[   76.615835][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[   76.618485][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:50681' (ED25519) to the list of known hosts.
2025/10/17 14:48:29 parsed 1 programs
[   85.062664][   T40] kauditd_printk_skb: 4 callbacks suppressed
[   85.062680][   T40] audit: type=1400 audit(1760712512.244:117): avc:  denied  { unlink } for  pid=6155 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   86.028555][ T6155] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.851936][  T838] cfg80211: failed to load regulatory.db
[   88.072712][ T6020] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.076008][ T6020] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.079421][ T6020] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.084297][ T6020] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.087891][ T6020] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.388286][   T40] audit: type=1401 audit(1760712515.564:118): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   88.508132][ T6192] chnl_net:caif_netlink_parms(): no params data found
[   88.599104][ T6192] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.601549][ T6192] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.603833][ T6192] bridge_slave_0: entered allmulticast mode
[   88.606480][ T6192] bridge_slave_0: entered promiscuous mode
[   88.609663][ T6192] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.612301][ T6192] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.614565][ T6192] bridge_slave_1: entered allmulticast mode
[   88.617172][ T6192] bridge_slave_1: entered promiscuous mode
[   88.657334][ T6192] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.663161][ T6192] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.708388][ T6192] team0: Port device team_slave_0 added
[   88.711917][ T6192] team0: Port device team_slave_1 added
[   88.804860][ T6192] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.807051][ T6192] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.815190][ T6192] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.821290][ T6192] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.824159][ T6192] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.834743][ T6192] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.905318][ T6192] hsr_slave_0: entered promiscuous mode
[   88.908592][ T6192] hsr_slave_1: entered promiscuous mode
[   89.476041][ T6192] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.480060][ T6192] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   89.487546][ T6192] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   89.499238][ T6192] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.553915][ T6192] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.567198][ T6192] 8021q: adding VLAN 0 to HW filter on device team0
[   89.575450][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.577949][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.587384][ T1155] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.589743][ T1155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.699233][ T6192] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.721918][ T6192] veth0_vlan: entered promiscuous mode
[   89.728508][ T6192] veth1_vlan: entered promiscuous mode
[   89.743355][ T6192] veth0_macvtap: entered promiscuous mode
[   89.747815][ T6192] veth1_macvtap: entered promiscuous mode
[   89.756299][ T6192] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.762607][ T6192] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.769244][   T61] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.774115][   T61] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.776999][   T61] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.781633][   T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.882536][ T1155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.944749][ T1155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.956268][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.958945][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.976654][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.979688][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.999490][ T1155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.081546][ T1155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/10/17 14:48:38 executed programs: 0
[   91.406830][ T5294] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   91.410330][ T5294] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   91.413649][ T5294] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   91.417428][ T5294] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   91.420276][ T5294] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   91.535287][ T6323] chnl_net:caif_netlink_parms(): no params data found
