Warning: Permanently added '10.128.0.167' (ED25519) to the list of known hosts.
2026/02/12 01:44:14 parsed 1 programs
[   81.299073][ T5824] cgroup: Unknown subsys name 'net'
[   81.433197][ T5824] cgroup: Unknown subsys name 'cpuset'
[   81.443514][ T5824] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   83.063885][ T5824] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.153072][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   87.508984][ T5862] chnl_net:caif_netlink_parms(): no params data found
[   87.636746][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.644630][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.651979][ T5862] bridge_slave_0: entered allmulticast mode
[   87.660018][ T5862] bridge_slave_0: entered promiscuous mode
[   87.674664][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.682264][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.689634][ T5862] bridge_slave_1: entered allmulticast mode
[   87.697079][ T5862] bridge_slave_1: entered promiscuous mode
[   87.729014][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.742089][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.775365][ T5862] team0: Port device team_slave_0 added
[   87.783964][ T5862] team0: Port device team_slave_1 added
[   87.819618][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.826579][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.852681][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.867084][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.874210][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.900230][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.952715][ T5862] hsr_slave_0: entered promiscuous mode
[   87.960344][ T5862] hsr_slave_1: entered promiscuous mode
[   88.125003][ T5862] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.137721][ T5862] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.148592][ T5862] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.159833][ T5862] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.195105][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.202357][ T5862] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.210555][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.217665][ T5862] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.285869][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.309870][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.318265][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.333684][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[   88.350423][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.357554][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.372827][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.380018][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.571271][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.626520][ T5862] veth0_vlan: entered promiscuous mode
[   88.640739][ T5862] veth1_vlan: entered promiscuous mode
[   88.684396][ T5862] veth0_macvtap: entered promiscuous mode
[   88.696218][ T5862] veth1_macvtap: entered promiscuous mode
[   88.720824][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.738146][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.757604][ T1151] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.767524][ T1151] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.780335][ T1151] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.794123][ T1151] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.946141][ T1151] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.044080][ T1151] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.108591][ T1151] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.219138][ T1151] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.601669][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.610395][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.647769][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.656295][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.772655][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.781063][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.790140][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.798702][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.808800][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/02/12 01:44:27 executed programs: 0
