[   76.270516][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[   76.273281][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:7936' (ED25519) to the list of known hosts.
2025/07/25 15:19:32 ignoring optional flag "sandboxArg"="0"
2025/07/25 15:19:33 parsed 1 programs
[   81.255666][   T40] kauditd_printk_skb: 26 callbacks suppressed
[   81.255678][   T40] audit: type=1400 audit(1753456776.257:116): avc:  denied  { unlink } for  pid=6227 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   82.285835][ T6227] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   84.798016][   T40] audit: type=1401 audit(1753456779.797:117): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   85.129365][ T6290] chnl_net:caif_netlink_parms(): no params data found
[   85.248175][ T6290] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.251012][ T6290] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.253883][ T6290] bridge_slave_0: entered allmulticast mode
[   85.258290][ T6290] bridge_slave_0: entered promiscuous mode
[   85.262821][ T6290] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.266198][ T6290] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.269244][ T6290] bridge_slave_1: entered allmulticast mode
[   85.273169][ T6290] bridge_slave_1: entered promiscuous mode
[   85.329087][ T6290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.335708][ T6290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.393047][ T6290] team0: Port device team_slave_0 added
[   85.421193][ T6290] team0: Port device team_slave_1 added
[   85.476240][ T6290] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.479084][ T6290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.489676][ T6290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.496082][ T6290] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.498934][ T6290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.509395][ T6290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.578339][ T6290] hsr_slave_0: entered promiscuous mode
[   85.581389][ T6290] hsr_slave_1: entered promiscuous mode
[   86.182203][ T6290] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.187116][ T6290] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.192645][ T6290] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.197589][ T6290] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   86.240581][ T6290] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.251812][ T6290] 8021q: adding VLAN 0 to HW filter on device team0
[   86.257227][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.260228][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.273886][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.276906][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.414121][ T6290] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.449709][ T6290] veth0_vlan: entered promiscuous mode
[   86.457500][ T6290] veth1_vlan: entered promiscuous mode
[   86.480769][ T6290] veth0_macvtap: entered promiscuous mode
[   86.489170][ T6290] veth1_macvtap: entered promiscuous mode
[   86.498869][ T6290] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.508869][ T6290] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.510720][   T54] cfg80211: failed to load regulatory.db
[   86.514640][ T6290] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.517949][ T6290] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.521586][ T6290] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.525238][ T6290] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.618391][ T1143] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.689482][ T1143] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.817238][ T1143] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.914018][ T1143] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.179841][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.182906][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.204774][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.208186][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.544311][ T6003] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.553116][ T6003] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.559125][ T6003] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.562388][ T6003] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.565500][ T6003] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/07/25 15:19:42 executed programs: 0
[   87.926898][ T6003] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.930369][ T6003] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.933852][ T6003] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.938417][ T6003] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.942027][ T6003] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.092750][ T6434] chnl_net:caif_netlink_parms(): no params data found
