Warning: Permanently added '10.128.1.35' (ED25519) to the list of known hosts.
2026/02/20 07:16:23 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[  128.070915][ T6133] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  132.015246][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  132.017023][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  132.018979][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  132.026007][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  132.026640][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  132.555324][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.555346][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.595056][ T2984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.595075][ T2984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.922920][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  132.923023][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  134.262680][ T6177] chnl_net:caif_netlink_parms(): no params data found
[  134.457797][ T6177] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.457918][ T6177] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.458052][ T6177] bridge_slave_0: entered allmulticast mode
[  134.459537][ T6177] bridge_slave_0: entered promiscuous mode
[  134.461950][ T6177] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.462066][ T6177] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.462155][ T6177] bridge_slave_1: entered allmulticast mode
[  134.463531][ T6177] bridge_slave_1: entered promiscuous mode
[  134.500889][ T6177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.504575][ T6177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.543656][ T6177] team0: Port device team_slave_0 added
[  134.547180][ T6177] team0: Port device team_slave_1 added
[  134.586752][ T6177] batman_adv: batadv0: Adding interface: batadv_slave_0
[  134.586768][ T6177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  134.586789][ T6177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  134.588773][ T6177] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.588787][ T6177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  134.588810][ T6177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.645972][ T6177] hsr_slave_0: entered promiscuous mode
[  134.647123][ T6177] hsr_slave_1: entered promiscuous mode
[  136.413341][ T6177] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  136.443628][ T6177] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  136.481415][ T6177] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  136.523525][ T6177] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  136.655448][ T6177] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.676855][ T6177] 8021q: adding VLAN 0 to HW filter on device team0
[  136.690173][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.690290][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.715999][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.716135][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.003132][ T6177] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.065244][ T6177] veth0_vlan: entered promiscuous mode
[  137.080620][ T6177] veth1_vlan: entered promiscuous mode
[  137.129087][ T6177] veth0_macvtap: entered promiscuous mode
[  137.134527][ T6177] veth1_macvtap: entered promiscuous mode
[  137.165525][ T6177] batman_adv: batadv0: Interface activated: batadv_slave_0
[  137.179869][ T6177] batman_adv: batadv0: Interface activated: batadv_slave_1
[  137.195978][ T1038] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.196179][ T1038] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.196211][ T1038] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.196242][ T1038] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.003319][ T2984] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.273724][ T2984] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.520430][ T2984] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.821776][ T2984] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.660184][ T2984] bridge_slave_1: left allmulticast mode
[  140.660205][ T2984] bridge_slave_1: left promiscuous mode