[   91.401213][ T5140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   91.414865][ T5140] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   91.425933][ T5140] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   91.434380][ T5140] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   91.442185][ T5140] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   91.501262][ T1151] bridge_slave_1: left allmulticast mode
[   91.509371][ T1151] bridge_slave_1: left promiscuous mode
[   91.515986][ T1151] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.542290][ T1151] bridge_slave_0: left allmulticast mode
[   91.547996][ T1151] bridge_slave_0: left promiscuous mode
[   91.554673][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.777406][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   91.790035][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   91.803248][ T1151] bond0 (unregistering): Released all slaves
[   91.938590][ T1210] cfg80211: failed to load regulatory.db
[   91.955430][ T1151] hsr_slave_0: left promiscuous mode
[   91.965852][ T1151] hsr_slave_1: left promiscuous mode
[   91.972595][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   91.980954][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0
[   91.992550][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   92.000104][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1
[   92.019791][ T1151] veth1_macvtap: left promiscuous mode
[   92.025434][ T1151] veth0_macvtap: left promiscuous mode
[   92.031395][ T1151] veth1_vlan: left promiscuous mode
[   92.036750][ T1151] veth0_vlan: left promiscuous mode
[   92.227246][ T1151] team0 (unregistering): Port device team_slave_1 removed
[   92.242166][ T1151] team0 (unregistering): Port device team_slave_0 removed
[   92.490184][ T5938] chnl_net:caif_netlink_parms(): no params data found
[   92.797036][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.807931][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.817063][ T5938] bridge_slave_0: entered allmulticast mode
[   92.826720][ T5938] bridge_slave_0: entered promiscuous mode
[   92.844292][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.852015][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.860154][ T5938] bridge_slave_1: entered allmulticast mode
[   92.869857][ T5938] bridge_slave_1: entered promiscuous mode
[   92.937573][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.302311][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.395693][ T5938] team0: Port device team_slave_0 added
[   93.411345][ T5938] team0: Port device team_slave_1 added
[   93.493122][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.507287][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   93.534609][ T5140] Bluetooth: hci0: command tx timeout
[   93.545724][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.565139][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.576549][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   93.617861][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.782198][ T5938] hsr_slave_0: entered promiscuous mode
[   93.789806][ T5938] hsr_slave_1: entered promiscuous mode
[   94.752687][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.770271][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.783156][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.797484][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.951163][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.988401][ T5938] 8021q: adding VLAN 0 to HW filter on device team0
[   95.005887][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.013149][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.037172][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.044445][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.345587][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.437468][ T5938] veth0_vlan: entered promiscuous mode
[   95.459841][ T5938] veth1_vlan: entered promiscuous mode
