[   91.891354][   T10] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.68' (ED25519) to the list of known hosts.
2026/05/07 09:24:16 parsed 1 programs
[   99.759650][ T5629] cgroup: Unknown subsys name 'net'
[   99.998700][ T5629] cgroup: Unknown subsys name 'cpuset'
[  100.054039][ T5629] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  102.022131][ T5629] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  107.379707][   T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.381649][   T60] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.382644][   T60] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.408958][   T60] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.409766][   T60] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.171522][ T1220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.171550][ T1220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.359174][ T1220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.359196][ T1220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.128366][ T5688] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.130135][ T5688] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.130357][ T5688] bridge_slave_0: entered allmulticast mode
[  111.132816][ T5688] bridge_slave_0: entered promiscuous mode
[  111.176862][ T5688] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.177185][ T5688] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.177405][ T5688] bridge_slave_1: entered allmulticast mode
[  111.179765][ T5688] bridge_slave_1: entered promiscuous mode
[  111.253481][ T5688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.260761][ T5688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  111.311831][ T5688] team0: Port device team_slave_0 added
[  111.320481][ T5688] team0: Port device team_slave_1 added
[  111.380870][ T5688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.380890][ T5688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  111.380921][ T5688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.394417][ T5688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.394468][ T5688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  111.394553][ T5688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.560447][ T5688] hsr_slave_0: entered promiscuous mode
[  111.562809][ T5688] hsr_slave_1: entered promiscuous mode
[  112.216846][ T5688] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.249270][ T5688] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  112.252049][ T5688] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.279834][ T5688] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  112.281276][ T5688] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.306673][ T5688] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  112.307835][ T5688] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.339738][ T5688] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  112.506305][ T5688] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.555532][ T5688] 8021q: adding VLAN 0 to HW filter on device team0
[  112.582864][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.591467][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.630115][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.633901][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.160515][ T5688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.279600][ T5688] veth0_vlan: entered promiscuous mode
[  113.312875][ T5688] veth1_vlan: entered promiscuous mode
[  113.391129][ T5688] veth0_macvtap: entered promiscuous mode
[  113.406435][ T5688] veth1_macvtap: entered promiscuous mode
[  113.453785][ T5688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.468149][ T5688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.510510][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.528945][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.528998][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.529039][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.258921][ T1220] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.049209][ T1220] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.621606][ T1220] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.931421][ T1220] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.524833][ T1220] bridge_slave_1: left allmulticast mode
