a9c19be0897b121ad"}], 0x0, &(0x7f0000000c40)=[@txtime]}}], 0x55, 0x4000) 13:18:31 executing program 2: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self\x00', 0x400080, 0x0) 13:18:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x206000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:31 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x40a01, 0x0) 13:18:31 executing program 3: r0 = open$dir(&(0x7f0000001380)='./file0\x00', 0x4c0, 0x0) fsetxattr$security_evm(r0, &(0x7f00000013c0)='security.evm\x00', 0x0, 0x0, 0x0) 13:18:31 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x22, 0x0, 0x0) [ 2942.033526][T27563] net_ratelimit: 1 callbacks suppressed [ 2942.033554][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:32 executing program 2: setitimer(0xaa4f99428c2fb14f, 0x0, 0x0) 13:18:32 executing program 4: timer_create(0x6, &(0x7f0000000000)={0x0, 0x0, 0x1}, &(0x7f0000000040)) 13:18:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x20c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:32 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000013180)='/dev/zero\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000003780), 0x0, 0x0, 0x0, 0x7) 13:18:32 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000013180)='/dev/zero\x00', 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x7) 13:18:32 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000013180)='/dev/zero\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000003780)=[{0x0}], 0x1, 0x0, 0x0, 0x6) 13:18:32 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x4004, 0x0, 0x0) [ 2943.070125][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:32 executing program 2: openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x200000, 0x0) 13:18:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x212000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:33 executing program 5: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RREAD(r0, 0x0, 0x0) 13:18:33 executing program 3: open$dir(&(0x7f0000000040)='./file0\x00', 0x242641, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)) 13:18:33 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendto(r0, &(0x7f0000000080)='\x00'/10, 0x0, 0x20041814, 0x0, 0xfffffffffffffcca) [ 2943.478650][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:33 executing program 4: pipe(&(0x7f0000000480)={0xffffffffffffffff}) ioctl$CHAR_RAW_HDIO_GETGEO(r0, 0x301, 0x0) 13:18:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x218000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:33 executing program 2: r0 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0), 0x8, 0x0) r1 = signalfd4(r0, &(0x7f0000000100), 0x8, 0x0) write$P9_RMKNOD(r1, 0x0, 0x0) [ 2944.110417][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:33 executing program 3: pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$TCSBRK(r0, 0x5409, 0x0) 13:18:34 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000013180)='/dev/zero\x00', 0x0, 0x0) io_setup(0x0, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f0000000500)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}]) 13:18:34 executing program 0: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) r1 = signalfd4(r0, &(0x7f0000000080), 0x8, 0x0) write$P9_ROPEN(r1, 0x0, 0x0) 13:18:34 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLCREATE(r0, 0x0, 0x58) 13:18:34 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000013180)='/dev/zero\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000580), 0x0, 0x0, 0x0, 0x3) 13:18:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x21e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:34 executing program 3: open$dir(&(0x7f0000000040)='./file0\x00', 0x3c3641, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100, 0x7ff, &(0x7f0000000140)) 13:18:34 executing program 5: pipe2$9p(&(0x7f0000000100), 0x80000) 13:18:34 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) read$eventfd(r0, 0x0, 0x0) [ 2945.172988][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:35 executing program 4: openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x260802, 0x0) 13:18:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x224000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:35 executing program 2: timer_create(0x3, &(0x7f0000000000)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000040)) 13:18:35 executing program 5: r0 = socket$unix(0x1, 0x1, 0x0) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)=@sco={0x1f, @fixed}, 0x80) 13:18:35 executing program 3: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) write$P9_RREAD(r0, 0x0, 0x0) 13:18:35 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmsg(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x4000) 13:18:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x22a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:35 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0) read$char_raw(r0, 0x0, 0x39) [ 2946.200539][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:36 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x26801, 0x0) write$P9_RREAD(r0, 0x0, 0x0) 13:18:36 executing program 3: r0 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0), 0x8, 0x0) r1 = signalfd4(r0, &(0x7f0000000000), 0x8, 0x0) write$P9_RFLUSH(r1, 0x0, 0x0) 13:18:36 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x1, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000), 0x0) 13:18:36 executing program 0: pipe(&(0x7f0000000480)={0xffffffffffffffff}) ioctl$PIO_UNIMAP(r0, 0x4b67, 0x0) [ 2946.514925][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:36 executing program 4: openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x4000, 0x0) 13:18:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x240000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:36 executing program 2: timer_create(0x0, 0x0, &(0x7f0000000080)=0x0) timer_getoverrun(r0) 13:18:36 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000002380), 0x0, 0x0, 0x0) 13:18:36 executing program 3: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RFSYNC(r0, 0x0, 0x13) 13:18:37 executing program 0: open$dir(&(0x7f0000001380)='./file0\x00', 0x4c0, 0x84) [ 2947.231338][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:37 executing program 4: open$dir(&(0x7f0000000000)='./file0\x00', 0x242641, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x400, &(0x7f0000000240)) 13:18:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x24a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:37 executing program 2: execve(&(0x7f0000000040)='.\x00', 0x0, 0x0) 13:18:37 executing program 5: open$dir(&(0x7f0000001380)='./file0\x00', 0x440, 0x49) 13:18:37 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x1, 0x0) write$cgroup_type(r0, 0x0, 0xfffffffffffffe58) 13:18:37 executing program 0: r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) 13:18:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x254000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:38 executing program 4: semget(0x1, 0x1, 0x103) [ 2948.275143][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:38 executing program 2: 13:18:38 executing program 5: 13:18:38 executing program 3: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_ROPEN(r0, 0x0, 0x0) 13:18:38 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) sendmsg$sock(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="1e4d08", 0x1}], 0x1, 0x0, 0xffffff74}, 0x0) 13:18:38 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) syz_open_procfs$namespace(r1, &(0x7f00000000c0)='ns/user\x00') [ 2948.927875][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x25a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:38 executing program 2: mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, &(0x7f0000000040), 0xd, 0x3) 13:18:39 executing program 3: 13:18:39 executing program 5: [ 2949.320111][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2949.570203][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:39 executing program 4: 13:18:39 executing program 0: 13:18:39 executing program 2: 13:18:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x264000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:39 executing program 3: 13:18:39 executing program 5: [ 2950.349689][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:40 executing program 0: 13:18:40 executing program 4: 13:18:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x26a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:40 executing program 2: 13:18:40 executing program 3: 13:18:40 executing program 5: 13:18:40 executing program 4: 13:18:40 executing program 0: 13:18:41 executing program 2: 13:18:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x270000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:41 executing program 3: [ 2951.402767][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:41 executing program 5: 13:18:41 executing program 4: 13:18:41 executing program 0: 13:18:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x276000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:41 executing program 2: 13:18:41 executing program 3: 13:18:41 executing program 4: 13:18:42 executing program 0: 13:18:42 executing program 5: [ 2952.439685][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2952.590186][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:42 executing program 3: 13:18:42 executing program 2: 13:18:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x27c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:42 executing program 4: 13:18:42 executing program 0: 13:18:42 executing program 5: 13:18:43 executing program 3: 13:18:43 executing program 4: 13:18:43 executing program 2: 13:18:43 executing program 0: [ 2953.471050][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x282000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:43 executing program 5: 13:18:43 executing program 3: 13:18:43 executing program 4: 13:18:43 executing program 0: 13:18:44 executing program 2: 13:18:44 executing program 5: 13:18:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x288000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:44 executing program 3: [ 2954.520114][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:44 executing program 0: 13:18:44 executing program 4: 13:18:44 executing program 2: 13:18:44 executing program 5: 13:18:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x29e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:44 executing program 3: 13:18:45 executing program 0: 13:18:45 executing program 2: 13:18:45 executing program 4: [ 2955.560637][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:45 executing program 5: [ 2955.638233][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:45 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2a8000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:45 executing program 3: 13:18:45 executing program 0: 13:18:46 executing program 2: 13:18:46 executing program 5: 13:18:46 executing program 4: 13:18:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2b2000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2956.589986][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:46 executing program 3: 13:18:46 executing program 2: 13:18:46 executing program 0: 13:18:46 executing program 5: 13:18:46 executing program 4: 13:18:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2b8000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:47 executing program 3: 13:18:47 executing program 2: 13:18:47 executing program 0: [ 2957.632637][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:47 executing program 5: 13:18:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2c2000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:47 executing program 4: 13:18:47 executing program 3: 13:18:47 executing program 0: 13:18:48 executing program 5: 13:18:48 executing program 2: 13:18:48 executing program 4: [ 2958.512309][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2c8000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:48 executing program 3: [ 2958.681999][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2958.691052][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:48 executing program 0: 13:18:48 executing program 2: 13:18:48 executing program 5: 13:18:48 executing program 4: 13:18:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2ce000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:49 executing program 3: 13:18:49 executing program 0: 13:18:49 executing program 2: [ 2959.709659][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:49 executing program 4: 13:18:49 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sched_setscheduler(0x0, 0x5, &(0x7f0000000180)) syz_open_procfs(0xffffffffffffffff, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, 0x0) 13:18:49 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) r1 = dup2(r0, r0) sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close(r0) openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x0, 0x0) tkill(r2, 0x1000000000016) 13:18:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2d4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[], 0x24}}, 0x4000004) 13:18:50 executing program 2: socketpair$unix(0x1, 0x200000005, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003b40)=[{{&(0x7f0000002d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) write$P9_RUNLINKAT(r0, 0x0, 0x0) dup3(r0, r2, 0x0) getpeername(r1, &(0x7f0000000180)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000080)=0x41a) read(r3, 0x0, 0x0) 13:18:50 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffc47, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close(r0) pipe(&(0x7f00000003c0)) tkill(r2, 0x1000000000016) 13:18:50 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff}) sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f00000011c0)={0xfffffffffffffffe, 0x0, &(0x7f0000001180)={0x0}}, 0x0) 13:18:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2da000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2960.753170][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:50 executing program 3: r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self\x00', 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 13:18:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8) dup3(r0, r1, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:18:50 executing program 0: r0 = getpid() r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000400)) ptrace$setregset(0x4206, r0, 0x6, 0x0) 13:18:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TIOCSLCKTRMIOS(r0, 0x541b, &(0x7f0000000140)) [ 2961.709658][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2961.789678][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:51 executing program 5: r0 = socket$inet(0x2, 0x3, 0x3) getsockopt$sock_linger(r0, 0x1, 0xd, 0x0, &(0x7f0000000040)) 13:18:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2e0000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:51 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r1, r0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x7, 0x0, 0x0) 13:18:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003b40)=[{{&(0x7f0000002d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) write$P9_RUNLINKAT(r0, 0x0, 0x0) dup3(r0, r2, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) 13:18:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffc47, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) write$binfmt_elf32(r1, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) close(r1) r2 = gettid() socket$nl_crypto(0x10, 0x3, 0x15) tkill(r2, 0x1000000000016) 13:18:51 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syncfs(r0) 13:18:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2e6000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r0, r2) r3 = dup2(r2, r1) ioctl$TIOCL_UNBLANKSCREEN(r3, 0x540c, 0x0) 13:18:52 executing program 3: r0 = memfd_create(&(0x7f0000000080)='cgroup^selinuxwlan0))vboxnet1vboxnet0$-{-,vmnet1bvmnet0!ppp1\x00', 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) dup2(r0, r1) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r1, 0x541b, 0x960000) 13:18:52 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000500)='/dev/loop#\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x0, 0x0) dup3(r0, r1, 0x0) ioctl$CHAR_RAW_GETSIZE(r1, 0x1260, &(0x7f0000000080)) [ 2962.846677][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2fc000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:52 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000074c0)='/dev/vcsa\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0) 13:18:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r1, r0) bind$inet6(r0, &(0x7f00000006c0)={0xa, 0x0, 0x0, @empty}, 0x1c) 13:18:53 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000300)) 13:18:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000640), 0x0, 0x6048080, &(0x7f0000000600)=ANY=[], 0x0) [ 2963.872475][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:54 executing program 2: r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NLBL_UNLABEL_C_ACCEPT(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 13:18:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x300200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:54 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:18:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) dup3(r0, r1, 0x0) ioctl$TIOCCBRK(r1, 0x5428) 13:18:54 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x4004) 13:18:54 executing program 0: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80340, 0x0) close(r0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) 13:18:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x306000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:54 executing program 0: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000003100)='/dev/vcs\x00', 0x0, 0x0) dup3(r0, r1, 0x0) ioctl$KDDISABIO(r1, 0x4b37) 13:18:54 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r0, &(0x7f0000002380)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, 0x0}, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={&(0x7f0000002580)={0x1c, 0x0, 0x70d}, 0x1c}}, 0x0) fcntl$getown(r1, 0x9) [ 2964.754862][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:54 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r0, 0x0, 0x0) 13:18:54 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 2964.920618][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:54 executing program 2: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0) 13:18:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x310000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:55 executing program 0: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) close(r0) r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) accept4$packet(r0, 0x0, 0x0, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 13:18:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000003700)='/dev/net/tun\x00', 0x0, 0x0) dup2(r0, r1) getsockopt$inet_int(r1, 0x0, 0x3, 0x0, &(0x7f0000006900)) 13:18:55 executing program 3: r0 = socket$inet(0x2, 0x2000000001, 0x0) r1 = dup(r0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x200, 0x4) connect$inet(r0, &(0x7f0000000780)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, 0x0, 0x0) recvfrom(r0, 0x0, 0xfffffffffffffe9b, 0x2000, 0x0, 0x85) sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 13:18:55 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcsa\x00', 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) dup2(r1, r0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000001800), 0x4) 13:18:55 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 2965.950634][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x316000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:56 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) r1 = dup2(r0, r0) connect$netlink(r1, &(0x7f0000000000)=@unspec, 0xc) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000280)="be", 0x1}], 0x1) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0xc800) 13:18:56 executing program 0: socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000004c0)={0x0, 0x5c, &(0x7f0000000480)={0x0}}, 0x0) recvfrom(r1, 0x0, 0xffffffffffffff19, 0x40012000, 0x0, 0xfffffffd) 13:18:56 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x40804) 13:18:56 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x8953, &(0x7f0000000000)) 13:18:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x320000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:56 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:18:56 executing program 4: r0 = inotify_init1(0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) [ 2967.010971][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:56 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) dup2(r1, r0) ioctl$FS_IOC_SETFSLABEL(r0, 0x5427, 0x0) 13:18:57 executing program 2: r0 = socket$nl_crypto(0x10, 0x3, 0x15) r1 = dup2(r0, r0) sched_setscheduler(0x0, 0x5, &(0x7f0000000180)) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$TIOCGISO7816(r1, 0x80285442, 0x0) 13:18:57 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000040)=""/18, &(0x7f0000000080)=0x12) 13:18:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x326000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:57 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close(r0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 13:18:57 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) [ 2967.795480][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:57 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 13:18:57 executing program 3: r0 = socket(0x40000000002, 0x3, 0x2) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x14, 0x0, 0x400000000000) [ 2968.030541][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x32c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2968.110805][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:58 executing program 4: r0 = socket(0xa, 0x1, 0x0) sendmsg$inet6(r0, &(0x7f00000005c0)={&(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c, 0x0}, 0x20000000) sendmmsg$inet6(r0, &(0x7f0000005440)=[{{0x0, 0xab, 0x0}}], 0x1, 0x69112c952f72931c) 13:18:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x332000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:58 executing program 3: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000074c0)='/dev/vcsa\x00', 0x0, 0x0) ioctl$EVIOCGVERSION(r0, 0x80044501, 0x0) [ 2969.071133][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:18:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x338000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:18:59 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) flock(r0, 0x8) 13:18:59 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x200000000001, 0x0) bind$unix(r1, &(0x7f0000366000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r2 = accept4$packet(r1, 0x0, 0x0, 0x0) ioctl$sock_proto_private(r2, 0x2, &(0x7f0000000080)) 13:18:59 executing program 3: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000700)={{}, {0x77359400}}, 0x0) 13:18:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x33e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2970.115917][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2970.833629][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2970.864931][T29248] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2970.917337][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2970.943543][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2971.166777][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2972.189743][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2973.230399][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:03 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) 13:19:03 executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r2 = fcntl$dupfd(r1, 0x0, r1) write$cgroup_devices(r2, 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r4, r3) tkill(r0, 0x1000000000016) 13:19:03 executing program 0: r0 = inotify_init() close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) write$P9_RSYMLINK(r0, 0x0, 0x0) 13:19:03 executing program 3: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 13:19:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x344000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:03 executing program 2: pipe2$9p(&(0x7f0000002580)={0xffffffffffffffff}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 13:19:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x35a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:03 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x2000, 0xa1) [ 2974.032390][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:03 executing program 0: chroot(&(0x7f0000001600)='.\x00') openat$vcs(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/vcs\x00', 0x0, 0x0) 13:19:03 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup2(r0, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000040)=[@window, @timestamp, @window, @window], 0x4) [ 2974.272880][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x364000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:04 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0), 0x40f) [ 2975.309942][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2976.350339][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2977.069324][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2977.389623][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2977.712019][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2978.440328][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:08 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) 13:19:08 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = syz_open_dev$vcsa(&(0x7f0000000380)='/dev/vcsa#\x00', 0x6, 0x0) dup3(r0, r1, 0x0) sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 13:19:08 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r0, &(0x7f0000002380)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, 0x0}, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04"], 0x14}}, 0x0) dup3(r0, r1, 0x0) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:19:08 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) dup3(r1, r0, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0) 13:19:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x4805) 13:19:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x36e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:08 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) r1 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) ioctl$EVIOCGREP(r2, 0x80084503, 0x0) 13:19:08 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010005, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 13:19:08 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/snmp6\x00') write$binfmt_elf32(r0, 0x0, 0x0) 13:19:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x374000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:09 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0) [ 2979.484640][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:09 executing program 3: r0 = open$dir(&(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x0) fchmodat(r0, &(0x7f00000000c0)='./file0\x00', 0x2) [ 2980.111992][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2980.521682][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2981.560333][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2982.589846][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2983.150494][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2983.632022][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:13 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x37e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:13 executing program 0: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) r1 = dup(r0) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x5421, &(0x7f0000000300)) 13:19:13 executing program 4: sched_setscheduler(0x0, 0x5, &(0x7f0000000040)) socketpair$nbd(0x1, 0x1, 0x0, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) 13:19:13 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000180)={0x6, 'tunl0\x00'}) 13:19:13 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) dup2(r1, r0) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:19:13 executing program 0: socketpair(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) dup2(r0, r1) sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 13:19:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x388000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:13 executing program 3: r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x80440, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000005280)) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 13:19:13 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000010c0)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname(r2, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000080)=0x80) dup3(r2, r3, 0x0) sendmsg$NET_DM_CMD_START(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x0) 13:19:14 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:14 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) r2 = dup3(r0, r1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r0) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x48000) 13:19:14 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x38e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2984.672915][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:14 executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x200000000001, 0x0) bind$unix(r1, &(0x7f0000366000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r2 = dup3(r1, r0, 0x0) r3 = accept4$packet(r2, 0x0, 0x0, 0x0) ioctl$BLKALIGNOFF(r3, 0x5451, 0x0) 13:19:14 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGBITKEY(r0, 0x80404521, 0x0) 13:19:15 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcsa\x00', 0x0, 0x0) close(r0) socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:19:15 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x394000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_BSS(r0, 0x0, 0x0) 13:19:15 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffc47, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={0x0}}, 0x0) close(r0) r2 = gettid() socket$packet(0x11, 0x2, 0x300) tkill(r2, 0x1000000000016) 13:19:15 executing program 3: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000080)=""/2, 0x31) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280)) dup2(r1, r0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000880)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) tkill(r2, 0x1000000000015) [ 2985.729551][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x39c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:15 executing program 2: r0 = socket$nl_crypto(0x10, 0x3, 0x15) syncfs(r0) 13:19:16 executing program 3: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x0, 0x0) fsetxattr$security_capability(r0, 0x0, 0x0, 0x0, 0x0) [ 2986.190059][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:16 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:16 executing program 0: r0 = socket(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x4000) sendmsg$unix(r0, &(0x7f0000000500)={&(0x7f0000000000)=@abs, 0x6e, 0x0}, 0x20000110) 13:19:16 executing program 4: pselect6(0x40, &(0x7f0000000340), 0x0, 0x0, &(0x7f0000000a00), 0x0) 13:19:16 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3c4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2986.763956][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:16 executing program 2: r0 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) dup2(r1, r0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 13:19:16 executing program 3: open$dir(&(0x7f0000000080)='./file0\x00', 0x80441, 0x0) sched_setscheduler(0x0, 0x5, &(0x7f0000000040)) socketpair$nbd(0x1, 0x1, 0x0, 0x0) setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0) 13:19:16 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:17 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockname(r0, &(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, &(0x7f0000000240)=0x80) ioctl$BLKIOMIN(r1, 0x5450, 0x0) [ 2987.310216][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3c8000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:17 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000780)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000100), 0x1b5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = accept4$packet(r0, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) [ 2987.791139][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:17 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:17 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0), 0x8, 0x0) dup2(r0, r1) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x4, 0x0, 0x0) 13:19:17 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x40000) [ 2988.061334][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 2988.112109][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 13:19:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3cc000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:18 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000780)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000100), 0x1b5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = accept4$packet(r0, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) 13:19:18 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x40000) [ 2988.693716][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 13:19:18 executing program 4: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x4, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, 0x0, 0x0) [ 2988.832791][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 2989.230140][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:19 executing program 3: sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x0) 13:19:19 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3d2000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:19 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000002a00)={0x0, 0x0, &(0x7f00000029c0)={0x0}}, 0x2000c004) 13:19:19 executing program 0: pipe2$9p(&(0x7f0000001100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_ROPEN(r0, 0x0, 0x0) 13:19:19 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000fc0), 0x0, 0x8086) 13:19:19 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$sock_timeval(r0, 0x1, 0x0, &(0x7f0000000000)={0x0, 0x2710}, 0x10) 13:19:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={0x0}}, 0x48800) 13:19:19 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3de000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) getrandom(&(0x7f00000010c0)=""/4128, 0x1020, 0x0) ioctl$KDSKBSENT(r1, 0x4b49, 0x0) [ 2989.910011][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:19 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={0x0}}, 0x0) close(r0) socket$netlink(0x10, 0x3, 0x2) tkill(r2, 0x1000000000016) 13:19:20 executing program 0: r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self\x00', 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$unix(r0, 0x0, 0x0, 0x0) 13:19:20 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:20 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup2(r1, r0) getsockopt(r0, 0x0, 0x7, 0x0, &(0x7f00000005c0)) 13:19:20 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) dup2(r1, r0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) 13:19:20 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3e4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2990.990743][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:20 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0x5452, 0x5078fc) 13:19:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}}, 0x4000001) 13:19:21 executing program 5: write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:21 executing program 2: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0) 13:19:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3ea000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:21 executing program 4: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002780)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000100)="339c9416fbd0704565b28a8030", 0xd}], 0x1}}], 0x1, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r0, 0x890c, &(0x7f00000000c0)=@get={0x1, 0x0}) 13:19:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x4004804) 13:19:21 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffc47, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="0000ffd2927e19393d70915928ccce8ab712c3becf455aecef75094fb5e684", @ANYRES16=0x0, @ANYBLOB="000000000000000000006b00000059fe6d30f58f3c13326c32a4c1ec68eb94e742726c4380cff33302ba9c0009238f106914811e5f6d23e0a66e60ed8b0933d5fa8e537a4191961e08e42dcbee29b889917eea058e5e000000004739ce46fec334b0659d69a01108eb24"], 0x14}}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close(r0) socket$inet_udp(0x2, 0x2, 0x0) tkill(r2, 0x1000000000016) 13:19:21 executing program 2: r0 = socket(0xa, 0x1, 0x0) sendmsg$inet6(r0, &(0x7f0000002a40)={&(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}, 0x20000068) sendmsg$FOU_CMD_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0) sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000300)={&(0x7f0000000100), 0xc, &(0x7f00000002c0)={0x0}}, 0x20010080) [ 2992.033695][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:21 executing program 5: write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:21 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8953, &(0x7f0000000280)) 13:19:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x400000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2992.277227][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:22 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000440)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000140), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) connect$netlink(r1, &(0x7f0000000000)=@unspec, 0xc) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0}}, 0x0) 13:19:22 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x21, &(0x7f00000009c0), 0x4) 13:19:22 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000400)) 13:19:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x400100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:22 executing program 4: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000074c0)='/dev/vcsa\x00', 0x0, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, 0x0, 0x0) 13:19:22 executing program 5: write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:22 executing program 3: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000600)=""/11, 0x232) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)) dup2(r1, r0) ioctl$sock_proto_private(r0, 0x0, 0x0) [ 2993.079767][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:23 executing program 4: openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r0 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x5421, &(0x7f0000000300)) 13:19:23 executing program 0: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000300), 0x8) close(r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0), 0x2000000000000374) 13:19:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x400300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:23 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = inotify_init() dup3(r0, r1, 0x0) sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 13:19:23 executing program 5: r0 = syz_open_dev$evdev(0x0, 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x0, 0x0) dup2(r0, r1) write$P9_RRENAME(r1, 0x0, 0x0) 13:19:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x400a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2994.113377][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x4004001) 13:19:24 executing program 5: r0 = syz_open_dev$evdev(0x0, 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:24 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000580)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 13:19:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:24 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) dup3(r1, r0, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:19:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r0, &(0x7f0000002380)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, 0x0}, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={&(0x7f0000002580)={0x1c, 0x0, 0x70d}, 0x1c}}, 0x0) dup3(r0, r1, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) 13:19:24 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x400d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:24 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) ioctl$TIOCSPGRP(r1, 0x80045432, 0x0) 13:19:24 executing program 5: r0 = syz_open_dev$evdev(0x0, 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 2995.156686][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:25 executing program 4: socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000004c0)={0x0, 0x5c, &(0x7f0000000480)={0x0}}, 0x0) recvfrom(r1, &(0x7f0000000080)=""/73, 0x49, 0x0, 0x0, 0x0) [ 2995.314589][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:25 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x0, 0x0) dup3(r0, r1, 0x0) ioctl$TIOCGISO7816(r1, 0x540a, 0x0) 13:19:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) ioctl$F2FS_IOC_DEFRAGMENT(r0, 0x400454c8, 0x0) 13:19:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x400e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:25 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 2996.196545][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:26 executing program 0: r0 = socket$nl_generic(0x2, 0x2, 0x88) r1 = timerfd_create(0x0, 0x0) dup2(r1, r0) timerfd_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0) 13:19:26 executing program 3: r0 = socket(0x11, 0x3, 0x0) sendmsg(r0, &(0x7f0000000380)={&(0x7f0000000040)=@nfc={0x27, 0x1}, 0x80, 0x0}, 0x0) 13:19:26 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x401700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:26 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) r1 = timerfd_create(0x0, 0x0) dup3(r0, r1, 0x0) preadv(r1, 0x0, 0x0, 0x0, 0x0) 13:19:26 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x200000ee) setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000140)={'syztnl1\x00', 0x0}) mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 13:19:26 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 2996.917284][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:26 executing program 0: r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) connect$unix(r0, &(0x7f0000000140)=@abs, 0x6e) [ 2997.250960][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x401b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, 0x0, &(0x7f0000000140)) 13:19:27 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) close(r0) socket$inet_udp(0x2, 0x2, 0x0) tkill(r2, 0x1000000000016) 13:19:27 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:27 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0xc000) 13:19:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x402000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:27 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000000)) 13:19:27 executing program 2: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x183105, 0x0) write$P9_RMKNOD(r0, 0x0, 0x0) 13:19:28 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000780)='/dev/autofs\x00', 0x0, 0x0) close(r2) fcntl$dupfd(r0, 0x0, r1) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) [ 2998.283937][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:28 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 2998.359205][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x402200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:28 executing program 0: r0 = getpid() prlimit64(r0, 0x4, 0x0, &(0x7f0000000040)) 13:19:28 executing program 4: r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40, 0x0) close(r0) socket$inet_udp(0x2, 0x2, 0x0) bind(r0, &(0x7f0000000040)=@nl=@unspec, 0x80) 13:19:28 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 13:19:28 executing program 3: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) dup2(r1, r0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x29, 0x6, 0x0, 0x0) 13:19:28 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x402500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 2999.332356][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:29 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) dup3(r0, r1, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={0x0}}, 0x0) 13:19:29 executing program 4: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x88040, 0x0) close(r0) socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, &(0x7f0000000140)) 13:19:29 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000600)=""/11, 0x232) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000280)) dup2(r1, r0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, 0x0) 13:19:29 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:29 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = dup3(r0, r1, 0x0) r3 = dup2(r2, r0) ioctl$TIOCSTI(r3, 0x5412, 0x0) 13:19:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x402600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:29 executing program 0: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = dup2(r1, r1) sendmsg$DCCPDIAG_GETSOCK(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 13:19:30 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_WOL_SET(r0, 0x0, 0x0) [ 3000.352373][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x40) 13:19:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x4004010) 13:19:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x402d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4000000) 13:19:30 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:30 executing program 4: setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x538) connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hwrng\x00', 0x0, 0x0) r1 = dup2(0xffffffffffffffff, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000880)='/dev/net/tun\x00', 0x0, 0x0) r3 = dup2(r2, r2) ioctl$KDFONTOP_COPY(r3, 0x4b72, 0x0) 13:19:31 executing program 2: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r1, r0, 0x0) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) 13:19:31 executing program 0: sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, 0x0, 0x2dbaaa5dc16aaa2f) 13:19:31 executing program 3: symlinkat(&(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00') execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) [ 3001.390952][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3001.400156][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x403400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:31 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) gettid() sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) ioctl$BTRFS_IOC_RM_DEV(r0, 0x5000940b, &(0x7f0000000300)={{r0}, "4815845ebb875f6430b304f71e4db7d2bce72913911ae258054bac5bacbe38ff9f3d007f91906eed88adf44ac44c654b35e9b47b446ae9228b2f8dd1e0c1d9764ea0f2a63d519590806e4a0d80e97b8f70dad603cd35eb2ac5a3fb4951d63d0a26fa8d5d7e409c621c27fed322a59fd1484feb2e56cfb0973e46db75531916d95ad044fcc4f498548d52e9967b93ea6f378aa40efeef9d57a8913e42fd53c73d5257ae835f33abaacc83bba5c2c4a99d2f0f0f5c11277e398213aab14f27555d5e543aa26bef139a3c65d4e975a4da0d826a4b1b942f5f673b33ee68678337f0e1e84d64051478fe1d234e8ffed378e1a50872d9b81df9a770804b78d23e11f1d919411104ff3925a1de589f5ac17e713e40b05f87c34d8cd84bf5e62f9e42db449efb34a1708a78ae2ee768368842126ce10bfa4c07c006a297855f57539eb24aa722f5551fb543728d7906182c446ded6e6f3322610637fe32dca3fc6f63aabc54bcf8f1ad52377435085325da8936db6ebd67cbef3b8cc543fc7aac86acb153600c4e25e49e086423439b4fde1bef5684ef19a8af76815a2a3a8534eb192d331b2b79e6edf7e0af18b07163e3ea0fb1638c3e476b638b70481206ad38385c3c248ae5eba6b6667f53d02ee9f4a8fb64f3f21159308ef0271b3b8f71edb2887f4fc0f7834fe2f7a5bc045cff84758c4a82423ae3cc205aec0fbe2b77a258d2c6024aa439a76a637902e519b0a5201d5d065f25ca3ef7a86b001068b62548e0d577f1b2608e728ffd919d8c13e6bd54ae0c2124ecd79c9106f2681193760959d2f5b2da734280625825a4b7e2f04d5591163c279533d53b43e2e1fde7052c8c8271cd2abb81c536eb032afaf0b3412091e6684d13d30558832190b4115eda2974dced4ef73adcc33ab98dc0c712d2e19b08dc50b90e072a38f1f4235d2854698f492b2d6b3e40f6f0a538bb6eb07b89080a1ef9aed118bd84ab620248a0ee10093ec10b7ee3cd7fb36f1b35ac4c0980ab2853e0b49b3df4ad5ac92447ffcd02cba8f0b705f2841c4310b2b7225c5dea12245ebee721a68a88e3ff02b0c6c2c8e4f906a26e8e76eddea7b581f0214087e1d65e5bcbb7e0ec7724b4344006037f7297a8ca14ded8330e3fea850c9133cb4b209385e1c0f6adc3ecfa04104bd79f3dfb70263865d6bab4548266e40b57af6144ce6bf86ce9f1e3a49e77f5f4e2266fd3284026cf58771a9b813cbe66776acd33d155ee080e9e82e0e95998338e86be8d1b09be9d4cb3866b8ac73d5470460b7fd63a56b7407e5bbf19e51465c51c89bdfe326f6f5179b7b1f80d4fa19641d8ff7c4d8e72763e29cc48342ad15a38dec40210a601098df28cfe87ddd2d7c97fc7a58cfab97092c3b0e9c7bb58fe5de1b87778c453a4a118f0f6180263ef2487bbc299667c74df467d95e6a33b8990053e9e44acdf0256a3395562e69bd5732c70374d0dd11ae735f1ae62b9297d7cac6cbb4901821e5f4048529e28e802687264a902faa3ceff4f4ace5c73bf19b21a0b1816d4c3b79b6ac849f98986d72222803653f259c0c2c97380f9093ddd1eb1abe8071362d063f3c8bd4f1c16123f2dcef8f37e1e78c4782a03386207474ce2bee532e360980c301f6dfd4056883c93dfb108e05a2f52a6ef7c1d3e46ad433bbe5a497cd71999a4ff77fcd661bb5633c5e5946645aa945b99afe0137c2e18b3a62a38cf53a8614153c739e86cf1ec1e461216e3ac598cae834110e5b7fb4ba56c169dc6d67daa4c5171b1d98d3a9965be083086cc7ddc930c13544157cc7f6db2e82dd7a77264847f3804971ec5929b24374c15c59d8601053c9e02d4acdfb2ed7bb631db51ce5750265aaec2aa29a5ff4c70e53f77cbba096c9a9df6ebcd11621caff47fbf11100201f1b8d0a92bd778ca00387b4e407f69cbf9bf4c4ebc1b2822a4e269469e697ff5711a49c5bff41007b4bef34f4787a8fdfe551f9584d7d6980dd15752860462b010c995d2926d7544c7f2d90d5bf82a247d4817f6c5380305ea6db714e4a72856612995f50f880a2952b665c8fd3d42776cf0b8882a2a5b060c63bebcc430ddd56d468ae7fc4b85fb1840ddf22b422bac606c76f3b079394fd0b32f60e0f7384a7e6456fd06ca7ca66d540655d86a653685179eaac45764f1789fd845348e8b1a63f5d799a47fea00779f4ee59b30cdb363d6f156a3579d34de4d1f529013008c1970da9e2ba658797670a16e157e4117e1b3ad1f8be21c7711c389e18fbcb1226efd8d1a7289d3fb832b685f068fa6e8a52d4261af6975bc76df3ad1f17ad5ccb19595bf7a2c53762f76fd517b8f18e1ae9a98c6712cb0590836dc538f8fda4626e6578807e981d893b0a057a2d1d3be23d0e248ed9e868c198aaa7578234124ae04203a18456e57f8432d79de5827215f9e07b4a7ba70113db587c9bcc6fb92948203f8b6f8224e852bdc8234ef341538758dd7cabb31b7de79d9e9224baf28ecb7f5b3868f2a42302be28206cf745688c5129a39c424c622446e9ffad8e1620de7d2f5dd893cf957be496da1ce3d6b2de024f04c4aa922cfcb48af27eff8069ccfc7dd74ea69b3188aa7ab0013551072d06c254497bcf5404ded4bba66f0f2f16eed46854aea4cfedd4166749bcf0563c5c90d87257201d32a9dcce485c7aa7fc3f2d4fcd4a1c2d23b7dc1d3f6b673cf8641747268a809a80bc8cba9cbb673907144c26b7178203f48ada80e98fb74e41cd225996a0530cd1370b267a4d3c477f47a0e20666887c494d9eaf5e1ee3be4fa53dc554167123a6289cce35e4d993ca964c7a9b7c225d03004ce5165c3f9e8b41887d08c913020dc7d6386979f45dfce4720453ffff8a9b88735e24d702c7004adbaeb899514afe740c6292e25d57f1ebb212243ee777d880d6cdd3c504e52c670fd1f3890485d157b0e9e7ea4abb2b8c7203cd145c163adbd74f1529b587312c27857ae39396748ea87a3395ed475c9ce72f0c03e294a46a2c6b6209d750a9018b19dea3b63ebd72276f4ffb633fb3a5e6e8c7225e9a1210f39fdb1392a817119962b9a097f10f28e0dd4d383cfe4a9246c1acae11f7a4979dd4aeae397263d91d0a487e989e3c9293c64c0ba6a72723645af6c66895b367276410e8d78f1b9552a779523df67ff66ca64cbaea0d079bace09a9b8978837b4045cfb3ffc34d56fd6f35911ca5bac83935e2bace9e0403c2071516525e0c03320345a56c216c11635becccc1883532eff5924711e31913fc6005ae18e58dd611f1e5150857487d362dc93552b2d0452ca32d9cfe4d155be26f6428715743998b0fdd294dc20408f91db6d89243a3d96e0bfa17a880f68c6480882f06a654acaf057178fe699876308371487616eb8e69c9f9782aa5ddc86f63bdae392213545c444326be3131f2babb93594f5b4ead13728f5b8d5fa484f8e80944e210ab79d8e2029e3f5a050ce6904d7c0216c679534443addd5061484161a8fd4e866242f9ed834c51e303c7fbe6a216e39b3f90256fc08b90c3be48e52fe1858f51be4c039c01a3e7e2611ed2d36b1b260a251035dd0126ed06d7897db476c7950130955922c5aa09005b265d58a7781333851729bc5081ecdb690cf369b275491ad5c3e24e148605519846d9507686d1bf1e1aa447d6cea8d2ed84e7c199eb8255c31d3a32ff5d2b798e9dd8fb38872a7f2f29c1f479c1873aa6860d5d1db6632ddc272792d2fceeb8dbd23b2d29d96a052a511f31f7dec0e0554a8854c268c04ea7b24c4d9efe5d570cddaa52ecc2340a79c43e343e8dd1e9bdb40677dfff7f8a2725ec389c44e2be8bcc1a63dbaceb569f53f40c77ffd58be6fc3bf2a42010a680f2e4b55e1b0e7651fc6210155f3c0bf899b249e8e67c1598eaa0b30900a0f5bc333000836333a7e557ab9ec079868e7a9f1940c44ea23274b7e08f717d02ca91c2e4e47b3aa950dfe493c6230f65d1a3d46b952e7c412023cf71442f100dd69abc8b3a9528010870cba47ccbe06bb901327a2ef8fe830cfd452763ebffff652a6e60640bc681e629dae41d62a6914d2e0c531cedbdfb3f7d4094fe019ad53672512d1799d5f2e35c19d1fa29ef3e9860cc1cb9d9e4eff7ccc83230cb32cee7eb3c430446f026095d9b78518a151b9093c45579da8d4b62b2ff4d1e8b6e19779404c41b6d7c4fe5e2b6d1bd40624323539521e64044d5e94af05c9282e2433ff33e69658576697e02278fad3b1a46fc34faccee3d88c0dc4eb1502fbe4e814f5044ddf5709727be1843a6440c585bffa2cfa5bf6c00c2e83cde4fa4e3a29a220853812bef0398b73f6b482e0b8393d943f5072882589b0a9911563cb37185c824adb1fed1805f44f81fa6236b02ab4d66c02c4bc625fbcf4155eb96024b4229f504ce8bd2e0e0f42bc018828f11fa2475603b619af8cd697fa78f5ae507b7c1d2772f18b6e6ce5655da994c6624de6a4dac1d7d9976b15be05f83946f62fa146c430a213fdf46783ea628a8b7ace1ed029f7419c2efc3039e456d023d0c6aeebdcdf754c70606ca009bea8595b5dd389155f94ddce4b6f67bf013ff63a3901f4a7b37f4d32efda1bb761d767bfcf76d91127051344666bec88a7c42060b68eebe81486bdc9adfcdb9e9144ce1e2490b139e890c734270d5621ebb86337bd283158ef842045ecf5eb447321b41df092985fc6ff91bc49f8fa37b5dfc5e1c2a14cc38ba654390ceecf70b316b9bef7d8e61d6f79ad55d95f83fa8d2bf240c086770a6c0afbf09cdd116fce4bc1f98d9bcb91e5592ca751355ac1c5f89ff91ec9bf75a44b6ac4449ad5e036db26a4ad95ba64e1c5d850816e215d71eb85c63fb6926d8d6a2a59a8f222794dc4f74db1c0b56d671f32fc2ec33bd561a04a8b7021c4b62f37fe054d5fcee7262cfb8de5988eb00dae512c235740a9589ec207aec5f99be7d8323cfc813005dea3ddea24c00db573511e9b316ca79eda6e8b93ae4d2a9d416b7516a5fc44a30ec066721abfca313fb12f9180d92ccf6f79faafb69ed0fe7a9e688c338639c43dc0bf8769f262837654886da380a4f00d9b4fd950f0c67ef61e57f753291a72318990695185f1f8916e7ee047d0dae572affba1d3ecdd34fcc68320d1bbe3be5ecef178ffbab2726662cb081e1faaf66a1d86ea9bad2103a3a44a6633c52c0f43a5b1d936b30910e82c70f474ee2bea4401123f0130df9583cfddde44d0f01cc0a79cb07a1622943249cd8a169d088033ade9ab6f51110255254d400b71803c5d89916a2eb777c86d49e68adbe45947ddd47d760902c000a2991dbd1189b4ea3e1e000fee539fba73c0709d52bb87293e24990c8c6b853e58874e1303b557092966e85ab27e7722dfdd9a7146dee09a7431912c20059baaa78b228ffe20e2ea78c9d457833fb42f92586cb4fc9a453a0334fbf9885d9a1503c4867848be3706c8745b1f502a01ed830a63bd6340b2c23752ea47f73c6d057e4e382cdd226f6c2940ce20318426c5c5c4fbaa2e28dccf76c105aea13113a2f686a7b7fd09631e171f3a767d340de7033561935e2dfce2ee0987737b827694b63d667de2445edf01fdc00917e74d4e0e3124b73dc8ca7e48b2e85c36f2208e9f2d3a6968270cd6ccf5a677473ae2f65b82cd9f7666324635fd82b034ed2d1b14d80d2b25b0c48f2303782b0cc367a1c67be99f2c32e626d6c3e540c580c02c259e1918907435d4ee35724bcd41d9ed5d8a837dd73f8ab8aa73f1587b7635a759dde3"}) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000002c0)) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, r2, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x81}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x43bf}]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x8001) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x40000001) 13:19:31 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:31 executing program 0: socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SMC_PNETID_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 13:19:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={0x0}}, 0x2000c000) 13:19:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x403600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={0x0}}, 0xca2ff2490ed7a9a6) 13:19:32 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 3002.446114][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:32 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$FIBMAP(r0, 0x5421, &(0x7f0000000740)) 13:19:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xfffffffffffffc91}}, 0x0) 13:19:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x403700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:32 executing program 2: r0 = semget(0xffffffffffffffff, 0x1, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000000f40)=""/4096) 13:19:32 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000780)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000100), 0x1b5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = accept4$packet(r0, 0x0, 0x0, 0x0) ioctl$TIOCGSERIAL(r2, 0x541b, &(0x7f0000006100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 13:19:32 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x10) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:33 executing program 3: r0 = socket(0x10, 0x2, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x0) dup3(r0, r1, 0x0) sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) 13:19:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x403900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:33 executing program 0: r0 = creat(&(0x7f0000000380)='./file0\x00', 0x0) r1 = ioctl$NS_GET_PARENT(r0, 0x5421, 0x748000) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0x5450, 0x0) [ 3003.472143][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3003.497747][ T8760] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3003.543997][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3003.568051][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3003.593284][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 13:19:33 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) r1 = dup(r0) ioctl$EVIOCREVOKE(r1, 0x40044591, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 13:19:33 executing program 4: pselect6(0x0, 0x0, &(0x7f0000004080), &(0x7f00000040c0), &(0x7f0000004440), 0x0) 13:19:33 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x10) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x403c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:33 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$netlink(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x801) close(r0) socket$inet_udplite(0x2, 0x2, 0x88) tkill(r2, 0x1000000000016) 13:19:34 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000380)='/dev/vcsa#\x00', 0x6, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x5452, &(0x7f0000000000)) 13:19:34 executing program 2: r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) r1 = openat(r0, &(0x7f0000000300)='./file0\x00', 0x10042, 0x0) write$cgroup_subtree(r1, 0x0, 0x0) [ 3004.437632][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:34 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0xfffffffffffffc47, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) close(r0) socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14}, 0x14}}, 0x0) tkill(r2, 0x1000000000016) [ 3004.600798][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x403e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:34 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x10) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:34 executing program 0: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KDFONTOP_COPY(r0, 0x5450, 0x0) 13:19:34 executing program 2: r0 = signalfd(0xffffffffffffffff, &(0x7f0000001580), 0x8) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup3(r1, r0, 0x0) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000001fc0)={0x1, 0x0, 0x12, 0x1b, 0x1b3, 0x0}) 13:19:34 executing program 3: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) [ 3005.233755][T15695] raw_sendmsg: syz-executor.4 forgot to set AF_INET. Fix it! 13:19:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x404600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:35 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x10) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:35 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) r1 = dup(r0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x200, 0x4) connect$inet(r0, &(0x7f0000000780)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f0000000200)="96", 0x1, 0x0, 0x0, 0x0) recvfrom(r1, 0x0, 0x0, 0x2000, 0x0, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) [ 3005.634459][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:35 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) write$P9_RLOPEN(r0, 0x0, 0xff9c) 13:19:35 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x140, 0x0) close(r1) dup(r0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x3e, 0x0, 0xd) 13:19:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x800) 13:19:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x404900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:35 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x10) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:36 executing program 4: r0 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x5, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x5451, 0x0) 13:19:36 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) dup3(r0, r1, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x4, 0x0, &(0x7f00000006c0)) 