[ 84.353230][ T40] kauditd_printk_skb: 24 callbacks suppressed
[ 84.353245][ T40] audit: type=1400 audit(1771600376.961:116): avc: denied { transition } for pid=6121 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 84.365566][ T40] audit: type=1400 audit(1771600376.971:117): avc: denied { noatsecure } for pid=6121 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 84.372691][ T40] audit: type=1400 audit(1771600376.971:118): avc: denied { rlimitinh } for pid=6121 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 84.378970][ T40] audit: type=1400 audit(1771600376.971:119): avc: denied { siginh } for pid=6121 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 86.746924][ T71] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:42475' (ED25519) to the list of known hosts.
2026/02/20 15:13:04 parsed 1 programs
[ 92.330983][ T40] audit: type=1400 audit(1771600384.941:120): avc: denied { node_bind } for pid=6157 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 95.202407][ T40] audit: type=1400 audit(1771600387.811:121): avc: denied { read write } for pid=6173 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 95.210669][ T40] audit: type=1400 audit(1771600387.811:122): avc: denied { open } for pid=6173 comm="syz-executor" path="/swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 95.260377][ T40] audit: type=1400 audit(1771600387.871:123): avc: denied { unlink } for pid=6173 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 95.715061][ T40] audit: type=1400 audit(1771600388.321:124): avc: denied { relabelto } for pid=6176 comm="mkswap" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 96.458809][ T6173] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 98.864893][ T40] audit: type=1401 audit(1771600391.471:125): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 100.301208][ T6229] chnl_net:caif_netlink_parms(): no params data found
[ 100.463901][ T6229] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.466912][ T6229] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.474035][ T6229] bridge_slave_0: entered allmulticast mode
[ 100.477928][ T6229] bridge_slave_0: entered promiscuous mode
[ 100.482196][ T6229] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.485070][ T6229] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.488778][ T6229] bridge_slave_1: entered allmulticast mode
[ 100.492485][ T6229] bridge_slave_1: entered promiscuous mode
[ 100.548175][ T6229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.552726][ T6229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.604246][ T6229] team0: Port device team_slave_0 added
[ 100.609346][ T6229] team0: Port device team_slave_1 added
[ 100.661580][ T6229] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.664409][ T6229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.674729][ T6229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.680856][ T6229] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.683713][ T6229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.693997][ T6229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.758258][ T6229] hsr_slave_0: entered promiscuous mode
[ 100.761274][ T6229] hsr_slave_1: entered promiscuous mode
[ 101.327166][ T6229] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 101.333372][ T6229] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 101.348243][ T6229] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 101.354857][ T6229] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 101.415683][ T6229] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.426915][ T6229] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.433080][ T60] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.436143][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.445541][ T60] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.448283][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.517673][ T40] audit: type=1400 audit(1771600394.131:126): avc: denied { sys_module } for pid=6229 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 101.601445][ T6229] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.628885][ T6229] veth0_vlan: entered promiscuous mode