[  116.525036][ T1220] bridge_slave_1: left promiscuous mode
[  116.531758][ T1220] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.645218][ T1220] bridge_slave_0: left allmulticast mode
[  116.645256][ T1220] bridge_slave_0: left promiscuous mode
[  116.645530][ T1220] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.345378][ T1220] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.404061][ T1220] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.446304][ T1220] bond0 (unregistering): Released all slaves
[  117.475262][ T5271] 8021q: adding VLAN 0 to HW filter on device eth1
[  117.806285][ T1220] hsr_slave_0: left promiscuous mode
[  117.843326][ T1220] hsr_slave_1: left promiscuous mode
[  117.849473][ T1220] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.849564][ T1220] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.897886][ T1220] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.897918][ T1220] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.095212][ T1220] veth1_macvtap: left promiscuous mode
[  118.095479][ T1220] veth0_macvtap: left promiscuous mode
[  118.116894][ T1220] veth1_vlan: left promiscuous mode
[  118.117467][ T1220] veth0_vlan: left promiscuous mode
2026/05/07 09:24:39 executed programs: 0
[  118.539215][   T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  118.568215][   T60] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  118.569429][   T60] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  118.576825][   T60] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  118.583786][   T60] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  119.174136][ T1220] team0 (unregistering): Port device team_slave_1 removed
[  119.234052][ T1220] team0 (unregistering): Port device team_slave_0 removed
[  119.446553][ T5271] 8021q: adding VLAN 0 to HW filter on device eth2
[  120.159541][ T5271] 8021q: adding VLAN 0 to HW filter on device eth3
[  120.633380][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.633799][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.634084][ T5777] bridge_slave_0: entered allmulticast mode
[  120.637630][ T5777] bridge_slave_0: entered promiscuous mode
[  120.678939][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.679350][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.679651][ T5777] bridge_slave_1: entered allmulticast mode
[  120.688129][ T4925] Bluetooth: hci0: command tx timeout
[  120.709276][ T5777] bridge_slave_1: entered promiscuous mode
[  120.798955][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.817300][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.883159][ T5777] team0: Port device team_slave_0 added
[  120.888977][ T5777] team0: Port device team_slave_1 added
[  121.295534][ T5271] 8021q: adding VLAN 0 to HW filter on device eth4
[  121.311451][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.311469][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.311499][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.362444][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.362463][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.362492][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.500219][ T5777] hsr_slave_0: entered promiscuous mode
[  121.502041][ T5777] hsr_slave_1: entered promiscuous mode
[  122.777755][ T4925] Bluetooth: hci0: command tx timeout
[  123.708981][ T5777] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  123.769859][ T5777] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  123.771475][ T5777] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.822919][ T5777] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  123.831224][ T5777] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.880441][ T5777] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  123.891502][ T5777] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.922709][ T5777] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  124.175363][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.236851][ T5777] 8021q: adding VLAN 0 to HW filter on device team0