13:19:36 executing program 2: sched_setscheduler(0x0, 0x5, &(0x7f0000000040)) syz_genetlink_get_family_id$nl80211(0x0) sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, 0x0, 0x0) [ 3006.519596][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:36 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) [ 3006.670541][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x404a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:36 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x10) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) dup3(r1, r0, 0x0) sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:19:37 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:37 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x4) write$binfmt_elf64(r0, 0x0, 0x0) 13:19:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x405200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3007.475889][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:37 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 3007.712717][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:37 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001240)='/dev/autofs\x00', 0x0, 0x0) ioctl$TUNSETGROUP(r0, 0x5451, 0x0) 13:19:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x405300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:37 executing program 4: socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000000)=0xfffffd33) 13:19:38 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000040), 0x1, 0x200408d4) 13:19:38 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x405900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:38 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4000800) 13:19:38 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0) 13:19:38 executing program 2: r0 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x5) r1 = dup(r0) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x100000289) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12}, &(0x7f0000000340)) timer_settime(0x0, 0x0, &(0x7f0000000880)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) timer_create(0x0, &(0x7f00000002c0)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) ioctl$KDGKBLED(r1, 0x4b64, 0x0) [ 3008.773681][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:38 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4000080) 13:19:38 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) dup2(r1, r0) ioctl$PIO_UNIMAPCLR(r0, 0x5409, 0x0) 13:19:38 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x405b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:39 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x20048814) 13:19:39 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000480)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x2000021c) setsockopt$inet_buf(r1, 0x0, 0x24, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r2, 0x8982, &(0x7f0000000000)={0x7, 'syz_tun\x00'}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:39 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, 0x0, 0x0) 13:19:39 executing program 3: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) [ 3009.799162][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:39 executing program 4: open$dir(&(0x7f0000000000)='./file0\x00', 0x8040, 0xedb2ca51dc5aa014) 13:19:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x405c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3010.522091][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:40 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:40 executing program 3: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) [ 3010.862032][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:40 executing program 4: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$KDSETKEYCODE(r0, 0x541b, &(0x7f0000000480)) 13:19:40 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x1, 0x0) ioctl$FIDEDUPERANGE(r0, 0x5421, &(0x7f00000000c0)) 13:19:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x405d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:41 executing program 3: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000074c0)='/dev/vcsa\x00', 0x0, 0x0) getsockname$inet6(r0, 0x0, 0x0) 13:19:41 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 3011.876397][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:41 executing program 2: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r0 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000000)='cgroup.type\x00', 0x2, 0x0) write$nbd(r0, 0x0, 0x0) 13:19:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x408000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:41 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000001080)='/dev/input/event#\x00', 0x5, 0x0) ioctl$EVIOCRMFF(r0, 0x40044581, 0x0) 13:19:41 executing program 4: open$dir(&(0x7f0000000000)='./file0\x00', 0x60940, 0x0) chmod(&(0x7f0000000040)='./file0\x00', 0xc5) 13:19:41 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r1, r2) sendmsg$TIPC_NL_NODE_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 13:19:42 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0xd, &(0x7f00000000c0), 0x4) 13:19:42 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:42 executing program 0: timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000880)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000180)={0x77359400}, 0x10) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r2 = dup(r0) r3 = dup(r2) sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0) 13:19:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x40e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:42 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket$packet(0x11, 0x2, 0x300) bind$packet(r0, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) 13:19:42 executing program 2: mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x3c132, 0xffffffffffffff9c, 0x0) [ 3012.920063][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:43 executing program 3: r0 = open$dir(&(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000180)=""/251, 0xfb) 13:19:43 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x42a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3013.552445][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$TCSETSW(r0, 0x5403, 0x0) 13:19:43 executing program 4: openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self\x00', 0x2900, 0x0) 13:19:43 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, 0x0) [ 3013.962784][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:43 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x321, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000001040)="c3", 0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r1 = gettid() recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/199, 0xc7}], 0x1}}], 0x40003a0, 0x0, 0x0) tkill(r1, 0x14) r2 = fcntl$dupfd(r0, 0x0, r0) read$eventfd(r2, &(0x7f0000000040), 0x8) 13:19:44 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8903, &(0x7f0000000100)=ANY=[]) 13:19:44 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:19:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x430000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:44 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000003f80)={0x0, 0x0, &(0x7f0000003f40)={0x0}}, 0x0) 13:19:44 executing program 2: r0 = inotify_init1(0x0) close(r0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f00000000c0)) 13:19:44 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20010001, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) r1 = dup2(r0, r0) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) close(r0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) tkill(r2, 0x1000000000016) 13:19:44 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 3014.997405][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x43a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:19:45 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, &(0x7f0000000340)) 13:19:45 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) [ 3015.427071][T15888] not chained 20000 origins [ 3015.431635][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3015.440319][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3015.450410][T15888] Call Trace: [ 3015.453733][T15888] dump_stack+0x21c/0x280 [ 3015.458113][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3015.463906][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3015.469135][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3015.474894][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3015.480999][T15888] ? _copy_from_user+0x201/0x310 [ 3015.485977][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3015.491223][T15888] __msan_chain_origin+0x50/0x90 [ 3015.496215][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3015.501381][T15888] get_compat_msghdr+0x108/0x2b0 [ 3015.506360][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3015.510922][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3015.516258][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3015.521490][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3015.526811][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3015.531595][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3015.536385][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3015.541117][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3015.546346][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3015.552463][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3015.558648][T15888] __do_fast_syscall_32+0x129/0x180 [ 3015.563880][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3015.568760][T15888] do_SYSENTER_32+0x73/0x90 [ 3015.573324][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3015.579667][T15888] RIP: 0023:0xf7fcb549 [ 3015.583749][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3015.603374][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3015.611807][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3015.619795][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3015.627811][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3015.635801][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3015.643879][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3015.651880][T15888] Uninit was stored to memory at: [ 3015.656928][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3015.662698][T15888] __msan_chain_origin+0x50/0x90 [ 3015.667667][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3015.672793][T15888] get_compat_msghdr+0x108/0x2b0 [ 3015.677744][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3015.682260][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3015.686952][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3015.693039][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3015.699225][T15888] __do_fast_syscall_32+0x129/0x180 [ 3015.704436][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3015.709322][T15888] do_SYSENTER_32+0x73/0x90 [ 3015.713842][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3015.721118][T15888] [ 3015.723453][T15888] Uninit was stored to memory at: [ 3015.728495][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3015.734232][T15888] __msan_chain_origin+0x50/0x90 [ 3015.739181][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3015.744306][T15888] get_compat_msghdr+0x108/0x2b0 [ 3015.749276][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3015.753788][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3015.758584][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3015.764674][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3015.770866][T15888] __do_fast_syscall_32+0x129/0x180 [ 3015.776102][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3015.780974][T15888] do_SYSENTER_32+0x73/0x90 [ 3015.785506][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3015.791832][T15888] [ 3015.794180][T15888] Uninit was stored to memory at: [ 3015.799222][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3015.804958][T15888] __msan_chain_origin+0x50/0x90 [ 3015.809907][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3015.815032][T15888] get_compat_msghdr+0x108/0x2b0 [ 3015.819992][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3015.824504][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3015.829198][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3015.835283][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3015.841455][T15888] __do_fast_syscall_32+0x129/0x180 [ 3015.846673][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3015.851546][T15888] do_SYSENTER_32+0x73/0x90 [ 3015.856100][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3015.862432][T15888] [ 3015.864784][T15888] Uninit was stored to memory at: [ 3015.869830][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3015.875565][T15888] __msan_chain_origin+0x50/0x90 [ 3015.880518][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3015.885645][T15888] get_compat_msghdr+0x108/0x2b0 [ 3015.890862][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3015.895374][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3015.900075][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3015.906864][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3015.913065][T15888] __do_fast_syscall_32+0x129/0x180 [ 3015.918289][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3015.927947][T15888] do_SYSENTER_32+0x73/0x90 [ 3015.932483][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3015.938806][T15888] [ 3015.941140][T15888] Uninit was stored to memory at: [ 3015.946186][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3015.951928][T15888] __msan_chain_origin+0x50/0x90 [ 3015.956991][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3015.962122][T15888] get_compat_msghdr+0x108/0x2b0 [ 3015.967416][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3015.971938][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3015.976627][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3015.982716][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3015.988881][T15888] __do_fast_syscall_32+0x129/0x180 [ 3015.994098][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3015.998984][T15888] do_SYSENTER_32+0x73/0x90 [ 3016.003501][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3016.009824][T15888] [ 3016.012155][T15888] Uninit was stored to memory at: [ 3016.017198][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3016.022931][T15888] __msan_chain_origin+0x50/0x90 [ 3016.027879][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3016.033011][T15888] get_compat_msghdr+0x108/0x2b0 [ 3016.037966][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3016.042506][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3016.047196][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3016.053284][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3016.059453][T15888] __do_fast_syscall_32+0x129/0x180 [ 3016.064667][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3016.069622][T15888] do_SYSENTER_32+0x73/0x90 [ 3016.074146][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3016.080468][T15888] [ 3016.082813][T15888] Uninit was stored to memory at: [ 3016.087961][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3016.093700][T15888] __msan_chain_origin+0x50/0x90 [ 3016.098650][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3016.103776][T15888] get_compat_msghdr+0x108/0x2b0 [ 3016.108760][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3016.113276][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3016.117979][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3016.124082][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3016.130258][T15888] __do_fast_syscall_32+0x129/0x180 [ 3016.135474][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3016.140344][T15888] do_SYSENTER_32+0x73/0x90 [ 3016.144862][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3016.151182][T15888] [ 3016.153515][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3016.160219][T15888] do_recvmmsg+0xbf/0x22b0 [ 3016.164655][T15888] do_recvmmsg+0xbf/0x22b0 [ 3016.195593][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3016.326443][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:19:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x440000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3016.591179][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3017.237317][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3017.307631][T15888] not chained 30000 origins [ 3017.312232][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3017.320943][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3017.331040][T15888] Call Trace: [ 3017.334372][T15888] dump_stack+0x21c/0x280 [ 3017.338761][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3017.344563][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3017.349795][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3017.355389][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3017.361496][T15888] ? _copy_from_user+0x201/0x310 [ 3017.366465][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3017.371694][T15888] __msan_chain_origin+0x50/0x90 [ 3017.376673][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.381837][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.386826][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.391383][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3017.396716][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3017.401948][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3017.407361][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3017.412147][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3017.416939][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.422614][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3017.427847][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.433967][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.440332][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.445574][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.450464][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.455009][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.461359][T15888] RIP: 0023:0xf7fcb549 [ 3017.465451][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3017.485074][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3017.493505][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3017.501490][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3017.509472][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3017.517483][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3017.525469][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3017.533565][T15888] Uninit was stored to memory at: [ 3017.538607][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.544603][T15888] __msan_chain_origin+0x50/0x90 [ 3017.549557][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.554677][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.559618][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.564131][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.568846][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.574927][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.581098][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.587013][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.591876][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.596388][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.602708][T15888] [ 3017.605034][T15888] Uninit was stored to memory at: [ 3017.610072][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.615800][T15888] __msan_chain_origin+0x50/0x90 [ 3017.620748][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.625871][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.630820][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.635331][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.640019][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.646121][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.652290][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.657501][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.662366][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.666884][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.673293][T15888] [ 3017.675634][T15888] Uninit was stored to memory at: [ 3017.680682][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.686413][T15888] __msan_chain_origin+0x50/0x90 [ 3017.691363][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.696486][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.701436][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.705964][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.710656][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.716744][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.722935][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.728145][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.733008][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.737553][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.743875][T15888] [ 3017.746200][T15888] Uninit was stored to memory at: [ 3017.751233][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.756973][T15888] __msan_chain_origin+0x50/0x90 [ 3017.761936][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.767056][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.772000][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.776507][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.781722][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.787806][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.793975][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.799187][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.804068][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.808586][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.814936][T15888] [ 3017.817277][T15888] Uninit was stored to memory at: [ 3017.822343][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.828073][T15888] __msan_chain_origin+0x50/0x90 [ 3017.833024][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.838160][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.843120][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.847632][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.852327][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.858421][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.864595][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.869817][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.874676][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.879189][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.886569][T15888] [ 3017.888897][T15888] Uninit was stored to memory at: [ 3017.893946][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.899700][T15888] __msan_chain_origin+0x50/0x90 [ 3017.904664][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.909783][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.914729][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.919243][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.923945][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3017.930023][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3017.936209][T15888] __do_fast_syscall_32+0x129/0x180 [ 3017.941414][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3017.946271][T15888] do_SYSENTER_32+0x73/0x90 [ 3017.950794][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3017.957112][T15888] [ 3017.959438][T15888] Uninit was stored to memory at: [ 3017.964496][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3017.970304][T15888] __msan_chain_origin+0x50/0x90 [ 3017.975771][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3017.980907][T15888] get_compat_msghdr+0x108/0x2b0 [ 3017.985854][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3017.990362][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3017.995051][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.001129][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.007297][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.012529][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.017412][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.021930][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.028254][T15888] [ 3018.030616][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3018.037304][T15888] do_recvmmsg+0xbf/0x22b0 [ 3018.041774][T15888] do_recvmmsg+0xbf/0x22b0 [ 3018.276626][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3018.417369][T15888] not chained 40000 origins [ 3018.421965][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3018.430652][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3018.440743][T15888] Call Trace: [ 3018.444090][T15888] dump_stack+0x21c/0x280 [ 3018.448739][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3018.454529][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3018.460664][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3018.466243][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3018.472346][T15888] ? _copy_from_user+0x201/0x310 [ 3018.477312][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3018.482529][T15888] __msan_chain_origin+0x50/0x90 [ 3018.487593][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3018.492838][T15888] get_compat_msghdr+0x108/0x2b0 [ 3018.497808][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3018.502373][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3018.508219][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3018.513467][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3018.519133][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3018.523915][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3018.528707][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3018.533416][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3018.539080][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.545196][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.551385][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.556619][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.561501][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.566088][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.572540][T15888] RIP: 0023:0xf7fcb549 [ 3018.576634][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3018.596607][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3018.605069][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3018.613073][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3018.621232][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3018.629219][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3018.637216][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3018.645199][T15888] Uninit was stored to memory at: [ 3018.650255][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3018.656076][T15888] __msan_chain_origin+0x50/0x90 [ 3018.661003][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3018.666114][T15888] get_compat_msghdr+0x108/0x2b0 [ 3018.671331][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3018.675817][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3018.680488][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.686540][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.692705][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.697892][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.702740][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.707234][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.713536][T15888] [ 3018.715847][T15888] Uninit was stored to memory at: [ 3018.720879][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3018.726615][T15888] __msan_chain_origin+0x50/0x90 [ 3018.731552][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3018.736689][T15888] get_compat_msghdr+0x108/0x2b0 [ 3018.741618][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3018.746143][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3018.751102][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.757154][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.763298][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.768496][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.773372][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.777863][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.784165][T15888] [ 3018.786473][T15888] Uninit was stored to memory at: [ 3018.791487][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3018.797810][T15888] __msan_chain_origin+0x50/0x90 [ 3018.802758][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3018.807861][T15888] get_compat_msghdr+0x108/0x2b0 [ 3018.814193][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3018.818689][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3018.823367][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.829551][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.835722][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.840943][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.845811][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.850319][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.856706][T15888] [ 3018.859024][T15888] Uninit was stored to memory at: [ 3018.864147][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3018.869873][T15888] __msan_chain_origin+0x50/0x90 [ 3018.874836][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3018.879937][T15888] get_compat_msghdr+0x108/0x2b0 [ 3018.884859][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3018.889348][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3018.894151][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.900221][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.906464][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.911677][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.916525][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.921023][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.927326][T15888] [ 3018.929644][T15888] Uninit was stored to memory at: [ 3018.934683][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3018.940402][T15888] __msan_chain_origin+0x50/0x90 [ 3018.945356][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3018.950466][T15888] get_compat_msghdr+0x108/0x2b0 [ 3018.955405][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3018.959919][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3018.964606][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3018.970661][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3018.976831][T15888] __do_fast_syscall_32+0x129/0x180 [ 3018.982037][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3018.986900][T15888] do_SYSENTER_32+0x73/0x90 [ 3018.991400][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3018.997807][T15888] [ 3019.000135][T15888] Uninit was stored to memory at: [ 3019.005157][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.010884][T15888] __msan_chain_origin+0x50/0x90 [ 3019.016162][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.021264][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.026190][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.030690][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.035372][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.041436][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.047597][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.052797][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.057663][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.062197][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.068525][T15888] [ 3019.070866][T15888] Uninit was stored to memory at: [ 3019.075910][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.081638][T15888] __msan_chain_origin+0x50/0x90 [ 3019.086571][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.091677][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.096612][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.101116][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.105781][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.111837][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.117993][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.123193][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.128041][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.132537][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.138839][T15888] [ 3019.141164][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3019.147840][T15888] do_recvmmsg+0xbf/0x22b0 [ 3019.152247][T15888] do_recvmmsg+0xbf/0x22b0 [ 3019.317717][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3019.330544][T15888] not chained 50000 origins [ 3019.335090][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3019.343766][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3019.353831][T15888] Call Trace: [ 3019.357149][T15888] dump_stack+0x21c/0x280 [ 3019.361511][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3019.367471][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3019.372700][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3019.378272][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3019.384460][T15888] ? _copy_from_user+0x201/0x310 [ 3019.389426][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3019.394666][T15888] __msan_chain_origin+0x50/0x90 [ 3019.399633][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.404795][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.409767][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.414327][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3019.419653][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3019.424879][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3019.430880][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3019.435660][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3019.440450][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.445165][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3019.450392][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.456495][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.462684][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.467913][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.472798][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.477358][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.483717][T15888] RIP: 0023:0xf7fcb549 [ 3019.487801][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3019.507426][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3019.515891][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3019.523883][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3019.531873][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3019.539892][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3019.547888][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3019.555894][T15888] Uninit was stored to memory at: [ 3019.560944][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.566711][T15888] __msan_chain_origin+0x50/0x90 [ 3019.571674][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.576803][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.581756][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.586270][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.591088][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.597264][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.603446][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.608665][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.613976][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.618508][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.624848][T15888] [ 3019.627181][T15888] Uninit was stored to memory at: [ 3019.629250][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3019.632232][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.632254][T15888] __msan_chain_origin+0x50/0x90 [ 3019.632314][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.656179][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.661135][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.665742][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.670444][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.676560][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.682740][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.687977][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.692846][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.697372][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.703713][T15888] [ 3019.706056][T15888] Uninit was stored to memory at: [ 3019.711103][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.716841][T15888] __msan_chain_origin+0x50/0x90 [ 3019.721799][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.726928][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.731880][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.736401][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.741098][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.747188][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.753475][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.758699][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.763568][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.768089][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.774414][T15888] [ 3019.776758][T15888] Uninit was stored to memory at: [ 3019.781811][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.787588][T15888] __msan_chain_origin+0x50/0x90 [ 3019.792555][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.797683][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.802633][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.807237][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.811936][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.818025][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.824205][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.829424][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.834293][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.838818][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.845167][T15888] [ 3019.847501][T15888] Uninit was stored to memory at: [ 3019.852556][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.858302][T15888] __msan_chain_origin+0x50/0x90 [ 3019.863259][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.868423][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.873363][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.877888][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.882579][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.888668][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.894844][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.900066][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.904935][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.909803][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.916136][T15888] [ 3019.918465][T15888] Uninit was stored to memory at: [ 3019.923489][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.929200][T15888] __msan_chain_origin+0x50/0x90 [ 3019.934146][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3019.939259][T15888] get_compat_msghdr+0x108/0x2b0 [ 3019.944204][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3019.948708][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3019.953403][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3019.959490][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3019.965653][T15888] __do_fast_syscall_32+0x129/0x180 [ 3019.970858][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3019.975725][T15888] do_SYSENTER_32+0x73/0x90 [ 3019.980251][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3019.986574][T15888] [ 3019.988910][T15888] Uninit was stored to memory at: [ 3019.993944][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3019.999665][T15888] __msan_chain_origin+0x50/0x90 [ 3020.004620][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.009740][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.014682][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.019188][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.023875][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.029953][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.036952][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.042163][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.047010][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.051522][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.057829][T15888] [ 3020.060153][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3020.066832][T15888] do_recvmmsg+0xbf/0x22b0 [ 3020.071249][T15888] do_recvmmsg+0xbf/0x22b0 [ 3020.256051][T15888] not chained 60000 origins [ 3020.260584][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3020.269263][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3020.279346][T15888] Call Trace: [ 3020.282678][T15888] dump_stack+0x21c/0x280 [ 3020.287057][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3020.292806][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3020.297994][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3020.303562][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3020.309693][T15888] ? _copy_from_user+0x201/0x310 [ 3020.314643][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3020.319862][T15888] __msan_chain_origin+0x50/0x90 [ 3020.324828][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.329978][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.334942][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.339508][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3020.344813][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3020.350032][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3020.355327][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3020.360110][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3020.364881][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.369579][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3020.374804][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.380924][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.387710][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.392913][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.397769][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.402287][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.408651][T15888] RIP: 0023:0xf7fcb549 [ 3020.412720][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3020.432344][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3020.440768][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3020.448759][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3020.456738][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3020.464715][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3020.474362][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3020.482342][T15888] Uninit was stored to memory at: [ 3020.487369][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.493093][T15888] __msan_chain_origin+0x50/0x90 [ 3020.498034][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.503146][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.508081][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.512585][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.517268][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.523447][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.529612][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.534817][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.539667][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.544833][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.551179][T15888] [ 3020.553524][T15888] Uninit was stored to memory at: [ 3020.558552][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.564275][T15888] __msan_chain_origin+0x50/0x90 [ 3020.569218][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.574353][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.579293][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.583893][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.588574][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.594852][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.601015][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.606229][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.611079][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.615589][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.621905][T15888] [ 3020.624233][T15888] Uninit was stored to memory at: [ 3020.629267][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.634977][T15888] __msan_chain_origin+0x50/0x90 [ 3020.639925][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.645041][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.649982][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.654500][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.659183][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.665288][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.671465][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.676668][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.681539][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.686065][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.692393][T15888] [ 3020.694729][T15888] Uninit was stored to memory at: [ 3020.699786][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.705526][T15888] __msan_chain_origin+0x50/0x90 [ 3020.710632][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.715743][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.720688][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.725209][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.729902][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.736659][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.742825][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.748015][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.752874][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.757459][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.763769][T15888] [ 3020.766094][T15888] Uninit was stored to memory at: [ 3020.771124][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.776845][T15888] __msan_chain_origin+0x50/0x90 [ 3020.781789][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.786920][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.791864][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.796369][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.801050][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.807120][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.813267][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.818483][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.823336][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.827827][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.834141][T15888] [ 3020.836451][T15888] Uninit was stored to memory at: [ 3020.841500][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.847235][T15888] __msan_chain_origin+0x50/0x90 [ 3020.852182][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.857290][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.862234][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.866738][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.871434][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.877511][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.883667][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.888901][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.893767][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.898280][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.904595][T15888] [ 3020.906950][T15888] Uninit was stored to memory at: [ 3020.911985][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3020.917727][T15888] __msan_chain_origin+0x50/0x90 [ 3020.922687][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3020.927815][T15888] get_compat_msghdr+0x108/0x2b0 [ 3020.932753][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3020.937246][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3020.941933][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3020.948000][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3020.954175][T15888] __do_fast_syscall_32+0x129/0x180 [ 3020.959387][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3020.964248][T15888] do_SYSENTER_32+0x73/0x90 [ 3020.968757][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3020.975132][T15888] [ 3020.977447][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3020.984128][T15888] do_recvmmsg+0xbf/0x22b0 [ 3020.988561][T15888] do_recvmmsg+0xbf/0x22b0 [ 3021.018120][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3021.158435][T15888] not chained 70000 origins [ 3021.163027][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3021.171712][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3021.181800][T15888] Call Trace: [ 3021.185132][T15888] dump_stack+0x21c/0x280 [ 3021.189508][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3021.195344][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3021.200568][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3021.206166][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3021.212271][T15888] ? _copy_from_user+0x201/0x310 [ 3021.217240][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3021.222483][T15888] __msan_chain_origin+0x50/0x90 [ 3021.227445][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.232692][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.237664][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.242280][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3021.247606][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3021.252842][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3021.258160][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3021.262964][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3021.267810][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.272547][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3021.277776][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.283875][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.290055][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.295284][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.300176][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.304707][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.311048][T15888] RIP: 0023:0xf7fcb549 [ 3021.315133][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3021.334766][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3021.343203][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3021.351195][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3021.359179][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3021.367165][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3021.375153][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3021.383151][T15888] Uninit was stored to memory at: [ 3021.388195][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.393927][T15888] __msan_chain_origin+0x50/0x90 [ 3021.399063][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.405060][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.410014][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.414530][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.419247][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.425332][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.431501][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.436722][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.441587][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.446288][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.452615][T15888] [ 3021.454953][T15888] Uninit was stored to memory at: [ 3021.460012][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.465754][T15888] __msan_chain_origin+0x50/0x90 [ 3021.470713][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.475854][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.480826][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.485349][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.490049][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.496132][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.502335][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.507569][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.512437][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.516977][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.523326][T15888] [ 3021.525658][T15888] Uninit was stored to memory at: [ 3021.530701][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.536432][T15888] __msan_chain_origin+0x50/0x90 [ 3021.541385][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.546509][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.551556][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.556069][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.560761][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.566840][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.573019][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.578236][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.583109][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.587637][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.594078][T15888] [ 3021.596409][T15888] Uninit was stored to memory at: [ 3021.601452][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.607188][T15888] __msan_chain_origin+0x50/0x90 [ 3021.612141][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.617270][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.622222][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.626782][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.631475][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.637556][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.643725][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.648946][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.653805][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.658323][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.664652][T15888] [ 3021.667068][T15888] Uninit was stored to memory at: [ 3021.672112][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.677936][T15888] __msan_chain_origin+0x50/0x90 [ 3021.682896][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.688028][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.692982][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.697505][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.702215][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.708299][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.714513][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.719733][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.724600][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.729646][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.735969][T15888] [ 3021.738306][T15888] Uninit was stored to memory at: [ 3021.743354][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.749093][T15888] __msan_chain_origin+0x50/0x90 [ 3021.754045][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.759173][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.764128][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.768705][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.773409][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.779499][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.785678][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.790902][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.795800][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.800327][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.806683][T15888] [ 3021.809102][T15888] Uninit was stored to memory at: [ 3021.814146][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3021.819895][T15888] __msan_chain_origin+0x50/0x90 [ 3021.824860][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3021.829990][T15888] get_compat_msghdr+0x108/0x2b0 [ 3021.834954][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3021.839593][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3021.844311][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3021.850396][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3021.856745][T15888] __do_fast_syscall_32+0x129/0x180 [ 3021.862005][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3021.866872][T15888] do_SYSENTER_32+0x73/0x90 [ 3021.871444][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3021.877792][T15888] [ 3021.880132][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3021.886821][T15888] do_recvmmsg+0xbf/0x22b0 [ 3021.891272][T15888] do_recvmmsg+0xbf/0x22b0 [ 3022.017324][T15888] not chained 80000 origins [ 3022.021870][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3022.030556][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3022.040666][T15888] Call Trace: [ 3022.043993][T15888] dump_stack+0x21c/0x280 [ 3022.048344][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3022.054092][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3022.059321][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3022.064862][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3022.070954][T15888] ? _copy_from_user+0x201/0x310 [ 3022.075924][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3022.081202][T15888] __msan_chain_origin+0x50/0x90 [ 3022.086136][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.091302][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.096273][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.100837][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3022.106139][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3022.111352][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3022.116642][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3022.121405][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3022.126177][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.130879][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3022.136109][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.142195][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.148544][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.153756][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.158617][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.163217][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.169548][T15888] RIP: 0023:0xf7fcb549 [ 3022.173617][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3022.194603][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3022.203017][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3022.211005][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3022.218990][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3022.226977][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3022.234938][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3022.242926][T15888] Uninit was stored to memory at: [ 3022.247975][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.253715][T15888] __msan_chain_origin+0x50/0x90 [ 3022.258656][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.263768][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.268701][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.273206][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.277872][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.283941][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.290094][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.295293][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.300141][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.304635][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.310945][T15888] [ 3022.313269][T15888] Uninit was stored to memory at: [ 3022.318299][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.324016][T15888] __msan_chain_origin+0x50/0x90 [ 3022.328957][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.334068][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.339007][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.343532][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.348287][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.355363][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.361539][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.366749][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.372166][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.376706][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.383024][T15888] [ 3022.385356][T15888] Uninit was stored to memory at: [ 3022.391260][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.397004][T15888] __msan_chain_origin+0x50/0x90 [ 3022.401971][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.407088][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.412040][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.416542][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.421232][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.427315][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.433480][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.438707][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.443564][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.448054][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.454366][T15888] [ 