[   91.631368][ T6323] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.634586][ T6323] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.637707][ T6323] bridge_slave_0: entered allmulticast mode
[   91.641849][ T6323] bridge_slave_0: entered promiscuous mode
[   91.646832][ T6323] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.649904][ T6323] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.653881][ T6323] bridge_slave_1: entered allmulticast mode
[   91.658067][ T6323] bridge_slave_1: entered promiscuous mode
[   91.722216][ T6323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.729007][ T6323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.777428][ T6323] team0: Port device team_slave_0 added
[   91.781379][ T6323] team0: Port device team_slave_1 added
[   91.818080][ T6323] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.820511][ T6323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   91.830035][ T6323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.835102][ T6323] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.837465][ T6323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   91.846085][ T6323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.900557][ T6323] hsr_slave_0: entered promiscuous mode
[   91.902804][ T6323] hsr_slave_1: entered promiscuous mode
[   91.904911][ T6323] debugfs: 'hsr0' already exists in 'hsr'
[   91.906694][ T6323] Cannot create hsr debugfs directory
[   93.400850][ T1155] bridge_slave_1: left allmulticast mode
[   93.402877][ T1155] bridge_slave_1: left promiscuous mode
[   93.405380][ T1155] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.411584][ T1155] bridge_slave_0: left allmulticast mode
[   93.413615][ T1155] bridge_slave_0: left promiscuous mode
[   93.415967][ T1155] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.490380][ T6179] Bluetooth: hci0: command tx timeout
[   93.637625][ T1155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   93.642291][ T1155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   93.646830][ T1155] bond0 (unregistering): Released all slaves
[   93.813673][ T1155] hsr_slave_0: left promiscuous mode
[   93.816141][ T1155] hsr_slave_1: left promiscuous mode
[   93.818438][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.821529][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_0
[   93.827627][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.830700][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_1
[   93.844082][ T1155] veth1_macvtap: left promiscuous mode
[   93.845977][ T1155] veth0_macvtap: left promiscuous mode
[   93.848566][ T1155] veth1_vlan: left promiscuous mode
[   93.851410][ T1155] veth0_vlan: left promiscuous mode
[   94.331582][ T1155] team0 (unregistering): Port device team_slave_1 removed
[   94.378480][ T1155] team0 (unregistering): Port device team_slave_0 removed
[   95.147152][ T6323] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.153144][ T6323] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.159837][ T6323] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.166188][ T6323] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.221892][ T6323] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.233564][ T6323] 8021q: adding VLAN 0 to HW filter on device team0
[   95.238947][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.241830][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.249290][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.252105][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.372891][ T6323] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.570537][ T6179] Bluetooth: hci0: command tx timeout
[   95.607734][ T6323] veth0_vlan: entered promiscuous mode
[   95.615774][ T6323] veth1_vlan: entered promiscuous mode
[   95.633856][ T6323] veth0_macvtap: entered promiscuous mode
[   95.641018][ T6323] veth1_macvtap: entered promiscuous mode
[   95.653429][ T6323] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.661832][ T6323] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.670400][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.674743][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.678748][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.700638][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.747890][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.751607][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.794337][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.797404][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.829893][   T40] audit: type=1400 audit(1760712523.004:119): avc:  denied  { create } for  pid=6366 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   95.839201][   T40] audit: type=1400 audit(1760712523.014:120): avc:  denied  { write } for  pid=6366 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   95.881086][   T40] audit: type=1400 audit(1760712523.064:121): avc:  denied  { read write } for  pid=6366 comm="syz.0.16" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   95.888784][   T40] audit: type=1400 audit(1760712523.064:122): avc:  denied  { open } for  pid=6366 comm="syz.0.16" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   95.948620][ T6367] infiniband syz1: set active