[  140.660366][ T2984] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.738412][ T2984] bridge_slave_0: left allmulticast mode
[  140.738434][ T2984] bridge_slave_0: left promiscuous mode
[  140.738584][ T2984] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.097964][ T2984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.177921][ T2984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.199314][ T2984] bond0 (unregistering): Released all slaves
[  142.551048][ T2984] hsr_slave_0: left promiscuous mode
[  142.578488][ T2984] hsr_slave_1: left promiscuous mode
[  142.579417][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.579440][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.628405][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.628432][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.736602][ T2984] veth1_macvtap: left promiscuous mode
[  142.736697][ T2984] veth0_macvtap: left promiscuous mode
[  142.736923][ T2984] veth1_vlan: left promiscuous mode
[  142.737077][ T2984] veth0_vlan: left promiscuous mode
[  145.007992][ T2984] team0 (unregistering): Port device team_slave_1 removed
[  145.197912][ T2984] team0 (unregistering): Port device team_slave_0 removed
2026/02/20 07:16:47 executed programs: 0
[  147.688086][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  147.690212][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  147.690585][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  147.691543][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  147.692305][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  148.060307][ T6433] chnl_net:caif_netlink_parms(): no params data found
[  148.541822][ T6433] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.542018][ T6433] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.542186][ T6433] bridge_slave_0: entered allmulticast mode
[  148.544719][ T6433] bridge_slave_0: entered promiscuous mode
[  148.568135][ T6433] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.587810][ T6433] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.587943][ T6433] bridge_slave_1: entered allmulticast mode
[  148.589478][ T6433] bridge_slave_1: entered promiscuous mode
[  148.645625][ T6433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.650827][ T6433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  148.698891][ T6433] team0: Port device team_slave_0 added
[  148.702304][ T6433] team0: Port device team_slave_1 added
[  148.754121][ T6433] batman_adv: batadv0: Adding interface: batadv_slave_0
[  148.754139][ T6433] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  148.754164][ T6433] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  148.756557][ T6433] batman_adv: batadv0: Adding interface: batadv_slave_1
[  148.756572][ T6433] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  148.756596][ T6433] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.816437][ T6433] hsr_slave_0: entered promiscuous mode
[  148.818141][ T6433] hsr_slave_1: entered promiscuous mode
[  149.797390][   T60] Bluetooth: hci0: command tx timeout
[  150.537172][ T6433] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  150.582108][ T6433] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  150.627351][ T6433] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  150.668751][ T6433] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  150.790541][ T6433] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.814152][ T6433] 8021q: adding VLAN 0 to HW filter on device team0
[  150.831154][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.831269][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.842833][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.843070][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.116348][ T6433] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.184564][ T6433] veth0_vlan: entered promiscuous mode
[  151.201662][ T6433] veth1_vlan: entered promiscuous mode
[  151.251407][ T6433] veth0_macvtap: entered promiscuous mode
[  151.256811][ T6433] veth1_macvtap: entered promiscuous mode
