program:
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00'], 0x48)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="05000008000000002f353913"], 0xc, 0xfffffffffffffffa)
request_key(&(0x7f0000000480)='big_key\x00', &(0x7f0000001900)={'syz', 0x2}, &(0x7f0000000500)='./binOerfs/bind\br0\x00P\xbf\xfe\xb5cY\xc2\xfb\x86\xe6\x98]\x9a,\xad\xce<?T\xe6\x98d\xc5\x89\x94\xd6\x8brEr\'\xc0W\b:\xecEXL=|a\xd5\x82P\xb2\x99;\xcf\x06\xe8\xb27l&\x02\x19\x8c\b7BK\x00j\x8f\x1a\xeb\x9c\xf1\xea94&.\x91>\x10)!\xa9\x8aU\x86\x19\xef3\b\xc2\xb9I\xb5\xfe?\x1d0\x8e\x94cU`\x16\xa8\xd3?\xac\x7f\xc0\x91p\xf7\x8ct\xa5\x16\x8e.\xbd\\\xba\xf7\x06\x80\r\xb7\xb2\x19\xab\x16\xfc7\x13\xd5\xe8f\xe0\xe3!\xc90\x10\x04\xc2e\'\xf6\xdb\xc5\x9a|\xecv\xef`\xab\xb3\xd8\xba\\\xa6\xf6\xa3]>d\x86\xd05\xb2\xc0\x9c\x12\xc6\x89\xe9t\n\x9c\x89R9%D\xf2\xcb\xbd\x82=\xc7\x06$\xfegM\x82\x9cU\xccV`\xed6\x06hx!\xd4Vw', 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$P9_RGETLOCK(r2, 0x0, 0x200002e6)
fcntl$setpipe(r2, 0x407, 0x7000000)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r4, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r5, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @empty}}}, 0x118)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_usb_connect$cdc_ncm(0x2, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

[   75.776317][ T5317] Bluetooth: hci0: command tx timeout
[   76.200483][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[   76.357577][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[   77.143298][ T5339] infiniband syz1: set active
[   77.146749][ T5339] infiniband syz1: added syz_tun
[   77.206110][ T5339] RDS/IB: syz1: added
[   77.208358][ T5339] smc: adding ib device syz1 with port count 1
[   77.211203][ T5339] smc:    ib device syz1 port 1 has no pnetid
[   77.424876][ T5339] smc: removing ib device syz1
[   77.647209][ T5339] ------------[ cut here ]------------
[   77.649785][ T5339] WARNING: drivers/infiniband/sw/rxe/rxe_pool.c:116 at rxe_pool_cleanup+0x48/0x60, CPU#0: syz.0.0/5339
[   77.654831][ T5339] Modules linked in:
[   77.656809][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   77.660813][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.665716][ T5339] RIP: 0010:rxe_pool_cleanup+0x48/0x60
[   77.668238][ T5339] Code: 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 20 b7 a4 f9 48 83 3b 00 75 0c e8 75 0c 3d f9 5b c3 cc cc cc cc cc e8 69 0c 3d f9 90 <0f> 0b 90 5b c3 cc cc cc cc cc 66 66 66 66 66 2e 0f 1f 84 00 00 00
[   77.676615][ T5339] RSP: 0018:ffffc9000e58f038 EFLAGS: 00010246
[   77.679402][ T5339] RAX: ffffffff8883faf7 RBX: ffff8880441893d8 RCX: 0000000000100000
[   77.682769][ T5339] RDX: ffffc90020ce2000 RSI: 00000000000fffff RDI: 0000000000100000
[   77.686031][ T5339] RBP: ffff8880441890b8 R08: ffff8880441887b3 R09: 1ffff110088310f6
[   77.689210][ T5339] R10: dffffc0000000000 R11: ffffffff888236a0 R12: dffffc0000000000
[   77.692806][ T5339] R13: dffffc0000000000 R14: ffffffff888236a0 R15: dffffc0000000000
[   77.696307][ T5339] FS:  00007f9647e696c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[   77.699944][ T5339] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.702876][ T5339] CR2: 00007f9647e66f70 CR3: 0000000044301000 CR4: 0000000000352ef0
[   77.708443][ T5339] Call Trace:
[   77.710226][ T5339]  <TASK>
[   77.711647][ T5339]  rxe_dealloc+0x27/0xc0
[   77.713612][ T5339]  ? __pfx_rxe_dealloc+0x10/0x10
[   77.718299][ T5339]  ib_dealloc_device+0x54/0x200
[   77.720512][ T5339]  __ib_unregister_device+0x393/0x3f0
[   77.722962][ T5339]  ? __pfx_ib_device_get_by_index+0x10/0x10
[   77.725810][ T5339]  ib_unregister_device_and_put+0xb8/0xf0
[   77.728402][ T5339]  nldev_dellink+0x2d1/0x320
[   77.730536][ T5339]  ? __pfx_nldev_dellink+0x10/0x10
[   77.732891][ T5339]  ? apparmor_capable+0x137/0x1a0
[   77.735325][ T5339]  ? bpf_lsm_capable+0x9/0x20
