devcore dump triggers memory corruption

Memory corruption triggered by devcoredump, probably related to ec8f1813

[ 1267.136549] page:000000003cd3937b refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109e08
[ 1267.136562] flags: 0x8000000000000000(zone=2)
[ 1267.136567] raw: 8000000000000000 fffffffe02279808 fffffffe03285e08 0000000000000000
[ 1267.136570] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 1267.136573] page dumped because: VM_BUG_ON_PAGE(!PageCompound(page))
[ 1267.136586] ------------[ cut here ]------------
[ 1267.136588] kernel BUG at mm/slub.c:3532!
[ 1267.136592] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
[ 1267.136597] Modules linked in: snd_seq_dummy snd_seq snd_seq_device bridge stp llc tun vhost_vsock vhost vhost_iotlb vmw_vsock_virtio_transport_common vsock rfcomm algif_hash algif_skcipher af_alg veth uinput xt_cgroup uvcvideo venus_dec venus_enc xt_MASQUERADE cros_ec_typec typec qcom_spmi_adc5 qcom_spmi_temp_alarm qcom_vadc_common hci_uart btqca qcom_stats venus_core snd_soc_lpass_sc7180 snd_soc_sc7180 ip6table_nat fuse 8021q iio_trig_sysfs cros_ec_sensors cros_ec_lid_angle cros_ec_sensors_core bluetooth industrialio_triggered_buffer kfifo_buf ecdh_generic ecc cros_ec_sensorhub ath10k_snoc ath10k_core ath mac80211 cfg80211 lzo_rle lzo_compress zram r8153_ecm cdc_ether usbnet r8152 mii joydev
[ 1267.136656] CPU: 7 PID: 523 Comm: kworker/7:2 Not tainted 5.15.72 #5 ca53802f9bc9032ea13b81376ea7c52230d61602
[ 1267.136661] Hardware name: Google Lazor (rev3 - 8) with KB Backlight (DT)
[ 1267.136664] Workqueue: events devcd_del
[ 1267.136675] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 1267.136679] pc : free_nonslab_page+0x54/0xc0
[ 1267.136685] lr : free_nonslab_page+0x54/0xc0
[ 1267.136687] sp : ffffffc008943be0
[ 1267.136689] x29: ffffffc008943be0 x28: ffffffd9f24e6000 x27: 0000000000000402
[ 1267.136694] x26: ffffff8084d6a410 x25: 0000000000000000 x24: ffffff80ba11db28
[ 1267.136698] x23: ffffff80ba11db20 x22: ffffffd9f275b000 x21: ffffffd9f147e8f0
[ 1267.136703] x20: 0000000000000000 x19: fffffffe02278200 x18: ffffffd9f1f1b8d0
[ 1267.136707] x17: 0000000000000000 x16: 0000000000000001 x15: ffffffd9f175cf40
[ 1267.136711] x14: 0000000000000003 x13: 0000000000000004 x12: 0000000000000001
[ 1267.136715] x11: c0000000ffffdfff x10: ffffffd9f25410d8 x9 : 77ddaa8cd7163b00
[ 1267.136719] x8 : 77ddaa8cd7163b00 x7 : 0000000000000000 x6 : 312e37363231205b
[ 1267.136723] x5 : ffffffd9f27a9b68 x4 : 0000000000000000 x3 : ffffffc008943768
[ 1267.136727] x2 : ffffffc008943770 x1 : 00000000ffffdfff x0 : 0000000000000038
[ 1267.136732] Call trace:
[ 1267.136734]  free_nonslab_page+0x54/0xc0
[ 1267.136737]  kfree+0x2f0/0x3d4
[ 1267.136741]  kvfree+0x38/0x48
[ 1267.136745]  a6xx_gpu_state_put+0x68/0xc8
[ 1267.136751]  msm_gpu_devcoredump_free+0x3c/0x5c
[ 1267.136755]  devcd_dev_release+0x28/0x6c
[ 1267.136759]  device_release+0x3c/0x94
[ 1267.136763]  kobject_put+0xb0/0xe4
[ 1267.136767]  put_device+0x1c/0x28
[ 1267.136772]  devcd_del+0x2c/0x3c
[ 1267.136776]  process_one_work+0x19c/0x3ac
[ 1267.136780]  worker_thread+0x22c/0x3e8
[ 1267.136783]  kthread+0x134/0x300
[ 1267.136786]  ret_from_fork+0x10/0x20
[ 1267.136792] Code: 90006c21 9105dc21 aa1303e0 97fef258 (d4210000) 
[ 1267.136795] ---[ end trace 755857f1e0506988 ]---
[ 1267.141149] Kernel panic - not syncing: Oops - BUG: Fatal exception
[ 1267.141155] SMP: stopping secondary CPUs
[ 1267.141296] Kernel Offset: 0x19e9200000 from 0xffffffc008000000
[ 1267.141300] PHYS_OFFSET: 0x80000000
[ 1267.141302] CPU features: 0x40018541,a3300e42
[ 1267.141306] Memory Limit: 4096 MB
[ 1267.145702] ---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]---