[ 101.636970][ T6229] veth1_vlan: entered promiscuous mode
[ 101.655532][ T6229] veth0_macvtap: entered promiscuous mode
[ 101.660848][ T6229] veth1_macvtap: entered promiscuous mode
[ 101.675040][ T6229] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.684778][ T6229] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.700121][ T60] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.703762][ T60] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.707992][ T60] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.711593][ T60] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.790638][ T5995] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 101.794640][ T5995] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 101.803630][ T5995] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 101.808469][ T5995] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 101.812193][ T5995] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 101.830052][ T60] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.921037][ T60] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.015479][ T60] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.088946][ T60] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.135839][ T213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.139968][ T213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.163561][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.166904][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/20 15:13:15 executed programs: 0
[ 102.767119][ T5284] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 102.771186][ T5284] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 102.774808][ T5284] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 102.786824][ T5284] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 102.790851][ T5284] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 102.942041][ T6335] chnl_net:caif_netlink_parms(): no params data found
[ 103.032594][ T6335] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.035245][ T6335] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.038311][ T6335] bridge_slave_0: entered allmulticast mode
[ 103.041345][ T6335] bridge_slave_0: entered promiscuous mode
[ 103.046284][ T6335] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.050853][ T6335] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.054173][ T6335] bridge_slave_1: entered allmulticast mode
[ 103.057242][ T6335] bridge_slave_1: entered promiscuous mode
[ 103.109454][ T6335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 103.120864][ T6335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 103.176353][ T6335] team0: Port device team_slave_0 added
[ 103.182562][ T6335] team0: Port device team_slave_1 added
[ 103.228683][ T6335] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 103.230976][ T6335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 103.239801][ T6335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 103.245681][ T6335] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 103.251113][ T6335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 103.260263][ T6335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 103.315691][ T6335] hsr_slave_0: entered promiscuous mode
[ 103.319101][ T6335] hsr_slave_1: entered promiscuous mode
[ 103.321744][ T6335] debugfs: 'hsr0' already exists in 'hsr'
[ 103.324007][ T6335] Cannot create hsr debugfs directory
[ 104.807720][ T5995] Bluetooth: hci0: command tx timeout
[ 105.187698][ T60] bridge_slave_1: left allmulticast mode
[ 105.190104][ T60] bridge_slave_1: left promiscuous mode
[ 105.192990][ T60] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.198688][ T60] bridge_slave_0: left allmulticast mode
[ 105.201121][ T60] bridge_slave_0: left promiscuous mode