[   77.737610][ T5339]  ? security_capable+0x7e/0x2e0
[   77.740114][ T5339]  ? __pfx_nldev_dellink+0x10/0x10
[   77.742405][ T5339]  rdma_nl_rcv+0x6ae/0x980
[   77.744466][ T5339]  ? __pfx_rdma_nl_rcv+0x10/0x10
[   77.746506][ T5339]  ? netlink_deliver_tap+0x2e/0x1b0
[   77.748864][ T5339]  netlink_unicast+0x82f/0x9e0
[   77.750957][ T5339]  ? __pfx_netlink_unicast+0x10/0x10
[   77.753469][ T5339]  ? __alloc_skb+0x198/0x3a0
[   77.755677][ T5339]  ? netlink_sendmsg+0x642/0xb30
[   77.757997][ T5339]  ? skb_put+0x11b/0x210
[   77.759964][ T5339]  netlink_sendmsg+0x805/0xb30
[   77.762050][ T5339]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.764343][ T5339]  ? aa_sock_msg_perm+0xf1/0x1b0
[   77.766407][ T5339]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   77.768926][ T5339]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.771310][ T5339]  __sock_sendmsg+0x21c/0x270
[   77.773485][ T5339]  ____sys_sendmsg+0x505/0x820
[   77.775671][ T5339]  ? __pfx_____sys_sendmsg+0x10/0x10
[   77.777902][ T5339]  ? import_iovec+0x74/0xa0
[   77.779871][ T5339]  ___sys_sendmsg+0x21f/0x2a0
[   77.781836][ T5339]  ? __pfx____sys_sendmsg+0x10/0x10
[   77.784396][ T5339]  ? futex_wait+0x285/0x360
[   77.786331][ T5339]  ? __fget_files+0x2a/0x420
[   77.788335][ T5339]  ? __fget_files+0x3a0/0x420
[   77.790423][ T5339]  __x64_sys_sendmsg+0x19b/0x260
[   77.792642][ T5339]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   77.795124][ T5339]  ? rcu_is_watching+0x15/0xb0
[   77.797295][ T5339]  do_syscall_64+0xec/0xf80
[   77.799515][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.802289][ T5339]  ? trace_irq_disable+0x37/0x100
[   77.804669][ T5339]  ? clear_bhb_loop+0x60/0xb0
[   77.807536][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.810225][ T5339] RIP: 0033:0x7f9646f8f7c9
[   77.812170][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.820636][ T5339] RSP: 002b:00007f9647e69038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.824112][ T5339] RAX: ffffffffffffffda RBX: 00007f96471e5fa0 RCX: 00007f9646f8f7c9
[   77.827533][ T5339] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 000000000000000c
[   77.830830][ T5339] RBP: 00007f9647013f91 R08: 0000000000000000 R09: 0000000000000000
[   77.834153][ T5339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   77.837523][ T5339] R13: 00007f96471e6038 R14: 00007f96471e5fa0 R15: 00007ffce1ae83d8
[   77.841110][ T5339]  </TASK>
[   77.842609][ T5339] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   77.845506][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   77.848827][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.853838][ T5339] Call Trace:
[   77.855482][ T5339]  <TASK>
[   77.856835][ T5339]  vpanic+0x1e0/0x670
[   77.858654][ T5339]  panic+0xb9/0xc0
[   77.860345][ T5339]  ? __pfx_panic+0x10/0x10
[   77.862351][ T5339]  __warn+0x317/0x4b0
[   77.864170][ T5339]  ? rxe_pool_cleanup+0x48/0x60
[   77.866211][ T5339]  ? rxe_pool_cleanup+0x48/0x60
[   77.868240][ T5339]  __report_bug+0x288/0x500
[   77.870077][ T5339]  ? rxe_pool_cleanup+0x48/0x60
[   77.872102][ T5339]  ? __pfx___report_bug+0x10/0x10
[   77.874145][ T5339]  ? flush_workqueue_prep_pwqs+0x475/0x4f0
[   77.876507][ T5339]  ? __flush_workqueue+0x12be/0x14b0
[   77.878685][ T5339]  ? rxe_pool_cleanup+0x48/0x60
[   77.880869][ T5339]  report_bug+0x16a/0x220
[   77.882583][ T5339]  ? rxe_pool_cleanup+0x48/0x60
[   77.884498][ T5339]  ? rxe_pool_cleanup+0x4a/0x60
[   77.886600][ T5339]  handle_bug+0x98/0x200
[   77.888430][ T5339]  exc_invalid_op+0x1a/0x50
[   77.890459][ T5339]  asm_exc_invalid_op+0x1a/0x20
[   77.892624][ T5339] RIP: 0010:rxe_pool_cleanup+0x48/0x60
[   77.895021][ T5339] Code: 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 20 b7 a4 f9 48 83 3b 00 75 0c e8 75 0c 3d f9 5b c3 cc cc cc cc cc e8 69 0c 3d f9 90 <0f> 0b 90 5b c3 cc cc cc cc cc 66 66 66 66 66 2e 0f 1f 84 00 00 00