[   95.520249][ T5938] veth0_macvtap: entered promiscuous mode
[   95.535877][ T5938] veth1_macvtap: entered promiscuous mode
[   95.576536][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.599126][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.609391][ T5140] Bluetooth: hci0: command tx timeout
[   95.624524][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.647514][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.671385][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.682134][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.764342][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.792023][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.835425][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.844236][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/12 01:44:32 executed programs: 4
[   97.150481][ T6072] ==================================================================
[   97.158692][ T6072] BUG: KASAN: slab-use-after-free in dvb_device_open+0xc4/0x350
[   97.166359][ T6072] Read of size 8 at addr ffff88802c0df418 by task syz.0.19/6072
[   97.174097][ T6072] 
[   97.176440][ T6072] CPU: 0 UID: 0 PID: 6072 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(full) 
[   97.176461][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   97.176471][ T6072] Call Trace:
[   97.176479][ T6072]  <TASK>
[   97.176487][ T6072]  dump_stack_lvl+0xe8/0x150
[   97.176513][ T6072]  print_report+0xba/0x230
[   97.176535][ T6072]  ? dvb_device_open+0xc4/0x350
[   97.176555][ T6072]  kasan_report+0x117/0x150
[   97.176576][ T6072]  ? dvb_device_open+0xc4/0x350
[   97.176599][ T6072]  dvb_device_open+0xc4/0x350
[   97.176617][ T6072]  ? do_raw_spin_unlock+0xf5/0x210
[   97.176636][ T6072]  chrdev_open+0x4cd/0x5e0
[   97.176657][ T6072]  ? __pfx_chrdev_open+0x10/0x10
[   97.176676][ T6072]  ? fsnotify_open_perm_and_set_mode+0x135/0x6d0
[   97.176703][ T6072]  ? __pfx_chrdev_open+0x10/0x10
[   97.176720][ T6072]  do_dentry_open+0x785/0x14e0
[   97.176747][ T6072]  vfs_open+0x3b/0x340
[   97.176766][ T6072]  ? path_openat+0x2df0/0x3860
[   97.176782][ T6072]  path_openat+0x2e08/0x3860
[   97.176804][ T6072]  ? __pfx_stack_trace_save+0x10/0x10
[   97.176823][ T6072]  ? stack_depot_save_flags+0x33/0x810
[   97.176845][ T6072]  ? __pfx_path_openat+0x10/0x10
[   97.176860][ T6072]  ? __x64_sys_openat+0x138/0x170
[   97.176881][ T6072]  ? do_syscall_64+0x14d/0xf80
[   97.176899][ T6072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.176920][ T6072]  ? __lock_acquire+0x6b5/0x2cf0
[   97.176942][ T6072]  do_file_open+0x23e/0x4a0
[   97.176961][ T6072]  ? __pfx_do_file_open+0x10/0x10
[   97.176993][ T6072]  ? _raw_spin_unlock+0x28/0x50
[   97.177010][ T6072]  ? alloc_fd+0x64b/0x6c0
[   97.177035][ T6072]  do_sys_openat2+0x113/0x200
[   97.177057][ T6072]  ? __pfx_do_sys_openat2+0x10/0x10
[   97.177080][ T6072]  ? exc_page_fault+0x6a/0xc0
[   97.177099][ T6072]  ? do_user_addr_fault+0xc6f/0x1340
[   97.177122][ T6072]  __x64_sys_openat+0x138/0x170
[   97.177145][ T6072]  do_syscall_64+0x14d/0xf80
[   97.177164][ T6072]  ? trace_irq_disable+0x3b/0x150
[   97.177186][ T6072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.177203][ T6072]  ? clear_bhb_loop+0x40/0x90
[   97.177222][ T6072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.177239][ T6072] RIP: 0033:0x7fb6dbb5c84e
[   97.177255][ T6072] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   97.177269][ T6072] RSP: 002b:00007fb6dc99eb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   97.177290][ T6072] RAX: ffffffffffffffda RBX: 00007fb6dc99f6c0 RCX: 00007fb6dbb5c84e
[   97.177303][ T6072] RDX: 000000000000413f RSI: 00007fb6dc99ec00 RDI: ffffffffffffff9c
[   97.177315][ T6072] RBP: 00007fb6dc99ec00 R08: 0000000000000000 R09: 0000000000000000
[   97.177326][ T6072] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[   97.177338][ T6072] R13: 00007fb6dbe16128 R14: 00007fb6dbe16090 R15: 00007fff95fa5f88
[   97.177357][ T6072]  </TASK>
[   97.177363][ T6072] 
[   97.458644][ T6072] Allocated by task 1:
[   97.462739][ T6072]  kasan_save_track+0x3e/0x80
[   97.467467][ T6072]  __kasan_kmalloc+0x93/0xb0