[ 105.203958][ T60] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.358978][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 105.364642][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 105.371489][ T60] bond0 (unregistering): Released all slaves
[ 105.493657][ T60] hsr_slave_0: left promiscuous mode
[ 105.496495][ T60] hsr_slave_1: left promiscuous mode
[ 105.499394][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 105.502518][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 105.506248][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 105.509869][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 105.520317][ T60] veth1_macvtap: left promiscuous mode
[ 105.522694][ T60] veth0_macvtap: left promiscuous mode
[ 105.525041][ T60] veth1_vlan: left promiscuous mode
[ 105.527308][ T60] veth0_vlan: left promiscuous mode
[ 105.669431][ T60] team0 (unregistering): Port device team_slave_1 removed
[ 105.677492][ T60] team0 (unregistering): Port device team_slave_0 removed
[ 106.186054][ T6335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 106.192370][ T6335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 106.200482][ T6335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 106.212732][ T6335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 106.267197][ T6335] 8021q: adding VLAN 0 to HW filter on device bond0
[ 106.277141][ T6335] 8021q: adding VLAN 0 to HW filter on device team0
[ 106.288051][ T213] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.291124][ T213] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 106.299961][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.302295][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 106.502718][ T6335] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 106.544435][ T6335] veth0_vlan: entered promiscuous mode
[ 106.557979][ T6335] veth1_vlan: entered promiscuous mode
[ 106.578939][ T6335] veth0_macvtap: entered promiscuous mode
[ 106.584451][ T6335] veth1_macvtap: entered promiscuous mode
[ 106.598461][ T6335] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 106.614373][ T6335] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.631991][ T213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.635678][ T213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.641495][ T213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.645021][ T213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.703135][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.706425][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.726835][ T158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.730291][ T158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.771856][ T40] audit: type=1400 audit(1771600399.381:127): avc: denied { create } for pid=6382 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 106.782913][ T40] audit: type=1400 audit(1771600399.391:128): avc: denied { write } for pid=6382 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 106.834561][ T40] audit: type=1400 audit(1771600399.441:129): avc: denied { read write } for pid=6382 comm="syz.0.16" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 106.846115][ T40] audit: type=1400 audit(1771600399.441:130): avc: denied { read write open } for pid=6382 comm="syz.0.16" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 106.887479][ T5995] Bluetooth: hci0: command tx timeout
[ 106.904242][ T6383] infiniband syz1: set active
[ 106.906554][ T6383] infiniband syz1: added syz_tun
[ 106.925935][ T6383] RDS/IB: syz1: added
[ 106.927927][ T6383] smc: adding ib device syz1 with port count 1
[ 106.930455][ T6383] smc: ib device syz1 port 1 has no pnetid
[ 107.058436][ T6388] syz1: rxe_newlink: already configured on syz_tun
[ 107.063011][ T12] ==================================================================
[ 107.065685][ T12] BUG: KASAN: slab-use-after-free in ucma_create_uevent+0xb60/0xbe0
[ 107.068271][ T12] Read of size 8 at addr ffff888025901110 by task kworker/u32:0/12
[ 107.072309][ T12]
