Warning: Permanently added '10.128.1.116' (ED25519) to the list of known hosts.
2026/04/13 03:06:11 parsed 1 programs
[   86.475332][ T5844] cgroup: Unknown subsys name 'net'
[   86.564919][ T5844] cgroup: Unknown subsys name 'cpuset'
[   86.575274][ T5844] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   88.457052][ T5844] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.034231][ T1224] cfg80211: failed to load regulatory.db
[   92.195551][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.209394][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.249338][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.257626][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.306017][ T5865] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   94.829031][ T5906] chnl_net:caif_netlink_parms(): no params data found
[   94.910153][ T5906] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.917711][ T5906] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.925218][ T5906] bridge_slave_0: entered allmulticast mode
[   94.933414][ T5906] bridge_slave_0: entered promiscuous mode
[   94.944610][ T5906] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.951933][ T5906] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.959136][ T5906] bridge_slave_1: entered allmulticast mode
[   94.967011][ T5906] bridge_slave_1: entered promiscuous mode
[   94.998440][ T5906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.010016][ T5906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.044097][ T5906] team0: Port device team_slave_0 added
[   95.084166][ T5906] team0: Port device team_slave_1 added
[   95.110581][ T5906] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.119474][ T5906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.147366][ T5906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.168151][ T5906] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.175761][ T5906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.203152][ T5906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.248231][ T5906] hsr_slave_0: entered promiscuous mode
[   95.254753][ T5906] hsr_slave_1: entered promiscuous mode
[   95.412992][ T5906] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.426347][ T5906] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.436540][ T5906] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.447100][ T5906] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.480342][ T5906] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.487936][ T5906] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.496077][ T5906] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.503319][ T5906] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.559207][ T5906] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.578078][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.588050][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.604561][ T5906] 8021q: adding VLAN 0 to HW filter on device team0
[   95.619025][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.626424][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.643741][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.651006][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.824451][ T5906] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.874852][ T5906] veth0_vlan: entered promiscuous mode
[   95.886825][ T5906] veth1_vlan: entered promiscuous mode
[   95.916171][ T5906] veth0_macvtap: entered promiscuous mode
[   95.925988][ T5906] veth1_macvtap: entered promiscuous mode
[   95.945192][ T5906] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.962427][ T5906] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.978873][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.990158][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.007234][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.016072][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.160229][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.221957][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.289465][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.400555][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.713881][ T5941] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.723508][ T5941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.732675][ T5941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.744826][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.752682][ T5941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/04/13 03:06:25 executed programs: 0
[   97.744103][ T5160] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.754746][ T5160] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.763297][ T5160] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.773786][ T5160] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.783063][ T5160] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.928739][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   98.013159][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.020525][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.028937][ T5955] bridge_slave_0: entered allmulticast mode
[   98.036613][ T5955] bridge_slave_0: entered promiscuous mode
[   98.047634][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.054991][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.062534][ T5955] bridge_slave_1: entered allmulticast mode
[   98.069636][ T5955] bridge_slave_1: entered promiscuous mode
[   98.103361][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.115174][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.146343][ T5955] team0: Port device team_slave_0 added
[   98.154345][ T5955] team0: Port device team_slave_1 added
[   98.181345][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.188440][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.215969][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.228475][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.235604][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.262404][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.305388][ T5955] hsr_slave_0: entered promiscuous mode
[   98.312065][ T5955] hsr_slave_1: entered promiscuous mode
[   98.318251][ T5955] debugfs: 'hsr0' already exists in 'hsr'
[   98.324299][ T5955] Cannot create hsr debugfs directory
[   99.421364][   T49] bridge_slave_1: left allmulticast mode
[   99.429940][   T49] bridge_slave_1: left promiscuous mode
[   99.438454][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.452188][   T49] bridge_slave_0: left allmulticast mode
[   99.457890][   T49] bridge_slave_0: left promiscuous mode
[   99.465309][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.630614][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.643135][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.653005][   T49] bond0 (unregistering): Released all slaves
[   99.765593][   T49] hsr_slave_0: left promiscuous mode
[   99.772004][   T49] hsr_slave_1: left promiscuous mode
[   99.778495][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.786756][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.795879][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.805267][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.824445][   T49] veth1_macvtap: left promiscuous mode
[   99.830699][   T49] veth0_macvtap: left promiscuous mode
[   99.836948][   T49] veth1_vlan: left promiscuous mode
[   99.842558][   T49] veth0_vlan: left promiscuous mode
[   99.865200][ T5941] Bluetooth: hci0: command tx timeout
[  100.225717][   T49] team0 (unregistering): Port device team_slave_1 removed
[  100.262997][   T49] team0 (unregistering): Port device team_slave_0 removed
[  100.799686][ T5955] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.825328][ T5955] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.841570][ T5955] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.855092][ T5955] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.459348][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.541399][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[  101.563407][  T181] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.570665][  T181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.596371][  T181] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.603692][  T181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.940560][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.953812][ T5941] Bluetooth: hci0: command tx timeout
[  102.025864][ T5955] veth0_vlan: entered promiscuous mode
[  102.044691][ T5955] veth1_vlan: entered promiscuous mode
[  102.093685][ T5955] veth0_macvtap: entered promiscuous mode
[  102.106674][ T5955] veth1_macvtap: entered promiscuous mode
[  102.136515][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.157878][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.187432][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.209945][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.232941][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.242520][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.349884][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.365281][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.452068][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.461940][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.524272][ T6031] faux_driver vkms: [drm] Unknown color mode 9; guessing buffer size.