[   77.903167][ T5339] RSP: 0018:ffffc9000e58f038 EFLAGS: 00010246
[   77.905854][ T5339] RAX: ffffffff8883faf7 RBX: ffff8880441893d8 RCX: 0000000000100000
[   77.909342][ T5339] RDX: ffffc90020ce2000 RSI: 00000000000fffff RDI: 0000000000100000
[   77.912802][ T5339] RBP: ffff8880441890b8 R08: ffff8880441887b3 R09: 1ffff110088310f6
[   77.916139][ T5339] R10: dffffc0000000000 R11: ffffffff888236a0 R12: dffffc0000000000
[   77.920250][ T5339] R13: dffffc0000000000 R14: ffffffff888236a0 R15: dffffc0000000000
[   77.924775][ T5339]  ? __pfx_rxe_dealloc+0x10/0x10
[   77.927290][ T5339]  ? __pfx_rxe_dealloc+0x10/0x10
[   77.929552][ T5339]  ? rxe_pool_cleanup+0x47/0x60
[   77.931841][ T5339]  ? rxe_pool_cleanup+0x47/0x60
[   77.934073][ T5339]  rxe_dealloc+0x27/0xc0
[   77.936024][ T5339]  ? __pfx_rxe_dealloc+0x10/0x10
[   77.938292][ T5339]  ib_dealloc_device+0x54/0x200
[   77.940653][ T5339]  __ib_unregister_device+0x393/0x3f0
[   77.943017][ T5339]  ? __pfx_ib_device_get_by_index+0x10/0x10
[   77.945275][ T5339]  ib_unregister_device_and_put+0xb8/0xf0
[   77.947365][ T5339]  nldev_dellink+0x2d1/0x320
[   77.949105][ T5339]  ? __pfx_nldev_dellink+0x10/0x10
[   77.951080][ T5339]  ? apparmor_capable+0x137/0x1a0
[   77.952975][ T5339]  ? bpf_lsm_capable+0x9/0x20
[   77.954773][ T5339]  ? security_capable+0x7e/0x2e0
[   77.956950][ T5339]  ? __pfx_nldev_dellink+0x10/0x10
[   77.959243][ T5339]  rdma_nl_rcv+0x6ae/0x980
[   77.961285][ T5339]  ? __pfx_rdma_nl_rcv+0x10/0x10
[   77.963570][ T5339]  ? netlink_deliver_tap+0x2e/0x1b0
[   77.965885][ T5339]  netlink_unicast+0x82f/0x9e0
[   77.968042][ T5339]  ? __pfx_netlink_unicast+0x10/0x10
[   77.970196][ T5339]  ? __alloc_skb+0x198/0x3a0
[   77.971829][ T5339]  ? netlink_sendmsg+0x642/0xb30
[   77.973760][ T5339]  ? skb_put+0x11b/0x210
[   77.975533][ T5339]  netlink_sendmsg+0x805/0xb30
[   77.977565][ T5339]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.979829][ T5339]  ? aa_sock_msg_perm+0xf1/0x1b0
[   77.981908][ T5339]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   77.984124][ T5339]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.986278][ T5339]  __sock_sendmsg+0x21c/0x270
[   77.987957][ T5339]  ____sys_sendmsg+0x505/0x820
[   77.989609][ T5339]  ? __pfx_____sys_sendmsg+0x10/0x10
[   77.991834][ T5339]  ? import_iovec+0x74/0xa0
[   77.993711][ T5339]  ___sys_sendmsg+0x21f/0x2a0
[   77.995756][ T5339]  ? __pfx____sys_sendmsg+0x10/0x10
[   77.997927][ T5339]  ? futex_wait+0x285/0x360
[   77.999848][ T5339]  ? __fget_files+0x2a/0x420
[   78.001671][ T5339]  ? __fget_files+0x3a0/0x420
[   78.003538][ T5339]  __x64_sys_sendmsg+0x19b/0x260
[   78.005509][ T5339]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   78.007706][ T5339]  ? rcu_is_watching+0x15/0xb0
[   78.009546][ T5339]  do_syscall_64+0xec/0xf80
[   78.011257][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.013797][ T5339]  ? trace_irq_disable+0x37/0x100
[   78.016027][ T5339]  ? clear_bhb_loop+0x60/0xb0
[   78.018191][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.020832][ T5339] RIP: 0033:0x7f9646f8f7c9
[   78.022848][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.031214][ T5339] RSP: 002b:00007f9647e69038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.035532][ T5339] RAX: ffffffffffffffda RBX: 00007f96471e5fa0 RCX: 00007f9646f8f7c9
[   78.039713][ T5339] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 000000000000000c
[   78.043507][ T5339] RBP: 00007f9647013f91 R08: 0000000000000000 R09: 0000000000000000
[   78.047681][ T5339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.051918][ T5339] R13: 00007f96471e6038 R14: 00007f96471e5fa0 R15: 00007ffce1ae83d8
[   78.055981][ T5339]  </TASK>
[   78.058058][ T5339] Kernel Offset: disabled
[   78.060348][ T5339] Rebooting in 86400 seconds..