[  124.264844][ T1220] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.265089][ T1220] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.302675][ T1314] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.302881][ T1314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.843442][ T4925] Bluetooth: hci0: command tx timeout
[  125.070269][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.226963][ T5777] veth0_vlan: entered promiscuous mode
[  125.246424][ T5777] veth1_vlan: entered promiscuous mode
[  125.317590][ T5777] veth0_macvtap: entered promiscuous mode
[  125.349612][ T5777] veth1_macvtap: entered promiscuous mode
[  125.394156][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.434997][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.469246][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.470860][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.506849][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.508027][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.196332][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.196355][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.281456][ T1314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.281477][ T1314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/07 09:24:47 executed programs: 2
[  126.531881][ T5940] =========================================================[  126.531881][ T5940] ==================================================================
[  126.531899][ T5940] BUG: KASAN: slab-use-after-free in dvb_device_open+0xc4/0x360
[  126.531934][ T5940] Read of size 8 at addr ffff88802c434818 by task syz.0.19/5940
[  126.531954][ T5940] 
[  126.531984][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  126.532014][ T5940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  126.532036][ T5940] Call Trace:
[  126.532049][ T5940]  <TASK>
[  126.532059][ T5940]  dump_stack_lvl+0xe8/0x150
[  126.532088][ T5940]  print_address_description+0x55/0x1e0
[  126.532119][ T5940]  ? dvb_device_open+0xc4/0x360
[  126.532146][ T5940]  print_report+0x58/0x70
[  126.532172][ T5940]  kasan_report+0x117/0x150
[  126.532205][ T5940]  ? dvb_device_open+0xc4/0x360
[  126.532235][ T5940]  dvb_device_open+0xc4/0x360
[  126.532262][ T5940]  ? rt_spin_unlock+0x160/0x200
[  126.532289][ T5940]  chrdev_open+0x4d0/0x5f0
[  126.532312][ T5940]  ? __pfx_chrdev_open+0x10/0x10
[  126.532334][ T5940]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[  126.532376][ T5940]  ? __pfx_chrdev_open+0x10/0x10
[  126.532398][ T5940]  do_dentry_open+0x83d/0x13e0
[  126.532429][ T5940]  vfs_open+0x3b/0x350
[  126.532450][ T5940]  ? path_openat+0x2e2b/0x38a0
[  126.532482][ T5940]  path_openat+0x2e43/0x38a0
[  126.532530][ T5940]  ? __pfx_path_openat+0x10/0x10
[  126.532561][ T5940]  ? kasan_save_track+0x4f/0x80
[  126.532589][ T5940]  ? kasan_save_track+0x3e/0x80
[  126.532616][ T5940]  ? __kasan_slab_alloc+0x6c/0x80
[  126.532644][ T5940]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  126.532678][ T5940]  ? do_raw_spin_lock+0x12b/0x2f0
[  126.532715][ T5940]  do_file_open+0x23e/0x4a0
[  126.532744][ T5940]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  126.532778][ T5940]  ? __pfx_do_file_open+0x10/0x10
[  126.532806][ T5940]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  126.532844][ T5940]  ? alloc_fd+0x64e/0x6c0
[  126.532875][ T5940]  do_sys_openat2+0x113/0x200
[  126.532901][ T5940]  ? __pfx_do_sys_openat2+0x10/0x10
[  126.532931][ T5940]  ? __task_pid_nr_ns+0x28/0x470
[  126.532956][ T5940]  __x64_sys_openat+0x138/0x170
[  126.532983][ T5940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.533006][ T5940]  do_syscall_64+0x15f/0xf80
[  126.533038][ T5940]  ? trace_irq_disable+0x3b/0x140
[  126.533070][ T5940]  ? clear_bhb_loop+0x40/0x90
[  126.533097][ T5940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.533120][ T5940] RIP: 0033:0x7f6bff0cd60e
[  126.533148][ T5940] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  126.533168][ T5940] RSP: 002b:00007ffc46dfbfa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  126.533200][ T5940] RAX: ffffffffffffffda RBX: 000055556378b500 RCX: 00007f6bff0cd60e
[  126.533218][ T5940] RDX: 0000000000000002 RSI: 00007ffc46dfc080 RDI: ffffffffffffff9c
[  126.533233][ T5940] RBP: 00007ffc46dfc080 R08: 0000000000000000 R09: 0000000000000000
