[ 84.482774][ T40] audit: type=1400 audit(1766763262.090:116): avc: denied { transition } for pid=6133 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 84.491683][ T40] audit: type=1400 audit(1766763262.100:117): avc: denied { noatsecure } for pid=6133 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 84.498300][ T40] audit: type=1400 audit(1766763262.100:118): avc: denied { rlimitinh } for pid=6133 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 84.505192][ T40] audit: type=1400 audit(1766763262.100:119): avc: denied { siginh } for pid=6133 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 86.598359][ T54] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:1256' (ED25519) to the list of known hosts.
2025/12/26 15:34:28 parsed 1 programs
[ 91.223140][ T40] audit: type=1400 audit(1766763268.830:120): avc: denied { node_bind } for pid=6167 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 93.294550][ T40] audit: type=1400 audit(1766763270.900:121): avc: denied { read write } for pid=6177 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 93.305778][ T40] audit: type=1400 audit(1766763270.900:122): avc: denied { open } for pid=6177 comm="syz-executor" path="/swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 93.337977][ T40] audit: type=1400 audit(1766763270.950:123): avc: denied { unlink } for pid=6177 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 93.643214][ T40] audit: type=1400 audit(1766763271.250:124): avc: denied { relabelto } for pid=6186 comm="mkswap" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 94.380775][ T6177] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 96.332073][ T40] audit: type=1401 audit(1766763273.940:125): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 96.968141][ T6212] chnl_net:caif_netlink_parms(): no params data found
[ 97.090125][ T6212] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.093370][ T6212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.096826][ T6212] bridge_slave_0: entered allmulticast mode
[ 97.101017][ T6212] bridge_slave_0: entered promiscuous mode
[ 97.107843][ T6212] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.111160][ T6212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.114405][ T6212] bridge_slave_1: entered allmulticast mode
[ 97.120591][ T6212] bridge_slave_1: entered promiscuous mode
[ 97.231418][ T6212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 97.248083][ T6212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 97.294267][ T6212] team0: Port device team_slave_0 added
[ 97.300272][ T6212] team0: Port device team_slave_1 added
[ 97.349025][ T6212] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 97.351935][ T6212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 97.362257][ T6212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.368229][ T6212] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.371167][ T6212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 97.383190][ T6212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 97.441217][ T6212] hsr_slave_0: entered promiscuous mode
[ 97.444316][ T6212] hsr_slave_1: entered promiscuous mode
[ 98.017702][ T6212] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 98.023374][ T6212] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 98.032621][ T6212] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 98.040159][ T6212] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 98.113635][ T6212] 8021q: adding VLAN 0 to HW filter on device bond0
[ 98.123251][ T6212] 8021q: adding VLAN 0 to HW filter on device team0
[ 98.129673][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.132069][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 98.138225][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.140800][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 98.183520][ T40] audit: type=1400 audit(1766763275.790:126): avc: denied { sys_module } for pid=6212 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 98.279043][ T6212] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 98.314291][ T6212] veth0_vlan: entered promiscuous mode