2026/04/13 03:06:30 executed programs: 7
[  104.022060][ T5941] Bluetooth: hci0: command tx timeout
[  106.102114][ T5941] Bluetooth: hci0: command tx timeout
[  107.230552][ T6423] ==================================================================
[  107.238671][ T6423] BUG: KASAN: slab-use-after-free in drm_gem_object_release_handle+0x4b/0x1e0
[  107.247708][ T6423] Read of size 8 at addr ffff88802a656a78 by task syz.0.151/6423
[  107.255524][ T6423] 
[  107.257960][ T6423] CPU: 0 UID: 0 PID: 6423 Comm: syz.0.151 Not tainted syzkaller #0 PREEMPT(full) 
[  107.257976][ T6423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  107.257983][ T6423] Call Trace:
[  107.257989][ T6423]  <TASK>
[  107.257995][ T6423]  dump_stack_lvl+0xe8/0x150
[  107.258017][ T6423]  print_address_description+0x55/0x1e0
[  107.258033][ T6423]  ? drm_gem_object_release_handle+0x4b/0x1e0
[  107.258045][ T6423]  print_report+0x58/0x70
[  107.258059][ T6423]  kasan_report+0x117/0x150
[  107.258072][ T6423]  ? drm_gem_object_release_handle+0x4b/0x1e0
[  107.258084][ T6423]  drm_gem_object_release_handle+0x4b/0x1e0
[  107.258096][ T6423]  idr_for_each+0x1c6/0x2a0
[  107.258111][ T6423]  ? __pfx_drm_fb_release+0x10/0x10
[  107.258127][ T6423]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[  107.258138][ T6423]  ? __pfx_idr_for_each+0x10/0x10
[  107.258155][ T6423]  drm_gem_release+0x28/0x40
[  107.258166][ T6423]  drm_file_free+0x729/0xa00
[  107.258183][ T6423]  drm_release+0x2de/0x3f0
[  107.258197][ T6423]  ? __pfx_drm_release+0x10/0x10
[  107.258210][ T6423]  __fput+0x44f/0xa60
[  107.258227][ T6423]  task_work_run+0x1d9/0x270
[  107.258241][ T6423]  ? __pfx_task_work_run+0x10/0x10
[  107.258256][ T6423]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.258267][ T6423]  exit_to_user_mode_loop+0xed/0x480
[  107.258282][ T6423]  ? rcu_is_watching+0x15/0xb0
[  107.258299][ T6423]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.258310][ T6423]  do_syscall_64+0x33e/0xf80
[  107.258336][ T6423]  ? trace_irq_disable+0x3b/0x140
[  107.258350][ T6423]  ? clear_bhb_loop+0x40/0x90
[  107.258362][ T6423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.258373][ T6423] RIP: 0033:0x7fdc4cd9c819
[  107.258385][ T6423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  107.258394][ T6423] RSP: 002b:00007ffcd2b76c68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  107.258408][ T6423] RAX: 0000000000000000 RBX: 00007ffcd2b76d50 RCX: 00007fdc4cd9c819
[  107.258415][ T6423] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  107.258422][ T6423] RBP: 000000000001a2a7 R08: 0000000000000001 R09: 0000000000000000
[  107.258429][ T6423] R10: 0000001b30220000 R11: 0000000000000246 R12: 00007ffcd2b76d90
[  107.258437][ T6423] R13: 00007fdc4d01609c R14: 000000000001a2dc R15: 00007fdc4d016090
[  107.258448][ T6423]  </TASK>
[  107.258453][ T6423] 
[  107.498880][ T6423] Allocated by task 6424:
[  107.503203][ T6423]  kasan_save_track+0x3e/0x80
[  107.507882][ T6423]  __kasan_kmalloc+0x93/0xb0
[  107.512744][ T6423]  __kmalloc_cache_noprof+0x31c/0x660
[  107.518220][ T6423]  __drm_gem_shmem_create+0xc4/0x2e0
[  107.523521][ T6423]  drm_gem_shmem_dumb_create+0x72/0x120
[  107.529437][ T6423]  drm_mode_create_dumb_ioctl+0x2bd/0x340
[  107.535383][ T6423]  drm_ioctl_kernel+0x2df/0x3b0
[  107.540548][ T6423]  drm_ioctl+0x6ba/0xb80
[  107.544811][ T6423]  __se_sys_ioctl+0xfc/0x170
[  107.549581][ T6423]  do_syscall_64+0x15f/0xf80