[   95.950985][ T6367] infiniband syz1: added syz_tun
[   95.974940][ T6367] RDS/IB: syz1: added
[   95.976649][ T6367] smc: adding ib device syz1 with port count 1
[   95.978847][ T6367] smc:    ib device syz1 port 1 has no pnetid
[   96.911965][ T6372] syz1: rxe_newlink: already configured on syz_tun
[   96.931596][ T6375] syz1: rxe_newlink: already configured on syz_tun
2025/10/17 14:48:44 executed programs: 3
[   96.967451][ T6378] syz1: rxe_newlink: already configured on syz_tun
[   96.999151][ T6381] syz1: rxe_newlink: already configured on syz_tun
[   97.026078][ T6384] syz1: rxe_newlink: already configured on syz_tun
[   97.046004][ T6387] syz1: rxe_newlink: already configured on syz_tun
[   97.069116][ T6391] syz1: rxe_newlink: already configured on syz_tun
[   97.096047][ T6394] syz1: rxe_newlink: already configured on syz_tun
[   97.124981][ T6397] syz1: rxe_newlink: already configured on syz_tun
[   97.151592][ T6400] syz1: rxe_newlink: already configured on syz_tun
[   97.660379][ T6179] Bluetooth: hci0: command tx timeout
[   97.754372][ T1153] ==================================================================
[   97.757915][ T1153] BUG: KASAN: slab-use-after-free in ucma_create_uevent+0xb1a/0xbe0
[   97.761147][ T1153] Read of size 8 at addr ffff88804e73da10 by task kworker/u32:8/1153
[   97.765714][ T1153] 
[   97.766736][ T1153] CPU: 2 UID: 0 PID: 1153 Comm: kworker/u32:8 Not tainted syzkaller #0 PREEMPT(full) 
[   97.766758][ T1153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.766772][ T1153] Workqueue: rdma_cm cma_iboe_join_work_handler
[   97.766805][ T1153] Call Trace:
[   97.766812][ T1153]  <TASK>
[   97.766819][ T1153]  dump_stack_lvl+0x116/0x1f0
[   97.766843][ T1153]  print_report+0xcd/0x630
[   97.766868][ T1153]  ? __virt_addr_valid+0x81/0x610
[   97.766887][ T1153]  ? __phys_addr+0xe8/0x180
[   97.766905][ T1153]  ? ucma_create_uevent+0xb1a/0xbe0
[   97.766925][ T1153]  kasan_report+0xe0/0x110
[   97.766951][ T1153]  ? ucma_create_uevent+0xb1a/0xbe0
[   97.766974][ T1153]  ucma_create_uevent+0xb1a/0xbe0
[   97.766996][ T1153]  ucma_event_handler+0x102/0x940
[   97.767018][ T1153]  ? rcu_is_watching+0x12/0xc0
[   97.767037][ T1153]  cma_cm_event_handler+0x97/0x300
[   97.767065][ T1153]  cma_iboe_join_work_handler+0xca/0x170
[   97.767094][ T1153]  process_one_work+0x9cf/0x1b70
[   97.767124][ T1153]  ? __pfx_process_one_work+0x10/0x10
[   97.767152][ T1153]  ? assign_work+0x1a0/0x250
[   97.767176][ T1153]  worker_thread+0x6c8/0xf10
[   97.767205][ T1153]  ? __pfx_worker_thread+0x10/0x10
[   97.767230][ T1153]  kthread+0x3c5/0x780
[   97.767253][ T1153]  ? __pfx_kthread+0x10/0x10
[   97.767276][ T1153]  ? rcu_is_watching+0x12/0xc0
[   97.767292][ T1153]  ? __pfx_kthread+0x10/0x10
[   97.767315][ T1153]  ret_from_fork+0x675/0x7d0
[   97.767336][ T1153]  ? __pfx_kthread+0x10/0x10
[   97.767358][ T1153]  ret_from_fork_asm+0x1a/0x30
[   97.767384][ T1153]  </TASK>
[   97.767390][ T1153] 
[   97.828849][ T1153] Allocated by task 6486:
[   97.830304][ T1153]  kasan_save_stack+0x33/0x60
[   97.831972][ T1153]  kasan_save_track+0x14/0x30
[   97.833696][ T1153]  __kasan_kmalloc+0xaa/0xb0
[   97.835394][ T1153]  ucma_process_join+0x237/0xa30
[   97.837391][ T1153]  ucma_join_multicast+0xe8/0x160
[   97.839402][ T1153]  ucma_write+0x1fb/0x330
[   97.841293][ T1153]  vfs_write+0x2a0/0x11d0
[   97.842838][ T1153]  ksys_write+0x1f8/0x250
[   97.844406][ T1153]  do_syscall_64+0xcd/0xfa0
[   97.845957][ T1153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.847952][ T1153] 
[   97.848975][ T1153] Freed by task 6486:
[   97.850729][ T1153]  kasan_save_stack+0x33/0x60
[   97.852863][ T1153]  kasan_save_track+0x14/0x30
[   97.854865][ T1153]  __kasan_save_free_info+0x3b/0x60
[   97.856940][ T1153]  __kasan_slab_free+0x5f/0x80
[   97.858844][ T1153]  kfree+0x2b8/0x6d0
[   97.860456][ T1153]  ucma_process_join+0x3b9/0xa30
[   97.862477][ T1153]  ucma_join_multicast+0xe8/0x160
[   97.864809][ T1153]  ucma_write+0x1fb/0x330
[   97.866654][ T1153]  vfs_write+0x2a0/0x11d0
[   97.868412][ T1153]  ksys_write+0x1f8/0x250
[   97.870206][ T1153]  do_syscall_64+0xcd/0xfa0
[   97.872049][ T1153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.874409][ T1153] 
[   97.875304][ T1153] The buggy address belongs to the object at ffff88804e73da00
[   97.875304][ T1153]  which belongs to the cache kmalloc-192 of size 192
[   97.880067][ T1153] The buggy address is located 16 bytes inside of
[   97.880067][ T1153]  freed 192-byte region [ffff88804e73da00, ffff88804e73dac0)
[   97.884789][ T1153] 