[ 98.326522][ T6212] veth1_vlan: entered promiscuous mode
[ 98.352828][ T6212] veth0_macvtap: entered promiscuous mode
[ 98.359474][ T6212] veth1_macvtap: entered promiscuous mode
[ 98.373823][ T6212] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 98.383099][ T6212] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 98.392664][ T76] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.395976][ T76] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.400056][ T76] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.403892][ T76] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.502617][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.576026][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.637775][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.733737][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.786986][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 98.790197][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 98.823551][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 98.826908][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.635154][ T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 99.638584][ T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 99.641995][ T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 99.646090][ T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 99.649424][ T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/12/26 15:34:37 executed programs: 0
[ 100.088732][ T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 100.092996][ T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 100.097448][ T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 100.104763][ T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 100.108316][ T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.230947][ T6343] chnl_net:caif_netlink_parms(): no params data found
[ 100.306005][ T6343] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.309027][ T6343] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.311594][ T6343] bridge_slave_0: entered allmulticast mode
[ 100.314444][ T6343] bridge_slave_0: entered promiscuous mode
[ 100.318454][ T6343] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.320920][ T6343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.323387][ T6343] bridge_slave_1: entered allmulticast mode
[ 100.327219][ T6343] bridge_slave_1: entered promiscuous mode
[ 100.370164][ T6343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.377201][ T6343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.431222][ T6343] team0: Port device team_slave_0 added
[ 100.436467][ T6343] team0: Port device team_slave_1 added
[ 100.470226][ T6343] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.472832][ T6343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.482132][ T6343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.486944][ T6343] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.490031][ T6343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.500279][ T6343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.550176][ T6343] hsr_slave_0: entered promiscuous mode
[ 100.552502][ T6343] hsr_slave_1: entered promiscuous mode
[ 100.554599][ T6343] debugfs: 'hsr0' already exists in 'hsr'
[ 100.556837][ T6343] Cannot create hsr debugfs directory
[ 101.883608][ T46] bridge_slave_1: left allmulticast mode
[ 101.885562][ T46] bridge_slave_1: left promiscuous mode
[ 101.887510][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.892383][ T46] bridge_slave_0: left allmulticast mode
[ 101.894303][ T46] bridge_slave_0: left promiscuous mode
[ 101.896728][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.130384][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 102.137025][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 102.142377][ T46] bond0 (unregistering): Released all slaves
[ 102.185049][ T5959] Bluetooth: hci0: command tx timeout
