Warning: Permanently added '10.128.0.177' (ED25519) to the list of known hosts.
2026/04/05 20:08:19 parsed 1 programs
[   84.142092][ T5844] cgroup: Unknown subsys name 'net'
[   84.250039][ T5844] cgroup: Unknown subsys name 'cpuset'
[   84.259361][ T5844] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   85.918442][ T5844] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.306869][ T5860] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   90.074372][ T5873] chnl_net:caif_netlink_parms(): no params data found
[   90.162583][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.170502][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.177791][ T5873] bridge_slave_0: entered allmulticast mode
[   90.185505][ T5873] bridge_slave_0: entered promiscuous mode
[   90.196276][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.203559][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.211164][ T5873] bridge_slave_1: entered allmulticast mode
[   90.218770][ T5873] bridge_slave_1: entered promiscuous mode
[   90.248753][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.260572][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.290668][ T5873] team0: Port device team_slave_0 added
[   90.298698][ T5873] team0: Port device team_slave_1 added
[   90.325787][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.332877][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.358831][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.371569][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.378751][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.404713][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.450041][ T5873] hsr_slave_0: entered promiscuous mode
[   90.456764][ T5873] hsr_slave_1: entered promiscuous mode
[   90.608313][ T5873] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   90.620869][ T5873] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.631845][ T5873] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.643291][ T5873] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.675283][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.682846][ T5873] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.690799][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.697974][ T5873] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.755467][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.777559][   T83] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.787058][   T83] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.804045][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[   90.817979][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.825138][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.839977][   T83] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.847294][   T83] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.034664][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.082965][ T5873] veth0_vlan: entered promiscuous mode
[   91.095152][ T5873] veth1_vlan: entered promiscuous mode
[   91.125734][ T5873] veth0_macvtap: entered promiscuous mode
[   91.135447][ T5873] veth1_macvtap: entered promiscuous mode
[   91.154978][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.170907][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.190060][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.200914][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.213996][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.223036][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.396095][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.502380][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.593394][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.703793][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.905656][  T808] cfg80211: failed to load regulatory.db