3022.456696][T15888] Uninit was stored to memory at: [ 3022.461739][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.467453][T15888] __msan_chain_origin+0x50/0x90 [ 3022.472403][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.477540][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.482481][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.486972][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.492346][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.498424][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.504577][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.509776][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.514630][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.519139][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.525455][T15888] [ 3022.527763][T15888] Uninit was stored to memory at: [ 3022.532793][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.538719][T15888] __msan_chain_origin+0x50/0x90 [ 3022.543662][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.548773][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.553723][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.558221][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.562903][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.568970][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.575130][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.580347][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.585239][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.589760][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.596077][T15888] [ 3022.598389][T15888] Uninit was stored to memory at: [ 3022.603406][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.609124][T15888] __msan_chain_origin+0x50/0x90 [ 3022.614076][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.619198][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.624140][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.628640][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.633331][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.639403][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.645561][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.650779][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.655634][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.660147][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.666465][T15888] [ 3022.668782][T15888] Uninit was stored to memory at: [ 3022.669333][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3022.673864][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3022.687643][T15888] __msan_chain_origin+0x50/0x90 [ 3022.692706][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3022.697889][T15888] get_compat_msghdr+0x108/0x2b0 [ 3022.702860][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3022.707371][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3022.712062][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3022.718155][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3022.724331][T15888] __do_fast_syscall_32+0x129/0x180 [ 3022.729540][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3022.734407][T15888] do_SYSENTER_32+0x73/0x90 [ 3022.738911][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3022.745227][T15888] [ 3022.747535][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3022.754200][T15888] do_recvmmsg+0xbf/0x22b0 [ 3022.758618][T15888] do_recvmmsg+0xbf/0x22b0 [ 3022.805625][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3023.032681][T15888] not chained 90000 origins [ 3023.037340][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3023.046048][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3023.056592][T15888] Call Trace: [ 3023.059928][T15888] dump_stack+0x21c/0x280 [ 3023.064306][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3023.070105][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3023.075335][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3023.080908][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3023.087009][T15888] ? _copy_from_user+0x201/0x310 [ 3023.091971][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3023.097253][T15888] __msan_chain_origin+0x50/0x90 [ 3023.102239][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.107401][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.112376][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.116969][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3023.122317][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3023.127544][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3023.132881][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3023.137715][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3023.142490][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.147163][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3023.152353][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.158418][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.164578][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.169776][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.174640][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.179154][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.185467][T15888] RIP: 0023:0xf7fcb549 [ 3023.189527][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3023.209136][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3023.217543][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3023.225524][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3023.233489][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3023.241455][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3023.249422][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3023.257406][T15888] Uninit was stored to memory at: [ 3023.262434][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.268150][T15888] __msan_chain_origin+0x50/0x90 [ 3023.273112][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.278319][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.283247][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.287735][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.292403][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.298473][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.305594][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.310799][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.315654][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.320164][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.326467][T15888] [ 3023.328787][T15888] Uninit was stored to memory at: [ 3023.333812][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.339525][T15888] __msan_chain_origin+0x50/0x90 [ 3023.344466][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.349568][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.354504][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.359006][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.363680][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.369752][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.375911][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.381133][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.386069][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.390582][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.396886][T15888] [ 3023.399211][T15888] Uninit was stored to memory at: [ 3023.404238][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.409949][T15888] __msan_chain_origin+0x50/0x90 [ 3023.414895][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.420015][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.424950][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.429451][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.434127][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.440208][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.446401][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.451589][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.456432][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.460943][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.467259][T15888] [ 3023.469592][T15888] Uninit was stored to memory at: [ 3023.474618][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.480349][T15888] __msan_chain_origin+0x50/0x90 [ 3023.485297][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.490577][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.495513][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.500006][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.504696][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.510754][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.516907][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.522097][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.526949][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.531450][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.537757][T15888] [ 3023.540078][T15888] Uninit was stored to memory at: [ 3023.545105][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.550811][T15888] __msan_chain_origin+0x50/0x90 [ 3023.555735][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.560831][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.566019][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.570528][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.575207][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.581287][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.588423][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.593620][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.598463][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.602964][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.609268][T15888] [ 3023.612029][T15888] Uninit was stored to memory at: [ 3023.617133][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.622840][T15888] __msan_chain_origin+0x50/0x90 [ 3023.627764][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.632858][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.637788][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.642279][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.646946][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.653026][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.659191][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.664383][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.669224][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.673722][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.680042][T15888] [ 3023.682362][T15888] Uninit was stored to memory at: [ 3023.688350][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3023.694068][T15888] __msan_chain_origin+0x50/0x90 [ 3023.699050][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3023.704154][T15888] get_compat_msghdr+0x108/0x2b0 [ 3023.709078][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3023.713592][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3023.718265][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3023.724345][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3023.730510][T15888] __do_fast_syscall_32+0x129/0x180 [ 3023.735713][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3023.740993][T15888] do_SYSENTER_32+0x73/0x90 [ 3023.745505][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3023.751819][T15888] [ 3023.754145][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3023.760819][T15888] do_recvmmsg+0xbf/0x22b0 [ 3023.765224][T15888] do_recvmmsg+0xbf/0x22b0 [ 3023.869885][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3023.962851][T15888] not chained 100000 origins [ 3023.967498][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3023.976621][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3023.986702][T15888] Call Trace: [ 3023.990024][T15888] dump_stack+0x21c/0x280 [ 3023.994414][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3024.000401][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3024.005638][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3024.011211][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3024.017309][T15888] ? _copy_from_user+0x201/0x310 [ 3024.022278][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3024.027503][T15888] __msan_chain_origin+0x50/0x90 [ 3024.032479][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.037649][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.042619][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.047225][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3024.052551][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3024.057778][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3024.063089][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3024.067882][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3024.072691][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.077399][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3024.082624][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.088728][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.094925][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.100155][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.105029][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.109555][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.115892][T15888] RIP: 0023:0xf7fcb549 [ 3024.119975][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3024.139593][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3024.148025][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3024.156011][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3024.164002][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3024.171989][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3024.179977][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3024.187965][T15888] Uninit was stored to memory at: [ 3024.193000][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.198707][T15888] __msan_chain_origin+0x50/0x90 [ 3024.203637][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.208745][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.213670][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.218154][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.222817][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.228886][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.235809][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.240994][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.245830][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.250325][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.256625][T15888] [ 3024.258940][T15888] Uninit was stored to memory at: [ 3024.263968][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.269676][T15888] __msan_chain_origin+0x50/0x90 [ 3024.274623][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.279734][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.284675][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.289160][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.293823][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.299891][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.306044][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.311227][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.316071][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.320560][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.326870][T15888] [ 3024.329196][T15888] Uninit was stored to memory at: [ 3024.334220][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.339922][T15888] __msan_chain_origin+0x50/0x90 [ 3024.344853][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.349947][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.354866][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.359363][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.364038][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.370090][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.376232][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.381415][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.386249][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.390741][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.397042][T15888] [ 3024.399355][T15888] Uninit was stored to memory at: [ 3024.404386][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.410090][T15888] __msan_chain_origin+0x50/0x90 [ 3024.415025][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.420146][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.425079][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.429564][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.434233][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.440286][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.446423][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.451605][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.456438][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.460932][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.467668][T15888] [ 3024.469978][T15888] Uninit was stored to memory at: [ 3024.474995][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.480699][T15888] __msan_chain_origin+0x50/0x90 [ 3024.485620][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.490741][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.495670][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.500156][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.504835][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.510909][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.517049][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.522236][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.527082][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.531570][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.537874][T15888] [ 3024.540667][T15888] Uninit was stored to memory at: [ 3024.545683][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.551390][T15888] __msan_chain_origin+0x50/0x90 [ 3024.556326][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.561421][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.566358][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.570848][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.575548][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.581617][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.587762][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.592959][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.597810][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.602324][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.609590][T15888] [ 3024.611914][T15888] Uninit was stored to memory at: [ 3024.616930][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3024.622650][T15888] __msan_chain_origin+0x50/0x90 [ 3024.627756][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3024.632863][T15888] get_compat_msghdr+0x108/0x2b0 [ 3024.637783][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3024.642270][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3024.646942][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3024.653016][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3024.659170][T15888] __do_fast_syscall_32+0x129/0x180 [ 3024.664364][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3024.669208][T15888] do_SYSENTER_32+0x73/0x90 [ 3024.673704][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3024.680003][T15888] [ 3024.682312][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3024.688982][T15888] do_recvmmsg+0xbf/0x22b0 [ 3024.693382][T15888] do_recvmmsg+0xbf/0x22b0 [ 3024.917723][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3024.929203][T15888] not chained 110000 origins [ 3024.933834][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3024.942510][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3024.952599][T15888] Call Trace: [ 3024.955921][T15888] dump_stack+0x21c/0x280 [ 3024.960281][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3024.966084][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3024.971306][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3024.976898][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3024.983010][T15888] ? _copy_from_user+0x201/0x310 [ 3024.987973][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3024.993201][T15888] __msan_chain_origin+0x50/0x90 [ 3024.998163][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.003330][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.008310][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.012862][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3025.018208][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3025.023522][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3025.028831][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3025.033614][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3025.038426][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.043149][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3025.048389][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.054506][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.060698][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.066297][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.071190][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.075725][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.082119][T15888] RIP: 0023:0xf7fcb549 [ 3025.086210][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3025.105830][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3025.114267][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3025.122259][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3025.130267][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3025.138229][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3025.146192][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3025.154168][T15888] Uninit was stored to memory at: [ 3025.159188][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.164905][T15888] __msan_chain_origin+0x50/0x90 [ 3025.169842][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.174941][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.179865][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.184367][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.189034][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.195100][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.201245][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.206439][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.211277][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.215770][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.222096][T15888] [ 3025.224417][T15888] Uninit was stored to memory at: [ 3025.229437][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.235144][T15888] __msan_chain_origin+0x50/0x90 [ 3025.240079][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.245179][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.250106][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.254598][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.259272][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.265336][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.271491][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.276688][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.281530][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.286024][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.292328][T15888] [ 3025.294639][T15888] Uninit was stored to memory at: [ 3025.299662][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.305390][T15888] __msan_chain_origin+0x50/0x90 [ 3025.310407][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.316140][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.321112][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.325622][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.330324][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.336383][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.342537][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.347730][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.352580][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.357084][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.363393][T15888] [ 3025.365706][T15888] Uninit was stored to memory at: [ 3025.370729][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.376447][T15888] __msan_chain_origin+0x50/0x90 [ 3025.381398][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.386768][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.391704][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.396215][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.400887][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.406964][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.413317][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.418514][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.423389][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.427919][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.434229][T15888] [ 3025.436546][T15888] Uninit was stored to memory at: [ 3025.441584][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.447295][T15888] __msan_chain_origin+0x50/0x90 [ 3025.452243][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.457360][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.462307][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.466813][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.471495][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.477580][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.483742][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.488947][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.493799][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.498295][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.504603][T15888] [ 3025.506917][T15888] Uninit was stored to memory at: [ 3025.511941][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.517655][T15888] __msan_chain_origin+0x50/0x90 [ 3025.522603][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.527718][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.532682][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.537189][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.541878][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.547937][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.554099][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.559306][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.564147][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.568646][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.574955][T15888] [ 3025.577264][T15888] Uninit was stored to memory at: [ 3025.582281][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3025.588025][T15888] __msan_chain_origin+0x50/0x90 [ 3025.592973][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3025.598097][T15888] get_compat_msghdr+0x108/0x2b0 [ 3025.603042][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3025.607532][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3025.612220][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3025.618279][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3025.624442][T15888] __do_fast_syscall_32+0x129/0x180 [ 3025.629647][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3025.634508][T15888] do_SYSENTER_32+0x73/0x90 [ 3025.639017][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3025.645323][T15888] [ 3025.647678][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3025.654340][T15888] do_recvmmsg+0xbf/0x22b0 [ 3025.658741][T15888] do_recvmmsg+0xbf/0x22b0 [ 3025.709375][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3025.717971][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3025.940039][T15888] not chained 120000 origins [ 3025.944732][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3025.953417][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3025.963480][T15888] Call Trace: [ 3025.966769][T15888] dump_stack+0x21c/0x280 [ 3025.971244][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3025.977065][T15888] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3025.982902][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3025.988098][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3025.993650][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3025.999717][T15888] ? _copy_from_user+0x201/0x310 [ 3026.004660][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.009854][T15888] __msan_chain_origin+0x50/0x90 [ 3026.014805][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.019929][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.024870][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.029387][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3026.034694][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.039913][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3026.045224][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3026.049986][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3026.054752][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.059566][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.064769][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.070861][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.077015][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.082229][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.087079][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.091593][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.097915][T15888] RIP: 0023:0xf7fcb549 [ 3026.102629][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3026.122340][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3026.130773][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3026.138837][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3026.146826][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3026.156185][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3026.164769][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3026.172749][T15888] Uninit was stored to memory at: [ 3026.177785][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.183507][T15888] __msan_chain_origin+0x50/0x90 [ 3026.188530][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.193642][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.198577][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.203086][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.207751][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.213822][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.219967][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.225155][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.230004][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.234496][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.240798][T15888] [ 3026.243116][T15888] Uninit was stored to memory at: [ 3026.248151][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.254120][T15888] __msan_chain_origin+0x50/0x90 [ 3026.259046][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.264142][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.269190][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.274125][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.278812][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.284868][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.291012][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.296212][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.301076][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.305580][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.311908][T15888] [ 3026.314221][T15888] Uninit was stored to memory at: [ 3026.319240][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.324961][T15888] __msan_chain_origin+0x50/0x90 [ 3026.329894][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.334992][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.339919][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.344421][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.349158][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.355238][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.361401][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.366607][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.371543][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.376324][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.382731][T15888] [ 3026.385058][T15888] Uninit was stored to memory at: [ 3026.390103][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.395825][T15888] __msan_chain_origin+0x50/0x90 [ 3026.400752][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.405863][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.410802][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.415312][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.420094][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.426159][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.432349][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.437800][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.442642][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.447144][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.453486][T15888] [ 3026.455817][T15888] Uninit was stored to memory at: [ 3026.460848][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.466558][T15888] __msan_chain_origin+0x50/0x90 [ 3026.471514][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.477159][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.482101][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.486601][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.491272][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.497352][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.503513][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.508711][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.513553][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.518060][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.524378][T15888] [ 3026.526707][T15888] Uninit was stored to memory at: [ 3026.531746][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.537464][T15888] __msan_chain_origin+0x50/0x90 [ 3026.542393][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.547499][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.552439][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.556961][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.561630][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.567696][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.573861][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.579072][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.583914][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.588410][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.594850][T15888] [ 3026.597165][T15888] Uninit was stored to memory at: [ 3026.602216][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3026.607945][T15888] __msan_chain_origin+0x50/0x90 [ 3026.612889][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.618001][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.622926][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.627417][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.632086][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.638143][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.644287][T15888] __do_fast_syscall_32+0x129/0x180 [ 3026.649491][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3026.654349][T15888] do_SYSENTER_32+0x73/0x90 [ 3026.658857][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3026.665174][T15888] [ 3026.667485][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3026.674154][T15888] do_recvmmsg+0xbf/0x22b0 [ 3026.678574][T15888] do_recvmmsg+0xbf/0x22b0 [ 3026.700663][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3026.861762][T15888] not chained 130000 origins [ 3026.866416][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3026.875103][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3026.885173][T15888] Call Trace: [ 3026.888496][T15888] dump_stack+0x21c/0x280 [ 3026.892980][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3026.898767][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.904004][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3026.909584][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3026.915706][T15888] ? _copy_from_user+0x201/0x310 [ 3026.920698][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.926010][T15888] __msan_chain_origin+0x50/0x90 [ 3026.930979][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3026.936145][T15888] get_compat_msghdr+0x108/0x2b0 [ 3026.942171][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3026.946737][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3026.952063][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.958341][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3026.963661][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3026.968445][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3026.973252][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3026.977964][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3026.983204][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3026.989341][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3026.995523][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.000761][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.006102][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.010638][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.016986][T15888] RIP: 0023:0xf7fcb549 [ 3027.021081][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3027.041932][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3027.050397][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3027.058393][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3027.066393][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3027.074563][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3027.082553][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3027.090559][T15888] Uninit was stored to memory at: [ 3027.095608][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.101343][T15888] __msan_chain_origin+0x50/0x90 [ 3027.106298][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.111426][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.116378][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.120900][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.125594][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.131682][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.137876][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.143100][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.147966][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.152488][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.158811][T15888] [ 3027.161140][T15888] Uninit was stored to memory at: [ 3027.166212][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.171950][T15888] __msan_chain_origin+0x50/0x90 [ 3027.176906][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.182031][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.187039][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.191559][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.196226][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.202400][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.208571][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.213776][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.218627][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.223140][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.229459][T15888] [ 3027.231782][T15888] Uninit was stored to memory at: [ 3027.236803][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.242614][T15888] __msan_chain_origin+0x50/0x90 [ 3027.247548][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.252646][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.257568][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.262056][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.266735][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.272811][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.279660][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.284858][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.289961][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.294469][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.300784][T15888] [ 3027.303104][T15888] Uninit was stored to memory at: [ 3027.308126][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.313832][T15888] __msan_chain_origin+0x50/0x90 [ 3027.318760][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.323869][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.328812][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.333308][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.337972][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.344296][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.350457][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.355667][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.361478][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.365979][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.372323][T15888] [ 3027.374651][T15888] Uninit was stored to memory at: [ 3027.379670][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.385397][T15888] __msan_chain_origin+0x50/0x90 [ 3027.391113][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.396229][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.401158][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.405912][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.410610][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.416679][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.422833][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.428022][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.432878][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.437375][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.443689][T15888] [ 3027.446010][T15888] Uninit was stored to memory at: [ 3027.451040][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.456747][T15888] __msan_chain_origin+0x50/0x90 [ 3027.461688][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.466794][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.471736][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.476257][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.480924][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.486980][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.493129][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.498331][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.503183][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.507675][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.513992][T15888] [ 3027.516313][T15888] Uninit was stored to memory at: [ 3027.521330][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3027.527040][T15888] __msan_chain_origin+0x50/0x90 [ 3027.531964][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.537060][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.542000][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.546503][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3027.551171][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3027.557245][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3027.563400][T15888] __do_fast_syscall_32+0x129/0x180 [ 3027.568610][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3027.573474][T15888] do_SYSENTER_32+0x73/0x90 [ 3027.577987][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3027.584308][T15888] [ 3027.586623][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3027.593810][T15888] do_recvmmsg+0xbf/0x22b0 [ 3027.598214][T15888] do_recvmmsg+0xbf/0x22b0 [ 3027.715115][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3027.889523][T15888] not chained 140000 origins [ 3027.894199][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3027.902878][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3027.912950][T15888] Call Trace: [ 3027.916274][T15888] dump_stack+0x21c/0x280 [ 3027.920634][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3027.926417][T15888] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3027.932275][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3027.937597][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3027.943174][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3027.949270][T15888] ? _copy_from_user+0x201/0x310 [ 3027.954233][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3027.959457][T15888] __msan_chain_origin+0x50/0x90 [ 3027.964429][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3027.969587][T15888] get_compat_msghdr+0x108/0x2b0 [ 3027.974963][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3027.979515][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3027.984844][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3027.990858][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3027.996164][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3028.000944][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3028.005742][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.010467][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3028.015708][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.021831][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.028021][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.033260][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.038141][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.042690][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.049041][T15888] RIP: 0023:0xf7fcb549 [ 3028.053132][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3028.072774][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3028.081319][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3028.089317][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3028.097328][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3028.105315][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3028.113304][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3028.121330][T15888] Uninit was stored to memory at: [ 3028.126381][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.132134][T15888] __msan_chain_origin+0x50/0x90 [ 3028.137087][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.142207][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.147154][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.151678][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.156371][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.162454][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.168625][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.173838][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.178703][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.183225][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.189545][T15888] [ 3028.191908][T15888] Uninit was stored to memory at: [ 3028.196949][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.202682][T15888] __msan_chain_origin+0x50/0x90 [ 3028.207641][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.212779][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.217727][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.222246][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.226953][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.233048][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.239226][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.244462][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.249328][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.253866][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.260197][T15888] [ 3028.262541][T15888] Uninit was stored to memory at: [ 3028.267598][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.273348][T15888] __msan_chain_origin+0x50/0x90 [ 3028.278324][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.283459][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.288412][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.292949][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.297642][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.303735][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.309909][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.315145][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.320040][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.324572][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.330926][T15888] [ 3028.334227][T15888] Uninit was stored to memory at: [ 3028.339269][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.345003][T15888] __msan_chain_origin+0x50/0x90 [ 3028.349959][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.355097][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.360054][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.364589][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.369284][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.375392][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.381576][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.386797][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.391687][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.396213][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.402537][T15888] [ 3028.404878][T15888] Uninit was stored to memory at: [ 3028.409926][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.415672][T15888] __msan_chain_origin+0x50/0x90 [ 3028.420626][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.425749][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.430695][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.435208][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.439905][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.445992][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.452169][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.457400][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.462276][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.466798][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.473124][T15888] [ 3028.475459][T15888] Uninit was stored to memory at: [ 3028.480505][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.486243][T15888] __msan_chain_origin+0x50/0x90 [ 3028.491196][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.496323][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.501284][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.505803][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.510500][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.516591][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.522769][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.527985][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.532859][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.537378][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.543728][T15888] [ 3028.546086][T15888] Uninit was stored to memory at: [ 3028.551131][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3028.556866][T15888] __msan_chain_origin+0x50/0x90 [ 3028.561822][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.566947][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.571904][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.576421][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.581136][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.587220][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.593395][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.598621][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.603487][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.608029][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.614385][T15888] [ 3028.616718][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3028.623412][T15888] do_recvmmsg+0xbf/0x22b0 [ 3028.627844][T15888] do_recvmmsg+0xbf/0x22b0 [ 3028.751960][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3028.760280][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3028.795128][T15888] not chained 150000 origins [ 3028.799739][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3028.808398][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3028.819414][T15888] Call Trace: [ 3028.822717][T15888] dump_stack+0x21c/0x280 [ 3028.827063][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3028.832816][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3028.838030][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3028.843590][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3028.849669][T15888] ? _copy_from_user+0x201/0x310 [ 3028.854632][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3028.859828][T15888] __msan_chain_origin+0x50/0x90 [ 3028.864767][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3028.869900][T15888] get_compat_msghdr+0x108/0x2b0 [ 3028.874857][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3028.879389][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3028.884677][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3028.889874][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3028.895170][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3028.899989][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3028.904785][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3028.909498][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3028.914820][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3028.920915][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3028.927123][T15888] __do_fast_syscall_32+0x129/0x180 [ 3028.932343][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3028.937198][T15888] do_SYSENTER_32+0x73/0x90 [ 3028.941733][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3028.948050][T15888] RIP: 0023:0xf7fcb549 [ 3028.952108][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3028.971705][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3028.980112][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3028.988079][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3028.996042][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3029.004017][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3029.011999][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3029.019988][T15888] Uninit was stored to memory at: [ 3029.025057][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.030772][T15888] __msan_chain_origin+0x50/0x90 [ 3029.035703][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.040824][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.045767][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.050281][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.054952][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.061044][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.067207][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.072401][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.077262][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.081773][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.088089][T15888] [ 3029.090434][T15888] Uninit was stored to memory at: [ 3029.095481][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.101213][T15888] __msan_chain_origin+0x50/0x90 [ 3029.106138][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.111255][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.116198][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.120690][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.126053][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.132112][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.138259][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.143451][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.148312][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.152861][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.159163][T15888] [ 3029.161480][T15888] Uninit was stored to memory at: [ 3029.166632][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.172350][T15888] __msan_chain_origin+0x50/0x90 [ 3029.177277][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.182375][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.187325][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.191835][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.196505][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.202577][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.208745][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.213976][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.218838][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.223353][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.229855][T15888] [ 3029.232164][T15888] Uninit was stored to memory at: [ 3029.237182][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.242916][T15888] __msan_chain_origin+0x50/0x90 [ 3029.247848][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.252951][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.257879][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.262380][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.267062][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.273135][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.279297][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.284492][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.289329][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.293858][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.302700][T15888] [ 3029.305023][T15888] Uninit was stored to memory at: [ 3029.310070][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.315845][T15888] __msan_chain_origin+0x50/0x90 [ 3029.321507][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.326642][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.331609][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.336116][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.340820][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.346882][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.353043][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.358253][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.363112][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.367628][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.373968][T15888] [ 3029.376301][T15888] Uninit was stored to memory at: [ 3029.381338][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.388038][T15888] __msan_chain_origin+0x50/0x90 [ 3029.392989][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.398094][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.403040][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.407543][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.412222][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.418300][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.424475][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.429693][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.434554][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.439152][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.445547][T15888] [ 3029.447876][T15888] Uninit was stored to memory at: [ 3029.452911][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.458628][T15888] __msan_chain_origin+0x50/0x90 [ 3029.463583][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.468704][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.473664][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.478162][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.487396][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.493470][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.499621][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.505785][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.510640][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.515130][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.521437][T15888] [ 3029.523764][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3029.530427][T15888] do_recvmmsg+0xbf/0x22b0 [ 3029.534841][T15888] do_recvmmsg+0xbf/0x22b0 [ 3029.714772][T15888] not chained 160000 origins [ 3029.719423][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3029.728104][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3029.738171][T15888] Call Trace: [ 3029.741491][T15888] dump_stack+0x21c/0x280 [ 3029.745859][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3029.751649][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3029.756911][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3029.762497][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3029.768598][T15888] ? _copy_from_user+0x201/0x310 [ 3029.773568][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3029.778790][T15888] __msan_chain_origin+0x50/0x90 [ 