[  126.533247][ T5940] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  126.533262][ T5940] R13: 00007f6bff385fac R14: 00007f6bff385fa0 R15: 00007f6bff385fa0
[  126.533287][ T5940]  </TASK>
[  126.533295][ T5940] 
[  126.533300][ T5940] Allocated by task 1:
[  126.533311][ T5940]  kasan_save_track+0x3e/0x80
[  126.533337][ T5940]  __kasan_kmalloc+0x93/0xb0
[  126.533371][ T5940]  __kmalloc_cache_noprof+0x3a6/0x690
[  126.533399][ T5940]  dvb_register_device+0x2fd/0x21e0
[  126.533423][ T5940]  dvb_register_frontend+0x631/0x920
[  126.533443][ T5940]  vidtv_bridge_probe+0x9aa/0xf80
[  126.533470][ T5940]  platform_probe+0xf9/0x190
[  126.533495][ T5940]  really_probe+0x267/0xaf0
[  126.533523][ T5940]  __driver_probe_device+0x1e2/0x350
[  126.533550][ T5940]  driver_probe_device+0x4f/0x240
[  126.533578][ T5940]  __driver_attach+0x33c/0x600
[  126.533605][ T5940]  bus_for_each_dev+0x23e/0x2c0
[  126.533626][ T5940]  bus_add_driver+0x348/0x670
[  126.533647][ T5940]  driver_register+0x23a/0x320
[  126.533665][ T5940]  vidtv_bridge_init+0x36/0x60
[  126.533684][ T5940]  do_one_initcall+0x250/0x870
[  126.533708][ T5940]  do_initcall_level+0x104/0x190
[  126.533727][ T5940]  do_initcalls+0x59/0xa0
[  126.533745][ T5940]  kernel_init_freeable+0x2a6/0x3e0
[  126.533765][ T5940]  kernel_init+0x1d/0x1d0
[  126.533784][ T5940]  ret_from_fork+0x514/0xb70
[  126.533805][ T5940]  ret_from_fork_asm+0x1a/0x30
[  126.533830][ T5940] 
[  126.533835][ T5940] Freed by task 5937:
[  126.533846][ T5940]  kasan_save_track+0x3e/0x80
[  126.533872][ T5940]  kasan_save_free_info+0x46/0x50
[  126.533892][ T5940]  __kasan_slab_free+0x5c/0x80
[  126.533917][ T5940]  kfree+0x1c5/0x6c0
[  126.533940][ T5940]  dvb_device_open+0x2d6/0x360
[  126.533963][ T5940]  chrdev_open+0x4d0/0x5f0
[  126.533980][ T5940]  do_dentry_open+0x83d/0x13e0
[  126.534001][ T5940]  vfs_open+0x3b/0x350
[  126.534020][ T5940]  path_openat+0x2e43/0x38a0
[  126.534046][ T5940]  do_file_open+0x23e/0x4a0
[  126.534072][ T5940]  do_sys_openat2+0x113/0x200
[  126.534093][ T5940]  __x64_sys_openat+0x138/0x170
[  126.534115][ T5940]  do_syscall_64+0x15f/0xf80
[  126.534142][ T5940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.534162][ T5940] 
[  126.534167][ T5940] The buggy address belongs to the object at ffff88802c434800
[  126.534167][ T5940]  which belongs to the cache kmalloc-512 of size 512
[  126.534186][ T5940] The buggy address is located 24 bytes inside of
[  126.534186][ T5940]  freed 512-byte region [ffff88802c434800, ffff88802c434a00)
[  126.534209][ T5940] 
[  126.534215][ T5940] The buggy address belongs to the physical page:
[  126.534232][ T5940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2c434
[  126.534252][ T5940] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  126.534269][ T5940] flags: 0x80000000000040(head|node=0|zone=1)
[  126.534296][ T5940] page_type: f5(slab)
[  126.534316][ T5940] raw: 0080000000000040 ffff88813fea1c80 dead000000000100 dead000000000122
[  126.534336][ T5940] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  126.534357][ T5940] head: 0080000000000040 ffff88813fea1c80 dead000000000100 dead000000000122
[  126.534382][ T5940] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  126.534403][ T5940] head: 0080000000000002 ffffffffffffff01 00000000ffffffff 00000000ffffffff
[  126.534422][ T5940] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000004
[  126.534434][ T5940] page dumped because: kasan: bad access detected
[  126.534449][ T5940] page_owner tracks the page as allocated
[  126.534457][ T5940] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 21176373413, free_ts 0
[  126.534494][ T5940]  post_alloc_hook+0x1f9/0x250
[  126.534521][ T5940]  get_page_from_freelist+0x27d6/0x2850
[  126.534553][ T5940]  __alloc_frozen_pages_noprof+0x18d/0x380
[  126.534585][ T5940]  allocate_slab+0x74/0x5e0
[  126.534604][ T5940]  refill_objects+0x33c/0x3d0
[  126.534623][ T5940]  __pcs_replace_empty_main+0x373/0x720
[  126.534645][ T5940]  __kmalloc_cache_noprof+0x44e/0x690
[  126.534672][ T5940]  bus_add_driver+0x165/0x670
[  126.534693][ T5940]  driver_register+0x23a/0x320
[  126.534711][ T5940]  vidtv_bridge_init+0x36/0x60
[  126.534729][ T5940]  do_one_initcall+0x250/0x870
[  126.534753][ T5940]  do_initcall_level+0x104/0x190