[ 102.310120][ T46] hsr_slave_0: left promiscuous mode
[ 102.318169][ T46] hsr_slave_1: left promiscuous mode
[ 102.321328][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 102.325556][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 102.330207][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 102.333912][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 102.354208][ T46] veth1_macvtap: left promiscuous mode
[ 102.356934][ T46] veth0_macvtap: left promiscuous mode
[ 102.359358][ T46] veth1_vlan: left promiscuous mode
[ 102.361618][ T46] veth0_vlan: left promiscuous mode
[ 102.777623][ T46] team0 (unregistering): Port device team_slave_1 removed
[ 102.824473][ T46] team0 (unregistering): Port device team_slave_0 removed
[ 103.529668][ T6343] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 103.534953][ T6343] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 103.538901][ T6343] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 103.543581][ T6343] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 103.595612][ T6343] 8021q: adding VLAN 0 to HW filter on device bond0
[ 103.604667][ T6343] 8021q: adding VLAN 0 to HW filter on device team0
[ 103.617087][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.620515][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.624509][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.627109][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 104.026578][ T6343] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 104.047201][ T6343] veth0_vlan: entered promiscuous mode
[ 104.052947][ T6343] veth1_vlan: entered promiscuous mode
[ 104.078559][ T6343] veth0_macvtap: entered promiscuous mode
[ 104.082428][ T6343] veth1_macvtap: entered promiscuous mode
[ 104.097048][ T6343] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.107895][ T6343] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.116205][ T76] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.119450][ T76] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.122986][ T76] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.127407][ T76] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.224820][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.227892][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.241254][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.244122][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.264990][ T5959] Bluetooth: hci0: command tx timeout
[ 104.276511][ T40] audit: type=1400 audit(1766763281.890:127): avc: denied { create } for pid=6399 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 104.284509][ T40] audit: type=1400 audit(1766763281.890:128): avc: denied { write } for pid=6399 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 104.335754][ T40] audit: type=1400 audit(1766763281.950:129): avc: denied { read write } for pid=6399 comm="syz.0.16" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 104.344210][ T40] audit: type=1400 audit(1766763281.950:130): avc: denied { open } for pid=6399 comm="syz.0.16" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 104.421610][ T6400] infiniband syz1: set active
[ 104.423970][ T6400] infiniband syz1: added syz_tun
[ 104.462642][ T6400] RDS/IB: syz1: added
[ 104.464332][ T6400] smc: adding ib device syz1 with port count 1
[ 104.466717][ T6400] smc: ib device syz1 port 1 has no pnetid
[ 104.597842][ T6405] syz1: rxe_newlink: already configured on syz_tun
[ 104.620849][ T6408] syz1: rxe_newlink: already configured on syz_tun
[ 104.643329][ T6411] syz1: rxe_newlink: already configured on syz_tun
[ 104.656977][ T6414] syz1: rxe_newlink: already configured on syz_tun
[ 104.673353][ T6417] syz1: rxe_newlink: already configured on syz_tun
[ 104.701147][ T6420] syz1: rxe_newlink: already configured on syz_tun
[ 104.723795][ T6423] syz1: rxe_newlink: already configured on syz_tun
[ 104.743009][ T6426] syz1: rxe_newlink: already configured on syz_tun
[ 104.762276][ T6429] syz1: rxe_newlink: already configured on syz_tun