3029.783765][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.788938][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.794113][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.798672][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3029.804009][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3029.809244][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3029.814592][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3029.819381][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3029.824194][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.828910][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3029.834157][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.840296][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.846487][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.851727][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3029.856612][T15888] do_SYSENTER_32+0x73/0x90 [ 3029.861155][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3029.867506][T15888] RIP: 0023:0xf7fcb549 [ 3029.871596][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3029.891224][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3029.899685][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3029.908723][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3029.916719][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3029.924806][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3029.932834][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3029.940857][T15888] Uninit was stored to memory at: [ 3029.945939][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3029.951694][T15888] __msan_chain_origin+0x50/0x90 [ 3029.956747][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3029.961966][T15888] get_compat_msghdr+0x108/0x2b0 [ 3029.966927][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3029.971978][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3029.976690][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3029.982811][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3029.989052][T15888] __do_fast_syscall_32+0x129/0x180 [ 3029.994318][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.000157][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.004693][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.011035][T15888] [ 3030.013475][T15888] Uninit was stored to memory at: [ 3030.018551][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.024654][T15888] __msan_chain_origin+0x50/0x90 [ 3030.029717][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.034868][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.039843][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.044505][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.049218][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.057286][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.063658][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.068907][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.073794][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.078384][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.084899][T15888] [ 3030.087243][T15888] Uninit was stored to memory at: [ 3030.092305][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.098182][T15888] __msan_chain_origin+0x50/0x90 [ 3030.103186][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.108420][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.113404][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.117931][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.122750][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.130105][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.136291][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.141605][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.146455][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.151099][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.157561][T15888] [ 3030.159887][T15888] Uninit was stored to memory at: [ 3030.165069][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.171876][T15888] __msan_chain_origin+0x50/0x90 [ 3030.177052][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.182204][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.187263][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.191857][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.196669][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.204067][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.210237][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.215675][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.220537][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.225184][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.231730][T15888] [ 3030.234055][T15888] Uninit was stored to memory at: [ 3030.239172][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.245562][T15888] __msan_chain_origin+0x50/0x90 [ 3030.251469][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.257215][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.263487][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.268310][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.273116][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.279537][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.285932][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.291405][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.296648][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.301434][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.308074][T15888] [ 3030.310581][T15888] Uninit was stored to memory at: [ 3030.315616][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.321519][T15888] __msan_chain_origin+0x50/0x90 [ 3030.326743][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.332235][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.337432][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.342242][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.346993][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.353230][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.360277][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.366003][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.371395][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.377107][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.383591][T15888] [ 3030.386108][T15888] Uninit was stored to memory at: [ 3030.391475][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.397293][T15888] __msan_chain_origin+0x50/0x90 [ 3030.402450][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.407653][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.413275][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.418122][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.423552][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.429872][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.436289][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.441510][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.446487][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.451170][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.457519][T15888] [ 3030.459902][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3030.466900][T15888] do_recvmmsg+0xbf/0x22b0 [ 3030.471557][T15888] do_recvmmsg+0xbf/0x22b0 [ 3030.502581][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3030.659712][T15888] not chained 170000 origins [ 3030.664460][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3030.673598][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3030.684028][T15888] Call Trace: [ 3030.688230][T15888] dump_stack+0x21c/0x280 [ 3030.692787][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3030.698842][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3030.705022][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3030.711404][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3030.717614][T15888] ? _copy_from_user+0x201/0x310 [ 3030.722747][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3030.728091][T15888] __msan_chain_origin+0x50/0x90 [ 3030.733387][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.738746][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.743791][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.748632][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3030.754908][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3030.761225][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3030.766767][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3030.771628][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3030.776912][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.787943][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3030.793404][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.799838][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.806864][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.812792][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.817863][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.822720][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.830106][T15888] RIP: 0023:0xf7fcb549 [ 3030.834745][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3030.856769][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3030.865526][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3030.873597][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3030.882059][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3030.890508][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3030.898935][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3030.907366][T15888] Uninit was stored to memory at: [ 3030.913181][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.919239][T15888] __msan_chain_origin+0x50/0x90 [ 3030.924258][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3030.930427][T15888] get_compat_msghdr+0x108/0x2b0 [ 3030.935598][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3030.940286][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3030.945060][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3030.951184][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3030.958125][T15888] __do_fast_syscall_32+0x129/0x180 [ 3030.964164][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3030.969452][T15888] do_SYSENTER_32+0x73/0x90 [ 3030.974280][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3030.980851][T15888] [ 3030.983399][T15888] Uninit was stored to memory at: [ 3030.988874][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3030.995221][T15888] __msan_chain_origin+0x50/0x90 [ 3031.000538][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.005878][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.010851][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.015501][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.020695][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.027082][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.033377][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.038848][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.043864][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.048866][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.055899][T15888] [ 3031.058411][T15888] Uninit was stored to memory at: [ 3031.063617][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.069717][T15888] __msan_chain_origin+0x50/0x90 [ 3031.074749][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.079955][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.085037][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.089552][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.094331][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.100545][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.106805][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.112366][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.117324][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.122169][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.130898][T15888] [ 3031.133520][T15888] Uninit was stored to memory at: [ 3031.139020][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.145187][T15888] __msan_chain_origin+0x50/0x90 [ 3031.151543][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.157173][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.162375][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.167040][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.171725][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.179284][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.185808][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.191374][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.197348][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.202181][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.209309][T15888] [ 3031.211759][T15888] Uninit was stored to memory at: [ 3031.217017][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.223337][T15888] __msan_chain_origin+0x50/0x90 [ 3031.228285][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.233547][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.238531][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.243275][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.248225][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.255593][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.263347][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.268915][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.274663][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.279479][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.286244][T15888] [ 3031.288602][T15888] Uninit was stored to memory at: [ 3031.294163][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.300788][T15888] __msan_chain_origin+0x50/0x90 [ 3031.306358][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.312167][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.317791][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.322482][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.327176][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.336695][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.343803][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.349463][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.354672][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.359372][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.366232][T15888] [ 3031.368770][T15888] Uninit was stored to memory at: [ 3031.373944][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.380436][T15888] __msan_chain_origin+0x50/0x90 [ 3031.385745][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.390993][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.396540][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.401057][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.406269][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.413285][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.426300][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.433053][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.439314][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.446892][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.453776][T15888] [ 3031.456413][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3031.463955][T15888] do_recvmmsg+0xbf/0x22b0 [ 3031.468964][T15888] do_recvmmsg+0xbf/0x22b0 [ 3031.556631][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3031.658165][T15888] not chained 180000 origins [ 3031.662862][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3031.672521][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3031.683506][T15888] Call Trace: [ 3031.687025][T15888] dump_stack+0x21c/0x280 [ 3031.691720][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3031.697756][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3031.703993][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3031.709962][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3031.720044][T15888] ? _copy_from_user+0x201/0x310 [ 3031.725213][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3031.732161][T15888] __msan_chain_origin+0x50/0x90 [ 3031.737507][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.742921][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.747948][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.752962][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3031.760326][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3031.765803][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3031.771220][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3031.776580][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3031.781850][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.787266][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3031.793109][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.800082][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.806551][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.811877][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.817074][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.822126][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.828831][T15888] RIP: 0023:0xf7fcb549 [ 3031.833313][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3031.854553][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3031.865321][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3031.873423][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3031.881579][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3031.889856][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3031.897870][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3031.906018][T15888] Uninit was stored to memory at: [ 3031.911104][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.917064][T15888] __msan_chain_origin+0x50/0x90 [ 3031.922432][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3031.927961][T15888] get_compat_msghdr+0x108/0x2b0 [ 3031.933122][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3031.937664][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3031.942462][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3031.948783][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3031.955184][T15888] __do_fast_syscall_32+0x129/0x180 [ 3031.960616][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3031.965686][T15888] do_SYSENTER_32+0x73/0x90 [ 3031.970426][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3031.976847][T15888] [ 3031.979391][T15888] Uninit was stored to memory at: [ 3031.984796][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3031.990541][T15888] __msan_chain_origin+0x50/0x90 [ 3031.995495][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.000629][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.005579][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.010166][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.015528][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.023064][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.029574][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.034885][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.040017][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.044750][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.052018][T15888] [ 3032.054969][T15888] Uninit was stored to memory at: [ 3032.060267][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.066798][T15888] __msan_chain_origin+0x50/0x90 [ 3032.072868][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.078712][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.084712][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.091145][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.097003][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.104655][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.111187][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.116997][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.122397][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.127145][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.134033][T15888] [ 3032.136443][T15888] Uninit was stored to memory at: [ 3032.141739][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.149142][T15888] __msan_chain_origin+0x50/0x90 [ 3032.154497][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.160534][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.165558][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.170435][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.175260][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.182153][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.188782][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.194830][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.200066][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.205267][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.211947][T15888] [ 3032.214402][T15888] Uninit was stored to memory at: [ 3032.219580][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.226035][T15888] __msan_chain_origin+0x50/0x90 [ 3032.231092][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.236687][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.242825][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.248303][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.253052][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.259574][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.265888][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.271322][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.276371][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.281394][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.287949][T15888] [ 3032.290276][T15888] Uninit was stored to memory at: [ 3032.295381][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.301205][T15888] __msan_chain_origin+0x50/0x90 [ 3032.306401][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.311657][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.316748][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.321390][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.326129][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.332429][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.338801][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.344093][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.348959][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.353475][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.360040][T15888] [ 3032.362501][T15888] Uninit was stored to memory at: [ 3032.367531][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.373399][T15888] __msan_chain_origin+0x50/0x90 [ 3032.378364][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.383778][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.388829][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.393355][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.398157][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.404822][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.411222][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.416668][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.421996][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.428314][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.434930][T15888] [ 3032.437359][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3032.444419][T15888] do_recvmmsg+0xbf/0x22b0 [ 3032.449042][T15888] do_recvmmsg+0xbf/0x22b0 [ 3032.485305][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3032.621957][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3032.652304][T15888] not chained 190000 origins [ 3032.656989][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3032.665885][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3032.676558][T15888] Call Trace: [ 3032.679932][T15888] dump_stack+0x21c/0x280 [ 3032.684683][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3032.690481][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3032.695804][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3032.701554][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3032.707983][T15888] ? _copy_from_user+0x201/0x310 [ 3032.712965][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3032.718202][T15888] __msan_chain_origin+0x50/0x90 [ 3032.723489][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.728932][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.734014][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.739035][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3032.744554][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3032.749804][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3032.755129][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3032.760283][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3032.765362][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.770224][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3032.775717][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.782443][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.788875][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.794296][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.799429][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.803978][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.810592][T15888] RIP: 0023:0xf7fcb549 [ 3032.814696][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3032.835359][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3032.845290][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3032.853665][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3032.862440][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3032.870755][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3032.878741][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3032.887139][T15888] Uninit was stored to memory at: [ 3032.892921][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.898758][T15888] __msan_chain_origin+0x50/0x90 [ 3032.904008][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.910199][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.915545][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.920966][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3032.925935][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3032.932524][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3032.939221][T15888] __do_fast_syscall_32+0x129/0x180 [ 3032.944746][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3032.949693][T15888] do_SYSENTER_32+0x73/0x90 [ 3032.954616][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3032.961439][T15888] [ 3032.963800][T15888] Uninit was stored to memory at: [ 3032.968838][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3032.975474][T15888] __msan_chain_origin+0x50/0x90 [ 3032.980554][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3032.985715][T15888] get_compat_msghdr+0x108/0x2b0 [ 3032.990779][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3032.995372][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.000332][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.007007][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.013402][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.018692][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.023613][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.028329][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.034756][T15888] [ 3033.037436][T15888] Uninit was stored to memory at: [ 3033.042652][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.048742][T15888] __msan_chain_origin+0x50/0x90 [ 3033.054556][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.059852][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.069990][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.074746][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.079596][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.085959][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.092430][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.098222][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.103385][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.108058][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.114699][T15888] [ 3033.117142][T15888] Uninit was stored to memory at: [ 3033.122684][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.128444][T15888] __msan_chain_origin+0x50/0x90 [ 3033.133737][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.139027][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.145180][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.149802][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.154794][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.161332][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.167722][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.173254][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.178211][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.183224][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.189640][T15888] [ 3033.192020][T15888] Uninit was stored to memory at: [ 3033.197840][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.203702][T15888] __msan_chain_origin+0x50/0x90 [ 3033.208748][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.214024][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.219369][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.224063][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.229505][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.235710][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.242146][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.247617][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.252485][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.256996][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.263465][T15888] [ 3033.265793][T15888] Uninit was stored to memory at: [ 3033.270971][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.277601][T15888] __msan_chain_origin+0x50/0x90 [ 3033.283345][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.288462][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.294541][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.299048][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.303824][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.310019][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.316588][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.321802][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.326839][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.331434][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.338042][T15888] [ 3033.340503][T15888] Uninit was stored to memory at: [ 3033.345726][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.355289][T15888] __msan_chain_origin+0x50/0x90 [ 3033.360515][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.365738][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.370770][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.375276][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.380198][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.387613][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.394239][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.399717][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.405266][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.410246][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.417524][T15888] [ 3033.419962][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3033.428872][T15888] do_recvmmsg+0xbf/0x22b0 [ 3033.434394][T15888] do_recvmmsg+0xbf/0x22b0 [ 3033.622283][T15888] not chained 200000 origins [ 3033.627125][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3033.636148][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3033.647080][T15888] Call Trace: [ 3033.650578][T15888] dump_stack+0x21c/0x280 [ 3033.655362][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3033.661687][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3033.667194][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3033.673453][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3033.679618][T15888] ? _copy_from_user+0x201/0x310 [ 3033.685105][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3033.690764][T15888] __msan_chain_origin+0x50/0x90 [ 3033.696141][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.701561][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.706725][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.711315][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3033.716667][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3033.722114][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3033.728423][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3033.733398][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3033.738402][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.743962][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3033.749322][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.755538][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.762104][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.767526][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.772826][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.777379][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.783832][T15888] RIP: 0023:0xf7fcb549 [ 3033.788183][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3033.808555][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3033.820993][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3033.829180][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3033.838092][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3033.846803][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3033.855381][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3033.863912][T15888] Uninit was stored to memory at: [ 3033.869175][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.875156][T15888] __msan_chain_origin+0x50/0x90 [ 3033.880194][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.886399][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.891352][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.895860][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.900807][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.907400][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.913874][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.919677][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.924556][T15888] do_SYSENTER_32+0x73/0x90 [ 3033.929346][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3033.935723][T15888] [ 3033.938066][T15888] Uninit was stored to memory at: [ 3033.943545][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3033.949477][T15888] __msan_chain_origin+0x50/0x90 [ 3033.954737][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3033.960057][T15888] get_compat_msghdr+0x108/0x2b0 [ 3033.965007][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3033.969572][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3033.974392][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3033.980682][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3033.987118][T15888] __do_fast_syscall_32+0x129/0x180 [ 3033.992589][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3033.997533][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.002185][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.008685][T15888] [ 3034.011027][T15888] Uninit was stored to memory at: [ 3034.016641][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.022768][T15888] __msan_chain_origin+0x50/0x90 [ 3034.028071][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.033877][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.039179][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.043924][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.048643][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.055815][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.062191][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.067591][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.072767][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.077319][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.084190][T15888] [ 3034.086818][T15888] Uninit was stored to memory at: [ 3034.092119][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.098758][T15888] __msan_chain_origin+0x50/0x90 [ 3034.104288][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.109569][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.114696][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.119814][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.124786][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.132426][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.138913][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.144405][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.149494][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.154281][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.160832][T15888] [ 3034.163411][T15888] Uninit was stored to memory at: [ 3034.168851][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.175108][T15888] __msan_chain_origin+0x50/0x90 [ 3034.180288][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.185558][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.190704][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.195568][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.200672][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.207521][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.213746][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.219271][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.224193][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.229795][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.236517][T15888] [ 3034.238846][T15888] Uninit was stored to memory at: [ 3034.244147][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.249959][T15888] __msan_chain_origin+0x50/0x90 [ 3034.255011][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.260372][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.266138][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.270730][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.275688][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.282021][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.288386][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.293757][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.298799][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.303953][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.310412][T15888] [ 3034.312742][T15888] Uninit was stored to memory at: [ 3034.319133][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.325204][T15888] __msan_chain_origin+0x50/0x90 [ 3034.330503][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.335975][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.341291][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.346263][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.350975][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.361482][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.372226][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.377717][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.382582][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.387302][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.393875][T15888] [ 3034.396345][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3034.403116][T15888] do_recvmmsg+0xbf/0x22b0 [ 3034.407677][T15888] do_recvmmsg+0xbf/0x22b0 [ 3034.437157][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3034.594239][T15888] not chained 210000 origins [ 3034.598991][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3034.607688][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3034.618122][T15888] Call Trace: [ 3034.622082][T15888] dump_stack+0x21c/0x280 [ 3034.626746][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3034.632622][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3034.637955][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3034.643725][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3034.649849][T15888] ? _copy_from_user+0x201/0x310 [ 3034.655028][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3034.660385][T15888] __msan_chain_origin+0x50/0x90 [ 3034.665546][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.670812][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.676011][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.680730][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3034.686488][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3034.691883][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3034.697418][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3034.702418][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3034.707227][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.712189][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3034.717471][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.723707][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.730368][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.735803][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.741510][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.746372][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.753115][T15888] RIP: 0023:0xf7fcb549 [ 3034.757446][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3034.778352][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3034.787178][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3034.795547][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3034.803860][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3034.812299][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3034.820944][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3034.829190][T15888] Uninit was stored to memory at: [ 3034.834704][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.840946][T15888] __msan_chain_origin+0x50/0x90 [ 3034.846894][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.852242][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.857445][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.862156][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.867479][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.874073][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.880804][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.886764][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.891720][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.896300][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.903041][T15888] [ 3034.905470][T15888] Uninit was stored to memory at: [ 3034.910779][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.917346][T15888] __msan_chain_origin+0x50/0x90 [ 3034.923208][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3034.928463][T15888] get_compat_msghdr+0x108/0x2b0 [ 3034.933609][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3034.938211][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3034.943408][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3034.949736][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3034.956060][T15888] __do_fast_syscall_32+0x129/0x180 [ 3034.961272][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3034.966134][T15888] do_SYSENTER_32+0x73/0x90 [ 3034.970856][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3034.977930][T15888] [ 3034.980770][T15888] Uninit was stored to memory at: [ 3034.987517][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3034.994121][T15888] __msan_chain_origin+0x50/0x90 [ 3034.999144][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.004269][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.009594][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.014379][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.019204][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.025580][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.032802][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.038736][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.043798][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.048623][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.055341][T15888] [ 3035.057810][T15888] Uninit was stored to memory at: [ 3035.063339][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3035.069368][T15888] __msan_chain_origin+0x50/0x90 [ 3035.075268][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.080522][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.085580][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.090089][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.094848][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.101039][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.108898][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.114278][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.119529][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.124273][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.131093][T15888] [ 3035.133550][T15888] Uninit was stored to memory at: [ 3035.140811][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3035.146837][T15888] __msan_chain_origin+0x50/0x90 [ 3035.151803][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.157249][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.163263][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.167984][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.174642][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.180855][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.188090][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.201113][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.206510][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.211039][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.217668][T15888] [ 3035.220061][T15888] Uninit was stored to memory at: [ 3035.225221][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3035.231821][T15888] __msan_chain_origin+0x50/0x90 [ 3035.236942][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.242538][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.247641][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.252406][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.258182][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.265807][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.272881][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.278440][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.283729][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.288444][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.295105][T15888] [ 3035.297553][T15888] Uninit was stored to memory at: [ 3035.303036][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3035.309000][T15888] __msan_chain_origin+0x50/0x90 [ 3035.315173][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.320912][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.326345][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.331101][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.336858][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.342950][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.349295][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.354878][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.359996][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.364985][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.371491][T15888] [ 3035.373911][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3035.381715][T15888] do_recvmmsg+0xbf/0x22b0 [ 3035.386288][T15888] do_recvmmsg+0xbf/0x22b0 [ 3035.442337][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3035.485625][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3035.569079][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3035.637946][T15888] not chained 220000 origins [ 3035.642824][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3035.652137][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3035.662661][T15888] Call Trace: [ 3035.666181][T15888] dump_stack+0x21c/0x280 [ 3035.671627][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3035.677622][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3035.684157][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3035.690775][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3035.699797][T15888] ? _copy_from_user+0x201/0x310 [ 3035.705919][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3035.711920][T15888] __msan_chain_origin+0x50/0x90 [ 3035.717741][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.731848][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.737067][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.741818][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3035.747595][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3035.752990][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3035.759893][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3035.765131][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3035.770595][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.775338][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3035.780834][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.787315][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.794230][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.799662][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.804781][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.809474][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.816042][T15888] RIP: 0023:0xf7fcb549 [ 3035.820426][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3035.843026][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3035.852142][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3035.860622][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3035.869100][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3035.877372][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3035.886435][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3035.894695][T15888] Uninit was stored to memory at: [ 3035.901128][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3035.907432][T15888] __msan_chain_origin+0x50/0x90 [ 3035.913470][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.919302][T15888] get_compat_msghdr+0x108/0x2b0 [ 3035.924719][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3035.929907][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3035.937082][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3035.943421][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3035.949620][T15888] __do_fast_syscall_32+0x129/0x180 [ 3035.955659][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3035.961020][T15888] do_SYSENTER_32+0x73/0x90 [ 3035.965807][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3035.972684][T15888] [ 3035.975038][T15888] Uninit was stored to memory at: [ 3035.981190][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3035.987616][T15888] __msan_chain_origin+0x50/0x90 [ 3035.993684][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3035.999574][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.004702][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.009797][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.016096][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.023326][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.029975][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.035552][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.040611][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.045971][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.052972][T15888] [ 3036.055531][T15888] Uninit was stored to memory at: [ 3036.060977][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.067207][T15888] __msan_chain_origin+0x50/0x90 [ 3036.072560][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.078101][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.083586][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.088540][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.093470][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.099778][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.106111][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.111593][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.116740][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.121360][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.127995][T15888] [ 3036.131234][T15888] Uninit was stored to memory at: [ 3036.137037][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.144059][T15888] __msan_chain_origin+0x50/0x90 [ 3036.149071][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.154806][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.159866][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.164543][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.169393][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.175716][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.182674][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.188407][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.193610][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.198790][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.205553][T15888] [ 3036.207889][T15888] Uninit was stored to memory at: [ 3036.213213][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.219185][T15888] __msan_chain_origin+0x50/0x90 [ 3036.224744][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.230037][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.235154][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.240154][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.245034][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.251369][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.257757][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.263237][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.268313][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.272883][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.279436][T15888] [ 3036.281784][T15888] Uninit was stored to memory at: [ 3036.287274][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.293375][T15888] __msan_chain_origin+0x50/0x90 [ 3036.298688][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.304079][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.309654][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.316128][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.321656][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.328997][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.335940][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.341244][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.346229][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.351193][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.357821][T15888] [ 3036.360194][T15888] Uninit was stored to memory at: [ 3036.365943][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.372198][T15888] __msan_chain_origin+0x50/0x90 [ 3036.377619][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.382752][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.387981][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.392725][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.397553][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.403891][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.412889][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.418283][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.424557][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.432408][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.439268][T15888] [ 3036.442252][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3036.449394][T15888] do_recvmmsg+0xbf/0x22b0 [ 3036.453821][T15888] do_recvmmsg+0xbf/0x22b0 [ 3036.518250][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3036.627197][T15888] not chained 230000 origins [ 3036.632334][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3036.641664][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3036.653332][T15888] Call Trace: [ 3036.656735][T15888] dump_stack+0x21c/0x280 [ 3036.661493][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3036.667841][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3036.673100][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3036.679119][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3036.685420][T15888] ? _copy_from_user+0x201/0x310 [ 3036.690415][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3036.696321][T15888] __msan_chain_origin+0x50/0x90 [ 3036.701676][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.707217][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.712313][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.717158][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3036.722979][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3036.729987][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3036.735410][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3036.740366][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3036.745585][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.750626][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3036.755968][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.762345][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.769402][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.774798][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.779854][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.784681][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.791671][T15888] RIP: 0023:0xf7fcb549 [ 3036.795888][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3036.816212][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3036.825050][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3036.833466][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3036.841876][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3036.850783][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3036.859794][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3036.868621][T15888] Uninit was stored to memory at: [ 3036.874013][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.880164][T15888] __msan_chain_origin+0x50/0x90 [ 3036.885412][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.892526][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.897673][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.902229][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.907849][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.914544][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3036.920994][T15888] __do_fast_syscall_32+0x129/0x180 [ 3036.926366][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3036.931611][T15888] do_SYSENTER_32+0x73/0x90 [ 3036.936315][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3036.942836][T15888] [ 3036.945198][T15888] Uninit was stored to memory at: [ 3036.950358][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3036.956118][T15888] __msan_chain_origin+0x50/0x90 [ 3036.961628][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3036.967264][T15888] get_compat_msghdr+0x108/0x2b0 [ 3036.979061][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3036.983688][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3036.988409][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3036.994614][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.001340][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.006583][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.012636][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.017368][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.025022][T15888] [ 3037.027374][T15888] Uninit was stored to memory at: [ 3037.032623][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.038574][T15888] __msan_chain_origin+0x50/0x90 [ 3037.044076][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.049729][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.055803][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.061019][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.065742][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.072284][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.078744][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.084430][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.089354][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.094367][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.101201][T15888] [ 3037.103703][T15888] Uninit was stored to memory at: [ 3037.110408][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.117215][T15888] __msan_chain_origin+0x50/0x90 [ 3037.122745][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.129257][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.134329][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.139337][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.145969][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.153751][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.160458][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.166477][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.172469][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.177165][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.184112][T15888] [ 3037.186577][T15888] Uninit was stored to memory at: [ 3037.191980][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.198009][T15888] __msan_chain_origin+0x50/0x90 [ 