[  151.295188][ T6433] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.311090][ T6433] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.339425][   T57] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.342023][   T57] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.342065][   T57] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.342097][   T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.523511][ T2984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.523530][ T2984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.562639][ T2984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.562659][ T2984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.762210][ T6537] ==================================================================
[  151.762226][ T6537] BUG: KASAN: slab-use-after-free in dvb_device_open+0x117/0x590
[  151.762251][ T6537] Read of size 4 at addr ffff88802bb50010 by task syz.0.19/6537
[  151.762260][ T6537] 
[  151.762277][ T6537] CPU: 1 UID: 0 PID: 6537 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  151.762289][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  151.762301][ T6537] Call Trace:
[  151.762308][ T6537]  <TASK>
[  151.762313][ T6537]  dump_stack_lvl+0xe8/0x150
[  151.762329][ T6537]  print_report+0xba/0x230
[  151.762342][ T6537]  ? dvb_device_open+0x117/0x590
[  151.762354][ T6537]  kasan_report+0x117/0x150
[  151.762365][ T6537]  ? dvb_device_open+0x117/0x590
[  151.762379][ T6537]  kasan_check_range+0x264/0x2c0
[  151.762391][ T6537]  dvb_device_open+0x117/0x590
[  151.762404][ T6537]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  151.762416][ T6537]  ? __pfx_dvb_device_open+0x10/0x10
[  151.762428][ T6537]  ? rt_spin_unlock+0x14f/0x200
[  151.762438][ T6537]  ? rt_spin_unlock+0x160/0x200
[  151.762448][ T6537]  chrdev_open+0x4d0/0x5f0
[  151.762460][ T6537]  ? __pfx_chrdev_open+0x10/0x10
[  151.762470][ T6537]  ? fsnotify_open_perm_and_set_mode+0x138/0x6e0
[  151.762486][ T6537]  ? __pfx_chrdev_open+0x10/0x10
[  151.762496][ T6537]  do_dentry_open+0x83d/0x13e0
[  151.762511][ T6537]  vfs_open+0x3b/0x350
[  151.762522][ T6537]  ? path_openat+0x2e25/0x38a0
[  151.762532][ T6537]  path_openat+0x2e3d/0x38a0
[  151.762547][ T6537]  ? __pfx_path_openat+0x10/0x10
[  151.762556][ T6537]  ? kasan_save_track+0x4f/0x80
[  151.762565][ T6537]  ? kasan_save_track+0x3e/0x80
[  151.762572][ T6537]  ? __kasan_slab_alloc+0x6c/0x80
[  151.762581][ T6537]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  151.762593][ T6537]  ? do_raw_spin_lock+0x12b/0x2f0
[  151.762606][ T6537]  do_file_open+0x23e/0x4a0
[  151.762615][ T6537]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  151.762628][ T6537]  ? __pfx_do_file_open+0x10/0x10
[  151.762636][ T6537]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  151.762651][ T6537]  ? alloc_fd+0x64e/0x6c0
[  151.762665][ T6537]  do_sys_openat2+0x113/0x200
[  151.762678][ T6537]  ? __pfx_do_sys_openat2+0x10/0x10
[  151.762690][ T6537]  ? exc_page_fault+0x6a/0xc0
[  151.762703][ T6537]  ? do_user_addr_fault+0xc7c/0x1360
[  151.762717][ T6537]  __x64_sys_openat+0x138/0x170
[  151.762730][ T6537]  do_syscall_64+0x14d/0xf80
[  151.762742][ T6537]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.762752][ T6537]  ? trace_irq_disable+0x37/0x100
[  151.762761][ T6537]  ? clear_bhb_loop+0x40/0x90
[  151.762771][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.762780][ T6537] RIP: 0033:0x7f8a3bbbc84e
[  151.762792][ T6537] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  151.762800][ T6537] RSP: 002b:00007f8a3b25db28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  151.762814][ T6537] RAX: ffffffffffffffda RBX: 00007f8a3b25e6c0 RCX: 00007f8a3bbbc84e
[  151.762821][ T6537] RDX: 0000000000000400 RSI: 00007f8a3b25dc00 RDI: ffffffffffffff9c
[  151.762828][ T6537] RBP: 00007f8a3b25dc00 R08: 0000000000000000 R09: 0000000000000000
[  151.762834][ T6537] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  151.762840][ T6537] R13: 00007f8a3be76038 R14: 00007f8a3be75fa0 R15: 00007ffd6024f3a8
[  151.762851][ T6537]  </TASK>
[  151.762854][ T6537] 
[  151.762856][ T6537] Allocated by task 1:
[  151.762861][ T6537]  kasan_save_track+0x3e/0x80
[  151.762869][ T6537]  __kasan_kmalloc+0x93/0xb0