[   88.185002][ T6434] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.189442][ T6434] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.192497][ T6434] bridge_slave_0: entered allmulticast mode
[   88.196485][ T6434] bridge_slave_0: entered promiscuous mode
[   88.201006][ T6434] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.204054][ T6434] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.207940][ T6434] bridge_slave_1: entered allmulticast mode
[   88.211837][ T6434] bridge_slave_1: entered promiscuous mode
[   88.269384][ T6434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.277726][ T6434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.334455][ T6434] team0: Port device team_slave_0 added
[   88.339715][ T6434] team0: Port device team_slave_1 added
[   88.394686][ T6434] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.397993][ T6434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.409112][ T6434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.415147][ T6434] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.418194][ T6434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.429239][ T6434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.497416][ T6434] hsr_slave_0: entered promiscuous mode
[   88.500585][ T6434] hsr_slave_1: entered promiscuous mode
[   88.503461][ T6434] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.508668][ T6434] Cannot create hsr debugfs directory
[   90.035683][ T6003] Bluetooth: hci0: command tx timeout
[   90.236447][ T1143] bridge_slave_1: left allmulticast mode
[   90.238335][ T1143] bridge_slave_1: left promiscuous mode
[   90.240356][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.245087][ T1143] bridge_slave_0: left allmulticast mode
[   90.247777][ T1143] bridge_slave_0: left promiscuous mode
[   90.250417][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.466829][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   90.472140][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   90.476762][ T1143] bond0 (unregistering): Released all slaves
[   90.622020][ T1143] hsr_slave_0: left promiscuous mode
[   90.624737][ T1143] hsr_slave_1: left promiscuous mode
[   90.626829][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.629544][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[   90.632775][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.638485][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.659953][ T1143] veth1_macvtap: left promiscuous mode
[   90.662325][ T1143] veth0_macvtap: left promiscuous mode
[   90.664753][ T1143] veth1_vlan: left promiscuous mode
[   90.667310][ T1143] veth0_vlan: left promiscuous mode
[   91.153009][ T1143] team0 (unregistering): Port device team_slave_1 removed
[   91.192970][ T1143] team0 (unregistering): Port device team_slave_0 removed
[   91.842963][ T6434] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.847917][ T6434] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.851769][ T6434] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.855944][ T6434] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.924547][ T6434] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.936345][ T6434] 8021q: adding VLAN 0 to HW filter on device team0
[   91.943564][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.946637][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.954289][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.956588][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.106422][ T6003] Bluetooth: hci0: command tx timeout
[   92.254990][ T6434] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.289234][ T6434] veth0_vlan: entered promiscuous mode
[   92.296995][ T6434] veth1_vlan: entered promiscuous mode
[   92.319857][ T6434] veth0_macvtap: entered promiscuous mode
[   92.326947][ T6434] veth1_macvtap: entered promiscuous mode
[   92.343750][ T6434] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.356148][ T6434] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.380786][ T6434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.383801][ T6434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.387060][ T6434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.389660][ T6434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.450195][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.453674][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.479190][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.482496][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.527553][   T40] audit: type=1400 audit(1753456787.537:118): avc:  denied  { create } for  pid=6520 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   92.535791][   T40] audit: type=1400 audit(1753456787.537:119): avc:  denied  { write } for  pid=6520 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   92.579588][   T40] audit: type=1400 audit(1753456787.587:120): avc:  denied  { read write } for  pid=6520 comm="syz.0.16" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   92.588674][   T40] audit: type=1400 audit(1753456787.587:121): avc:  denied  { open } for  pid=6520 comm="syz.0.16" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   92.665015][ T6521] infiniband syz1: set active