[ 104.781460][ T6432] syz1: rxe_newlink: already configured on syz_tun
2025/12/26 15:34:42 executed programs: 27
[ 105.451299][ T46] ==================================================================
[ 105.454676][ T46] BUG: KASAN: slab-use-after-free in ucma_create_uevent+0xb1a/0xbe0
[ 105.458255][ T46] Read of size 8 at addr ffff88802ae66a10 by task kworker/u32:2/46
[ 105.462970][ T46]
[ 105.463780][ T46] CPU: 0 UID: 0 PID: 46 Comm: kworker/u32:2 Not tainted syzkaller #0 PREEMPT(full)
[ 105.463793][ T46] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 105.463806][ T46] Workqueue: rdma_cm cma_iboe_join_work_handler
[ 105.463822][ T46] Call Trace:
[ 105.463827][ T46]
[ 105.463832][ T46] dump_stack_lvl+0x116/0x1f0
[ 105.463848][ T46] print_report+0xcd/0x630
[ 105.463864][ T46] ? __virt_addr_valid+0x81/0x610
[ 105.463874][ T46] ? __phys_addr+0xe8/0x180
[ 105.463884][ T46] ? ucma_create_uevent+0xb1a/0xbe0
[ 105.463899][ T46] kasan_report+0xe0/0x110
[ 105.463913][ T46] ? ucma_create_uevent+0xb1a/0xbe0
[ 105.463929][ T46] ucma_create_uevent+0xb1a/0xbe0
[ 105.463945][ T46] ucma_event_handler+0x102/0x940
[ 105.463962][ T46] ? rcu_is_watching+0x12/0xc0
[ 105.463972][ T46] cma_cm_event_handler+0x97/0x2d0
[ 105.463983][ T46] cma_iboe_join_work_handler+0xca/0x170
[ 105.463995][ T46] process_one_work+0x9ba/0x1b20
[ 105.464011][ T46] ? __pfx_process_one_work+0x10/0x10
[ 105.464026][ T46] ? assign_work+0x1a0/0x250
[ 105.464039][ T46] worker_thread+0x6c8/0xf10
[ 105.464055][ T46] ? __pfx_worker_thread+0x10/0x10
[ 105.464068][ T46] kthread+0x3c5/0x780
[ 105.464081][ T46] ? __pfx_kthread+0x10/0x10
[ 105.464093][ T46] ? rcu_is_watching+0x12/0xc0
[ 105.464103][ T46] ? __pfx_kthread+0x10/0x10
[ 105.464115][ T46] ret_from_fork+0x983/0xb10
[ 105.464127][ T46] ? __pfx_ret_from_fork+0x10/0x10
[ 105.464139][ T46] ? __switch_to+0x7af/0x10d0
[ 105.464153][ T46] ? __pfx_kthread+0x10/0x10
[ 105.464165][ T46] ret_from_fork_asm+0x1a/0x30
[ 105.464185][ T46]
[ 105.464188][ T46]
[ 105.522257][ T46] Allocated by task 6528:
[ 105.523694][ T46] kasan_save_stack+0x33/0x60
[ 105.525588][ T46] kasan_save_track+0x14/0x30
[ 105.527326][ T46] __kasan_kmalloc+0xaa/0xb0
[ 105.528855][ T46] ucma_process_join+0x237/0xa30
[ 105.530646][ T46] ucma_join_multicast+0xe8/0x160
[ 105.532398][ T46] ucma_write+0x1fb/0x330
[ 105.533900][ T46] vfs_write+0x2a0/0x11d0
[ 105.535448][ T46] ksys_write+0x1f8/0x250
[ 105.537165][ T46] do_syscall_64+0xcd/0xf80
[ 105.539290][ T46] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 105.541445][ T46]
[ 105.542375][ T46] Freed by task 6528:
[ 105.543691][ T46] kasan_save_stack+0x33/0x60
[ 105.545327][ T46] kasan_save_track+0x14/0x30
[ 105.546952][ T46] kasan_save_free_info+0x3b/0x60
[ 105.548601][ T46] __kasan_slab_free+0x5f/0x80
[ 105.550266][ T46] kfree+0x2f8/0x6e0
[ 105.551660][ T46] ucma_process_join+0x3b9/0xa30
[ 105.553339][ T46] ucma_join_multicast+0xe8/0x160
[ 105.555037][ T46] ucma_write+0x1fb/0x330
[ 105.556653][ T46] vfs_write+0x2a0/0x11d0
[ 105.558174][ T46] ksys_write+0x1f8/0x250
[ 105.559617][ T46] do_syscall_64+0xcd/0xf80
[ 105.561134][ T46] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 105.563101][ T46]
[ 105.563913][ T46] The buggy address belongs to the object at ffff88802ae66a00
[ 105.563913][ T46] which belongs to the cache kmalloc-192 of size 192
[ 105.568758][ T46] The buggy address is located 16 bytes inside of
[ 105.568758][ T46] freed 192-byte region [ffff88802ae66a00, ffff88802ae66ac0)
[ 105.573371][ T46]
[ 105.574216][ T46] The buggy address belongs to the physical page:
[ 105.576316][ T46] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ae66
[ 105.579243][ T46] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 105.581843][ T46] page_type: f5(slab)
[ 105.583219][ T46] raw: 00fff00000000000 ffff88801b4423c0 ffffea000086a2c0 dead000000000002
[ 105.586041][ T46] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[ 105.589269][ T46] page dumped because: kasan: bad access detected