[   92.476517][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.484561][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.520887][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.530424][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.606727][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.618213][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.627352][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.641882][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.650215][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   93.755501][   T12] bridge_slave_1: left allmulticast mode
[   93.761607][   T12] bridge_slave_1: left promiscuous mode
[   93.768093][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.779772][   T12] bridge_slave_0: left allmulticast mode
[   93.785508][   T12] bridge_slave_0: left promiscuous mode
[   93.793207][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.980946][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   93.992196][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   94.002408][   T12] bond0 (unregistering): Released all slaves
[   94.127365][   T12] hsr_slave_0: left promiscuous mode
[   94.146414][   T12] hsr_slave_1: left promiscuous mode
[   94.170347][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.195296][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   94.239897][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.261289][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   94.320503][   T12] veth1_macvtap: left promiscuous mode
[   94.327368][   T12] veth0_macvtap: left promiscuous mode
[   94.333068][   T12] veth1_vlan: left promiscuous mode
[   94.338860][   T12] veth0_vlan: left promiscuous mode
[   94.660246][   T12] team0 (unregistering): Port device team_slave_1 removed
[   94.680833][   T12] team0 (unregistering): Port device team_slave_0 removed
2026/04/05 20:08:34 executed programs: 0
[   95.638129][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.647266][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.656053][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.666841][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.675758][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.486227][ T5987] chnl_net:caif_netlink_parms(): no params data found
[   96.698176][ T5987] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.705469][ T5987] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.713187][ T5987] bridge_slave_0: entered allmulticast mode
[   96.723488][ T5987] bridge_slave_0: entered promiscuous mode
[   96.733671][ T5987] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.741886][ T5987] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.749791][ T5987] bridge_slave_1: entered allmulticast mode
[   96.759060][ T5987] bridge_slave_1: entered promiscuous mode
[   96.840189][ T5987] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.855107][ T5987] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.903859][ T5987] team0: Port device team_slave_0 added
[   96.915255][ T5987] team0: Port device team_slave_1 added
[   97.008244][ T5987] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.015755][ T5987] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.047878][ T5987] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.066597][ T5987] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.073634][ T5987] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.112005][ T5987] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.185071][ T5987] hsr_slave_0: entered promiscuous mode
[   97.192065][ T5987] hsr_slave_1: entered promiscuous mode
[   97.727737][ T5950] Bluetooth: hci0: command tx timeout
[   97.921848][ T5987] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.938872][ T5987] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.951932][ T5987] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.963856][ T5987] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.071981][ T5987] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.098424][ T5987] 8021q: adding VLAN 0 to HW filter on device team0
[   98.113173][ T1018] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.120367][ T1018] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.139646][ T1018] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.147018][ T1018] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.412414][ T5987] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.473234][ T5987] veth0_vlan: entered promiscuous mode