[   92.667470][ T6521] infiniband syz1: added syz_tun
[   92.703084][ T6521] RDS/IB: syz1: added
[   92.705263][ T6521] smc: adding ib device syz1 with port count 1
[   92.708784][ T6521] smc:    ib device syz1 port 1 has pnetid 
[   92.888063][ T6526] syz1: rxe_newlink: already configured on syz_tun
[   92.893800][   T71] ==================================================================
[   92.897045][   T71] BUG: KASAN: slab-use-after-free in ucma_create_uevent+0xadb/0xb30
[   92.900132][   T71] Read of size 8 at addr ffff888025846d10 by task kworker/u32:4/71
[   92.905600][   T71] 
[   92.906657][   T71] CPU: 0 UID: 0 PID: 71 Comm: kworker/u32:4 Not tainted 6.16.0-rc7-syzkaller-g2942242dde89 #0 PREEMPT(full) 
[   92.906678][   T71] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.906691][   T71] Workqueue: rdma_cm cma_iboe_join_work_handler
[   92.906718][   T71] Call Trace:
[   92.906726][   T71]  <TASK>
[   92.906733][   T71]  dump_stack_lvl+0x116/0x1f0
[   92.906767][   T71]  print_report+0xcd/0x630
[   92.906783][   T71]  ? __virt_addr_valid+0x81/0x610
[   92.906804][   T71]  ? __phys_addr+0xe8/0x180
[   92.906823][   T71]  ? ucma_create_uevent+0xadb/0xb30
[   92.906842][   T71]  kasan_report+0xe0/0x110
[   92.906858][   T71]  ? ucma_create_uevent+0xadb/0xb30
[   92.906877][   T71]  ucma_create_uevent+0xadb/0xb30
[   92.906895][   T71]  ucma_event_handler+0x102/0x940
[   92.906916][   T71]  ? rcu_is_watching+0x12/0xc0
[   92.906939][   T71]  cma_cm_event_handler+0x97/0x300
[   92.906961][   T71]  cma_iboe_join_work_handler+0xca/0x170
[   92.906984][   T71]  process_one_work+0x9cc/0x1b70
2025/07/25 15:19:47 executed programs: 3
[   92.907008][   T71]  ? __pfx_process_one_work+0x10/0x10
[   92.907028][   T71]  ? assign_work+0x1a0/0x250
[   92.907046][   T71]  worker_thread+0x6c8/0xf10
[   92.907068][   T71]  ? __pfx_worker_thread+0x10/0x10
[   92.907086][   T71]  kthread+0x3c2/0x780
[   92.907102][   T71]  ? __pfx_kthread+0x10/0x10
[   92.907119][   T71]  ? rcu_is_watching+0x12/0xc0
[   92.907139][   T71]  ? __pfx_kthread+0x10/0x10
[   92.907157][   T71]  ret_from_fork+0x5d4/0x6f0
[   92.907180][   T71]  ? __pfx_kthread+0x10/0x10
[   92.907197][   T71]  ret_from_fork_asm+0x1a/0x30
[   92.907221][   T71]  </TASK>
[   92.907228][   T71] 
[   92.971840][   T71] Allocated by task 6526:
[   92.973623][   T71]  kasan_save_stack+0x33/0x60
[   92.975604][   T71]  kasan_save_track+0x14/0x30
[   92.977500][   T71]  __kasan_kmalloc+0xaa/0xb0
[   92.979474][   T71]  ucma_process_join+0x237/0xa30
[   92.981555][   T71]  ucma_join_multicast+0xe8/0x160
[   92.983647][   T71]  ucma_write+0x1fb/0x330
[   92.985423][   T71]  vfs_write+0x2a0/0x1150
[   92.987222][   T71]  ksys_write+0x1f8/0x250
[   92.989000][   T71]  do_syscall_64+0xcd/0x4c0
[   92.990880][   T71]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.993347][   T71] 
[   92.994318][   T71] Freed by task 6526:
[   92.995978][   T71]  kasan_save_stack+0x33/0x60
[   92.997928][   T71]  kasan_save_track+0x14/0x30
[   92.999911][   T71]  kasan_save_free_info+0x3b/0x60
[   93.001983][   T71]  __kasan_slab_free+0x51/0x70
[   93.003993][   T71]  kfree+0x2b4/0x4d0
[   93.005633][   T71]  ucma_process_join+0x3b9/0xa30
[   93.007724][   T71]  ucma_join_multicast+0xe8/0x160
[   93.009828][   T71]  ucma_write+0x1fb/0x330
[   93.011657][   T71]  vfs_write+0x2a0/0x1150
[   93.013395][   T71]  ksys_write+0x1f8/0x250
[   93.015195][   T71]  do_syscall_64+0xcd/0x4c0
[   93.017094][   T71]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.019515][   T71] 
[   93.020553][   T71] The buggy address belongs to the object at ffff888025846d00
[   93.020553][   T71]  which belongs to the cache kmalloc-192 of size 192
[   93.025839][   T71] The buggy address is located 16 bytes inside of
[   93.025839][   T71]  freed 192-byte region [ffff888025846d00, ffff888025846dc0)
[   93.029964][   T71] 
[   93.030711][   T71] The buggy address belongs to the physical page:
[   93.032660][   T71] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25846
[   93.035283][   T71] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.037430][   T71] page_type: f5(slab)