[  107.554189][ T6423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.560118][ T6423] 
[  107.562474][ T6423] Freed by task 6425:
[  107.566764][ T6423]  kasan_save_track+0x3e/0x80
[  107.571484][ T6423]  kasan_save_free_info+0x46/0x50
[  107.576524][ T6423]  __kasan_slab_free+0x5c/0x80
[  107.581422][ T6423]  kfree+0x1c5/0x640
[  107.585614][ T6423]  drm_gem_object_release_handle+0xc2/0x1e0
[  107.591696][ T6423]  drm_gem_handle_delete+0x7b/0xb0
[  107.596836][ T6423]  drm_ioctl_kernel+0x2df/0x3b0
[  107.601898][ T6423]  drm_ioctl+0x6ba/0xb80
[  107.606245][ T6423]  __se_sys_ioctl+0xfc/0x170
[  107.611295][ T6423]  do_syscall_64+0x15f/0xf80
[  107.615980][ T6423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.622002][ T6423] 
[  107.624539][ T6423] The buggy address belongs to the object at ffff88802a656800
[  107.624539][ T6423]  which belongs to the cache kmalloc-1k of size 1024
[  107.638943][ T6423] The buggy address is located 632 bytes inside of
[  107.638943][ T6423]  freed 1024-byte region [ffff88802a656800, ffff88802a656c00)
[  107.653020][ T6423] 
[  107.655385][ T6423] The buggy address belongs to the physical page:
[  107.661897][ T6423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802a657800 pfn:0x2a650
[  107.672242][ T6423] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  107.681015][ T6423] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  107.689605][ T6423] page_type: f5(slab)
[  107.693599][ T6423] raw: 00fff00000000240 ffff88813fe34dc0 ffffea0000c24c10 ffffea0000a45e10
[  107.703348][ T6423] raw: ffff88802a657800 000000080010000d 00000000f5000000 0000000000000000
[  107.712575][ T6423] head: 00fff00000000240 ffff88813fe34dc0 ffffea0000c24c10 ffffea0000a45e10
[  107.721286][ T6423] head: ffff88802a657800 000000080010000d 00000000f5000000 0000000000000000
[  107.730062][ T6423] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  107.739608][ T6423] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  107.748302][ T6423] page dumped because: kasan: bad access detected
[  107.754994][ T6423] page_owner tracks the page as allocated
[  107.760925][ T6423] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2000(__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 181, tgid 181 (kworker/u8:6), ts 12050149001, free_ts 0
[  107.780100][ T6423]  post_alloc_hook+0x231/0x280
[  107.784889][ T6423]  get_page_from_freelist+0x24ba/0x2540
[  107.790742][ T6423]  __alloc_frozen_pages_noprof+0x18d/0x380
[  107.796581][ T6423]  allocate_slab+0x77/0x660
[  107.801190][ T6423]  refill_objects+0x339/0x3d0
[  107.805891][ T6423]  __pcs_replace_empty_main+0x321/0x720
[  107.811530][ T6423]  __kmalloc_cache_node_noprof+0x465/0x6b0
[  107.817599][ T6423]  blk_mq_alloc_and_init_hctx+0x17e/0xc50
[  107.823576][ T6423]  __blk_mq_realloc_hw_ctxs+0x2bd/0x670
[  107.829133][ T6423]  blk_mq_init_allocated_queue+0x365/0x13e0
[  107.835395][ T6423]  blk_mq_alloc_queue+0x1ba/0x2e0
[  107.840442][ T6423]  scsi_alloc_sdev+0x7c0/0xc80
[  107.845441][ T6423]  scsi_probe_and_add_lun+0x200/0x48e0
[  107.850981][ T6423]  __scsi_scan_target+0x1f0/0xe10
[  107.856182][ T6423]  scsi_scan_host_selected+0x3d0/0x780
[  107.861778][ T6423]  do_scan_async+0x124/0x6f0
[  107.866566][ T6423] page_owner free stack trace missing
[  107.872020][ T6423] 
[  107.874348][ T6423] Memory state around the buggy address:
[  107.880241][ T6423]  ffff88802a656900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.888478][ T6423]  ffff88802a656980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.896554][ T6423] >ffff88802a656a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.905394][ T6423]                                                                 ^
[  107.913384][ T6423]  ffff88802a656a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.921655][ T6423]  ffff88802a656b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.930123][ T6423] ==================================================================
[  107.950084][ T6423] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  107.957339][ T6423] CPU: 0 UID: 0 PID: 6423 Comm: syz.0.151 Not tainted syzkaller #0 PREEMPT(full) 
[  107.966740][ T6423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  107.976908][ T6423] Call Trace:
[  107.980190][ T6423]  <TASK>
[  107.983261][ T6423]  vpanic+0x56c/0xa60
[  107.987270][ T6423]  ? __pfx_vpanic+0x10/0x10
[  107.991813][ T6423]  ? __pfx___schedule+0x10/0x10
[  107.996675][ T6423]  panic+0xc5/0xd0
[  108.000459][ T6423]  ? __pfx_panic+0x10/0x10
[  108.005161][ T6423]  ? preempt_schedule_common+0x82/0xd0
[  108.010647][ T6423]  ? drm_gem_object_release_handle+0x4b/0x1e0
[  108.017083][ T6423]  check_panic_on_warn+0x89/0xb0
[  108.022030][ T6423]  ? drm_gem_object_release_handle+0x4b/0x1e0
[  108.028219][ T6423]  end_report+0x73/0x170
[  108.032483][ T6423]  ? drm_gem_object_release_handle+0x4b/0x1e0
[  108.038548][ T6423]  kasan_report+0x128/0x150
[  108.043054][ T6423]  ? drm_gem_object_release_handle+0x4b/0x1e0
[  108.049145][ T6423]  drm_gem_object_release_handle+0x4b/0x1e0
[  108.055128][ T6423]  idr_for_each+0x1c6/0x2a0
[  108.059657][ T6423]  ? __pfx_drm_fb_release+0x10/0x10
[  108.064971][ T6423]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[  108.071934][ T6423]  ? __pfx_idr_for_each+0x10/0x10
[  108.076982][ T6423]  drm_gem_release+0x28/0x40
[  108.081604][ T6423]  drm_file_free+0x729/0xa00
[  108.086548][ T6423]  drm_release+0x2de/0x3f0
[  108.091025][ T6423]  ? __pfx_drm_release+0x10/0x10
[  108.095980][ T6423]  __fput+0x44f/0xa60
[  108.100159][ T6423]  task_work_run+0x1d9/0x270
[  108.104849][ T6423]  ? __pfx_task_work_run+0x10/0x10
[  108.110232][ T6423]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.116390][ T6423]  exit_to_user_mode_loop+0xed/0x480
[  108.121793][ T6423]  ? rcu_is_watching+0x15/0xb0
[  108.126654][ T6423]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.132728][ T6423]  do_syscall_64+0x33e/0xf80
[  108.137414][ T6423]  ? trace_irq_disable+0x3b/0x140
[  108.142558][ T6423]  ? clear_bhb_loop+0x40/0x90
[  108.147251][ T6423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.153338][ T6423] RIP: 0033:0x7fdc4cd9c819
[  108.157764][ T6423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  108.178107][ T6423] RSP: 002b:00007ffcd2b76c68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  108.186565][ T6423] RAX: 0000000000000000 RBX: 00007ffcd2b76d50 RCX: 00007fdc4cd9c819
[  108.194567][ T6423] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  108.203286][ T6423] RBP: 000000000001a2a7 R08: 0000000000000001 R09: 0000000000000000
[  108.211358][ T6423] R10: 0000001b30220000 R11: 0000000000000246 R12: 00007ffcd2b76d90
[  108.219429][ T6423] R13: 00007fdc4d01609c R14: 000000000001a2dc R15: 00007fdc4d016090
[  108.227771][ T6423]  </TASK>
[  108.231653][ T6423] Kernel Offset: disabled
[  108.235997][ T6423] Rebooting in 86400 seconds..