3037.203779][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.209420][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.214788][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.219788][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.224755][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.231104][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.237748][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.243822][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.249048][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.253683][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.260246][T15888] [ 3037.262756][T15888] Uninit was stored to memory at: [ 3037.267970][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.274038][T15888] __msan_chain_origin+0x50/0x90 [ 3037.279953][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.285412][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.290539][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.295105][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.306775][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.313084][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.319704][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.325366][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.330482][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.335794][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.342613][T15888] [ 3037.345059][T15888] Uninit was stored to memory at: [ 3037.351355][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.358410][T15888] __msan_chain_origin+0x50/0x90 [ 3037.364632][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.370173][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.375404][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.380029][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.384931][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.391456][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.397714][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.403243][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.408651][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.414089][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.422107][T15888] [ 3037.425778][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3037.433873][T15888] do_recvmmsg+0xbf/0x22b0 [ 3037.439091][T15888] do_recvmmsg+0xbf/0x22b0 [ 3037.558593][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3037.621498][T15888] not chained 240000 origins [ 3037.626629][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3037.636342][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3037.648537][T15888] Call Trace: [ 3037.652136][T15888] dump_stack+0x21c/0x280 [ 3037.656693][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3037.662652][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3037.668811][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3037.674982][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3037.681969][T15888] ? _copy_from_user+0x201/0x310 [ 3037.687849][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3037.693309][T15888] __msan_chain_origin+0x50/0x90 [ 3037.698992][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.704332][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.710437][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.715541][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3037.721140][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3037.727915][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3037.734259][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3037.739936][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3037.744994][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.750079][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3037.756099][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.764914][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.771352][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.777150][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.782027][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.786861][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.794418][T15888] RIP: 0023:0xf7fcb549 [ 3037.798856][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3037.821682][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3037.831136][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3037.841690][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3037.851190][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3037.861549][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3037.870692][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3037.879651][T15888] Uninit was stored to memory at: [ 3037.885602][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.891342][T15888] __msan_chain_origin+0x50/0x90 [ 3037.896703][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.902281][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.908030][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.912982][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.918351][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3037.926707][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3037.933712][T15888] __do_fast_syscall_32+0x129/0x180 [ 3037.939327][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3037.944664][T15888] do_SYSENTER_32+0x73/0x90 [ 3037.950792][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3037.959056][T15888] [ 3037.961553][T15888] Uninit was stored to memory at: [ 3037.966888][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3037.972837][T15888] __msan_chain_origin+0x50/0x90 [ 3037.978750][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3037.984182][T15888] get_compat_msghdr+0x108/0x2b0 [ 3037.989762][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3037.994596][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3037.999633][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.006725][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.013587][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.018990][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.023912][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.028662][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.035382][T15888] [ 3038.037901][T15888] Uninit was stored to memory at: [ 3038.043190][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3038.049383][T15888] __msan_chain_origin+0x50/0x90 [ 3038.055716][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.061895][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.067603][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.073766][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.079215][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.085930][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.092995][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.098971][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.104695][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.109955][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.116958][T15888] [ 3038.119380][T15888] Uninit was stored to memory at: [ 3038.124800][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3038.131830][T15888] __msan_chain_origin+0x50/0x90 [ 3038.137233][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.142715][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.148692][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.153857][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.161027][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.167392][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.174352][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.180097][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.185332][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.190227][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.197109][T15888] [ 3038.200081][T15888] Uninit was stored to memory at: [ 3038.205659][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3038.211807][T15888] __msan_chain_origin+0x50/0x90 [ 3038.217202][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.222669][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.228721][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.234264][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.238980][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.245275][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.252253][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.257729][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.265315][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.270540][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.278169][T15888] [ 3038.281032][T15888] Uninit was stored to memory at: [ 3038.286371][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3038.292994][T15888] __msan_chain_origin+0x50/0x90 [ 3038.298097][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.304221][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.310289][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.315109][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.320112][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.326685][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.334210][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.340080][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.345571][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.350106][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.356922][T15888] [ 3038.359266][T15888] Uninit was stored to memory at: [ 3038.364666][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3038.370727][T15888] __msan_chain_origin+0x50/0x90 [ 3038.375949][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.381496][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.386688][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.391378][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.396751][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.403021][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.409674][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.415470][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.421138][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.425992][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.432763][T15888] [ 3038.435256][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3038.442713][T15888] do_recvmmsg+0xbf/0x22b0 [ 3038.447863][T15888] do_recvmmsg+0xbf/0x22b0 [ 3038.589275][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3038.604018][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3038.675678][T15888] not chained 250000 origins [ 3038.680642][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3038.690348][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3038.701832][T15888] Call Trace: [ 3038.705411][T15888] dump_stack+0x21c/0x280 [ 3038.710109][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3038.715914][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3038.721702][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3038.728240][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3038.734361][T15888] ? _copy_from_user+0x201/0x310 [ 3038.739435][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3038.744848][T15888] __msan_chain_origin+0x50/0x90 [ 3038.751113][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.756492][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.761494][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.766404][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3038.771750][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3038.777298][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3038.783728][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3038.788835][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3038.793940][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.798974][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3038.804301][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.810845][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.817133][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.822661][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.827799][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.832684][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.840054][T15888] RIP: 0023:0xf7fcb549 [ 3038.845695][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3038.865564][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3038.874019][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3038.883147][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3038.892380][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3038.900753][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3038.909376][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3038.917929][T15888] Uninit was stored to memory at: [ 3038.925152][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3038.931415][T15888] __msan_chain_origin+0x50/0x90 [ 3038.936402][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3038.941790][T15888] get_compat_msghdr+0x108/0x2b0 [ 3038.946849][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3038.951566][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3038.956367][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3038.962471][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3038.968845][T15888] __do_fast_syscall_32+0x129/0x180 [ 3038.974537][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3038.980893][T15888] do_SYSENTER_32+0x73/0x90 [ 3038.985867][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3038.992688][T15888] [ 3038.995070][T15888] Uninit was stored to memory at: [ 3039.000365][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.006637][T15888] __msan_chain_origin+0x50/0x90 [ 3039.011635][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.016806][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.021963][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.026848][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.031906][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.038535][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.045366][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.050600][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.056060][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.061096][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.068123][T15888] [ 3039.070695][T15888] Uninit was stored to memory at: [ 3039.076642][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.083297][T15888] __msan_chain_origin+0x50/0x90 [ 3039.088591][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.094888][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.100170][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.104913][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.109930][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.116240][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.122526][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.127760][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.133090][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.137909][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.144348][T15888] [ 3039.146693][T15888] Uninit was stored to memory at: [ 3039.151883][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.157868][T15888] __msan_chain_origin+0x50/0x90 [ 3039.162927][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.168077][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.173174][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.177798][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.182593][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.188776][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.194964][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.200211][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.206843][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.211469][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.217815][T15888] [ 3039.220163][T15888] Uninit was stored to memory at: [ 3039.225645][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.231663][T15888] __msan_chain_origin+0x50/0x90 [ 3039.239206][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.244343][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.249590][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.254664][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.260873][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.267551][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.274212][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.279438][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.285302][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.290701][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.298904][T15888] [ 3039.301420][T15888] Uninit was stored to memory at: [ 3039.306497][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.312710][T15888] __msan_chain_origin+0x50/0x90 [ 3039.318198][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.323646][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.328819][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.333415][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.339642][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.346070][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.352949][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.359210][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.364399][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.369046][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.376060][T15888] [ 3039.378715][T15888] Uninit was stored to memory at: [ 3039.384396][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.390161][T15888] __msan_chain_origin+0x50/0x90 [ 3039.395198][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.400776][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.406145][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.411475][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.416605][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.422705][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.430448][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.436082][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.442239][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.448249][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.454970][T15888] [ 3039.457410][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3039.465789][T15888] do_recvmmsg+0xbf/0x22b0 [ 3039.470934][T15888] do_recvmmsg+0xbf/0x22b0 [ 3039.635489][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3039.665608][T15888] not chained 260000 origins [ 3039.671374][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3039.681582][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3039.693955][T15888] Call Trace: [ 3039.697617][T15888] dump_stack+0x21c/0x280 [ 3039.703170][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3039.709631][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3039.715553][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3039.722360][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3039.730961][T15888] ? _copy_from_user+0x201/0x310 [ 3039.736157][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3039.742048][T15888] __msan_chain_origin+0x50/0x90 [ 3039.747198][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.752934][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.760107][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.765531][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3039.771301][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3039.777772][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3039.784115][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3039.790230][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3039.795547][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.800466][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3039.806195][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.812803][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.819726][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.824969][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.830650][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.835656][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3039.842358][T15888] RIP: 0023:0xf7fcb549 [ 3039.846966][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3039.869193][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3039.878979][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3039.888286][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3039.897716][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3039.908801][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3039.918326][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3039.927945][T15888] Uninit was stored to memory at: [ 3039.932988][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3039.939375][T15888] __msan_chain_origin+0x50/0x90 [ 3039.944894][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3039.950587][T15888] get_compat_msghdr+0x108/0x2b0 [ 3039.956347][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3039.961044][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3039.966248][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3039.972725][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3039.980305][T15888] __do_fast_syscall_32+0x129/0x180 [ 3039.985852][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3039.991483][T15888] do_SYSENTER_32+0x73/0x90 [ 3039.996245][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.003513][T15888] [ 3040.005900][T15888] Uninit was stored to memory at: [ 3040.011615][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.018470][T15888] __msan_chain_origin+0x50/0x90 [ 3040.024092][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.029443][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.034777][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.039736][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.045454][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.053202][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.059993][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.066072][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.071100][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.075982][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.083063][T15888] [ 3040.085888][T15888] Uninit was stored to memory at: [ 3040.091479][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.098616][T15888] __msan_chain_origin+0x50/0x90 [ 3040.104864][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.112630][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.119320][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.128493][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.134314][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.141965][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.148792][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.154668][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.159857][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.164387][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.170716][T15888] [ 3040.174198][T15888] Uninit was stored to memory at: [ 3040.179626][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.186129][T15888] __msan_chain_origin+0x50/0x90 [ 3040.191423][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.196633][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.208292][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.213430][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.218293][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.224669][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.231104][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.241813][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.247992][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.252665][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.259210][T15888] [ 3040.261881][T15888] Uninit was stored to memory at: [ 3040.267903][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.275212][T15888] __msan_chain_origin+0x50/0x90 [ 3040.280480][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.287085][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.292127][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.297073][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.302385][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.309034][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.315375][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.320608][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.325822][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.330526][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.336864][T15888] [ 3040.339199][T15888] Uninit was stored to memory at: [ 3040.344255][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.350563][T15888] __msan_chain_origin+0x50/0x90 [ 3040.356036][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.361693][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.366740][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.371361][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.376062][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.382184][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.388339][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.393832][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.398744][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.404225][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.410678][T15888] [ 3040.413020][T15888] Uninit was stored to memory at: [ 3040.418075][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.423828][T15888] __msan_chain_origin+0x50/0x90 [ 3040.428875][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.434002][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.438947][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.443468][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.448169][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.454941][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.461091][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.466473][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.471340][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.475855][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.482179][T15888] [ 3040.484499][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3040.491185][T15888] do_recvmmsg+0xbf/0x22b0 [ 3040.495618][T15888] do_recvmmsg+0xbf/0x22b0 [ 3040.686043][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3040.720734][T15888] not chained 270000 origins [ 3040.725380][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3040.734150][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3040.744225][T15888] Call Trace: [ 3040.747549][T15888] dump_stack+0x21c/0x280 [ 3040.751924][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3040.757701][T15888] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3040.763838][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3040.769080][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3040.774671][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3040.780779][T15888] ? _copy_from_user+0x201/0x310 [ 3040.785758][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3040.790995][T15888] __msan_chain_origin+0x50/0x90 [ 3040.795978][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.801152][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.806132][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.810698][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3040.816040][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3040.821303][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3040.826624][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3040.831419][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3040.836218][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.841046][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3040.846636][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.852784][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3040.858977][T15888] __do_fast_syscall_32+0x129/0x180 [ 3040.864223][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3040.869111][T15888] do_SYSENTER_32+0x73/0x90 [ 3040.873660][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3040.880372][T15888] RIP: 0023:0xf7fcb549 [ 3040.884459][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3040.904146][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3040.912673][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3040.920673][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3040.928759][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3040.936771][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3040.944759][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3040.952744][T15888] Uninit was stored to memory at: [ 3040.957777][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3040.963503][T15888] __msan_chain_origin+0x50/0x90 [ 3040.971049][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3040.976170][T15888] get_compat_msghdr+0x108/0x2b0 [ 3040.981145][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3040.985670][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3040.990365][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3040.996464][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.002633][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.007828][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.012695][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.017207][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.023514][T15888] [ 3041.025833][T15888] Uninit was stored to memory at: [ 3041.030872][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.036607][T15888] __msan_chain_origin+0x50/0x90 [ 3041.041565][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.046682][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.051618][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.056124][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.060813][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.066891][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.073056][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.078256][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.083105][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.087624][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.093943][T15888] [ 3041.096319][T15888] Uninit was stored to memory at: [ 3041.101339][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.107070][T15888] __msan_chain_origin+0x50/0x90 [ 3041.111996][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.117092][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.122036][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.126559][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.137639][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.143728][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.149896][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.155118][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.159977][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.164476][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.170782][T15888] [ 3041.173091][T15888] Uninit was stored to memory at: [ 3041.178562][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.184312][T15888] __msan_chain_origin+0x50/0x90 [ 3041.189269][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.194407][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.199409][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.203907][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.210512][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.216586][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.222834][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.228022][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.232862][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.237380][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.243686][T15888] [ 3041.246004][T15888] Uninit was stored to memory at: [ 3041.251023][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.256741][T15888] __msan_chain_origin+0x50/0x90 [ 3041.261699][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.266800][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.271728][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.276215][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.280880][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.286956][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.293104][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.298334][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.303203][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.307725][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.314145][T15888] [ 3041.316472][T15888] Uninit was stored to memory at: [ 3041.321675][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.327389][T15888] __msan_chain_origin+0x50/0x90 [ 3041.332335][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.337438][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.342365][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.346870][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.351539][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.357597][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.363767][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.368988][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.373835][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.378330][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.384648][T15888] [ 3041.386966][T15888] Uninit was stored to memory at: [ 3041.391999][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.397725][T15888] __msan_chain_origin+0x50/0x90 [ 3041.402691][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.407810][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.412757][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.417265][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.421934][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.428006][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.434176][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.439369][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.444218][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.448738][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.455043][T15888] [ 3041.457379][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3041.464064][T15888] do_recvmmsg+0xbf/0x22b0 [ 3041.468473][T15888] do_recvmmsg+0xbf/0x22b0 [ 3041.639524][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3041.669476][T15888] not chained 280000 origins [ 3041.674303][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3041.682986][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3041.693062][T15888] Call Trace: [ 3041.696382][T15888] dump_stack+0x21c/0x280 [ 3041.700751][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3041.706539][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3041.711761][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3041.717341][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3041.723452][T15888] ? _copy_from_user+0x201/0x310 [ 3041.728426][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3041.733657][T15888] __msan_chain_origin+0x50/0x90 [ 3041.738631][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.743803][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.748782][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.753363][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3041.758694][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3041.763922][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3041.769231][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3041.774174][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3041.778989][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.783711][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3041.788943][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.795144][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.801332][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.806593][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.811686][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.816672][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.823040][T15888] RIP: 0023:0xf7fcb549 [ 3041.827125][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3041.846784][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3041.855571][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3041.863820][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3041.871797][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3041.879817][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3041.887792][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3041.895788][T15888] Uninit was stored to memory at: [ 3041.900821][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.906543][T15888] __msan_chain_origin+0x50/0x90 [ 3041.911570][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.916797][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.921758][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.926263][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3041.930948][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3041.937053][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3041.943337][T15888] __do_fast_syscall_32+0x129/0x180 [ 3041.948547][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3041.953417][T15888] do_SYSENTER_32+0x73/0x90 [ 3041.957915][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3041.965016][T15888] [ 3041.967405][T15888] Uninit was stored to memory at: [ 3041.972450][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3041.978163][T15888] __msan_chain_origin+0x50/0x90 [ 3041.983109][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3041.988221][T15888] get_compat_msghdr+0x108/0x2b0 [ 3041.993147][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3041.997654][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.002332][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.008397][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.014576][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.019790][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.024631][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.029147][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.035460][T15888] [ 3042.037794][T15888] Uninit was stored to memory at: [ 3042.042906][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.049615][T15888] __msan_chain_origin+0x50/0x90 [ 3042.054571][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.059691][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.064631][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.069143][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.073833][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.079895][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.086132][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.091338][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.096227][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.100746][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.107064][T15888] [ 3042.109420][T15888] Uninit was stored to memory at: [ 3042.114470][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.120468][T15888] __msan_chain_origin+0x50/0x90 [ 3042.125403][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.130516][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.136142][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.140642][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.145330][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.151407][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.157563][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.162783][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.167622][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.172116][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.178446][T15888] [ 3042.180774][T15888] Uninit was stored to memory at: [ 3042.185799][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.191534][T15888] __msan_chain_origin+0x50/0x90 [ 3042.196478][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.201675][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.206882][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.211387][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.216065][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.222129][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.228280][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.233491][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.238346][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.242850][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.249166][T15888] [ 3042.251518][T15888] Uninit was stored to memory at: [ 3042.256573][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.262293][T15888] __msan_chain_origin+0x50/0x90 [ 3042.267227][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.272347][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.277298][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.282773][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.287538][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.293602][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.300452][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.305666][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.310517][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.315044][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.321365][T15888] [ 3042.324055][T15888] Uninit was stored to memory at: [ 3042.329087][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.334809][T15888] __msan_chain_origin+0x50/0x90 [ 3042.339743][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.344872][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.349812][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.354306][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.358992][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.365051][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.371213][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.376423][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.381263][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.385756][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.392056][T15888] [ 3042.394367][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3042.401089][T15888] do_recvmmsg+0xbf/0x22b0 [ 3042.405493][T15888] do_recvmmsg+0xbf/0x22b0 [ 3042.436466][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3042.646535][T15888] not chained 290000 origins [ 3042.651192][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3042.659895][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3042.669975][T15888] Call Trace: [ 3042.673302][T15888] dump_stack+0x21c/0x280 [ 3042.677668][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3042.683451][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3042.688726][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3042.694387][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3042.700492][T15888] ? _copy_from_user+0x201/0x310 [ 3042.705456][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3042.710681][T15888] __msan_chain_origin+0x50/0x90 [ 3042.715680][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.720857][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.725840][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.730397][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3042.736693][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3042.741983][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3042.747262][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3042.752024][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3042.756783][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.762422][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3042.767625][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.773696][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.779853][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.785133][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.790041][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.794554][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.800881][T15888] RIP: 0023:0xf7fcb549 [ 3042.804956][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3042.829615][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3042.838046][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3042.846035][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3042.854112][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3042.862264][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3042.870336][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3042.878312][T15888] Uninit was stored to memory at: [ 3042.883341][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.889682][T15888] __msan_chain_origin+0x50/0x90 [ 3042.894625][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.899729][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.904657][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.909165][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.913868][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.920025][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.926175][T15888] __do_fast_syscall_32+0x129/0x180 [ 3042.931366][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3042.936232][T15888] do_SYSENTER_32+0x73/0x90 [ 3042.940743][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3042.947056][T15888] [ 3042.949372][T15888] Uninit was stored to memory at: [ 3042.954924][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3042.960629][T15888] __msan_chain_origin+0x50/0x90 [ 3042.965665][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3042.970779][T15888] get_compat_msghdr+0x108/0x2b0 [ 3042.975704][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3042.980479][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3042.985146][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3042.991204][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3042.997351][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.002545][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.007397][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.011907][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.018265][T15888] [ 3043.021293][T15888] Uninit was stored to memory at: [ 3043.026318][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.032380][T15888] __msan_chain_origin+0x50/0x90 [ 3043.037331][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.042627][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.047579][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.052086][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.056757][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.062829][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.069100][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.075530][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.081880][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.086403][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.092716][T15888] [ 3043.095034][T15888] Uninit was stored to memory at: [ 3043.100061][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.105783][T15888] __msan_chain_origin+0x50/0x90 [ 3043.110728][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.115830][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.120778][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.125291][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.129974][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.136053][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.142208][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.147423][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.152276][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.156807][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.163134][T15888] [ 3043.165560][T15888] Uninit was stored to memory at: [ 3043.170613][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.176435][T15888] __msan_chain_origin+0x50/0x90 [ 3043.181376][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.186497][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.191434][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.196027][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.200711][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.207655][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.213815][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.219011][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.224815][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.229315][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.235838][T15888] [ 3043.238167][T15888] Uninit was stored to memory at: [ 3043.246177][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.252095][T15888] __msan_chain_origin+0x50/0x90 [ 3043.257041][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.262168][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.267124][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.271662][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.276540][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.282698][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.288897][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.294105][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.299064][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.303588][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.309988][T15888] [ 3043.312393][T15888] Uninit was stored to memory at: [ 3043.317421][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.323141][T15888] __msan_chain_origin+0x50/0x90 [ 3043.328103][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.333235][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.338177][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.342682][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.347409][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.353476][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.359636][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.364821][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.369661][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.374158][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.380463][T15888] [ 3043.382779][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3043.389472][T15888] do_recvmmsg+0xbf/0x22b0 [ 3043.393889][T15888] do_recvmmsg+0xbf/0x22b0 [ 3043.484041][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3043.602736][T15888] not chained 300000 origins [ 3043.607386][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3043.616063][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3043.626215][T15888] Call Trace: [ 3043.629562][T15888] dump_stack+0x21c/0x280 [ 3043.633928][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3043.639713][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3043.644940][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3043.650511][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3043.656609][T15888] ? _copy_from_user+0x201/0x310 [ 3043.661581][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3043.666806][T15888] __msan_chain_origin+0x50/0x90 [ 3043.671777][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.676940][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.681929][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.686490][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3043.691822][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3043.697059][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3043.702370][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3043.707152][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3043.711940][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.716662][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3043.721889][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.728018][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.734198][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.739422][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.744322][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.748877][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.755224][T15888] RIP: 0023:0xf7fcb549 [ 3043.759332][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3043.778962][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3043.787407][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3043.795428][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3043.803420][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3043.811432][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3043.819453][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3043.827719][T15888] Uninit was stored to memory at: [ 3043.832862][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.838605][T15888] __msan_chain_origin+0x50/0x90 [ 3043.843572][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.848721][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.853735][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.858353][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.863062][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.869156][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.875339][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.880565][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.885446][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.890333][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.896676][T15888] [ 3043.899041][T15888] Uninit was stored to memory at: [ 3043.904099][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.909880][T15888] __msan_chain_origin+0x50/0x90 [ 3043.914847][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.920071][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.925120][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3043.929652][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3043.934355][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3043.941053][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3043.947234][T15888] __do_fast_syscall_32+0x129/0x180 [ 3043.952452][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3043.957320][T15888] do_SYSENTER_32+0x73/0x90 [ 3043.961845][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3043.968170][T15888] [ 3043.970525][T15888] Uninit was stored to memory at: [ 3043.975572][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3043.981310][T15888] __msan_chain_origin+0x50/0x90 [ 3043.986266][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3043.991388][T15888] get_compat_msghdr+0x108/0x2b0 [ 3043.996338][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.000860][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.005557][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.011639][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.017814][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.023041][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.027912][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.032437][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.038769][T15888] [ 3044.041100][T15888] Uninit was stored to memory at: [ 3044.046170][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.051898][T15888] __msan_chain_origin+0x50/0x90 [ 3044.056828][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.061948][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.066908][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.071411][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.076096][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.082212][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.088405][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.093601][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.099140][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.103652][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.109962][T15888] [ 3044.113172][T15888] Uninit was stored to memory at: [ 3044.119076][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.124788][T15888] __msan_chain_origin+0x50/0x90 [ 3044.129720][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.134839][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.139797][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.144648][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.149328][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.155391][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.161541][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.166737][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.171582][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.176077][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.182408][T15888] [ 3044.184734][T15888] Uninit was stored to memory at: [ 3044.189765][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.195508][T15888] __msan_chain_origin+0x50/0x90 [ 3044.200453][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.205591][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.210522][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.215108][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.219881][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.225960][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.232123][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.237324][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.242174][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.247656][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.253972][T15888] [ 3044.256291][T15888] Uninit was stored to memory at: [ 3044.261314][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.267050][T15888] __msan_chain_origin+0x50/0x90 [ 3044.272012][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.277128][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.282068][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.286576][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.291288][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.297370][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.303550][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.308807][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.313677][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.318198][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.325138][T15888] [ 3044.327455][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3044.334130][T15888] do_recvmmsg+0xbf/0x22b0 [ 3044.338560][T15888] do_recvmmsg+0xbf/0x22b0 [ 3044.515393][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3044.598104][T15888] not chained 310000 origins [ 3044.602766][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3044.611466][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3044.622363][T15888] Call Trace: [ 3044.625674][T15888] dump_stack+0x21c/0x280 [ 3044.630039][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3044.635837][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3044.641076][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3044.646664][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3044.652840][T15888] ? _copy_from_user+0x201/0x310 [ 3044.657786][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3044.663025][T15888] __msan_chain_origin+0x50/0x90 [ 3044.667988][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.669493][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3044.673147][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.673209][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.690794][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3044.696132][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3044.701371][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3044.706699][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3044.711498][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3044.716303][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.721039][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3044.726317][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.732461][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.738851][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.744117][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.749004][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.753661][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.760032][T15888] RIP: 0023:0xf7fcb549 [ 3044.764129][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3044.785580][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3044.794011][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3044.802008][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3044.809978][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3044.817967][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3044.825943][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3044.833932][T15888] Uninit was stored to memory at: [ 3044.839000][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.844743][T15888] __msan_chain_origin+0x50/0x90 [ 