[   97.885563][ T1153] The buggy address belongs to the physical page:
[   97.887927][ T1153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4e73d
[   97.891407][ T1153] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.894322][ T1153] page_type: f5(slab)
[   97.895894][ T1153] raw: 00fff00000000000 ffff88801b4423c0 ffffea0000c3b500 dead000000000002
[   97.899300][ T1153] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   97.902717][ T1153] page dumped because: kasan: bad access detected
[   97.905269][ T1153] page_owner tracks the page as allocated
[   97.907499][ T1153] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6014, tgid 6014 (syz-executor), ts 61499392711, free_ts 61498598414
[   97.914461][ T1153]  post_alloc_hook+0x1c0/0x230
[   97.916237][ T1153]  get_page_from_freelist+0x10a3/0x3a30
[   97.918103][ T1153]  __alloc_frozen_pages_noprof+0x25f/0x2470
[   97.920244][ T1153]  new_slab+0xa5/0x360
[   97.921881][ T1153]  ___slab_alloc+0xdc4/0x1ae0
[   97.923650][ T1153]  __slab_alloc.constprop.0+0x63/0x110
[   97.925651][ T1153]  __kmalloc_node_noprof+0x4dd/0x8a0
[   97.927619][ T1153]  alloc_slab_obj_exts+0x3a/0xd0
[   97.929353][ T1153]  new_slab+0x283/0x360
[   97.930731][ T1153]  ___slab_alloc+0xdc4/0x1ae0
[   97.932333][ T1153]  __slab_alloc.constprop.0+0x63/0x110
[   97.934052][ T1153]  kmem_cache_alloc_noprof+0x43f/0x6e0
[   97.935938][ T1153]  alloc_vfsmnt+0x23/0x6b0
[   97.937903][ T1153]  clone_mnt+0x4b/0x930
[   97.939726][ T1153]  copy_tree+0x31d/0xbd0
[   97.941529][ T1153]  __do_loopback+0x44e/0x550
[   97.943449][ T1153] page last free pid 6014 tgid 6014 stack trace:
[   97.945615][ T1153]  __free_frozen_pages+0x7df/0x1160
[   97.947205][ T1153]  inode_doinit_with_dentry+0xacb/0x12e0
[   97.948966][ T1153]  sb_finish_set_opts+0x221/0xb80
[   97.950454][ T1153]  selinux_set_mnt_opts+0xc55/0x18c0
[   97.952375][ T1153]  security_sb_set_mnt_opts+0xc0/0x140
[   97.954609][ T1153]  vfs_get_tree+0x17a/0x340
[   97.956481][ T1153]  path_mount+0x7b9/0x23a0
[   97.958347][ T1153]  __x64_sys_mount+0x293/0x310
[   97.960411][ T1153]  do_syscall_64+0xcd/0xfa0
[   97.962359][ T1153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.964784][ T1153] 
[   97.965596][ T1153] Memory state around the buggy address:
[   97.967405][ T1153]  ffff88804e73d900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   97.970106][ T1153]  ffff88804e73d980: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   97.972814][ T1153] >ffff88804e73da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   97.975878][ T1153]                          ^
[   97.978046][ T1153]  ffff88804e73da80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   97.980982][ T1153]  ffff88804e73db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   97.983626][ T1153] ==================================================================
[   97.986893][ T1153] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   97.989335][ T1153] CPU: 3 UID: 0 PID: 1153 Comm: kworker/u32:8 Not tainted syzkaller #0 PREEMPT(full) 
[   97.992708][ T1153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.996724][ T1153] Workqueue: rdma_cm cma_iboe_join_work_handler
[   97.998946][ T1153] Call Trace:
[   98.000402][ T1153]  <TASK>
[   98.001713][ T1153]  dump_stack_lvl+0x3d/0x1f0
[   98.003567][ T1153]  vpanic+0x640/0x6f0
[   98.005147][ T1153]  panic+0xca/0xd0
[   98.006621][ T1153]  ? __pfx_panic+0x10/0x10
[   98.008374][ T1153]  ? ucma_create_uevent+0xb1a/0xbe0
[   98.010431][ T1153]  ? preempt_schedule_common+0x44/0xc0
[   98.012357][ T1153]  ? preempt_schedule_thunk+0x16/0x30
[   98.014040][ T1153]  ? check_panic_on_warn+0x1f/0xb0
[   98.016081][ T1153]  check_panic_on_warn+0xab/0xb0
[   98.018192][ T1153]  end_report+0x107/0x170
[   98.019769][ T1153]  kasan_report+0xee/0x110
[   98.021406][ T1153]  ? ucma_create_uevent+0xb1a/0xbe0
[   98.023253][ T1153]  ucma_create_uevent+0xb1a/0xbe0
[   98.024655][ T1153]  ucma_event_handler+0x102/0x940
[   98.026689][ T1153]  ? rcu_is_watching+0x12/0xc0
[   98.028658][ T1153]  cma_cm_event_handler+0x97/0x300
[   98.030759][ T1153]  cma_iboe_join_work_handler+0xca/0x170
[   98.032819][ T1153]  process_one_work+0x9cf/0x1b70
[   98.034476][ T1153]  ? __pfx_process_one_work+0x10/0x10
[   98.036814][ T1153]  ? assign_work+0x1a0/0x250
[   98.038437][ T1153]  worker_thread+0x6c8/0xf10
[   98.040079][ T1153]  ? __pfx_worker_thread+0x10/0x10
[   98.041809][ T1153]  kthread+0x3c5/0x780
[   98.043128][ T1153]  ? __pfx_kthread+0x10/0x10
[   98.044867][ T1153]  ? rcu_is_watching+0x12/0xc0
[   98.046779][ T1153]  ? __pfx_kthread+0x10/0x10
[   98.048500][ T1153]  ret_from_fork+0x675/0x7d0
[   98.050259][ T1153]  ? __pfx_kthread+0x10/0x10
[   98.051846][ T1153]  ret_from_fork_asm+0x1a/0x30
[   98.053380][ T1153]  </TASK>
[   98.055024][ T1153] Kernel Offset: disabled
[   98.056377][ T1153] Rebooting in 86400 seconds..