[  151.762877][ T6537]  __kmalloc_cache_noprof+0x3a6/0x690
[  151.762886][ T6537]  dvb_register_device+0x2fd/0x2210
[  151.762898][ T6537]  dvb_register_frontend+0x665/0x970
[  151.762908][ T6537]  vidtv_bridge_probe+0x9aa/0xf80
[  151.762921][ T6537]  platform_probe+0xf9/0x190
[  151.762935][ T6537]  really_probe+0x267/0xaf0
[  151.762943][ T6537]  __driver_probe_device+0x18c/0x320
[  151.762950][ T6537]  driver_probe_device+0x4f/0x240
[  151.762959][ T6537]  __driver_attach+0x349/0x640
[  151.762972][ T6537]  bus_for_each_dev+0x23e/0x2c0
[  151.762983][ T6537]  bus_add_driver+0x348/0x670
[  151.762994][ T6537]  driver_register+0x23a/0x320
[  151.763003][ T6537]  vidtv_bridge_init+0x28/0x50
[  151.763017][ T6537]  do_one_initcall+0x250/0x840
[  151.763029][ T6537]  do_initcall_level+0x104/0x190
[  151.763039][ T6537]  do_initcalls+0x59/0xa0
[  151.763048][ T6537]  kernel_init_freeable+0x2a6/0x3d0
[  151.763057][ T6537]  kernel_init+0x1d/0x1d0
[  151.763064][ T6537]  ret_from_fork+0x51e/0xb90
[  151.763075][ T6537]  ret_from_fork_asm+0x1a/0x30
[  151.763088][ T6537] 
[  151.763090][ T6537] Freed by task 6534:
[  151.763095][ T6537]  kasan_save_track+0x3e/0x80
[  151.763102][ T6537]  kasan_save_free_info+0x46/0x50
[  151.763114][ T6537]  __kasan_slab_free+0x5c/0x80
[  151.763121][ T6537]  kfree+0x1c1/0x690
[  151.763128][ T6537]  dvb_frontend_release+0x3de/0x500
[  151.763138][ T6537]  __fput+0x45e/0xa80
[  151.763150][ T6537]  task_work_run+0x1d9/0x270
[  151.763157][ T6537]  get_signal+0x11c3/0x1310
[  151.763167][ T6537]  arch_do_signal_or_restart+0xbc/0x830
[  151.763177][ T6537]  exit_to_user_mode_loop+0x86/0x480
[  151.763188][ T6537]  do_syscall_64+0x32d/0xf80
[  151.763199][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.763207][ T6537] 
[  151.763210][ T6537] The buggy address belongs to the object at ffff88802bb50000
[  151.763210][ T6537]  which belongs to the cache kmalloc-512 of size 512
[  151.763220][ T6537] The buggy address is located 16 bytes inside of
[  151.763220][ T6537]  freed 512-byte region [ffff88802bb50000, ffff88802bb50200)
[  151.763230][ T6537] 
[  151.763232][ T6537] The buggy address belongs to the physical page:
[  151.763242][ T6537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2bb50
[  151.763254][ T6537] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  151.763262][ T6537] flags: 0x80000000000040(head|node=0|zone=1)
[  151.763275][ T6537] page_type: f5(slab)
[  151.763284][ T6537] raw: 0080000000000040 ffff88813fe0dc80 dead000000000100 dead000000000122
[  151.763292][ T6537] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  151.763300][ T6537] head: 0080000000000040 ffff88813fe0dc80 dead000000000100 dead000000000122
[  151.763307][ T6537] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  151.763315][ T6537] head: 0080000000000002 ffffea0000aed401 00000000ffffffff 00000000ffffffff
[  151.763326][ T6537] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000004
[  151.763331][ T6537] page dumped because: kasan: bad access detected
[  151.763339][ T6537] page_owner tracks the page as allocated
[  151.763342][ T6537] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 14383756285, free_ts 0
[  151.763359][ T6537]  post_alloc_hook+0x228/0x280
[  151.763368][ T6537]  get_page_from_freelist+0x28bb/0x2950
[  151.763379][ T6537]  __alloc_frozen_pages_noprof+0x18d/0x380
[  151.763390][ T6537]  allocate_slab+0x77/0x660
[  151.763402][ T6537]  refill_objects+0x334/0x3c0
[  151.763413][ T6537]  __pcs_replace_empty_main+0x328/0x5f0
[  151.763425][ T6537]  __kmalloc_cache_noprof+0x44e/0x690
[  151.763434][ T6537]  device_add+0xbe/0xb80
[  151.763447][ T6537]  platform_device_add+0x46a/0x800
[  151.763459][ T6537]  vidtv_bridge_init+0x12/0x50
[  151.763472][ T6537]  do_one_initcall+0x250/0x840
[  151.763485][ T6537]  do_initcall_level+0x104/0x190
[  151.763495][ T6537]  do_initcalls+0x59/0xa0
[  151.763503][ T6537]  kernel_init_freeable+0x2a6/0x3d0
[  151.763512][ T6537]  kernel_init+0x1d/0x1d0
[  151.763520][ T6537]  ret_from_fork+0x51e/0xb90
[  151.763530][ T6537] page_owner free stack trace missing
[  151.763533][ T6537] 