3044.849696][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.854820][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.859857][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.864381][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.869081][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.875208][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.882435][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.887671][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.892541][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.897042][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.903369][T15888] [ 3044.905681][T15888] Uninit was stored to memory at: [ 3044.910758][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.916570][T15888] __msan_chain_origin+0x50/0x90 [ 3044.921535][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.926675][T15888] get_compat_msghdr+0x108/0x2b0 [ 3044.931635][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3044.936148][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3044.940851][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3044.946937][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3044.953115][T15888] __do_fast_syscall_32+0x129/0x180 [ 3044.958316][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3044.963209][T15888] do_SYSENTER_32+0x73/0x90 [ 3044.967740][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3044.974050][T15888] [ 3044.976365][T15888] Uninit was stored to memory at: [ 3044.981399][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3044.987141][T15888] __msan_chain_origin+0x50/0x90 [ 3044.992112][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3044.997238][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.002173][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.007279][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.011977][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.018042][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.024195][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.029394][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.034262][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.038804][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.045142][T15888] [ 3045.047457][T15888] Uninit was stored to memory at: [ 3045.052505][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.058265][T15888] __msan_chain_origin+0x50/0x90 [ 3045.063289][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.068420][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.073371][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.077903][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.082607][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.088705][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.094873][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.100084][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.104968][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.109607][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.115932][T15888] [ 3045.118252][T15888] Uninit was stored to memory at: [ 3045.123278][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.129094][T15888] __msan_chain_origin+0x50/0x90 [ 3045.134053][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.139175][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.144381][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.148888][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.153587][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.159685][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.165857][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.171070][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.175935][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.180478][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.186807][T15888] [ 3045.189143][T15888] Uninit was stored to memory at: [ 3045.194233][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.199987][T15888] __msan_chain_origin+0x50/0x90 [ 3045.204937][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.210057][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.215016][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.219543][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.224249][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.230313][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.236479][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.241722][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.246575][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.251708][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.258021][T15888] [ 3045.260343][T15888] Uninit was stored to memory at: [ 3045.265395][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.271116][T15888] __msan_chain_origin+0x50/0x90 [ 3045.276062][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.282838][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.287859][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.292371][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.297078][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.303620][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.309814][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.315167][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.320043][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.324574][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.330920][T15888] [ 3045.333260][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3045.340030][T15888] do_recvmmsg+0xbf/0x22b0 [ 3045.344483][T15888] do_recvmmsg+0xbf/0x22b0 [ 3045.376856][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3045.561122][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3045.600062][T15888] not chained 320000 origins [ 3045.604714][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3045.613416][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3045.623516][T15888] Call Trace: [ 3045.626890][T15888] dump_stack+0x21c/0x280 [ 3045.631270][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3045.637055][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3045.642285][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3045.647865][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3045.653970][T15888] ? _copy_from_user+0x201/0x310 [ 3045.658973][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3045.664203][T15888] __msan_chain_origin+0x50/0x90 [ 3045.669177][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.674344][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.679335][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.684195][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3045.689553][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3045.694911][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3045.700235][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3045.705026][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3045.709849][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.714571][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3045.719811][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.726010][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.732215][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.737715][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.742625][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.747162][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.753599][T15888] RIP: 0023:0xf7fcb549 [ 3045.757687][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3045.778551][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3045.787076][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3045.795079][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3045.803069][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3045.811082][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3045.819316][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3045.827294][T15888] Uninit was stored to memory at: [ 3045.832338][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.838055][T15888] __msan_chain_origin+0x50/0x90 [ 3045.843030][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.848168][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.853124][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.857642][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.862347][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.868439][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.874634][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.879843][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.884687][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.889226][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.895561][T15888] [ 3045.897897][T15888] Uninit was stored to memory at: [ 3045.902941][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.908712][T15888] __msan_chain_origin+0x50/0x90 [ 3045.913687][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.918810][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.923761][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.928274][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3045.932967][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3045.939124][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3045.945298][T15888] __do_fast_syscall_32+0x129/0x180 [ 3045.950512][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3045.955382][T15888] do_SYSENTER_32+0x73/0x90 [ 3045.959904][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3045.966216][T15888] [ 3045.968537][T15888] Uninit was stored to memory at: [ 3045.973758][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3045.979526][T15888] __msan_chain_origin+0x50/0x90 [ 3045.984475][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3045.989605][T15888] get_compat_msghdr+0x108/0x2b0 [ 3045.994555][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3045.999054][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.003729][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.009809][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.015992][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.021188][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.026049][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.030566][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.036892][T15888] [ 3046.039313][T15888] Uninit was stored to memory at: [ 3046.044355][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.050172][T15888] __msan_chain_origin+0x50/0x90 [ 3046.055122][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.060248][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.065205][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.069732][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.074524][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.080610][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.086793][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.092011][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.096891][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.101440][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.107758][T15888] [ 3046.110096][T15888] Uninit was stored to memory at: [ 3046.115754][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.121484][T15888] __msan_chain_origin+0x50/0x90 [ 3046.126411][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.131525][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.136478][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.140969][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.145632][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.151693][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.157847][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.163041][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.167884][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.172399][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.178723][T15888] [ 3046.181044][T15888] Uninit was stored to memory at: [ 3046.186062][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.191789][T15888] __msan_chain_origin+0x50/0x90 [ 3046.196740][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.201868][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.206821][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.211338][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.216041][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.222101][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.228254][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.233444][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.238299][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.242800][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.249121][T15888] [ 3046.251460][T15888] Uninit was stored to memory at: [ 3046.256494][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.262217][T15888] __msan_chain_origin+0x50/0x90 [ 3046.267145][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.272259][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.277185][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.281697][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.286384][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.292441][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.298863][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.304162][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.309024][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.313556][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.319905][T15888] [ 3046.322236][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3046.328925][T15888] do_recvmmsg+0xbf/0x22b0 [ 3046.333348][T15888] do_recvmmsg+0xbf/0x22b0 [ 3046.483345][T15888] not chained 330000 origins [ 3046.488007][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3046.496704][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3046.507125][T15888] Call Trace: [ 3046.510481][T15888] dump_stack+0x21c/0x280 [ 3046.514848][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3046.520650][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3046.525884][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3046.531489][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3046.537611][T15888] ? _copy_from_user+0x201/0x310 [ 3046.543542][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3046.548866][T15888] __msan_chain_origin+0x50/0x90 [ 3046.554012][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.559457][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.564431][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.568997][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3046.574354][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3046.579596][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3046.585273][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3046.590322][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3046.595120][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.599839][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3046.605096][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.611225][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.617419][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.622668][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.627565][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.632107][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.638456][T15888] RIP: 0023:0xf7fcb549 [ 3046.642635][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3046.662263][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3046.670709][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3046.678732][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3046.686752][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3046.694747][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3046.702741][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3046.710768][T15888] Uninit was stored to memory at: [ 3046.715825][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.721582][T15888] __msan_chain_origin+0x50/0x90 [ 3046.726571][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.731711][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.736698][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.741224][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.746359][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.752454][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.758645][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.764395][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.769268][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.773797][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.780147][T15888] [ 3046.782484][T15888] Uninit was stored to memory at: [ 3046.787531][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.793276][T15888] __msan_chain_origin+0x50/0x90 [ 3046.798234][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.803394][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.808353][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.812873][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.817567][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.823656][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.829840][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.835069][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.839940][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.844466][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.850795][T15888] [ 3046.853131][T15888] Uninit was stored to memory at: [ 3046.858184][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.863953][T15888] __msan_chain_origin+0x50/0x90 [ 3046.868946][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.874088][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.879053][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.883608][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.888311][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.894406][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.900720][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.906018][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.910905][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.915435][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.921767][T15888] [ 3046.924112][T15888] Uninit was stored to memory at: [ 3046.929165][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3046.934912][T15888] __msan_chain_origin+0x50/0x90 [ 3046.939908][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3046.945235][T15888] get_compat_msghdr+0x108/0x2b0 [ 3046.950194][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3046.954716][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3046.959421][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3046.965530][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3046.971709][T15888] __do_fast_syscall_32+0x129/0x180 [ 3046.976953][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3046.981913][T15888] do_SYSENTER_32+0x73/0x90 [ 3046.986440][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3046.992783][T15888] [ 3046.995132][T15888] Uninit was stored to memory at: [ 3047.000633][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.006384][T15888] __msan_chain_origin+0x50/0x90 [ 3047.011347][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.016480][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.021526][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.026305][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.031004][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.037105][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.043343][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.048665][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.053563][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.058091][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.064425][T15888] [ 3047.066756][T15888] Uninit was stored to memory at: [ 3047.071824][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.077573][T15888] __msan_chain_origin+0x50/0x90 [ 3047.082542][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.088350][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.093296][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.097878][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.102574][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.108748][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.114912][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.120104][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.124942][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.129458][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.135791][T15888] [ 3047.138106][T15888] Uninit was stored to memory at: [ 3047.143231][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.148951][T15888] __msan_chain_origin+0x50/0x90 [ 3047.153894][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.159020][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.163971][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.168481][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.173180][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.179265][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.185533][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.190740][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.195612][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.200147][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.206476][T15888] [ 3047.208803][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3047.215482][T15888] do_recvmmsg+0xbf/0x22b0 [ 3047.219888][T15888] do_recvmmsg+0xbf/0x22b0 [ 3047.267003][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3047.404131][T15888] not chained 340000 origins [ 3047.408777][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3047.417432][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3047.428188][T15888] Call Trace: [ 3047.431491][T15888] dump_stack+0x21c/0x280 [ 3047.435836][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3047.441607][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3047.446832][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3047.452382][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3047.458466][T15888] ? _copy_from_user+0x201/0x310 [ 3047.463421][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3047.468636][T15888] __msan_chain_origin+0x50/0x90 [ 3047.473585][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.478716][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.483674][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.488194][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3047.493499][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3047.498702][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3047.503984][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3047.508761][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3047.513532][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.518230][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3047.523444][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.529540][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.535868][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.541351][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.546234][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.550753][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.557098][T15888] RIP: 0023:0xf7fcb549 [ 3047.561171][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3047.580780][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3047.590952][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3047.598920][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3047.606972][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3047.615277][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3047.623249][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3047.631322][T15888] Uninit was stored to memory at: [ 3047.636534][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.642265][T15888] __msan_chain_origin+0x50/0x90 [ 3047.647221][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.652356][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.657292][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.661799][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.666468][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.672632][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.678795][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.683987][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.688880][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.693402][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.699707][T15888] [ 3047.702029][T15888] Uninit was stored to memory at: [ 3047.707049][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.712777][T15888] __msan_chain_origin+0x50/0x90 [ 3047.717710][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.722812][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.727738][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.732241][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.736911][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.742979][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.749145][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.754358][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.759198][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.763691][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.769994][T15888] [ 3047.772302][T15888] Uninit was stored to memory at: [ 3047.777354][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.783060][T15888] __msan_chain_origin+0x50/0x90 [ 3047.788007][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.793115][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.798055][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.802546][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.807215][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.813273][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.819441][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.824638][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.829493][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.833990][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.840297][T15888] [ 3047.842617][T15888] Uninit was stored to memory at: [ 3047.847656][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.853389][T15888] __msan_chain_origin+0x50/0x90 [ 3047.858320][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.863515][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.868497][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.873016][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.877700][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.883765][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.889917][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.895223][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.900075][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.904585][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.910930][T15888] [ 3047.913248][T15888] Uninit was stored to memory at: [ 3047.918290][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.924008][T15888] __msan_chain_origin+0x50/0x90 [ 3047.928959][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3047.934064][T15888] get_compat_msghdr+0x108/0x2b0 [ 3047.939012][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3047.943517][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3047.948202][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3047.954373][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3047.960543][T15888] __do_fast_syscall_32+0x129/0x180 [ 3047.965744][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3047.970630][T15888] do_SYSENTER_32+0x73/0x90 [ 3047.975157][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3047.981464][T15888] [ 3047.983778][T15888] Uninit was stored to memory at: [ 3047.988796][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3047.994528][T15888] __msan_chain_origin+0x50/0x90 [ 3047.999475][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.004839][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.009792][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.014304][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.018987][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.025067][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.031233][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.036425][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.041272][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.045773][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.052112][T15888] [ 3048.054435][T15888] Uninit was stored to memory at: [ 3048.059472][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.065223][T15888] __msan_chain_origin+0x50/0x90 [ 3048.070190][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.075299][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.080226][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.084727][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.089396][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.095451][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.101619][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.106805][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.111645][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.116161][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.122487][T15888] [ 3048.124829][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3048.131500][T15888] do_recvmmsg+0xbf/0x22b0 [ 3048.135940][T15888] do_recvmmsg+0xbf/0x22b0 [ 3048.192871][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3048.275233][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3048.378331][T15888] not chained 350000 origins [ 3048.382975][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3048.391659][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3048.402879][T15888] Call Trace: [ 3048.406194][T15888] dump_stack+0x21c/0x280 [ 3048.410567][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3048.416347][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3048.421595][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3048.427168][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3048.433279][T15888] ? _copy_from_user+0x201/0x310 [ 3048.438247][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3048.443468][T15888] __msan_chain_origin+0x50/0x90 [ 3048.448432][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.454486][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.459474][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.464038][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3048.469406][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3048.474849][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3048.480533][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3048.485321][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3048.490126][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.495189][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3048.500418][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.506671][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.512862][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.518087][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.522974][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.527512][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.533882][T15888] RIP: 0023:0xf7fcb549 [ 3048.537966][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3048.557589][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3048.566047][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3048.574143][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3048.582146][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3048.591008][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3048.599016][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3048.607044][T15888] Uninit was stored to memory at: [ 3048.612109][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.617857][T15888] __msan_chain_origin+0x50/0x90 [ 3048.622825][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.627960][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.632931][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.637448][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.642167][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.648255][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.654433][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.659663][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.664511][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.669027][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.676497][T15888] [ 3048.678817][T15888] Uninit was stored to memory at: [ 3048.683862][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.689605][T15888] __msan_chain_origin+0x50/0x90 [ 3048.695114][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.700217][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.705149][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.709660][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.714329][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.720516][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.726708][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.731913][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.736748][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.741254][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.747578][T15888] [ 3048.749890][T15888] Uninit was stored to memory at: [ 3048.754970][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.760694][T15888] __msan_chain_origin+0x50/0x90 [ 3048.765633][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.770751][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.775695][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.780315][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.784982][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.791054][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.797223][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.802434][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.807278][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.811800][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.818114][T15888] [ 3048.820471][T15888] Uninit was stored to memory at: [ 3048.825489][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.831228][T15888] __msan_chain_origin+0x50/0x90 [ 3048.836186][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.841302][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.846226][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.850745][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.855448][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.861541][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.867691][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.872897][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.877773][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.882271][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.888586][T15888] [ 3048.890924][T15888] Uninit was stored to memory at: [ 3048.895951][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.901665][T15888] __msan_chain_origin+0x50/0x90 [ 3048.906594][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.911736][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.916673][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.921181][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.925882][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3048.931958][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3048.938116][T15888] __do_fast_syscall_32+0x129/0x180 [ 3048.943332][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3048.948290][T15888] do_SYSENTER_32+0x73/0x90 [ 3048.952785][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3048.959098][T15888] [ 3048.961433][T15888] Uninit was stored to memory at: [ 3048.966588][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3048.972313][T15888] __msan_chain_origin+0x50/0x90 [ 3048.977261][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3048.982493][T15888] get_compat_msghdr+0x108/0x2b0 [ 3048.987766][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3048.992257][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3048.997030][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.003110][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.009263][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.014497][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.019345][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.023852][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.030358][T15888] [ 3049.032696][T15888] Uninit was stored to memory at: [ 3049.037720][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.043434][T15888] __msan_chain_origin+0x50/0x90 [ 3049.048444][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.053595][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.058558][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.063089][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.067786][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.073856][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.080121][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.085326][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.090205][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.094719][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.101044][T15888] [ 3049.103359][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3049.110286][T15888] do_recvmmsg+0xbf/0x22b0 [ 3049.114708][T15888] do_recvmmsg+0xbf/0x22b0 [ 3049.273976][T15888] not chained 360000 origins [ 3049.278652][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3049.287332][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3049.297405][T15888] Call Trace: [ 3049.300740][T15888] dump_stack+0x21c/0x280 [ 3049.305117][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3049.310940][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3049.316167][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3049.321743][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3049.328013][T15888] ? _copy_from_user+0x201/0x310 [ 3049.333015][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3049.338243][T15888] __msan_chain_origin+0x50/0x90 [ 3049.343209][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.348382][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.353376][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.357949][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3049.363303][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3049.368637][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3049.373970][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3049.378770][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3049.383571][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.388286][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3049.393509][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.399642][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.406262][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.411510][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.416385][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.420917][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.427257][T15888] RIP: 0023:0xf7fcb549 [ 3049.431339][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3049.450963][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3049.459398][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3049.467406][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3049.475392][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3049.483386][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3049.491374][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3049.499399][T15888] Uninit was stored to memory at: [ 3049.504448][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.510194][T15888] __msan_chain_origin+0x50/0x90 [ 3049.515192][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.520349][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.525298][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.529811][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.534504][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.540584][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.546769][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.552080][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.556961][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.561483][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.567812][T15888] [ 3049.570145][T15888] Uninit was stored to memory at: [ 3049.576148][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.581886][T15888] __msan_chain_origin+0x50/0x90 [ 3049.586842][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.591968][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.596938][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.601458][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.606158][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.612250][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.618506][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.623717][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.628581][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.633100][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.639424][T15888] [ 3049.641769][T15888] Uninit was stored to memory at: [ 3049.646815][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.652652][T15888] __msan_chain_origin+0x50/0x90 [ 3049.657608][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.662790][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.667745][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.672266][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.676965][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.683052][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.689228][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.694445][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.699335][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.703857][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.710204][T15888] [ 3049.712539][T15888] Uninit was stored to memory at: [ 3049.717584][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.723324][T15888] __msan_chain_origin+0x50/0x90 [ 3049.728291][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.733425][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.738367][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.742959][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.747673][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.753731][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.759895][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.765118][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.769978][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.774503][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.780826][T15888] [ 3049.783154][T15888] Uninit was stored to memory at: [ 3049.788183][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.795046][T15888] __msan_chain_origin+0x50/0x90 [ 3049.800016][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.805159][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.810126][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.815610][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.820299][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.826376][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.832545][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.837767][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.842631][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.847145][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.853459][T15888] [ 3049.855898][T15888] Uninit was stored to memory at: [ 3049.860943][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.866678][T15888] __msan_chain_origin+0x50/0x90 [ 3049.871640][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.876756][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.881693][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.886191][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.890874][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.905986][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.912140][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.917436][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.922281][T15888] do_SYSENTER_32+0x73/0x90 [ 3049.930709][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3049.937039][T15888] [ 3049.939369][T15888] Uninit was stored to memory at: [ 3049.944404][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3049.950131][T15888] __msan_chain_origin+0x50/0x90 [ 3049.955091][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3049.960991][T15888] get_compat_msghdr+0x108/0x2b0 [ 3049.965962][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3049.970472][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3049.975157][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3049.981215][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3049.987384][T15888] __do_fast_syscall_32+0x129/0x180 [ 3049.992791][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3049.998244][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.002779][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.009105][T15888] [ 3050.011442][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3050.018117][T15888] do_recvmmsg+0xbf/0x22b0 [ 3050.022563][T15888] do_recvmmsg+0xbf/0x22b0 [ 3050.061057][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3050.236627][T15888] not chained 370000 origins [ 3050.241300][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3050.250092][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3050.260183][T15888] Call Trace: [ 3050.263602][T15888] dump_stack+0x21c/0x280 [ 3050.267968][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3050.273871][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3050.279123][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3050.284723][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3050.290846][T15888] ? _copy_from_user+0x201/0x310 [ 3050.295816][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3050.301030][T15888] __msan_chain_origin+0x50/0x90 [ 3050.306096][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.311270][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.316216][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.320774][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3050.326089][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3050.335752][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3050.341055][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3050.345826][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3050.350606][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.355297][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3050.360514][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.366599][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.372774][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.378182][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.383034][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.387543][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.393856][T15888] RIP: 0023:0xf7fcb549 [ 3050.397913][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3050.417597][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3050.426014][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3050.433999][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3050.441964][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3050.449941][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3050.457904][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3050.466240][T15888] Uninit was stored to memory at: [ 3050.471268][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.476991][T15888] __msan_chain_origin+0x50/0x90 [ 3050.481952][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.487069][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.491995][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.496586][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.501267][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.507352][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.513512][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.518746][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.523614][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.528213][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.534522][T15888] [ 3050.536871][T15888] Uninit was stored to memory at: [ 3050.542161][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.547896][T15888] __msan_chain_origin+0x50/0x90 [ 3050.552844][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.557943][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.562893][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.567399][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.572094][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.578167][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.584328][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.589543][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.594429][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.598960][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.605282][T15888] [ 3050.607597][T15888] Uninit was stored to memory at: [ 3050.612703][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.618419][T15888] __msan_chain_origin+0x50/0x90 [ 3050.623366][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.628510][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.633455][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.637959][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.642638][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.648736][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.654904][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.660128][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.665000][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.669513][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.675842][T15888] [ 3050.678159][T15888] Uninit was stored to memory at: [ 3050.683213][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.688924][T15888] __msan_chain_origin+0x50/0x90 [ 3050.693851][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.698968][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.703918][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.708434][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.713207][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.719282][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.725453][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.730671][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.735538][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.740047][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.746363][T15888] [ 3050.748680][T15888] Uninit was stored to memory at: [ 3050.754065][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.759806][T15888] __msan_chain_origin+0x50/0x90 [ 3050.764748][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.769848][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.774773][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.779274][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.783953][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.790029][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.796194][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.801429][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.806285][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.810792][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.817109][T15888] [ 3050.819424][T15888] Uninit was stored to memory at: [ 3050.824471][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.830225][T15888] __msan_chain_origin+0x50/0x90 [ 3050.835178][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.840310][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.845270][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.849799][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.854492][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.860570][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.866755][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.871946][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.876795][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.881322][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.887639][T15888] [ 3050.889953][T15888] Uninit was stored to memory at: [ 3050.894987][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3050.900716][T15888] __msan_chain_origin+0x50/0x90 [ 3050.905669][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3050.910777][T15888] get_compat_msghdr+0x108/0x2b0 [ 3050.915722][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3050.920236][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3050.924936][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3050.931017][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3050.937176][T15888] __do_fast_syscall_32+0x129/0x180 [ 3050.942379][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3050.947253][T15888] do_SYSENTER_32+0x73/0x90 [ 3050.951763][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3050.958086][T15888] [ 3050.960428][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3050.967225][T15888] do_recvmmsg+0xbf/0x22b0 [ 3050.971629][T15888] do_recvmmsg+0xbf/0x22b0 [ 3051.076880][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3051.217748][T15888] not chained 380000 origins [ 3051.222393][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3051.231070][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3051.241161][T15888] Call Trace: [ 3051.244482][T15888] dump_stack+0x21c/0x280 [ 3051.248845][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3051.254627][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3051.259847][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3051.265417][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3051.271512][T15888] ? _copy_from_user+0x201/0x310 [ 3051.276481][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3051.281708][T15888] __msan_chain_origin+0x50/0x90 [ 3051.286762][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.292015][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.296993][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.301550][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3051.306878][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3051.312108][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3051.317416][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3051.322202][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3051.326997][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.331717][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3051.336965][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.343263][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.349448][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.354677][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.359561][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.364091][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.370428][T15888] RIP: 0023:0xf7fcb549 [ 3051.374511][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3051.394304][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3051.402712][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3051.410677][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3051.418643][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3051.426624][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3051.434609][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3051.442601][T15888] Uninit was stored to memory at: [ 3051.447645][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.453351][T15888] __msan_chain_origin+0x50/0x90 [ 3051.458292][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.463414][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.468342][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.472840][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.477525][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.483583][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.489744][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.494929][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.499766][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.504258][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.510572][T15888] [ 3051.512881][T15888] Uninit was stored to memory at: [ 3051.517893][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.523603][T15888] __msan_chain_origin+0x50/0x90 [ 3051.528554][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.533665][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.538600][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.543104][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.547781][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.553848][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.559991][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.565204][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.570041][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.574545][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.580845][T15888] [ 3051.583169][T15888] Uninit was stored to memory at: [ 3051.588186][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.593903][T15888] __msan_chain_origin+0x50/0x90 [ 3051.598852][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.604023][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.608970][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.613461][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.618139][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.624196][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.630353][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.635549][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.640403][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.645091][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.651395][T15888] [ 3051.653732][T15888] Uninit was stored to memory at: [ 3051.658747][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.665160][T15888] __msan_chain_origin+0x50/0x90 [ 3051.670087][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.675203][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.681007][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.685497][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.690165][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.696405][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.702554][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.707746][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.712612][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.717117][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.723440][T15888] [ 3051.725770][T15888] Uninit was stored to memory at: [ 3051.730801][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.736507][T15888] __msan_chain_origin+0x50/0x90 [ 3051.741444][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.746563][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.751671][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.756173][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.760844][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.766907][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.773057][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.778257][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.783586][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.788289][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.795292][T15888] [ 3051.797883][T15888] Uninit was stored to memory at: [ 3051.802911][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.808622][T15888] __msan_chain_origin+0x50/0x90 [ 3051.813550][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.818649][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.823571][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.828079][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.832755][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.838822][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.844987][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.850211][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.855053][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.859591][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.865916][T15888] [ 3051.868240][T15888] Uninit was stored to memory at: [ 3051.873267][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3051.878975][T15888] __msan_chain_origin+0x50/0x90 [ 3051.883905][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3051.889006][T15888] get_compat_msghdr+0x108/0x2b0 [ 3051.893927][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3051.898439][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3051.903105][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3051.909163][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3051.916005][T15888] __do_fast_syscall_32+0x129/0x180 [ 3051.921195][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3051.926032][T15888] do_SYSENTER_32+0x73/0x90 [ 3051.930540][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3051.936852][T15888] [ 3051.939680][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3051.946364][T15888] do_recvmmsg+0xbf/0x22b0 [ 3051.950784][T15888] do_recvmmsg+0xbf/0x22b0 [ 3052.002510][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3052.113142][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3052.176123][T15888] not chained 390000 origins [ 3052.180772][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3052.189446][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3052.199508][T15888] Call Trace: [ 3052.202824][T15888] dump_stack+0x21c/0x280 [ 3052.207184][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3052.212963][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3052.218180][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3052.223781][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3052.229881][T15888] ? _copy_from_user+0x201/0x310 [ 3052.234848][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3052.240072][T15888] __msan_chain_origin+0x50/0x90 [ 3052.245141][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.250303][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.255278][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.259835][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3052.265160][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3052.270387][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3052.275698][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3052.280473][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3052.285258][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.289968][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3052.295194][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.301316][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.307499][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.312729][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.317623][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.322155][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.328497][T15888] RIP: 0023:0xf7fcb549 [ 3052.332578][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3052.352201][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3052.360651][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3052.368649][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3052.376639][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3052.384635][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3052.392634][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3052.400727][T15888] Uninit was stored to memory at: [ 3052.405774][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.411511][T15888] __msan_chain_origin+0x50/0x90 [ 3052.416465][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.421625][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.426592][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.431109][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.435810][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.441893][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.448061][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.453271][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.458161][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.462687][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.469013][T15888] [ 3052.471342][T15888] Uninit was stored to memory at: [ 3052.476388][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.482128][T15888] __msan_chain_origin+0x50/0x90 [ 3052.487082][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.492229][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.497180][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.501709][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.506402][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.512489][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.518664][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.524019][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.528883][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.533428][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.539762][T15888] [ 3052.542089][T15888] Uninit was stored to memory at: [ 3052.547135][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.552876][T15888] __msan_chain_origin+0x50/0x90 [ 3052.557834][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.562980][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.567938][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.572469][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.577192][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.583276][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.589446][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.594653][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.599514][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.604035][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.611037][T15888] [ 3052.613364][T15888] Uninit was stored to memory at: [ 3052.618383][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.624092][T15888] __msan_chain_origin+0x50/0x90 [ 3052.629047][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.634154][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.639099][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.643635][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.648411][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.654466][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.660662][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.665885][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.671280][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.675843][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.682194][T15888] [ 3052.685467][T15888] Uninit was stored to memory at: [ 3052.690502][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.696234][T15888] __msan_chain_origin+0x50/0x90 [ 3052.701176][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.706278][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.711203][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.715707][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.720389][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.726457][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.732630][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.737830][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.742814][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.747330][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.753731][T15888] [ 3052.756066][T15888] Uninit was stored to memory at: [ 3052.761197][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.766922][T15888] __msan_chain_origin+0x50/0x90 [ 3052.771912][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.777025][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.781965][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.786507][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.791189][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.797262][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.803867][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.809070][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.813932][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.818427][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.824751][T15888] [ 3052.827063][T15888] Uninit was stored to memory at: [ 3052.832101][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3052.837832][T15888] __msan_chain_origin+0x50/0x90 [ 3052.842779][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3052.847895][T15888] get_compat_msghdr+0x108/0x2b0 [ 3052.852825][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3052.857317][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3052.862017][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3052.868122][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3052.874309][T15888] __do_fast_syscall_32+0x129/0x180 [ 3052.879520][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3052.884396][T15888] do_SYSENTER_32+0x73/0x90 [ 3052.888943][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3052.895283][T15888] [ 3052.897622][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3052.904289][T15888] do_recvmmsg+0xbf/0x22b0 [ 3052.909054][T15888] do_recvmmsg+0xbf/0x22b0 [ 3053.108911][T15888] not chained 400000 origins [ 3053.113580][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3053.122266][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3053.132351][T15888] Call Trace: [ 3053.135685][T15888] dump_stack+0x21c/0x280 [ 3053.140050][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3053.145804][T15888] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3053.151650][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3053.156899][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3053.162440][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3053.168547][T15888] ? _copy_from_user+0x201/0x310 [ 3053.173604][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3053.178834][T15888] __msan_chain_origin+0x50/0x90 [ 3053.183784][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.189005][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.193987][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.198542][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3053.203867][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3053.209066][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3053.214348][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3053.219134][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3053.223927][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.228644][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3053.233857][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.239947][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.246143][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.251348][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.256210][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.260719][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.267045][T15888] RIP: 0023:0xf7fcb549 [ 3053.271105][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3053.290719][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3053.299178][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3053.307959][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3053.315929][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3053.323912][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3053.331891][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3053.339890][T15888] Uninit was stored to memory at: [ 3053.344922][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.350637][T15888] __msan_chain_origin+0x50/0x90 [ 3053.355574][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.360692][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.365632][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.370155][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.374830][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.380930][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.387130][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.392344][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.397204][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.401701][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.408008][T15888] [ 3053.410328][T15888] Uninit was stored to memory at: [ 3053.417830][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.423679][T15888] __msan_chain_origin+0x50/0x90 [ 3053.429140][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.434250][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.439213][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.443908][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.448618][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.454781][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.460927][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.467210][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.472242][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.477020][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.483359][T15888] [ 3053.485703][T15888] Uninit was stored to memory at: [ 3053.490744][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.496482][T15888] __msan_chain_origin+0x50/0x90 [ 3053.501416][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.506518][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.511495][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.516004][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.520689][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.526781][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.532928][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.538210][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.543139][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.547646][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.553956][T15888] [ 3053.556294][T15888] Uninit was stored to memory at: [ 3053.562113][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.567826][T15888] __msan_chain_origin+0x50/0x90 [ 3053.572857][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.577982][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.582924][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.587465][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.592148][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.598211][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.604375][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.609579][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.614423][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.618939][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.625244][T15888] [ 3053.627565][T15888] Uninit was stored to memory at: [ 3053.632614][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.638352][T15888] __msan_chain_origin+0x50/0x90 [ 3053.643295][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.648416][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.653352][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.657870][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.662570][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.670386][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.676534][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.681737][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.686607][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.691125][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.697447][T15888] [ 3053.699773][T15888] Uninit was stored to memory at: [ 3053.704810][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.710538][T15888] __msan_chain_origin+0x50/0x90 [ 3053.715492][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.720597][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.725543][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.730041][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.734708][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.741154][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.747489][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.752683][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.757525][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.762035][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.768340][T15888] [ 3053.770661][T15888] Uninit was stored to memory at: [ 3053.775707][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3053.781453][T15888] __msan_chain_origin+0x50/0x90 [ 3053.786383][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3053.791489][T15888] get_compat_msghdr+0x108/0x2b0 [ 3053.796414][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3053.800919][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3053.805602][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3053.811770][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3053.818271][T15888] __do_fast_syscall_32+0x129/0x180 [ 3053.823465][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3053.828425][T15888] do_SYSENTER_32+0x73/0x90 [ 3053.832935][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3053.839241][T15888] [ 3053.841555][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3053.848225][T15888] do_recvmmsg+0xbf/0x22b0 [ 3053.852673][T15888] do_recvmmsg+0xbf/0x22b0 [ 3053.882397][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3054.136177][T15888] not chained 410000 origins [ 3054.140912][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3054.149595][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3054.159692][T15888] Call Trace: [ 3054.163747][T15888] dump_stack+0x21c/0x280 [ 3054.168110][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3054.173908][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3054.179139][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3054.184723][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3054.190845][T15888] ? _copy_from_user+0x201/0x310 [ 3054.195816][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3054.202103][T15888] __msan_chain_origin+0x50/0x90 [ 3054.207092][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.213063][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.219032][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.223604][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3054.228972][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3054.234230][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3054.239545][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3054.244329][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3054.249142][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.253864][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3054.259097][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.265206][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.271386][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.276711][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.281619][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.286162][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.293479][T15888] RIP: 0023:0xf7fcb549 [ 3054.297566][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3054.318157][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3054.326609][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3054.334614][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3054.342606][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3054.350600][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3054.358596][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3054.366603][T15888] Uninit was stored to memory at: [ 3054.371662][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.377386][T15888] __msan_chain_origin+0x50/0x90 [ 3054.382317][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.387427][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.392390][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.396880][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.401997][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.408078][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.414246][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.419531][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.424389][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.428907][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.435234][T15888] [ 3054.437564][T15888] Uninit was stored to memory at: [ 3054.442627][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.448362][T15888] __msan_chain_origin+0x50/0x90 [ 3054.453483][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.458702][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.463662][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.468167][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.472868][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.479109][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.485260][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.490467][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.495315][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.499817][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.506133][T15888] [ 3054.508482][T15888] Uninit was stored to memory at: [ 3054.513530][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.514691][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3054.519265][T15888] __msan_chain_origin+0x50/0x90 [ 3054.519287][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.519311][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.519329][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.519347][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.519368][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.519428][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.563924][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.569850][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.574744][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.579279][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.585613][T15888] [ 3054.588554][T15888] Uninit was stored to memory at: [ 3054.593604][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.599364][T15888] __msan_chain_origin+0x50/0x90 [ 3054.604334][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.609458][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.614415][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.619546][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.624245][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.630327][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.636506][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.642068][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.647457][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.652027][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.658353][T15888] [ 3054.660683][T15888] Uninit was stored to memory at: [ 3054.665726][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.671463][T15888] __msan_chain_origin+0x50/0x90 [ 3054.676419][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.681547][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.686506][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.691023][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.695723][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.701786][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.707931][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.713121][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.717961][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.722456][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.728767][T15888] [ 3054.731095][T15888] Uninit was stored to memory at: [ 3054.736127][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.741834][T15888] __msan_chain_origin+0x50/0x90 [ 3054.746776][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.751875][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.756819][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.761308][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.765976][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.772062][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.778224][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.783410][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.788249][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.792768][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.799073][T15888] [ 3054.801382][T15888] Uninit was stored to memory at: [ 3054.806422][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3054.812184][T15888] __msan_chain_origin+0x50/0x90 [ 3054.817215][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3054.822327][T15888] get_compat_msghdr+0x108/0x2b0 [ 3054.827270][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3054.831792][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3054.836549][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3054.842646][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3054.848917][T15888] __do_fast_syscall_32+0x129/0x180 [ 3054.854111][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3054.858988][T15888] do_SYSENTER_32+0x73/0x90 [ 3054.863529][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3054.869839][T15888] [ 3054.872159][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3054.878847][T15888] do_recvmmsg+0xbf/0x22b0 [ 3054.883317][T15888] do_recvmmsg+0xbf/0x22b0 [ 3054.940228][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3055.074467][T15888] not chained 420000 origins [ 3055.075514][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3055.079123][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3055.079135][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3055.079144][T15888] Call Trace: [ 3055.079180][T15888] dump_stack+0x21c/0x280 [ 3055.079216][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3055.079282][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3055.124581][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3055.130155][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3055.136592][T15888] ? _copy_from_user+0x201/0x310 [ 3055.141530][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3055.146902][T15888] __msan_chain_origin+0x50/0x90 [ 3055.151858][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.157005][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.161976][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.166506][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3055.171846][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3055.177091][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3055.182392][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3055.187150][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3055.191940][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.196664][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3055.201871][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.207951][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.214137][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.219383][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.224622][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.229175][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.235530][T15888] RIP: 0023:0xf7fcb549 [ 3055.239608][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3055.259344][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3055.267797][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3055.275787][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3055.283785][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3055.291769][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3055.299751][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3055.307757][T15888] Uninit was stored to memory at: [ 3055.312801][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.318690][T15888] __msan_chain_origin+0x50/0x90 [ 3055.323681][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.329368][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.334315][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.338819][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.343606][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.349691][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.355856][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.361055][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.365893][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.370402][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.376732][T15888] [ 3055.379050][T15888] Uninit was stored to memory at: [ 3055.384105][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.389831][T15888] __msan_chain_origin+0x50/0x90 [ 3055.394790][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.399923][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.404870][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.409378][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.414169][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.420246][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.426432][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.431952][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.436843][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.441357][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.448570][T15888] [ 3055.450923][T15888] Uninit was stored to memory at: [ 3055.456053][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.461789][T15888] __msan_chain_origin+0x50/0x90 [ 3055.466761][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.471960][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.476894][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.481392][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.486092][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.492169][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.498426][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.503638][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.508536][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.513079][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.519744][T15888] [ 3055.522071][T15888] Uninit was stored to memory at: [ 3055.527091][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.532828][T15888] __msan_chain_origin+0x50/0x90 [ 3055.537781][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.542923][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.547898][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.552402][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.557103][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.563182][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.569362][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.574583][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.579439][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.583966][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.590357][T15888] [ 3055.592684][T15888] Uninit was stored to memory at: [ 3055.597708][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.603419][T15888] __msan_chain_origin+0x50/0x90 [ 3055.608352][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.613468][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.618547][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.623324][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.627992][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.637099][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.643261][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.649164][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.654031][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.658556][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.664875][T15888] [ 3055.667200][T15888] Uninit was stored to memory at: [ 3055.672228][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.677959][T15888] __msan_chain_origin+0x50/0x90 [ 3055.682923][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.688044][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.692977][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.697476][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.702153][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.708228][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.714375][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.719576][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.724444][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.729149][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.735496][T15888] [ 3055.737831][T15888] Uninit was stored to memory at: [ 3055.742862][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3055.748603][T15888] __msan_chain_origin+0x50/0x90 [ 3055.753562][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3055.758680][T15888] get_compat_msghdr+0x108/0x2b0 [ 3055.763630][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3055.768145][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3055.772825][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3055.779252][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3055.785420][T15888] __do_fast_syscall_32+0x129/0x180 [ 3055.790824][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3055.795703][T15888] do_SYSENTER_32+0x73/0x90 [ 3055.800219][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3055.806567][T15888] [ 3055.808893][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3055.815589][T15888] do_recvmmsg+0xbf/0x22b0 [ 3055.820106][T15888] do_recvmmsg+0xbf/0x22b0 [ 3055.955629][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3055.996189][T15888] not chained 430000 origins [ 3056.000846][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3056.009660][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3056.019761][T15888] Call Trace: [ 3056.023089][T15888] dump_stack+0x21c/0x280 [ 3056.027502][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3056.033320][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3056.038554][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3056.044134][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3056.050261][T15888] ? _copy_from_user+0x201/0x310 [ 3056.055230][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3056.060452][T15888] __msan_chain_origin+0x50/0x90 [ 3056.065424][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.070587][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.075604][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.080275][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3056.085604][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3056.090857][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3056.096170][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3056.101054][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3056.105846][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.110559][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3056.116758][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.122885][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.129071][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.134317][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.139199][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.144282][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.150629][T15888] RIP: 0023:0xf7fcb549 [ 3056.154717][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3056.174341][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3056.183471][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3056.192286][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3056.200304][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3056.210141][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3056.218155][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3056.226169][T15888] Uninit was stored to memory at: [ 3056.231224][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.236971][T15888] __msan_chain_origin+0x50/0x90 [ 3056.241957][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.247092][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.252157][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.256677][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.261371][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.267457][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.273635][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.279742][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.284632][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.289162][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.295484][T15888] [ 3056.297815][T15888] Uninit was stored to memory at: [ 3056.302867][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.308612][T15888] __msan_chain_origin+0x50/0x90 [ 3056.313591][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.318722][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.323684][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.328205][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.332899][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.339527][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.345699][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.350922][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.355877][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.360401][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.366774][T15888] [ 3056.369104][T15888] Uninit was stored to memory at: [ 3056.374244][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.379990][T15888] __msan_chain_origin+0x50/0x90 [ 3056.384949][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.391132][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.396083][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.400601][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.405315][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.411400][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.417570][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.422784][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.427648][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.432174][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.438546][T15888] [ 3056.440907][T15888] Uninit was stored to memory at: [ 3056.445960][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.451724][T15888] __msan_chain_origin+0x50/0x90 [ 3056.456780][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.461922][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.466880][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.471401][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.476106][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.482228][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.488409][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.493627][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.498499][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.503052][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.509387][T15888] [ 3056.511720][T15888] Uninit was stored to memory at: [ 3056.517184][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.523519][T15888] __msan_chain_origin+0x50/0x90 [ 3056.528579][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.534270][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.539245][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.543753][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.549751][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.555858][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.562125][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.567329][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.572221][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.576747][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.583056][T15888] [ 3056.585384][T15888] Uninit was stored to memory at: [ 3056.590424][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.596151][T15888] __msan_chain_origin+0x50/0x90 [ 3056.601090][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.606208][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.611158][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.615666][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.620483][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.626558][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.632712][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.637905][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.642769][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.647307][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.653720][T15888] [ 3056.656044][T15888] Uninit was stored to memory at: [ 3056.661107][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3056.666849][T15888] __msan_chain_origin+0x50/0x90 [ 3056.671796][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3056.676898][T15888] get_compat_msghdr+0x108/0x2b0 [ 3056.681839][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3056.686708][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3056.691386][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3056.697445][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3056.703615][T15888] __do_fast_syscall_32+0x129/0x180 [ 3056.708822][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3056.713677][T15888] do_SYSENTER_32+0x73/0x90 [ 3056.718181][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3056.724486][T15888] [ 3056.726798][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3056.733461][T15888] do_recvmmsg+0xbf/0x22b0 [ 3056.737890][T15888] do_recvmmsg+0xbf/0x22b0 [ 3056.976180][T15888] not chained 440000 origins [ 3056.980806][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3056.989461][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3056.999532][T15888] Call Trace: [ 3057.002841][T15888] dump_stack+0x21c/0x280 [ 3057.007178][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3057.012920][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3057.018119][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3057.023664][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3057.029742][T15888] ? _copy_from_user+0x201/0x310 [ 3057.034674][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3057.039875][T15888] __msan_chain_origin+0x50/0x90 [ 3057.044876][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.050955][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.055904][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.060416][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3057.065869][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3057.071083][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3057.076456][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3057.081230][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3057.086005][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.090700][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3057.095898][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.101979][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.108138][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.113350][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.118193][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.122695][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.129023][T15888] RIP: 0023:0xf7fcb549 [ 3057.133186][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3057.152785][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3057.161290][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3057.169272][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3057.177251][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3057.185228][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3057.193208][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3057.201310][T15888] Uninit was stored to memory at: [ 3057.206350][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.212070][T15888] __msan_chain_origin+0x50/0x90 [ 3057.216992][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.222101][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.227034][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.231542][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.236294][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.242696][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.248855][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.254038][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.258897][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.263405][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.269718][T15888] [ 3057.272071][T15888] Uninit was stored to memory at: [ 3057.277110][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.282831][T15888] __msan_chain_origin+0x50/0x90 [ 3057.287770][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.292993][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.297921][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.302426][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.307190][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.313253][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.319781][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.324974][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.329815][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.334322][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.340628][T15888] [ 3057.342942][T15888] Uninit was stored to memory at: [ 3057.347976][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.353715][T15888] __msan_chain_origin+0x50/0x90 [ 3057.359008][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.364107][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.369090][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.373866][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.378592][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.384649][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.391680][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.396915][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.401777][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.406284][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.412588][T15888] [ 3057.414912][T15888] Uninit was stored to memory at: [ 3057.419985][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.425691][T15888] __msan_chain_origin+0x50/0x90 [ 3057.430631][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.435735][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.440671][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.445248][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.449913][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.455991][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.462136][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.467323][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.472162][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.476679][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.482999][T15888] [ 3057.485309][T15888] Uninit was stored to memory at: [ 3057.490328][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.496047][T15888] __msan_chain_origin+0x50/0x90 [ 3057.500989][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.506098][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.511026][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.515536][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.520202][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.526265][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.532410][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.537613][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.542451][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.546958][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.553276][T15888] [ 3057.555584][T15888] Uninit was stored to memory at: [ 3057.560629][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.566351][T15888] __msan_chain_origin+0x50/0x90 [ 3057.571276][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.576388][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.581327][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.585816][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.590489][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.596552][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.602705][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.607899][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.612759][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.617265][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.623582][T15888] [ 3057.625899][T15888] Uninit was stored to memory at: [ 3057.630915][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3057.636636][T15888] __msan_chain_origin+0x50/0x90 [ 3057.641581][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3057.646683][T15888] get_compat_msghdr+0x108/0x2b0 [ 3057.651620][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3057.656109][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3057.660772][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3057.666860][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3057.673022][T15888] __do_fast_syscall_32+0x129/0x180 [ 3057.678212][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3057.683057][T15888] do_SYSENTER_32+0x73/0x90 [ 3057.687554][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3057.693873][T15888] [ 3057.696200][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3057.702900][T15888] do_recvmmsg+0xbf/0x22b0 [ 3057.707315][T15888] do_recvmmsg+0xbf/0x22b0 [ 3057.731461][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3057.932461][T15888] not chained 450000 origins [ 3057.937114][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3057.945794][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3057.955861][T15888] Call Trace: [ 3057.959181][T15888] dump_stack+0x21c/0x280 [ 3057.963651][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3057.969444][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3057.974665][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3057.980246][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3057.986344][T15888] ? _copy_from_user+0x201/0x310 [ 3057.991373][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3057.996595][T15888] __msan_chain_origin+0x50/0x90 [ 3058.002429][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.007594][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.012579][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.017135][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3058.022464][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3058.028318][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3058.033624][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3058.038402][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3058.043197][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.047923][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3058.053150][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.059265][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.065452][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.070712][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.075601][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.080159][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.086523][T15888] RIP: 0023:0xf7fcb549 [ 3058.090635][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3058.109339][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3058.110321][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3058.126796][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3058.134819][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3058.142855][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3058.153629][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3058.161627][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3058.169659][T15888] Uninit was stored to memory at: [ 3058.174714][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.180482][T15888] __msan_chain_origin+0x50/0x90 [ 3058.185450][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.190592][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.195557][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.200128][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.204832][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.210934][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.217113][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.222354][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.227230][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.231761][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.238090][T15888] [ 3058.240425][T15888] Uninit was stored to memory at: [ 3058.245471][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.251214][T15888] __msan_chain_origin+0x50/0x90 [ 3058.256192][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.261329][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.266329][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.270847][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.276446][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.282506][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.288662][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.293890][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.298759][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.303285][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.309628][T15888] [ 3058.311956][T15888] Uninit was stored to memory at: [ 3058.317770][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.323492][T15888] __msan_chain_origin+0x50/0x90 [ 3058.328429][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.333538][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.338462][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.342959][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.347629][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.353696][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.359851][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.365046][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.369884][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.374376][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.380676][T15888] [ 3058.382982][T15888] Uninit was stored to memory at: [ 3058.388006][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.393714][T15888] __msan_chain_origin+0x50/0x90 [ 3058.398659][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.403786][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.408763][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.413316][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.418011][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.424074][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.430260][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.435489][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.440341][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.444854][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.454383][T15888] [ 3058.456709][T15888] Uninit was stored to memory at: [ 3058.461738][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.467458][T15888] __msan_chain_origin+0x50/0x90 [ 3058.472398][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.477514][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.482471][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.486982][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.491676][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.497743][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.504693][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.509998][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.514874][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.519404][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.525736][T15888] [ 3058.528049][T15888] Uninit was stored to memory at: [ 3058.533080][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.538809][T15888] __msan_chain_origin+0x50/0x90 [ 3058.543760][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.548878][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.553816][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.558311][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.563006][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.569079][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.575240][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.580476][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.585338][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.589841][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.596166][T15888] [ 3058.598482][T15888] Uninit was stored to memory at: [ 3058.603520][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3058.609235][T15888] __msan_chain_origin+0x50/0x90 [ 3058.614181][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.619328][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.624280][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.628788][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3058.633489][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3058.639586][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3058.645757][T15888] __do_fast_syscall_32+0x129/0x180 [ 3058.651013][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3058.655881][T15888] do_SYSENTER_32+0x73/0x90 [ 3058.660389][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3058.666723][T15888] [ 3058.669039][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3058.675722][T15888] do_recvmmsg+0xbf/0x22b0 [ 3058.680145][T15888] do_recvmmsg+0xbf/0x22b0 [ 3058.770275][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3058.899282][T15888] not chained 460000 origins [ 3058.903937][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3058.912623][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3058.922698][T15888] Call Trace: [ 3058.926038][T15888] dump_stack+0x21c/0x280 [ 3058.930407][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3058.936196][T15888] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3058.942061][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3058.947288][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3058.952873][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3058.959170][T15888] ? _copy_from_user+0x201/0x310 [ 3058.964145][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3058.969393][T15888] __msan_chain_origin+0x50/0x90 [ 3058.974449][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3058.979613][T15888] get_compat_msghdr+0x108/0x2b0 [ 3058.984597][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3058.989157][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3058.994484][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3058.999713][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3059.005024][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3059.009822][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3059.014615][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.019338][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3059.024643][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.030760][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.036973][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.042228][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.047266][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.051805][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.058153][T15888] RIP: 0023:0xf7fcb549 [ 3059.062242][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3059.082820][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3059.091252][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3059.099231][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3059.107205][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3059.115176][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3059.123847][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3059.132437][T15888] Uninit was stored to memory at: [ 3059.137455][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.143176][T15888] __msan_chain_origin+0x50/0x90 [ 3059.148117][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.153259][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.158190][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.162685][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.167347][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.173412][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.179583][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.184791][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.189642][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.194175][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.200499][T15888] [ 3059.202823][T15888] Uninit was stored to memory at: [ 3059.207838][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.213547][T15888] __msan_chain_origin+0x50/0x90 [ 3059.218504][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.223632][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.229015][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.233520][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.238191][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.244268][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.250516][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.255716][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.260556][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.265050][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.271365][T15888] [ 