[   93.038954][   T71] raw: 00fff00000000000 ffff88801b8423c0 dead000000000100 dead000000000122
[   93.041872][   T71] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   93.045258][   T71] page dumped because: kasan: bad access detected
[   93.047781][   T71] page_owner tracks the page as allocated
[   93.049939][   T71] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6029, tgid 6029 (syz-executor), ts 57982398117, free_ts 57979239363
[   93.057205][   T71]  post_alloc_hook+0x1c0/0x230
[   93.059185][   T71]  get_page_from_freelist+0x1321/0x3890
[   93.061415][   T71]  __alloc_frozen_pages_noprof+0x261/0x23f0
[   93.063823][   T71]  new_slab+0x94/0x330
[   93.065437][   T71]  ___slab_alloc+0xd9c/0x1940
[   93.067172][   T71]  __slab_alloc.constprop.0+0x56/0xb0
[   93.069134][   T71]  __kmalloc_node_noprof+0x2ed/0x500
[   93.071109][   T71]  alloc_slab_obj_exts+0x41/0xa0
[   93.073007][   T71]  new_slab+0x283/0x330
[   93.074681][   T71]  ___slab_alloc+0xd9c/0x1940
[   93.076277][   T71]  __slab_alloc.constprop.0+0x56/0xb0
[   93.078368][   T71]  kmem_cache_alloc_noprof+0xef/0x3b0
[   93.080405][   T71]  alloc_vfsmnt+0x23/0x730
[   93.082154][   T71]  clone_mnt+0x6d/0xff0
[   93.083790][   T71]  copy_tree+0x38d/0xa20
[   93.085503][   T71]  copy_mnt_ns+0x1ac/0xac0
[   93.087075][   T71] page last free pid 6024 tgid 6024 stack trace:
[   93.089013][   T71]  __free_frozen_pages+0x7fe/0x1180
[   93.090630][   T71]  free_pipe_info+0x2aa/0x3f0
[   93.092468][   T71]  pipe_release+0x2bf/0x320
[   93.094171][   T71]  __fput+0x3ff/0xb70
[   93.095710][   T71]  task_work_run+0x150/0x240
[   93.097473][   T71]  do_exit+0x86c/0x2bd0
[   93.099218][   T71]  do_group_exit+0xd3/0x2a0
[   93.101148][   T71]  get_signal+0x2673/0x26d0
[   93.103076][   T71]  arch_do_signal_or_restart+0x8f/0x7d0
[   93.105379][   T71]  exit_to_user_mode_loop+0x84/0x110
[   93.107461][   T71]  do_syscall_64+0x3f6/0x4c0
[   93.109254][   T71]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.111511][   T71] 
[   93.112596][   T71] Memory state around the buggy address:
[   93.114836][   T71]  ffff888025846c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   93.118038][   T71]  ffff888025846c80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   93.121227][   T71] >ffff888025846d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   93.124487][   T71]                          ^
[   93.126382][   T71]  ffff888025846d80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   93.129563][   T71]  ffff888025846e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   93.132848][   T71] ==================================================================
[   93.137290][   T71] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   93.140217][   T71] CPU: 0 UID: 0 PID: 71 Comm: kworker/u32:4 Not tainted 6.16.0-rc7-syzkaller-g2942242dde89 #0 PREEMPT(full) 
[   93.144666][   T71] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.148554][   T71] Workqueue: rdma_cm cma_iboe_join_work_handler
[   93.151049][   T71] Call Trace:
[   93.152409][   T71]  <TASK>
[   93.153622][   T71]  dump_stack_lvl+0x3d/0x1f0
[   93.155534][   T71]  panic+0x71c/0x800
[   93.157148][   T71]  ? __pfx_panic+0x10/0x10
[   93.158958][   T71]  ? mark_held_locks+0x49/0x80
[   93.160896][   T71]  ? preempt_schedule_thunk+0x16/0x30
[   93.163015][   T71]  ? ucma_create_uevent+0xadb/0xb30
[   93.165104][   T71]  ? preempt_schedule_common+0x44/0xc0
[   93.167312][   T71]  ? check_panic_on_warn+0x1f/0xb0
[   93.169392][   T71]  ? ucma_create_uevent+0xadb/0xb30
[   93.171484][   T71]  check_panic_on_warn+0xab/0xb0
[   93.173529][   T71]  end_report+0x107/0x170
[   93.175308][   T71]  kasan_report+0xee/0x110
[   93.177099][   T71]  ? ucma_create_uevent+0xadb/0xb30
[   93.179169][   T71]  ucma_create_uevent+0xadb/0xb30
[   93.181206][   T71]  ucma_event_handler+0x102/0x940
[   93.183221][   T71]  ? rcu_is_watching+0x12/0xc0
[   93.185121][   T71]  cma_cm_event_handler+0x97/0x300
[   93.187199][   T71]  cma_iboe_join_work_handler+0xca/0x170
[   93.189449][   T71]  process_one_work+0x9cc/0x1b70
[   93.191359][   T71]  ? __pfx_process_one_work+0x10/0x10
[   93.193352][   T71]  ? assign_work+0x1a0/0x250
[   93.195109][   T71]  worker_thread+0x6c8/0xf10
[   93.196836][   T71]  ? __pfx_worker_thread+0x10/0x10
[   93.198742][   T71]  kthread+0x3c2/0x780
[   93.200282][   T71]  ? __pfx_kthread+0x10/0x10
[   93.202028][   T71]  ? rcu_is_watching+0x12/0xc0
[   93.203809][   T71]  ? __pfx_kthread+0x10/0x10
[   93.205555][   T71]  ret_from_fork+0x5d4/0x6f0
[   93.207274][   T71]  ? __pfx_kthread+0x10/0x10
[   93.208993][   T71]  ret_from_fork_asm+0x1a/0x30
[   93.210806][   T71]  </TASK>
[   93.212598][   T71] Kernel Offset: disabled
[   93.214231][   T71] Rebooting in 86400 seconds..