58f/0x630
[  103.644342][ T5930]  do_sys_openat2+0x134/0x1d0
[  103.649154][ T5930]  ? do_sys_open+0xe0/0xe0
[  103.653626][ T5930]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  103.660353][ T5930]  ? lock_chain_count+0x20/0x20
[  103.665327][ T5930]  ? lock_chain_count+0x20/0x20
[  103.670211][ T5930]  __x64_sys_openat+0x139/0x160
[  103.675103][ T5930]  do_syscall_64+0x55/0xa0
[  103.679733][ T5930]  ? clear_bhb_loop+0x40/0x90
[  103.685051][ T5930]  ? clear_bhb_loop+0x40/0x90
[  103.689938][ T5930]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  103.696041][ T5930] RIP: 0033:0x7f9a7f35cfce
[  103.700492][ T5930] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  103.720134][ T5930] RSP: 002b:00007f9a801ddb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  103.728842][ T5930] RAX: ffffffffffffffda RBX: 00007f9a801de6c0 RCX: 00007f9a7f35cfce
[  103.736944][ T5930] RDX: 0000000000000e82 RSI: 00007f9a801ddc00 RDI: ffffffffffffff9c
[  103.745147][ T5930] RBP: 00007f9a801ddc00 R08: 0000000000000000 R09: 0000000000000000
[  103.753254][ T5930] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  103.761356][ T5930] R13: 00007f9a7f616128 R14: 00007f9a7f616090 R15: 00007ffc514e2ce8
[  103.769552][ T5930]  </TASK>
[  103.772777][ T5930] 
[  103.775116][ T5930] Allocated by task 1:
[  103.779205][ T5930]  kasan_set_track+0x4e/0x70
[  103.783918][ T5930]  __kasan_kmalloc+0x8f/0xa0
[  103.788795][ T5930]  dvb_register_device+0x2fd/0x2210
[  103.794052][ T5930]  dvb_register_frontend+0x649/0x930
[  103.799384][ T5930]  vidtv_bridge_probe+0x9ab/0xf80
[  103.804447][ T5930]  platform_probe+0x13b/0x1c0
[  103.809160][ T5930]  really_probe+0x25b/0xb20
[  103.813803][ T5930]  __driver_probe_device+0x18c/0x330
[  103.819124][ T5930]  driver_probe_device+0x4f/0x420
[  103.824175][ T5930]  __driver_attach+0x44e/0x6e0
[  103.829056][ T5930]  bus_for_each_dev+0x235/0x2b0
[  103.834127][ T5930]  bus_add_driver+0x340/0x630
[  103.838838][ T5930]  driver_register+0x23a/0x310
[  103.843626][ T5930]  vidtv_bridge_init+0x3d/0x70
[  103.848426][ T5930]  do_one_initcall+0x242/0x790
[  103.853222][ T5930]  do_initcall_level+0x137/0x1f0
[  103.858289][ T5930]  do_initcalls+0x69/0xd0
[  103.862648][ T5930]  kernel_init_freeable+0x3ed/0x580
[  103.867890][ T5930]  kernel_init+0x1d/0x1c0
[  103.872426][ T5930]  ret_from_fork+0x48/0x80
[  103.876882][ T5930]  ret_from_fork_asm+0x11/0x20
[  103.881687][ T5930] 
[  103.884029][ T5930] Freed by task 5926:
[  103.888199][ T5930]  kasan_set_track+0x4e/0x70
[  103.892904][ T5930]  kasan_save_free_info+0x2e/0x50
[  103.898049][ T5930]  ____kasan_slab_free+0x126/0x1e0
[  103.903192][ T5930]  slab_free_freelist_hook+0x130/0x1a0
[  103.908747][ T5930]  __kmem_cache_free+0xba/0x1e0
[  103.913646][ T5930]  dvb_device_open+0x2ee/0x370
[  103.918550][ T5930]  chrdev_open+0x5cc/0x6a0
[  103.923018][ T5930]  do_dentry_open+0x8c6/0x1500
[  103.927831][ T5930]  path_openat+0x27f1/0x3230
[  103.932544][ T5930]  do_filp_open+0x1f5/0x430
[  103.937345][ T5930]  do_sys_openat2+0x134/0x1d0
[  103.942230][ T5930]  __x64_sys_openat+0x139/0x160
[  103.947112][ T5930]  do_syscall_64+0x55/0xa0
[  103.951565][ T5930]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  103.957506][ T5930] 
[  103.959852][ T5930] The buggy address belongs to the object at ffff888026a5a600
[  103.959852][ T5930]  which belongs to the cache kmalloc-256 of size 256
[  103.974023][ T5930] The buggy address is located 24 bytes inside of
[  103.974023][ T5930]  freed 256-byte region [ffff888026a5a600, ffff888026a5a700)
[  103.988031][ T5930] 
[  103.990373][ T5930] The buggy address belongs to the physical page:
[  103.996818][ T5930] page:ffffea00009a9680 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26a5a
[  104.007021][ T5930] head:ffffea00009a9680 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  104.016249][ T5930] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  104.024439][ T5930] page_type: 0xffffffff()
[  104.028816][ T5930] raw: 00fff00000000840 ffff888017c41b40 dead000000000122 0000000000000000
[  104.037437][ T5930] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  104.046056][ T5930] page dumped because: kasan: bad access detected
[  104.052594][ T5930] page_owner tracks the page as allocated
[  104.058764][ T5930] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 15537607941, free_ts 0
[  104.078869][ T5930]  post_alloc_hook+0x1c1/0x200
[  104.083764][ T5930]  get_page_from_freelist+0x1951/0x19e0
[  104.089349][ T5930]  __alloc_pages+0x1f0/0x460
[  104.094052][ T5930]  alloc_page_interleave+0x24/0x1e0