[   97.472083][ T6072]  __kmalloc_cache_noprof+0x31c/0x660
[   97.477469][ T6072]  dvb_register_device+0x2fd/0x2210
[   97.482692][ T6072]  dvb_register_frontend+0x649/0x950
[   97.488007][ T6072]  vidtv_bridge_probe+0x9aa/0xf80
[   97.493058][ T6072]  platform_probe+0xf9/0x190
[   97.497838][ T6072]  really_probe+0x267/0xaf0
[   97.502361][ T6072]  __driver_probe_device+0x18c/0x320
[   97.507675][ T6072]  driver_probe_device+0x4f/0x240
[   97.512714][ T6072]  __driver_attach+0x3e7/0x710
[   97.517501][ T6072]  bus_for_each_dev+0x23b/0x2c0
[   97.522452][ T6072]  bus_add_driver+0x345/0x670
[   97.527143][ T6072]  driver_register+0x23a/0x320
[   97.531922][ T6072]  vidtv_bridge_init+0x28/0x50
[   97.536711][ T6072]  do_one_initcall+0x250/0x8d0
[   97.541492][ T6072]  do_initcall_level+0x104/0x190
[   97.546453][ T6072]  do_initcalls+0x59/0xa0
[   97.550806][ T6072]  kernel_init_freeable+0x2a6/0x3e0
[   97.556026][ T6072]  kernel_init+0x1d/0x1d0
[   97.560384][ T6072]  ret_from_fork+0x51e/0xb90
[   97.565001][ T6072]  ret_from_fork_asm+0x1a/0x30
[   97.569782][ T6072] 
[   97.572121][ T6072] Freed by task 6043:
[   97.576106][ T6072]  kasan_save_track+0x3e/0x80
[   97.580794][ T6072]  kasan_save_free_info+0x46/0x50
[   97.585839][ T6072]  __kasan_slab_free+0x5c/0x80
[   97.590618][ T6072]  kfree+0x1c1/0x630
[   97.594550][ T6072]  dvb_device_open+0x2cd/0x350
[   97.599328][ T6072]  chrdev_open+0x4cd/0x5e0
[   97.603760][ T6072]  do_dentry_open+0x785/0x14e0
[   97.608540][ T6072]  vfs_open+0x3b/0x340
[   97.612633][ T6072]  path_openat+0x2e08/0x3860
[   97.617244][ T6072]  do_file_open+0x23e/0x4a0
[   97.621757][ T6072]  do_sys_openat2+0x113/0x200
[   97.626455][ T6072]  __x64_sys_openat+0x138/0x170
[   97.631326][ T6072]  do_syscall_64+0x14d/0xf80
[   97.635936][ T6072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.641840][ T6072] 
[   97.644179][ T6072] The buggy address belongs to the object at ffff88802c0df400
[   97.644179][ T6072]  which belongs to the cache kmalloc-256 of size 256
[   97.658265][ T6072] The buggy address is located 24 bytes inside of
[   97.658265][ T6072]  freed 256-byte region [ffff88802c0df400, ffff88802c0df500)
[   97.672011][ T6072] 
[   97.674364][ T6072] The buggy address belongs to the physical page:
[   97.680791][ T6072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2c0de
[   97.689569][ T6072] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   97.698084][ T6072] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   97.705680][ T6072] page_type: f5(slab)
[   97.709685][ T6072] raw: 00fff00000000040 ffff88813ff1db40 dead000000000122 0000000000000000
[   97.718309][ T6072] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   97.726927][ T6072] head: 00fff00000000040 ffff88813ff1db40 dead000000000122 0000000000000000
[   97.735705][ T6072] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   97.744401][ T6072] head: 00fff00000000001 ffffea0000b03781 00000000ffffffff 00000000ffffffff
[   97.753099][ T6072] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   97.761791][ T6072] page dumped because: kasan: bad access detected
[   97.768214][ T6072] page_owner tracks the page as allocated
[   97.774034][ T6072] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 16733682257, free_ts 0
[   97.793762][ T6072]  post_alloc_hook+0x231/0x280
[   97.798732][ T6072]  get_page_from_freelist+0x24dc/0x2580
[   97.804292][ T6072]  __alloc_frozen_pages_noprof+0x18d/0x380
[   97.810116][ T6072]  allocate_slab+0x77/0x660
[   97.814653][ T6072]  refill_objects+0x331/0x3c0
[   97.819344][ T6072]  __pcs_replace_empty_main+0x2b9/0x620
[   97.824906][ T6072]  __kmalloc_cache_noprof+0x392/0x660
[   97.830291][ T6072]  bus_add_driver+0x162/0x670
[   97.834992][ T6072]  driver_register+0x23a/0x320
[   97.839866][ T6072]  usb_register_driver+0x1e4/0x390
[   97.845013][ T6072]  do_one_initcall+0x250/0x8d0
[   97.849865][ T6072]  do_initcall_level+0x104/0x190
[   97.854877][ T6072]  do_initcalls+0x59/0xa0
[   97.859254][ T6072]  kernel_init_freeable+0x2a6/0x3e0
[   97.864472][ T6072]  kernel_init+0x1d/0x1d0
[   97.868824][ T6072]  ret_from_fork+0x51e/0xb90
[   97.873436][ T6072] page_owner free stack trace missing