[ 105.591391][ T46] page_owner tracks the page as allocated
[ 105.593372][ T46] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 16122027545, free_ts 16095114912
[ 105.599547][ T46] post_alloc_hook+0x1af/0x220
[ 105.601139][ T46] get_page_from_freelist+0xd0b/0x31a0
[ 105.603123][ T46] __alloc_frozen_pages_noprof+0x25f/0x2430
[ 105.605062][ T46] alloc_pages_mpol+0x1fb/0x550
[ 105.606696][ T46] new_slab+0x2c3/0x430
[ 105.608090][ T46] ___slab_alloc+0xe18/0x1c90
[ 105.609649][ T46] __slab_alloc.constprop.0+0x63/0x110
[ 105.611456][ T46] __kmalloc_cache_noprof+0x485/0x800
[ 105.613255][ T46] call_usermodehelper_setup+0xaf/0x360
[ 105.615090][ T46] kobject_uevent_env+0x179c/0x1920
[ 105.616808][ T46] driver_register+0x2d3/0x4b0
[ 105.618548][ T46] __usb_serial_register_drivers+0x5cd/0xfd0
[ 105.620314][ T46] do_one_initcall+0x123/0x680
[ 105.621719][ T46] kernel_init_freeable+0x5c8/0x920
[ 105.623601][ T46] kernel_init+0x1c/0x2b0
[ 105.625059][ T46] ret_from_fork+0x983/0xb10
[ 105.626623][ T46] page last free pid 54 tgid 54 stack trace:
[ 105.628839][ T46] __free_frozen_pages+0x7df/0x1170
[ 105.630571][ T46] vfree+0x1fd/0xb50
[ 105.631986][ T46] delayed_vfree_work+0x56/0x70
[ 105.633818][ T46] process_one_work+0x9ba/0x1b20
[ 105.635493][ T46] worker_thread+0x6c8/0xf10
[ 105.637016][ T46] kthread+0x3c5/0x780
[ 105.638358][ T46] ret_from_fork+0x983/0xb10
[ 105.639993][ T46] ret_from_fork_asm+0x1a/0x30
[ 105.641604][ T46]
[ 105.642457][ T46] Memory state around the buggy address:
[ 105.644311][ T46] ffff88802ae66900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 105.646933][ T46] ffff88802ae66980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 105.650074][ T46] >ffff88802ae66a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 105.653023][ T46] ^
[ 105.654604][ T46] ffff88802ae66a80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 105.657285][ T46] ffff88802ae66b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 105.660044][ T46] ==================================================================
[ 105.665517][ T46] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 105.667923][ T46] CPU: 0 UID: 0 PID: 46 Comm: kworker/u32:2 Not tainted syzkaller #0 PREEMPT(full)
[ 105.670961][ T46] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 105.674969][ T46] Workqueue: rdma_cm cma_iboe_join_work_handler
[ 105.676996][ T46] Call Trace:
[ 105.678139][ T46]
[ 105.679224][ T46] dump_stack_lvl+0x3d/0x1f0
[ 105.680955][ T46] vpanic+0x640/0x6f0
[ 105.682298][ T46] panic+0xca/0xd0
[ 105.683526][ T46] ? __pfx_panic+0x10/0x10
[ 105.685015][ T46] ? ucma_create_uevent+0xb1a/0xbe0
[ 105.686763][ T46] ? preempt_schedule_common+0x44/0xc0
[ 105.688669][ T46] ? preempt_schedule_thunk+0x16/0x30
[ 105.690461][ T46] ? check_panic_on_warn+0x1f/0xb0
[ 105.692167][ T46] check_panic_on_warn+0xab/0xb0
[ 105.693863][ T46] end_report+0x107/0x160
[ 105.695327][ T46] kasan_report+0xee/0x110
[ 105.696992][ T46] ? ucma_create_uevent+0xb1a/0xbe0
[ 105.698833][ T46] ucma_create_uevent+0xb1a/0xbe0
[ 105.700588][ T46] ucma_event_handler+0x102/0x940
[ 105.702285][ T46] ? rcu_is_watching+0x12/0xc0
[ 105.703864][ T46] cma_cm_event_handler+0x97/0x2d0
[ 105.705565][ T46] cma_iboe_join_work_handler+0xca/0x170
[ 105.707420][ T46] process_one_work+0x9ba/0x1b20
[ 105.709269][ T46] ? __pfx_process_one_work+0x10/0x10
[ 105.711076][ T46] ? assign_work+0x1a0/0x250
[ 105.712807][ T46] worker_thread+0x6c8/0xf10
[ 105.714368][ T46] ? __pfx_worker_thread+0x10/0x10
[ 105.716047][ T46] kthread+0x3c5/0x780
[ 105.717412][ T46] ? __pfx_kthread+0x10/0x10
[ 105.718972][ T46] ? rcu_is_watching+0x12/0xc0
[ 105.720614][ T46] ? __pfx_kthread+0x10/0x10
[ 105.722263][ T46] ret_from_fork+0x983/0xb10
[ 105.723818][ T46] ? __pfx_ret_from_fork+0x10/0x10
[ 105.725450][ T46] ? __switch_to+0x7af/0x10d0
[ 105.726983][ T46] ? __pfx_kthread+0x10/0x10
[ 105.728615][ T46] ret_from_fork_asm+0x1a/0x30
[ 105.730323][ T46]
[ 105.732178][ T46] Kernel Offset: disabled
[ 105.733625][ T46] Rebooting in 86400 seconds..