[ 107.073545][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted syzkaller #0 PREEMPT(full)
[ 107.073561][ T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 107.073572][ T12] Workqueue: rdma_cm cma_iboe_join_work_handler
[ 107.073596][ T12] Call Trace:
[ 107.073602][ T12]
[ 107.073609][ T12] dump_stack_lvl+0x100/0x190
[ 107.073633][ T12] print_report+0x156/0x4c9
[ 107.073652][ T12] ? __virt_addr_valid+0x81/0x620
[ 107.073668][ T12] ? __phys_addr+0xe8/0x180
[ 107.073683][ T12] ? ucma_create_uevent+0xb60/0xbe0
[ 107.073700][ T12] kasan_report+0xdf/0x1e0
[ 107.073717][ T12] ? ucma_create_uevent+0xb60/0xbe0
[ 107.073735][ T12] ucma_create_uevent+0xb60/0xbe0
[ 107.073752][ T12] ucma_event_handler+0x102/0x940
[ 107.073763][ T12] ? rcu_is_watching+0x12/0xc0
[ 107.073776][ T12] cma_cm_event_handler+0x99/0x330
[ 107.073788][ T12] cma_iboe_join_work_handler+0xca/0x180
[ 107.073800][ T12] process_one_work+0x9d7/0x1920
[ 107.073815][ T12] ? __pfx_process_one_work+0x10/0x10
[ 107.073834][ T12] ? __pfx_cma_iboe_join_work_handler+0x10/0x10
[ 107.073850][ T12] worker_thread+0x5da/0xe40
[ 107.073862][ T12] ? kthread+0x13a/0x450
[ 107.073871][ T12] ? __pfx_worker_thread+0x10/0x10
[ 107.073881][ T12] kthread+0x370/0x450
[ 107.073890][ T12] ? __pfx_kthread+0x10/0x10
[ 107.073899][ T12] ret_from_fork+0x754/0xd80
[ 107.073910][ T12] ? __pfx_ret_from_fork+0x10/0x10
[ 107.073921][ T12] ? __switch_to+0x7b4/0x1120
[ 107.073934][ T12] ? __pfx_kthread+0x10/0x10
[ 107.073947][ T12] ret_from_fork_asm+0x1a/0x30
[ 107.073969][ T12]
[ 107.073974][ T12]
[ 107.126294][ T12] Allocated by task 6388:
[ 107.127842][ T12] kasan_save_stack+0x30/0x50
[ 107.129659][ T12] kasan_save_track+0x14/0x30
[ 107.131339][ T12] __kasan_kmalloc+0xaa/0xb0
[ 107.133072][ T12] ucma_process_join+0x232/0xa20
[ 107.134992][ T12] ucma_join_multicast+0xe9/0x160
[ 107.136809][ T12] ucma_write+0x1fb/0x330
[ 107.138474][ T12] vfs_write+0x2aa/0x1070
[ 107.139847][ T12] ksys_write+0x1f8/0x250
[ 107.141240][ T12] do_syscall_64+0x106/0xf80
[ 107.142783][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.144855][ T12]
[ 107.145862][ T12] Freed by task 6388:
[ 107.147253][ T12] kasan_save_stack+0x30/0x50
[ 107.148773][ T12] kasan_save_track+0x14/0x30
[ 107.150295][ T12] kasan_save_free_info+0x3b/0x70
[ 107.151927][ T12] __kasan_slab_free+0x5f/0x80
[ 107.153523][ T12] kfree+0x1f6/0x6b0
[ 107.154786][ T12] ucma_process_join+0x39a/0xa20
[ 107.156369][ T12] ucma_join_multicast+0xe9/0x160
[ 107.157995][ T12] ucma_write+0x1fb/0x330
[ 107.159429][ T12] vfs_write+0x2aa/0x1070
[ 107.160807][ T12] ksys_write+0x1f8/0x250
[ 107.162246][ T12] do_syscall_64+0x106/0xf80
[ 107.163780][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.165664][ T12]
[ 107.166443][ T12] The buggy address belongs to the object at ffff888025901100
[ 107.166443][ T12] which belongs to the cache kmalloc-192 of size 192
[ 107.171371][ T12] The buggy address is located 16 bytes inside of
[ 107.171371][ T12] freed 192-byte region [ffff888025901100, ffff8880259011c0)
[ 107.176230][ T12]
[ 107.177092][ T12] The buggy address belongs to the physical page:
[ 107.179377][ T12] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888025901600 pfn:0x25901
[ 107.182940][ T12] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff)
[ 107.185545][ T12] page_type: f5(slab)
[ 107.186814][ T12] raw: 00fff00000000200 ffff88801b8423c0 ffffea0000b61990 ffffea0000954e50
[ 107.189608][ T12] raw: ffff888025901600 000000000010000c 00000000f5000000 0000000000000000
[ 107.192497][ T12] page dumped because: kasan: bad access detected
[ 107.194466][ T12] page_owner tracks the page as allocated
[ 107.196236][ T12] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24571229066, free_ts 24561021479
[ 107.202812][ T12] post_alloc_hook+0x153/0x170
[ 107.204395][ T12] get_page_from_freelist+0x111d/0x3140
[ 107.206234][ T12] __alloc_frozen_pages_noprof+0x27c/0x2ba0
[ 107.208264][ T12] new_slab+0xa6/0x6d0
[ 107.209705][ T12] refill_objects+0x26b/0x400