[  126.534774][ T5940]  do_initcalls+0x59/0xa0
[  126.534792][ T5940]  kernel_init_freeable+0x2a6/0x3e0
[  126.534812][ T5940]  kernel_init+0x1d/0x1d0
[  126.534831][ T5940]  ret_from_fork+0x514/0xb70
[  126.534852][ T5940] page_owner free stack trace missing
[  126.534860][ T5940] 
[  126.534865][ T5940] Memory state around the buggy address:
[  126.534876][ T5940]  ffff88802c434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  126.534891][ T5940]  ffff88802c434780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  126.534906][ T5940] >ffff88802c434800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  126.534917][ T5940]                             ^
[  126.534928][ T5940]  ffff88802c434880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  126.534943][ T5940]  ffff88802c434900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  126.534954][ T5940] ==================================================================
[  126.540122][ T5940] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  126.540177][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  126.540249][ T5940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  126.540282][ T5940] Call Trace:
[  126.540303][ T5940]  <TASK>
[  126.540326][ T5940]  vpanic+0x56c/0xa60
[  126.540431][ T5940]  ? __pfx_vpanic+0x10/0x10
[  126.540536][ T5940]  ? __pfx___schedule+0x10/0x10
[  126.540632][ T5940]  panic+0xc5/0xd0
[  126.540714][ T5940]  ? __pfx_panic+0x10/0x10
[  126.540793][ T5940]  ? preempt_schedule_thunk+0x16/0x40
[  126.540891][ T5940]  ? dvb_device_open+0xc4/0x360
[  126.540957][ T5940]  check_panic_on_warn+0x89/0xb0
[  126.540982][ T5940]  ? dvb_device_open+0xc4/0x360
[  126.541051][ T5940]  end_report+0x73/0x170
[  126.541128][ T5940]  ? dvb_device_open+0xc4/0x360
[  126.541192][ T5940]  kasan_report+0x128/0x150
[  126.541275][ T5940]  ? dvb_device_open+0xc4/0x360
[  126.541350][ T5940]  dvb_device_open+0xc4/0x360
[  126.541433][ T5940]  ? rt_spin_unlock+0x160/0x200
[  126.541499][ T5940]  chrdev_open+0x4d0/0x5f0
[  126.541561][ T5940]  ? __pfx_chrdev_open+0x10/0x10
[  126.541608][ T5940]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[  126.541689][ T5940]  ? __pfx_chrdev_open+0x10/0x10
[  126.541742][ T5940]  do_dentry_open+0x83d/0x13e0
[  126.541817][ T5940]  vfs_open+0x3b/0x350
[  126.541893][ T5940]  ? path_openat+0x2e2b/0x38a0
[  126.541991][ T5940]  path_openat+0x2e43/0x38a0
[  126.542109][ T5940]  ? __pfx_path_openat+0x10/0x10
[  126.542195][ T5940]  ? kasan_save_track+0x4f/0x80
[  126.542262][ T5940]  ? kasan_save_track+0x3e/0x80
[  126.542334][ T5940]  ? __kasan_slab_alloc+0x6c/0x80
[  126.542409][ T5940]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  126.542496][ T5940]  ? do_raw_spin_lock+0x12b/0x2f0
[  126.542583][ T5940]  do_file_open+0x23e/0x4a0
[  126.542661][ T5940]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  126.542746][ T5940]  ? __pfx_do_file_open+0x10/0x10
[  126.542820][ T5940]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  126.542915][ T5940]  ? alloc_fd+0x64e/0x6c0
[  126.542990][ T5940]  do_sys_openat2+0x113/0x200
[  126.543055][ T5940]  ? __pfx_do_sys_openat2+0x10/0x10
[  126.543129][ T5940]  ? __task_pid_nr_ns+0x28/0x470
[  126.543185][ T5940]  __x64_sys_openat+0x138/0x170
[  126.543212][ T5940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.543236][ T5940]  do_syscall_64+0x15f/0xf80
[  126.543294][ T5940]  ? trace_irq_disable+0x3b/0x140
[  126.543422][ T5940]  ? clear_bhb_loop+0x40/0x90
[  126.543487][ T5940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.543543][ T5940] RIP: 0033:0x7f6bff0cd60e
[  126.543605][ T5940] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  126.543643][ T5940] RSP: 002b:00007ffc46dfbfa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  126.543707][ T5940] RAX: ffffffffffffffda RBX: 000055556378b500 RCX: 00007f6bff0cd60e
[  126.543750][ T5940] RDX: 0000000000000002 RSI: 00007ffc46dfc080 RDI: ffffffffffffff9c
[  126.543792][ T5940] RBP: 00007ffc46dfc080 R08: 0000000000000000 R09: 0000000000000000
[  126.543826][ T5940] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  126.543869][ T5940] R13: 00007f6bff385fac R14: 00007f6bff385fa0 R15: 00007f6bff385fa0
[  126.543941][ T5940]  </TASK>
[  126.544118][ T5940] Kernel Offset: disabled