[   98.492592][ T5987] veth1_vlan: entered promiscuous mode
[   98.537665][ T5987] veth0_macvtap: entered promiscuous mode
[   98.550143][ T5987] veth1_macvtap: entered promiscuous mode
[   98.575678][ T5987] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.595139][ T5987] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.613069][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.627574][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.637961][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.662283][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.735604][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.758657][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.794091][ T1018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.802150][ T1018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.516291][ T6108] ==================================================================
[   99.524418][ T6108] BUG: KASAN: slab-use-after-free in dvb_device_open+0xc4/0x350
[   99.532106][ T6108] Read of size 8 at addr ffff88802bb7c618 by task syz.0.35/6108
[   99.539764][ T6108] 
[   99.542129][ T6108] CPU: 1 UID: 0 PID: 6108 Comm: syz.0.35 Not tainted syzkaller #0 PREEMPT(full) 
[   99.542152][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   99.542173][ T6108] Call Trace:
[   99.542181][ T6108]  <TASK>
[   99.542189][ T6108]  dump_stack_lvl+0xe8/0x150
[   99.542221][ T6108]  print_address_description+0x55/0x1e0
[   99.542250][ T6108]  ? dvb_device_open+0xc4/0x350
[   99.542271][ T6108]  print_report+0x58/0x70
[   99.542296][ T6108]  kasan_report+0x117/0x150
[   99.542318][ T6108]  ? dvb_device_open+0xc4/0x350
[   99.542342][ T6108]  dvb_device_open+0xc4/0x350
[   99.542362][ T6108]  ? do_raw_spin_unlock+0xf5/0x210
[   99.542387][ T6108]  chrdev_open+0x4cd/0x5e0
[   99.542409][ T6108]  ? __pfx_chrdev_open+0x10/0x10
[   99.542430][ T6108]  ? fsnotify_open_perm_and_set_mode+0x135/0x6d0
[   99.542464][ T6108]  ? __pfx_chrdev_open+0x10/0x10
[   99.542483][ T6108]  do_dentry_open+0x785/0x14e0
[   99.542513][ T6108]  vfs_open+0x3b/0x340
[   99.542535][ T6108]  ? path_openat+0x2df0/0x3860
[   99.542553][ T6108]  path_openat+0x2e08/0x3860
[   99.542578][ T6108]  ? __pfx_stack_trace_save+0x10/0x10
[   99.542603][ T6108]  ? stack_depot_save_flags+0x33/0x810
[   99.542634][ T6108]  ? __pfx_path_openat+0x10/0x10
[   99.542657][ T6108]  ? __x64_sys_openat+0x138/0x170
[   99.542684][ T6108]  ? __lock_acquire+0x6b5/0x2cf0
[   99.542717][ T6108]  do_file_open+0x23e/0x4a0
[   99.542749][ T6108]  ? __pfx_do_file_open+0x10/0x10
[   99.542789][ T6108]  ? _raw_spin_unlock+0x28/0x50
[   99.542811][ T6108]  ? alloc_fd+0x64b/0x6c0
[   99.542840][ T6108]  do_sys_openat2+0x113/0x200
[   99.542866][ T6108]  ? __pfx_do_sys_openat2+0x10/0x10
[   99.542891][ T6108]  ? exc_page_fault+0x6a/0xc0
[   99.542917][ T6108]  ? do_user_addr_fault+0xc6f/0x1340
[   99.542946][ T6108]  __x64_sys_openat+0x138/0x170
[   99.542972][ T6108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.542992][ T6108]  do_syscall_64+0x15f/0xf80
[   99.543016][ T6108]  ? trace_irq_disable+0x3b/0x140
[   99.543038][ T6108]  ? clear_bhb_loop+0x40/0x90
[   99.543059][ T6108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.543078][ T6108] RIP: 0033:0x7f6380d5d04e
[   99.543102][ T6108] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   99.543118][ T6108] RSP: 002b:00007ffdba070018 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   99.543144][ T6108] RAX: ffffffffffffffda RBX: 0000555576152500 RCX: 00007f6380d5d04e
[   99.543158][ T6108] RDX: 0000000000000002 RSI: 00007ffdba0700f0 RDI: ffffffffffffff9c
[   99.543171][ T6108] RBP: 00007ffdba0700f0 R08: 0000000000000000 R09: 0000000000000000
[   99.543183][ T6108] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[   99.543195][ T6108] R13: 00007f6381015fac R14: 00007f6381015fa0 R15: 00007f6381015fa0
[   99.543217][ T6108]  </TASK>
[   99.543224][ T6108] 
[   99.819574][ T6108] Allocated by task 1:
[   99.823659][ T6108]  kasan_save_track+0x3e/0x80