[  151.763535][ T6537] Memory state around the buggy address:
[  151.763541][ T6537]  ffff88802bb4ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  151.763547][ T6537]  ffff88802bb4ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  151.763553][ T6537] >ffff88802bb50000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.763557][ T6537]                          ^
[  151.763562][ T6537]  ffff88802bb50080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.763568][ T6537]  ffff88802bb50100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  151.763576][ T6537] ==================================================================
[  151.763585][ T6537] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  151.763595][ T6537] CPU: 1 UID: 0 PID: 6537 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  151.763606][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  151.763611][ T6537] Call Trace:
[  151.763614][ T6537]  <TASK>
[  151.763618][ T6537]  vpanic+0x1e0/0x670
[  151.763633][ T6537]  panic+0xc5/0xd0
[  151.763646][ T6537]  ? __pfx_panic+0x10/0x10
[  151.763659][ T6537]  ? dvb_device_open+0x117/0x590
[  151.763672][ T6537]  ? rcu_is_watching+0x15/0xb0
[  151.763688][ T6537]  ? dvb_device_open+0x117/0x590
[  151.763700][ T6537]  check_panic_on_warn+0x89/0xb0
[  151.763710][ T6537]  ? dvb_device_open+0x117/0x590
[  151.763722][ T6537]  end_report+0x6f/0x140
[  151.763732][ T6537]  kasan_report+0x128/0x150
[  151.763742][ T6537]  ? dvb_device_open+0x117/0x590
[  151.763756][ T6537]  kasan_check_range+0x264/0x2c0
[  151.763767][ T6537]  dvb_device_open+0x117/0x590
[  151.763780][ T6537]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  151.763790][ T6537]  ? __pfx_dvb_device_open+0x10/0x10
[  151.763802][ T6537]  ? rt_spin_unlock+0x14f/0x200
[  151.763812][ T6537]  ? rt_spin_unlock+0x160/0x200
[  151.763822][ T6537]  chrdev_open+0x4d0/0x5f0
[  151.763833][ T6537]  ? __pfx_chrdev_open+0x10/0x10
[  151.763843][ T6537]  ? fsnotify_open_perm_and_set_mode+0x138/0x6e0
[  151.763858][ T6537]  ? __pfx_chrdev_open+0x10/0x10
[  151.763868][ T6537]  do_dentry_open+0x83d/0x13e0
[  151.763882][ T6537]  vfs_open+0x3b/0x350
[  151.763893][ T6537]  ? path_openat+0x2e25/0x38a0
[  151.763903][ T6537]  path_openat+0x2e3d/0x38a0
[  151.763918][ T6537]  ? __pfx_path_openat+0x10/0x10
[  151.763928][ T6537]  ? kasan_save_track+0x4f/0x80
[  151.763936][ T6537]  ? kasan_save_track+0x3e/0x80
[  151.763944][ T6537]  ? __kasan_slab_alloc+0x6c/0x80
[  151.763952][ T6537]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  151.763969][ T6537]  ? do_raw_spin_lock+0x12b/0x2f0
[  151.763981][ T6537]  do_file_open+0x23e/0x4a0
[  151.763990][ T6537]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  151.764003][ T6537]  ? __pfx_do_file_open+0x10/0x10
[  151.764011][ T6537]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  151.764026][ T6537]  ? alloc_fd+0x64e/0x6c0
[  151.764040][ T6537]  do_sys_openat2+0x113/0x200
[  151.764053][ T6537]  ? __pfx_do_sys_openat2+0x10/0x10
[  151.764065][ T6537]  ? exc_page_fault+0x6a/0xc0
[  151.764077][ T6537]  ? do_user_addr_fault+0xc7c/0x1360
[  151.764089][ T6537]  __x64_sys_openat+0x138/0x170
[  151.764103][ T6537]  do_syscall_64+0x14d/0xf80
[  151.764114][ T6537]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.764123][ T6537]  ? trace_irq_disable+0x37/0x100
[  151.764131][ T6537]  ? clear_bhb_loop+0x40/0x90
[  151.764142][ T6537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.764151][ T6537] RIP: 0033:0x7f8a3bbbc84e
[  151.764158][ T6537] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  151.764166][ T6537] RSP: 002b:00007f8a3b25db28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  151.764176][ T6537] RAX: ffffffffffffffda RBX: 00007f8a3b25e6c0 RCX: 00007f8a3bbbc84e
[  151.764183][ T6537] RDX: 0000000000000400 RSI: 00007f8a3b25dc00 RDI: ffffffffffffff9c
[  151.764190][ T6537] RBP: 00007f8a3b25dc00 R08: 0000000000000000 R09: 0000000000000000
[  151.764196][ T6537] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  151.764202][ T6537] R13: 00007f8a3be76038 R14: 00007f8a3be75fa0 R15: 00007ffd6024f3a8
[  151.764212][ T6537]  </TASK>
[  151.765550][ T6537] Kernel Offset: disabled