[   97.878905][ T6072] 
[   97.881238][ T6072] Memory state around the buggy address:
[   97.886875][ T6072]  ffff88802c0df300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   97.894953][ T6072]  ffff88802c0df380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   97.903025][ T6072] >ffff88802c0df400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.911194][ T6072]                             ^
[   97.916051][ T6072]  ffff88802c0df480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.924121][ T6072]  ffff88802c0df500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   97.932211][ T6072] ==================================================================
[   97.941235][ T5140] Bluetooth: hci0: command tx timeout
[   97.953591][ T6072] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   97.960833][ T6072] CPU: 0 UID: 0 PID: 6072 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(full) 
[   97.969980][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   97.980063][ T6072] Call Trace:
[   97.983372][ T6072]  <TASK>
[   97.986325][ T6072]  vpanic+0x56c/0xa60
[   97.990343][ T6072]  ? __pfx_vpanic+0x10/0x10
[   97.994874][ T6072]  ? __pfx___schedule+0x10/0x10
[   97.999829][ T6072]  panic+0xc5/0xd0
[   98.003570][ T6072]  ? __pfx_panic+0x10/0x10
[   98.008007][ T6072]  ? preempt_schedule_thunk+0x16/0x30
[   98.013399][ T6072]  ? dvb_device_open+0xc4/0x350
[   98.018278][ T6072]  check_panic_on_warn+0x89/0xb0
[   98.023233][ T6072]  ? dvb_device_open+0xc4/0x350
[   98.028106][ T6072]  end_report+0x73/0x180
[   98.032388][ T6072]  ? dvb_device_open+0xc4/0x350
[   98.037257][ T6072]  kasan_report+0x128/0x150
[   98.041781][ T6072]  ? dvb_device_open+0xc4/0x350
[   98.046651][ T6072]  dvb_device_open+0xc4/0x350
[   98.051344][ T6072]  ? do_raw_spin_unlock+0xf5/0x210
[   98.056471][ T6072]  chrdev_open+0x4cd/0x5e0
[   98.060937][ T6072]  ? __pfx_chrdev_open+0x10/0x10
[   98.065882][ T6072]  ? fsnotify_open_perm_and_set_mode+0x135/0x6d0
[   98.072239][ T6072]  ? __pfx_chrdev_open+0x10/0x10
[   98.077183][ T6072]  do_dentry_open+0x785/0x14e0
[   98.081957][ T6072]  vfs_open+0x3b/0x340
[   98.086035][ T6072]  ? path_openat+0x2df0/0x3860
[   98.090912][ T6072]  path_openat+0x2e08/0x3860
[   98.095517][ T6072]  ? __pfx_stack_trace_save+0x10/0x10
[   98.100898][ T6072]  ? stack_depot_save_flags+0x33/0x810
[   98.106361][ T6072]  ? __pfx_path_openat+0x10/0x10
[   98.111385][ T6072]  ? __x64_sys_openat+0x138/0x170
[   98.116416][ T6072]  ? do_syscall_64+0x14d/0xf80
[   98.121179][ T6072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.127337][ T6072]  ? __lock_acquire+0x6b5/0x2cf0
[   98.132283][ T6072]  do_file_open+0x23e/0x4a0
[   98.136790][ T6072]  ? __pfx_do_file_open+0x10/0x10
[   98.141816][ T6072]  ? _raw_spin_unlock+0x28/0x50
[   98.146661][ T6072]  ? alloc_fd+0x64b/0x6c0
[   98.151009][ T6072]  do_sys_openat2+0x113/0x200
[   98.155691][ T6072]  ? __pfx_do_sys_openat2+0x10/0x10
[   98.160901][ T6072]  ? exc_page_fault+0x6a/0xc0
[   98.165586][ T6072]  ? do_user_addr_fault+0xc6f/0x1340
[   98.171056][ T6072]  __x64_sys_openat+0x138/0x170
[   98.176002][ T6072]  do_syscall_64+0x14d/0xf80
[   98.180682][ T6072]  ? trace_irq_disable+0x3b/0x150
[   98.185717][ T6072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.191799][ T6072]  ? clear_bhb_loop+0x40/0x90
[   98.196476][ T6072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.202390][ T6072] RIP: 0033:0x7fb6dbb5c84e
[   98.206829][ T6072] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   98.226439][ T6072] RSP: 002b:00007fb6dc99eb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   98.234861][ T6072] RAX: ffffffffffffffda RBX: 00007fb6dc99f6c0 RCX: 00007fb6dbb5c84e
[   98.242886][ T6072] RDX: 000000000000413f RSI: 00007fb6dc99ec00 RDI: ffffffffffffff9c
[   98.250858][ T6072] RBP: 00007fb6dc99ec00 R08: 0000000000000000 R09: 0000000000000000
[   98.258830][ T6072] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[   98.266803][ T6072] R13: 00007fb6dbe16128 R14: 00007fb6dbe16090 R15: 00007fff95fa5f88
[   98.274800][ T6072]  </TASK>
[   98.278283][ T6072] Kernel Offset: disabled
[   98.282605][ T6072] Rebooting in 86400 seconds..