[  104.099279][ T5930]  alloc_slab_page+0x5d/0x160
[  104.104110][ T5930]  new_slab+0x87/0x2d0
[  104.108304][ T5930]  ___slab_alloc+0xc5d/0x12f0
[  104.113499][ T5930]  __kmem_cache_alloc_node+0x19e/0x250
[  104.119192][ T5930]  kmalloc_trace+0x2a/0xe0
[  104.123905][ T5930]  bus_add_driver+0x162/0x630
[  104.128889][ T5930]  driver_register+0x23a/0x310
[  104.133902][ T5930]  do_one_initcall+0x242/0x790
[  104.138878][ T5930]  do_initcall_level+0x137/0x1f0
[  104.144040][ T5930]  do_initcalls+0x69/0xd0
[  104.148778][ T5930]  kernel_init_freeable+0x3ed/0x580
[  104.154107][ T5930]  kernel_init+0x1d/0x1c0
[  104.158577][ T5930] page_owner free stack trace missing
[  104.164319][ T5930] 
[  104.166895][ T5930] Memory state around the buggy address:
[  104.172742][ T5930]  ffff888026a5a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.181102][ T5930]  ffff888026a5a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.189900][ T5930] >ffff888026a5a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.198222][ T5930]                             ^
[  104.203189][ T5930]  ffff888026a5a680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.211940][ T5930]  ffff888026a5a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.220208][ T5930] ==================================================================
[  104.230216][ T5930] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  104.237541][ T5930] CPU: 0 PID: 5930 Comm: syz.0.19 Not tainted syzkaller #0
[  104.244858][ T5930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  104.255053][ T5930] Call Trace:
[  104.258364][ T5930]  <TASK>
[  104.261338][ T5930]  dump_stack_lvl+0x18c/0x250
[  104.266163][ T5930]  ? show_regs_print_info+0x20/0x20
[  104.271580][ T5930]  ? load_image+0x400/0x400
[  104.276126][ T5930]  panic+0x2dc/0x730
[  104.280574][ T5930]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  104.286892][ T5930]  ? bpf_jit_dump+0xd0/0xd0
[  104.291459][ T5930]  ? _raw_spin_unlock_irqrestore+0x111/0x120
[  104.297489][ T5930]  ? _raw_spin_unlock+0x40/0x40
[  104.302463][ T5930]  ? dvb_device_open+0xca/0x370
[  104.307376][ T5930]  check_panic_on_warn+0x84/0xa0
[  104.312531][ T5930]  ? dvb_device_open+0xca/0x370
[  104.317509][ T5930]  end_report+0x6f/0x130
[  104.321838][ T5930]  kasan_report+0x128/0x150
[  104.326404][ T5930]  ? chrdev_open+0x3e3/0x6a0
[  104.331033][ T5930]  ? dvb_device_open+0xca/0x370
[  104.335924][ T5930]  dvb_device_open+0xca/0x370
[  104.340730][ T5930]  ? do_raw_spin_unlock+0x121/0x230
[  104.345970][ T5930]  chrdev_open+0x5cc/0x6a0
[  104.350507][ T5930]  ? cd_forget+0x160/0x160
[  104.354951][ T5930]  ? fsnotify_perm+0x3ed/0x5e0
[  104.359858][ T5930]  ? cd_forget+0x160/0x160
[  104.364302][ T5930]  do_dentry_open+0x8c6/0x1500
[  104.369098][ T5930]  path_openat+0x27f1/0x3230
[  104.373811][ T5930]  ? do_sys_openat2+0xda/0x1d0
[  104.378795][ T5930]  ? verify_lock_unused+0x140/0x140
[  104.384374][ T5930]  ? do_filp_open+0x430/0x430
[  104.389344][ T5930]  ? __virt_addr_valid+0x18c/0x540
[  104.394513][ T5930]  do_filp_open+0x1f5/0x430
[  104.399046][ T5930]  ? vfs_tmpfile+0x490/0x490
[  104.403689][ T5930]  ? _raw_spin_unlock+0x28/0x40
[  104.408580][ T5930]  ? alloc_fd+0x58f/0x630
[  104.413121][ T5930]  do_sys_openat2+0x134/0x1d0
[  104.418270][ T5930]  ? do_sys_open+0xe0/0xe0
[  104.422805][ T5930]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  104.429010][ T5930]  ? lock_chain_count+0x20/0x20
[  104.433905][ T5930]  ? lock_chain_count+0x20/0x20
[  104.438966][ T5930]  __x64_sys_openat+0x139/0x160
[  104.443864][ T5930]  do_syscall_64+0x55/0xa0
[  104.448321][ T5930]  ? clear_bhb_loop+0x40/0x90
[  104.453042][ T5930]  ? clear_bhb_loop+0x40/0x90
[  104.457756][ T5930]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  104.463872][ T5930] RIP: 0033:0x7f9a7f35cfce
[  104.468515][ T5930] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  104.488426][ T5930] RSP: 002b:00007f9a801ddb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  104.497233][ T5930] RAX: ffffffffffffffda RBX: 00007f9a801de6c0 RCX: 00007f9a7f35cfce
[  104.505331][ T5930] RDX: 0000000000000e82 RSI: 00007f9a801ddc00 RDI: ffffffffffffff9c
[  104.513349][ T5930] RBP: 00007f9a801ddc00 R08: 0000000000000000 R09: 0000000000000000
[  104.521541][ T5930] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  104.529571][ T5930] R13: 00007f9a7f616128 R14: 00007f9a7f616090 R15: 00007ffc514e2ce8
[  104.537587][ T5930]  </TASK>
[  104.541178][ T5930] Kernel Offset: disabled
[  104.545502][ T5930] Rebooting in 86400 seconds..