[   99.828391][ T6108]  __kasan_kmalloc+0x93/0xb0
[   99.833026][ T6108]  __kmalloc_cache_noprof+0x31c/0x660
[   99.838443][ T6108]  dvb_register_device+0x2fd/0x21e0
[   99.843682][ T6108]  dvb_register_frontend+0x61b/0x920
[   99.849001][ T6108]  vidtv_bridge_probe+0x9aa/0xf80
[   99.854058][ T6108]  platform_probe+0xf9/0x190
[   99.858710][ T6108]  really_probe+0x267/0xaf0
[   99.863250][ T6108]  __driver_probe_device+0x18c/0x320
[   99.868572][ T6108]  driver_probe_device+0x4f/0x240
[   99.873628][ T6108]  __driver_attach+0x34c/0x640
[   99.878431][ T6108]  bus_for_each_dev+0x23b/0x2c0
[   99.883310][ T6108]  bus_add_driver+0x345/0x670
[   99.888020][ T6108]  driver_register+0x23a/0x320
[   99.892830][ T6108]  vidtv_bridge_init+0x28/0x50
[   99.897626][ T6108]  do_one_initcall+0x250/0x870
[   99.902435][ T6108]  do_initcall_level+0x104/0x190
[   99.907401][ T6108]  do_initcalls+0x59/0xa0
[   99.911765][ T6108]  kernel_init_freeable+0x2a6/0x3e0
[   99.917039][ T6108]  kernel_init+0x1d/0x1d0
[   99.921398][ T6108]  ret_from_fork+0x514/0xb70
[   99.926031][ T6108]  ret_from_fork_asm+0x1a/0x30
[   99.930823][ T6108] 
[   99.933164][ T6108] Freed by task 6107:
[   99.937157][ T6108]  kasan_save_track+0x3e/0x80
[   99.941877][ T6108]  kasan_save_free_info+0x46/0x50
[   99.946936][ T6108]  __kasan_slab_free+0x5c/0x80
[   99.951727][ T6108]  kfree+0x1c5/0x640
[   99.955664][ T6108]  dvb_device_open+0x2cd/0x350
[   99.960476][ T6108]  chrdev_open+0x4cd/0x5e0
[   99.964930][ T6108]  do_dentry_open+0x785/0x14e0
[   99.969730][ T6108]  vfs_open+0x3b/0x340
[   99.973835][ T6108]  path_openat+0x2e08/0x3860
[   99.978453][ T6108]  do_file_open+0x23e/0x4a0
[   99.983007][ T6108]  do_sys_openat2+0x113/0x200
[   99.988088][ T6108]  __x64_sys_openat+0x138/0x170
[   99.992971][ T6108]  do_syscall_64+0x15f/0xf80
[   99.997603][ T6108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.003530][ T6108] 
[  100.005880][ T6108] The buggy address belongs to the object at ffff88802bb7c600
[  100.005880][ T6108]  which belongs to the cache kmalloc-256 of size 256
[  100.019955][ T6108] The buggy address is located 24 bytes inside of
[  100.019955][ T6108]  freed 256-byte region [ffff88802bb7c600, ffff88802bb7c700)
[  100.033698][ T6108] 
[  100.036055][ T6108] The buggy address belongs to the physical page:
[  100.042500][ T6108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2bb7c
[  100.051290][ T6108] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  100.059854][ T6108] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  100.067439][ T6108] page_type: f5(slab)
[  100.071474][ T6108] raw: 00fff00000000040 ffff88813fe34b40 dead000000000122 0000000000000000
[  100.080107][ T6108] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  100.088726][ T6108] head: 00fff00000000040 ffff88813fe34b40 dead000000000122 0000000000000000
[  100.097431][ T6108] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  100.106128][ T6108] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[  100.114844][ T6108] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  100.123544][ T6108] page dumped because: kasan: bad access detected
[  100.130084][ T6108] page_owner tracks the page as allocated
[  100.135864][ T6108] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 18722299443, free_ts 0
[  100.155696][ T6108]  post_alloc_hook+0x231/0x280
[  100.160512][ T6108]  get_page_from_freelist+0x24ba/0x2540
[  100.166095][ T6108]  __alloc_frozen_pages_noprof+0x18d/0x380
[  100.171933][ T6108]  allocate_slab+0x77/0x660
[  100.176464][ T6108]  refill_objects+0x339/0x3d0
[  100.181172][ T6108]  __pcs_replace_empty_main+0x321/0x720
[  100.186753][ T6108]  __kmalloc_cache_noprof+0x392/0x660
[  100.192154][ T6108]  bus_add_driver+0x162/0x670
[  100.196855][ T6108]  driver_register+0x23a/0x320
[  100.201647][ T6108]  usb_register_driver+0x1e4/0x390
[  100.206796][ T6108]  do_one_initcall+0x250/0x870
[  100.211625][ T6108]  do_initcall_level+0x104/0x190
[  100.216589][ T6108]  do_initcalls+0x59/0xa0
[  100.220944][ T6108]  kernel_init_freeable+0x2a6/0x3e0
[  100.226176][ T6108]  kernel_init+0x1d/0x1d0