[ 107.211366][ T12] __pcs_replace_empty_main+0x19f/0x600
[ 107.213211][ T12] __kmalloc_cache_noprof+0x493/0x6f0
[ 107.215006][ T12] call_usermodehelper_setup+0xaf/0x360
[ 107.216796][ T12] kobject_uevent_env+0x17c1/0x18b0
[ 107.218675][ T12] param_sysfs_builtin_init+0x37b/0x3f0
[ 107.220507][ T12] do_one_initcall+0x11d/0x760
[ 107.222119][ T12] kernel_init_freeable+0x6e5/0x7a0
[ 107.223859][ T12] kernel_init+0x1f/0x1e0
[ 107.225298][ T12] ret_from_fork+0x754/0xd80
[ 107.226812][ T12] ret_from_fork_asm+0x1a/0x30
[ 107.228425][ T12] page last free pid 1 tgid 1 stack trace:
[ 107.230347][ T12] __free_frozen_pages+0x7e1/0x10d0
[ 107.232184][ T12] qlist_free_all+0x47/0xe0
[ 107.233861][ T12] kasan_quarantine_reduce+0x1a0/0x1f0
[ 107.235562][ T12] __kasan_slab_alloc+0x69/0x90
[ 107.237220][ T12] kmem_cache_alloc_noprof+0x241/0x6e0
[ 107.239394][ T12] __kernfs_new_node+0xd2/0x960
[ 107.241348][ T12] kernfs_new_node+0x11b/0x1a0
[ 107.243122][ T12] __kernfs_create_file+0x53/0x350
[ 107.244972][ T12] sysfs_add_file_mode_ns+0x207/0x3c0
[ 107.247042][ T12] internal_create_group+0x593/0xf40
[ 107.248687][ T12] param_sysfs_builtin_init+0x355/0x3f0
[ 107.250789][ T12] do_one_initcall+0x11d/0x760
[ 107.252406][ T12] kernel_init_freeable+0x6e5/0x7a0
[ 107.254305][ T12] kernel_init+0x1f/0x1e0
[ 107.255763][ T12] ret_from_fork+0x754/0xd80
[ 107.257264][ T12] ret_from_fork_asm+0x1a/0x30
[ 107.258913][ T12]
[ 107.259673][ T12] Memory state around the buggy address:
[ 107.261451][ T12] ffff888025901000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 107.264093][ T12] ffff888025901080: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 107.266774][ T12] >ffff888025901100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.269406][ T12] ^
[ 107.270992][ T12] ffff888025901180: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 107.273730][ T12] ffff888025901200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.276296][ T12] ==================================================================
[ 107.279190][ T12] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 107.281630][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted syzkaller #0 PREEMPT(full)
[ 107.285070][ T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 107.288421][ T12] Workqueue: rdma_cm cma_iboe_join_work_handler
[ 107.290541][ T12] Call Trace:
[ 107.291667][ T12]
[ 107.292747][ T12] dump_stack_lvl+0x100/0x190
[ 107.294357][ T12] vpanic+0x552/0x970
[ 107.295712][ T12] ? __pfx_vpanic+0x10/0x10
[ 107.297176][ T12] ? ucma_create_uevent+0xb60/0xbe0
[ 107.298908][ T12] panic+0xd1/0xe0
[ 107.300189][ T12] ? __pfx_panic+0x10/0x10
[ 107.301802][ T12] ? ucma_create_uevent+0xb60/0xbe0
[ 107.303591][ T12] ? preempt_schedule_common+0x42/0xc0
[ 107.305429][ T12] ? check_panic_on_warn+0x1f/0x90
[ 107.307140][ T12] check_panic_on_warn.cold+0x19/0x34
[ 107.308876][ T12] end_report.part.0+0x3a/0x90
[ 107.310549][ T12] kasan_report.cold+0xe/0x18
[ 107.312120][ T12] ? ucma_create_uevent+0xb60/0xbe0
[ 107.313888][ T12] ucma_create_uevent+0xb60/0xbe0
[ 107.315626][ T12] ucma_event_handler+0x102/0x940
[ 107.317257][ T12] ? rcu_is_watching+0x12/0xc0
[ 107.319041][ T12] cma_cm_event_handler+0x99/0x330
[ 107.321127][ T12] cma_iboe_join_work_handler+0xca/0x180
[ 107.323363][ T12] process_one_work+0x9d7/0x1920
[ 107.325362][ T12] ? __pfx_process_one_work+0x10/0x10
[ 107.327331][ T12] ? __pfx_cma_iboe_join_work_handler+0x10/0x10
[ 107.329619][ T12] worker_thread+0x5da/0xe40
[ 107.331538][ T12] ? kthread+0x13a/0x450
[ 107.333290][ T12] ? __pfx_worker_thread+0x10/0x10
[ 107.335384][ T12] kthread+0x370/0x450
[ 107.337027][ T12] ? __pfx_kthread+0x10/0x10
[ 107.339019][ T12] ret_from_fork+0x754/0xd80
[ 107.340853][ T12] ? __pfx_ret_from_fork+0x10/0x10
[ 107.342814][ T12] ? __switch_to+0x7b4/0x1120
[ 107.344747][ T12] ? __pfx_kthread+0x10/0x10
[ 107.346670][ T12] ret_from_fork_asm+0x1a/0x30
[ 107.348617][ T12]
[ 107.352992][ T12] Kernel Offset: disabled
[ 107.354638][ T12] Rebooting in 86400 seconds..