[  100.230530][ T6108]  ret_from_fork+0x514/0xb70
[  100.235181][ T6108] page_owner free stack trace missing
[  100.240664][ T6108] 
[  100.243046][ T6108] Memory state around the buggy address:
[  100.248699][ T6108]  ffff88802bb7c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  100.256784][ T6108]  ffff88802bb7c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  100.264872][ T6108] >ffff88802bb7c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.272991][ T6108]                             ^
[  100.277888][ T6108]  ffff88802bb7c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  100.285969][ T6108]  ffff88802bb7c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  100.294053][ T6108] ==================================================================
[  100.313153][ T5950] Bluetooth: hci0: command tx timeout
[  100.322698][ T6108] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  100.329967][ T6108] CPU: 1 UID: 0 PID: 6108 Comm: syz.0.35 Not tainted syzkaller #0 PREEMPT(full) 
[  100.339106][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  100.349191][ T6108] Call Trace:
[  100.352510][ T6108]  <TASK>
[  100.355477][ T6108]  vpanic+0x56c/0xa60
[  100.359483][ T6108]  ? __pfx_vpanic+0x10/0x10
[  100.364007][ T6108]  ? __pfx___schedule+0x10/0x10
[  100.368888][ T6108]  panic+0xc5/0xd0
[  100.372640][ T6108]  ? __pfx_panic+0x10/0x10
[  100.377088][ T6108]  ? preempt_schedule_thunk+0x16/0x30
[  100.382523][ T6108]  ? dvb_device_open+0xc4/0x350
[  100.387407][ T6108]  check_panic_on_warn+0x89/0xb0
[  100.392393][ T6108]  ? dvb_device_open+0xc4/0x350
[  100.397272][ T6108]  end_report+0x73/0x170
[  100.401557][ T6108]  ? dvb_device_open+0xc4/0x350
[  100.406435][ T6108]  kasan_report+0x128/0x150
[  100.410958][ T6108]  ? dvb_device_open+0xc4/0x350
[  100.415833][ T6108]  dvb_device_open+0xc4/0x350
[  100.420527][ T6108]  ? do_raw_spin_unlock+0xf5/0x210
[  100.425674][ T6108]  chrdev_open+0x4cd/0x5e0
[  100.430146][ T6108]  ? __pfx_chrdev_open+0x10/0x10
[  100.435107][ T6108]  ? fsnotify_open_perm_and_set_mode+0x135/0x6d0
[  100.441490][ T6108]  ? __pfx_chrdev_open+0x10/0x10
[  100.446475][ T6108]  do_dentry_open+0x785/0x14e0
[  100.451284][ T6108]  vfs_open+0x3b/0x340
[  100.455400][ T6108]  ? path_openat+0x2df0/0x3860
[  100.460197][ T6108]  path_openat+0x2e08/0x3860
[  100.464903][ T6108]  ? __pfx_stack_trace_save+0x10/0x10
[  100.470307][ T6108]  ? stack_depot_save_flags+0x33/0x810
[  100.475838][ T6108]  ? __pfx_path_openat+0x10/0x10
[  100.480788][ T6108]  ? __x64_sys_openat+0x138/0x170
[  100.485836][ T6108]  ? __lock_acquire+0x6b5/0x2cf0
[  100.490798][ T6108]  do_file_open+0x23e/0x4a0
[  100.495336][ T6108]  ? __pfx_do_file_open+0x10/0x10
[  100.500433][ T6108]  ? _raw_spin_unlock+0x28/0x50
[  100.505323][ T6108]  ? alloc_fd+0x64b/0x6c0
[  100.509689][ T6108]  do_sys_openat2+0x113/0x200
[  100.514402][ T6108]  ? __pfx_do_sys_openat2+0x10/0x10
[  100.519704][ T6108]  ? exc_page_fault+0x6a/0xc0
[  100.524395][ T6108]  ? do_user_addr_fault+0xc6f/0x1340
[  100.529701][ T6108]  __x64_sys_openat+0x138/0x170
[  100.534573][ T6108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.540655][ T6108]  do_syscall_64+0x15f/0xf80
[  100.545285][ T6108]  ? trace_irq_disable+0x3b/0x140
[  100.550328][ T6108]  ? clear_bhb_loop+0x40/0x90
[  100.555028][ T6108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.560939][ T6108] RIP: 0033:0x7f6380d5d04e
[  100.565373][ T6108] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  100.585003][ T6108] RSP: 002b:00007ffdba070018 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  100.593451][ T6108] RAX: ffffffffffffffda RBX: 0000555576152500 RCX: 00007f6380d5d04e
[  100.601437][ T6108] RDX: 0000000000000002 RSI: 00007ffdba0700f0 RDI: ffffffffffffff9c
[  100.609507][ T6108] RBP: 00007ffdba0700f0 R08: 0000000000000000 R09: 0000000000000000
[  100.617579][ T6108] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  100.625660][ T6108] R13: 00007f6381015fac R14: 00007f6381015fa0 R15: 00007f6381015fa0
[  100.633657][ T6108]  </TASK>
[  100.637548][ T6108] Kernel Offset: disabled
[  100.641885][ T6108] Rebooting in 86400 seconds..