3059.273698][T15888] Uninit was stored to memory at: [ 3059.278732][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.284472][T15888] __msan_chain_origin+0x50/0x90 [ 3059.289417][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.295093][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.300047][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.304549][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.309226][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.315297][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.321446][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.328654][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.333524][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.338382][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.344684][T15888] [ 3059.346990][T15888] Uninit was stored to memory at: [ 3059.352007][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.357728][T15888] __msan_chain_origin+0x50/0x90 [ 3059.362666][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.367786][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.372712][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.377223][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.381903][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.387966][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.394123][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.399339][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.404219][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.408748][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.415064][T15888] [ 3059.417402][T15888] Uninit was stored to memory at: [ 3059.422525][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.428253][T15888] __msan_chain_origin+0x50/0x90 [ 3059.433318][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.438442][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.443383][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.447881][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.452556][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.458624][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.464782][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.469971][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.474811][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.479405][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.485722][T15888] [ 3059.488056][T15888] Uninit was stored to memory at: [ 3059.493087][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.498913][T15888] __msan_chain_origin+0x50/0x90 [ 3059.503863][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.508986][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.513920][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.518417][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.523093][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.529173][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.535335][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.540521][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.545357][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.549863][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.556190][T15888] [ 3059.558509][T15888] Uninit was stored to memory at: [ 3059.563538][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3059.569258][T15888] __msan_chain_origin+0x50/0x90 [ 3059.574218][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.579330][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.584276][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.588774][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.593452][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.599520][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3059.605701][T15888] __do_fast_syscall_32+0x129/0x180 [ 3059.610902][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3059.615845][T15888] do_SYSENTER_32+0x73/0x90 [ 3059.620350][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3059.626684][T15888] [ 3059.629022][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3059.635699][T15888] do_recvmmsg+0xbf/0x22b0 [ 3059.640128][T15888] do_recvmmsg+0xbf/0x22b0 [ 3059.795946][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3059.867936][T15888] not chained 470000 origins [ 3059.872593][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3059.881324][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3059.891872][T15888] Call Trace: [ 3059.895194][T15888] dump_stack+0x21c/0x280 [ 3059.899594][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3059.905466][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3059.910710][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3059.917067][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3059.923184][T15888] ? _copy_from_user+0x201/0x310 [ 3059.928165][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3059.933390][T15888] __msan_chain_origin+0x50/0x90 [ 3059.938356][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3059.943517][T15888] get_compat_msghdr+0x108/0x2b0 [ 3059.948489][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3059.953051][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3059.958378][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3059.963623][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3059.968939][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3059.973741][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3059.978527][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3059.983256][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3059.988767][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3059.994897][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.001084][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.006318][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.011193][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.015726][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.022089][T15888] RIP: 0023:0xf7fcb549 [ 3060.026177][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3060.045798][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3060.054608][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3060.064751][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3060.072761][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3060.080757][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3060.088745][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3060.096736][T15888] Uninit was stored to memory at: [ 3060.102484][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.108210][T15888] __msan_chain_origin+0x50/0x90 [ 3060.113139][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.118336][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.123384][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.127879][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.132550][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.138660][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.144840][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.150054][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.154910][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.159421][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.165755][T15888] [ 3060.168104][T15888] Uninit was stored to memory at: [ 3060.173660][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.179383][T15888] __msan_chain_origin+0x50/0x90 [ 3060.184340][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.189465][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.194402][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.198906][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.203591][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.209651][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.215803][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.221004][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.225933][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.230434][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.236740][T15888] [ 3060.239059][T15888] Uninit was stored to memory at: [ 3060.244108][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.249927][T15888] __msan_chain_origin+0x50/0x90 [ 3060.254857][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.259975][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.264913][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.269418][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.274116][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.280207][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.286354][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.291578][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.296485][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.301002][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.307342][T15888] [ 3060.309681][T15888] Uninit was stored to memory at: [ 3060.314719][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.320446][T15888] __msan_chain_origin+0x50/0x90 [ 3060.325477][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.330605][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.335560][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.340075][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.345726][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.351813][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.357970][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.363178][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.368030][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.372525][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.378842][T15888] [ 3060.381179][T15888] Uninit was stored to memory at: [ 3060.386216][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.391948][T15888] __msan_chain_origin+0x50/0x90 [ 3060.396897][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.402021][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.406989][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.411484][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.416170][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.422247][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.428396][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.433615][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.438484][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.443022][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.449367][T15888] [ 3060.451679][T15888] Uninit was stored to memory at: [ 3060.456700][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.462431][T15888] __msan_chain_origin+0x50/0x90 [ 3060.467367][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.472740][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.478529][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.488097][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.493501][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.499603][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.505817][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.511136][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.516104][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.520616][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.526921][T15888] [ 3060.529266][T15888] Uninit was stored to memory at: [ 3060.534307][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3060.540035][T15888] __msan_chain_origin+0x50/0x90 [ 3060.544964][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.550172][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.555110][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.560051][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.565861][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.572018][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3060.578176][T15888] __do_fast_syscall_32+0x129/0x180 [ 3060.583385][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3060.588246][T15888] do_SYSENTER_32+0x73/0x90 [ 3060.592744][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3060.599053][T15888] [ 3060.601387][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3060.608160][T15888] do_recvmmsg+0xbf/0x22b0 [ 3060.612571][T15888] do_recvmmsg+0xbf/0x22b0 [ 3060.844042][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3060.867426][T15888] not chained 480000 origins [ 3060.872094][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3060.880791][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3060.890866][T15888] Call Trace: [ 3060.894191][T15888] dump_stack+0x21c/0x280 [ 3060.898561][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3060.904346][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3060.909577][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3060.915155][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3060.921260][T15888] ? _copy_from_user+0x201/0x310 [ 3060.926231][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3060.931542][T15888] __msan_chain_origin+0x50/0x90 [ 3060.936509][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3060.941684][T15888] get_compat_msghdr+0x108/0x2b0 [ 3060.946836][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3060.951392][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3060.956771][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3060.962007][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3060.968619][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3060.973402][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3060.978198][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3060.982917][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3060.988181][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3060.994291][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.000465][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.005685][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.010535][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.015047][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.021378][T15888] RIP: 0023:0xf7fcb549 [ 3061.025443][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3061.045041][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3061.053448][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3061.061429][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3061.069418][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3061.077398][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3061.085363][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3061.093352][T15888] Uninit was stored to memory at: [ 3061.098377][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.104263][T15888] __msan_chain_origin+0x50/0x90 [ 3061.109207][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.114319][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.119247][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.123752][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.128438][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.134530][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.140676][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.145870][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.150724][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.155248][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.156146][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3061.161569][T15888] [ 3061.161577][T15888] Uninit was stored to memory at: [ 3061.161606][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.161626][T15888] __msan_chain_origin+0x50/0x90 [ 3061.161646][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.161671][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.161689][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.161706][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.161727][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.161789][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.219588][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.224812][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.229714][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.234233][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.240559][T15888] [ 3061.242890][T15888] Uninit was stored to memory at: [ 3061.247932][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.253687][T15888] __msan_chain_origin+0x50/0x90 [ 3061.258644][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.263776][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.268752][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.273276][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.277981][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.284069][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.290249][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.295461][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.300359][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.304881][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.311203][T15888] [ 3061.313534][T15888] Uninit was stored to memory at: [ 3061.319020][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.324850][T15888] __msan_chain_origin+0x50/0x90 [ 3061.329813][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.334977][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.339950][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.344566][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.349266][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.355469][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.361634][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.366845][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.371723][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.376232][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.382572][T15888] [ 3061.384887][T15888] Uninit was stored to memory at: [ 3061.389906][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.395788][T15888] __msan_chain_origin+0x50/0x90 [ 3061.400732][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.405879][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.410828][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.415361][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.420056][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.426139][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.432310][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.437521][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.442370][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.446893][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.453219][T15888] [ 3061.455534][T15888] Uninit was stored to memory at: [ 3061.460748][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.466569][T15888] __msan_chain_origin+0x50/0x90 [ 3061.471853][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.476966][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.481910][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.486418][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.491104][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.497252][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.503401][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.508635][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.513575][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.518176][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.524510][T15888] [ 3061.526843][T15888] Uninit was stored to memory at: [ 3061.531884][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3061.537602][T15888] __msan_chain_origin+0x50/0x90 [ 3061.542721][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.547822][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.552814][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.557334][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.562015][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.568092][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.574269][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.579462][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.584304][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.588816][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.595140][T15888] [ 3061.597457][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3061.604135][T15888] do_recvmmsg+0xbf/0x22b0 [ 3061.608560][T15888] do_recvmmsg+0xbf/0x22b0 [ 3061.796855][T15888] not chained 490000 origins [ 3061.801508][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3061.810283][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3061.820356][T15888] Call Trace: [ 3061.823663][T15888] dump_stack+0x21c/0x280 [ 3061.827992][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3061.834707][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3061.839922][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3061.845481][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3061.851553][T15888] ? _copy_from_user+0x201/0x310 [ 3061.856504][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3061.861725][T15888] __msan_chain_origin+0x50/0x90 [ 3061.866699][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3061.871850][T15888] get_compat_msghdr+0x108/0x2b0 [ 3061.876813][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3061.881358][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3061.886668][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3061.891885][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3061.897183][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3061.901948][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3061.906729][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3061.911953][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3061.917160][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3061.923254][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3061.929570][T15888] __do_fast_syscall_32+0x129/0x180 [ 3061.934767][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3061.939635][T15888] do_SYSENTER_32+0x73/0x90 [ 3061.944170][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3061.950499][T15888] RIP: 0023:0xf7fcb549 [ 3061.954570][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3061.974188][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3061.982611][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3061.990629][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3061.998640][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3062.006621][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3062.014591][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3062.022584][T15888] Uninit was stored to memory at: [ 3062.027643][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.035849][T15888] __msan_chain_origin+0x50/0x90 [ 3062.040803][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.045936][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.050885][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.055399][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.062004][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.068069][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.074244][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.079448][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.084323][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.088875][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.095211][T15888] [ 3062.097521][T15888] Uninit was stored to memory at: [ 3062.102561][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.108301][T15888] __msan_chain_origin+0x50/0x90 [ 3062.113252][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.118368][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.123314][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.127815][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.132596][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.138672][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.144865][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.150096][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.154952][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.159462][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.165781][T15888] [ 3062.168112][T15888] Uninit was stored to memory at: [ 3062.173156][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.178881][T15888] __msan_chain_origin+0x50/0x90 [ 3062.183826][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.188947][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.193901][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.198423][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.203108][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.209180][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.215338][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.220550][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.225387][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.229909][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.236258][T15888] [ 3062.238579][T15888] Uninit was stored to memory at: [ 3062.243655][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.250085][T15888] __msan_chain_origin+0x50/0x90 [ 3062.255041][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.260166][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.265116][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.269617][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.274314][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.280403][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.286569][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.291781][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.296636][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.301173][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.307493][T15888] [ 3062.309813][T15888] Uninit was stored to memory at: [ 3062.314865][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.320586][T15888] __msan_chain_origin+0x50/0x90 [ 3062.325552][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.330687][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.335611][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.340112][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.344791][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.350854][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.357011][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.362215][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.367068][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.371579][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.377881][T15888] [ 3062.380236][T15888] Uninit was stored to memory at: [ 3062.385252][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.390972][T15888] __msan_chain_origin+0x50/0x90 [ 3062.395943][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.401045][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.405972][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.410482][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.415189][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.421312][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.427490][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.432701][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.437576][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.442077][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.448388][T15888] [ 3062.450707][T15888] Uninit was stored to memory at: [ 3062.455911][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3062.461631][T15888] __msan_chain_origin+0x50/0x90 [ 3062.466599][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.471731][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.476692][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.481204][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.485887][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.491962][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.498157][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.503454][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.508301][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.512817][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.519131][T15888] [ 3062.521473][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3062.528180][T15888] do_recvmmsg+0xbf/0x22b0 [ 3062.532871][T15888] do_recvmmsg+0xbf/0x22b0 [ 3062.561882][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3062.779618][T15888] not chained 500000 origins [ 3062.784797][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3062.793567][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3062.803658][T15888] Call Trace: [ 3062.806997][T15888] dump_stack+0x21c/0x280 [ 3062.811364][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3062.817145][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3062.822376][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3062.827958][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3062.834064][T15888] ? _copy_from_user+0x201/0x310 [ 3062.839108][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3062.845383][T15888] __msan_chain_origin+0x50/0x90 [ 3062.850349][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3062.855531][T15888] get_compat_msghdr+0x108/0x2b0 [ 3062.860543][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3062.865098][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3062.870473][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3062.875711][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3062.881027][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3062.885814][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3062.890613][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3062.895335][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3062.900569][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3062.906764][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3062.912955][T15888] __do_fast_syscall_32+0x129/0x180 [ 3062.918190][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3062.923124][T15888] do_SYSENTER_32+0x73/0x90 [ 3062.927676][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3062.934022][T15888] RIP: 0023:0xf7fcb549 [ 3062.938171][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3062.957800][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3062.966261][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3062.974256][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3062.982263][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3062.990257][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3062.998247][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3063.006254][T15888] Uninit was stored to memory at: [ 3063.011308][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.017049][T15888] __msan_chain_origin+0x50/0x90 [ 3063.022447][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.027589][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.032546][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.037064][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.041761][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.047850][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.054150][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.059372][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.064354][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.068883][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.075212][T15888] [ 3063.077549][T15888] Uninit was stored to memory at: [ 3063.082593][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.088329][T15888] __msan_chain_origin+0x50/0x90 [ 3063.093284][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.098411][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.103364][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.107906][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.112689][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.118773][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.125210][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.130425][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.135288][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.139813][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.146142][T15888] [ 3063.148529][T15888] Uninit was stored to memory at: [ 3063.153576][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.159313][T15888] __msan_chain_origin+0x50/0x90 [ 3063.164287][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.169410][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.174382][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.178899][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.183573][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.189665][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.195845][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.201070][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.205954][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.210465][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.216781][T15888] [ 3063.219105][T15888] Uninit was stored to memory at: [ 3063.224158][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.229884][T15888] __msan_chain_origin+0x50/0x90 [ 3063.234875][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.240021][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.244972][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.249471][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.254161][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.260231][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.266384][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.271607][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.276481][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.281000][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.287308][T15888] [ 3063.289626][T15888] Uninit was stored to memory at: [ 3063.294659][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.300386][T15888] __msan_chain_origin+0x50/0x90 [ 3063.305345][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.310463][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.315421][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.320122][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.324810][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.330890][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.337052][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.342268][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.347117][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.351634][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.358048][T15888] [ 3063.360377][T15888] Uninit was stored to memory at: [ 3063.365395][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.372495][T15888] __msan_chain_origin+0x50/0x90 [ 3063.377422][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.382532][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.387542][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.392046][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.396749][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.402811][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.408962][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.414178][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.419044][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.423571][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.429909][T15888] [ 3063.432235][T15888] Uninit was stored to memory at: [ 3063.437250][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.442974][T15888] __msan_chain_origin+0x50/0x90 [ 3063.447933][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.453040][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.457966][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.462501][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.467185][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.473260][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.479435][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.484633][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.489487][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.494014][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.500330][T15888] [ 3063.502676][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3063.509350][T15888] do_recvmmsg+0xbf/0x22b0 [ 3063.513773][T15888] do_recvmmsg+0xbf/0x22b0 [ 3063.639608][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3063.745174][T15888] not chained 510000 origins [ 3063.749823][T15888] CPU: 1 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3063.758509][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3063.768596][T15888] Call Trace: [ 3063.771926][T15888] dump_stack+0x21c/0x280 [ 3063.776256][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3063.781998][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3063.787210][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3063.792786][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3063.798885][T15888] ? _copy_from_user+0x201/0x310 [ 3063.803831][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3063.809024][T15888] __msan_chain_origin+0x50/0x90 [ 3063.813962][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.819105][T15888] get_compat_msghdr+0x108/0x2b0 [ 3063.824076][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3063.828634][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3063.833941][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3063.839157][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3063.844477][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3063.849232][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3063.853988][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3063.858685][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3063.868434][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3063.874519][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3063.881456][T15888] __do_fast_syscall_32+0x129/0x180 [ 3063.886663][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3063.891530][T15888] do_SYSENTER_32+0x73/0x90 [ 3063.896029][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3063.902362][T15888] RIP: 0023:0xf7fcb549 [ 3063.906453][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3063.926100][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3063.934561][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3063.942527][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3063.950519][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3063.958521][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3063.966515][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3063.974517][T15888] Uninit was stored to memory at: [ 3063.979574][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3063.985304][T15888] __msan_chain_origin+0x50/0x90 [ 3063.990243][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3063.995365][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.000300][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.004791][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.009473][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.015564][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.021735][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.026933][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.031802][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.036315][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.042616][T15888] [ 3064.044926][T15888] Uninit was stored to memory at: [ 3064.049961][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.055717][T15888] __msan_chain_origin+0x50/0x90 [ 3064.060651][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.065753][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.070706][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.075199][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.079878][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.086331][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.092492][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.097699][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.102541][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.107037][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.113350][T15888] [ 3064.115686][T15888] Uninit was stored to memory at: [ 3064.120735][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.126473][T15888] __msan_chain_origin+0x50/0x90 [ 3064.131427][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.136543][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.141469][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.145957][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.150625][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.156685][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.162830][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.168016][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.172857][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.177348][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.183666][T15888] [ 3064.185987][T15888] Uninit was stored to memory at: [ 3064.191017][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.196755][T15888] __msan_chain_origin+0x50/0x90 [ 3064.201696][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.206806][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.211748][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.216239][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.220918][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.227002][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.233171][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.238416][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.243281][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.247775][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.254092][T15888] [ 3064.256406][T15888] Uninit was stored to memory at: [ 3064.261440][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.267171][T15888] __msan_chain_origin+0x50/0x90 [ 3064.273065][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.278211][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.283143][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.287637][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.292311][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.298382][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.304539][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.309750][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.314602][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.319118][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.325432][T15888] [ 3064.327737][T15888] Uninit was stored to memory at: [ 3064.332756][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.338527][T15888] __msan_chain_origin+0x50/0x90 [ 3064.343507][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.348641][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.353579][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.358079][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.362803][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.368871][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.375304][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.380505][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.385356][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.389869][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.396214][T15888] [ 3064.398534][T15888] Uninit was stored to memory at: [ 3064.403580][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.409314][T15888] __msan_chain_origin+0x50/0x90 [ 3064.414268][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.419397][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.424350][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.428854][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.433549][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.440331][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.446500][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.451715][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.457354][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.461868][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.468207][T15888] [ 3064.470538][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3064.477205][T15888] do_recvmmsg+0xbf/0x22b0 [ 3064.481619][T15888] do_recvmmsg+0xbf/0x22b0 [ 3064.514153][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3064.523392][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3064.684825][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3064.757763][T15888] not chained 520000 origins [ 3064.762407][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3064.771085][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3064.781158][T15888] Call Trace: [ 3064.784474][T15888] dump_stack+0x21c/0x280 [ 3064.788842][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3064.794626][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3064.799848][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3064.805428][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3064.811526][T15888] ? _copy_from_user+0x201/0x310 [ 3064.816493][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3064.821715][T15888] __msan_chain_origin+0x50/0x90 [ 3064.826694][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3064.831853][T15888] get_compat_msghdr+0x108/0x2b0 [ 3064.837147][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3064.841702][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3064.847031][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3064.852273][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3064.857581][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3064.862386][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3064.868245][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3064.872981][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3064.878206][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3064.884319][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3064.890487][T15888] __do_fast_syscall_32+0x129/0x180 [ 3064.896393][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3064.901277][T15888] do_SYSENTER_32+0x73/0x90 [ 3064.906392][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3064.913234][T15888] RIP: 0023:0xf7fcb549 [ 3064.917289][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3064.937421][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3064.945828][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3064.953809][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3064.961771][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3064.969743][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3064.977719][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3064.985790][T15888] Uninit was stored to memory at: [ 3064.990816][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3064.996546][T15888] __msan_chain_origin+0x50/0x90 [ 3065.001509][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.006670][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.011605][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.016185][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.020871][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.026928][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.033073][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.038258][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.043101][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.047627][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.054027][T15888] [ 3065.056372][T15888] Uninit was stored to memory at: [ 3065.061392][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.067119][T15888] __msan_chain_origin+0x50/0x90 [ 3065.072046][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.078015][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.082942][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.087430][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.092202][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.098396][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.104567][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.109838][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.114687][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.119193][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.125513][T15888] [ 3065.127839][T15888] Uninit was stored to memory at: [ 3065.132854][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.138594][T15888] __msan_chain_origin+0x50/0x90 [ 3065.143544][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.148644][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.153583][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.158086][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.162755][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.168831][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.174987][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.180613][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.185464][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.189971][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.196289][T15888] [ 3065.198635][T15888] Uninit was stored to memory at: [ 3065.203655][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.209387][T15888] __msan_chain_origin+0x50/0x90 [ 3065.214317][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.219420][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.224348][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.228858][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.236047][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.242119][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.248271][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.253463][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.258318][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.262845][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.269168][T15888] [ 3065.271495][T15888] Uninit was stored to memory at: [ 3065.276530][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.282243][T15888] __msan_chain_origin+0x50/0x90 [ 3065.287168][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.292279][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.297216][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.302228][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.306910][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.312988][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.319134][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.324344][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.329208][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.333741][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.340052][T15888] [ 3065.342377][T15888] Uninit was stored to memory at: [ 3065.347417][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.353221][T15888] __msan_chain_origin+0x50/0x90 [ 3065.358153][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.363279][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.369182][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.373706][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.378390][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.384457][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.390619][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.395855][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.400719][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.405215][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.412480][T15888] [ 3065.414808][T15888] Uninit was stored to memory at: [ 3065.419847][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.425561][T15888] __msan_chain_origin+0x50/0x90 [ 3065.430495][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.435621][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.440567][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.445088][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.449783][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.455861][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.462049][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.467277][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.472142][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.476644][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.482958][T15888] [ 3065.485272][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3065.492310][T15888] do_recvmmsg+0xbf/0x22b0 [ 3065.496739][T15888] do_recvmmsg+0xbf/0x22b0 [ 3065.685984][T15888] not chained 530000 origins [ 3065.690628][T15888] CPU: 0 PID: 15888 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 [ 3065.699417][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3065.709484][T15888] Call Trace: [ 3065.712806][T15888] dump_stack+0x21c/0x280 [ 3065.717169][T15888] kmsan_internal_chain_origin+0x6f/0x130 [ 3065.722969][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3065.728191][T15888] ? kmsan_set_origin_checked+0x95/0xf0 [ 3065.733762][T15888] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 3065.739863][T15888] ? _copy_from_user+0x201/0x310 [ 3065.744853][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3065.750075][T15888] __msan_chain_origin+0x50/0x90 [ 3065.755057][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.760218][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.765192][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.769776][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3065.775122][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3065.780354][T15888] ? __msan_poison_alloca+0xf0/0x120 [ 3065.785667][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3065.790471][T15888] ? __sys_recvmmsg+0xbb/0x610 [ 3065.795353][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.800067][T15888] ? kmsan_get_metadata+0x116/0x180 [ 3065.805293][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.811391][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.817566][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.822793][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.827686][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.832227][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.838567][T15888] RIP: 0023:0xf7fcb549 [ 3065.842651][T15888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3065.864029][T15888] RSP: 002b:00000000f55c50cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 3065.872468][T15888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0 [ 3065.880482][T15888] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 3065.888523][T15888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3065.896688][T15888] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3065.904658][T15888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3065.912636][T15888] Uninit was stored to memory at: [ 3065.917662][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.923376][T15888] __msan_chain_origin+0x50/0x90 [ 3065.928426][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3065.933527][T15888] get_compat_msghdr+0x108/0x2b0 [ 3065.938451][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3065.942947][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3065.947641][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3065.953713][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3065.959872][T15888] __do_fast_syscall_32+0x129/0x180 [ 3065.965073][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3065.969918][T15888] do_SYSENTER_32+0x73/0x90 [ 3065.974428][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3065.980756][T15888] [ 3065.983066][T15888] Uninit was stored to memory at: [ 3065.988079][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3065.993798][T15888] __msan_chain_origin+0x50/0x90 [ 3065.998724][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3066.003822][T15888] get_compat_msghdr+0x108/0x2b0 [ 3066.008746][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3066.013230][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3066.017902][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3066.023990][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3066.030158][T15888] __do_fast_syscall_32+0x129/0x180 [ 3066.035388][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3066.040245][T15888] do_SYSENTER_32+0x73/0x90 [ 3066.044741][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3066.051052][T15888] [ 3066.053383][T15888] Uninit was stored to memory at: [ 3066.058431][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3066.064250][T15888] __msan_chain_origin+0x50/0x90 [ 3066.069204][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3066.074316][T15888] get_compat_msghdr+0x108/0x2b0 [ 3066.079435][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3066.083944][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3066.088651][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3066.094711][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3066.100856][T15888] __do_fast_syscall_32+0x129/0x180 [ 3066.106044][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3066.110905][T15888] do_SYSENTER_32+0x73/0x90 [ 3066.115494][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3066.121902][T15888] [ 3066.124215][T15888] Uninit was stored to memory at: [ 3066.129333][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3066.135046][T15888] __msan_chain_origin+0x50/0x90 [ 3066.139983][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3066.145103][T15888] get_compat_msghdr+0x108/0x2b0 [ 3066.150056][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3066.154575][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3066.159792][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3066.165868][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3066.172017][T15888] __do_fast_syscall_32+0x129/0x180 [ 3066.177211][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3066.182072][T15888] do_SYSENTER_32+0x73/0x90 [ 3066.186584][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3066.192989][T15888] [ 3066.195316][T15888] Uninit was stored to memory at: [ 3066.200345][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3066.207210][T15888] __msan_chain_origin+0x50/0x90 [ 3066.212163][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3066.217365][T15888] get_compat_msghdr+0x108/0x2b0 [ 3066.222301][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3066.227351][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3066.232285][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3066.238373][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3066.244973][T15888] __do_fast_syscall_32+0x129/0x180 [ 3066.250272][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3066.255114][T15888] do_SYSENTER_32+0x73/0x90 [ 3066.259623][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3066.265927][T15888] [ 3066.268250][T15888] Uninit was stored to memory at: [ 3066.273285][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3066.279009][T15888] __msan_chain_origin+0x50/0x90 [ 3066.283951][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3066.289066][T15888] get_compat_msghdr+0x108/0x2b0 [ 3066.293993][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3066.298491][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3066.303177][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3066.309779][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3066.315938][T15888] __do_fast_syscall_32+0x129/0x180 [ 3066.321156][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3066.325999][T15888] do_SYSENTER_32+0x73/0x90 [ 3066.330512][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3066.336829][T15888] [ 3066.339138][T15888] Uninit was stored to memory at: [ 3066.344158][T15888] kmsan_internal_chain_origin+0xad/0x130 [ 3066.350048][T15888] __msan_chain_origin+0x50/0x90 [ 3066.354977][T15888] __get_compat_msghdr+0x6db/0x9d0 [ 3066.360093][T15888] get_compat_msghdr+0x108/0x2b0 [ 3066.365025][T15888] do_recvmmsg+0xdbb/0x22b0 [ 3066.369532][T15888] __sys_recvmmsg+0x5dd/0x610 [ 3066.374216][T15888] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 3066.380279][T15888] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 3066.386485][T15888] __do_fast_syscall_32+0x129/0x180 [ 3066.391986][T15888] do_fast_syscall_32+0x6a/0xc0 [ 3066.396834][T15888] do_SYSENTER_32+0x73/0x90 [ 3066.401336][T15888] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3066.407814][T15888] [ 3066.410129][T15888] Local variable ----msg_sys@do_recvmmsg created at: [ 3066.416795][T15888] do_recvmmsg+0xbf/0x22b0 [ 3066.421202][T15888] do_recvmmsg+0xbf/0x22b0 [ 3066.447432][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = epoll_create1(0x0) dup3(r0, r1, 0x0) sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:20:36 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x803fffff, 0x20006) write$9p(r0, 0x0, 0x0) 13:20:36 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) open$dir(&(0x7f0000000240)='./file0/file0\x00', 0x149442, 0x0) chmod(&(0x7f0000000000)='./file0/file0\x00', 0x81) 13:20:36 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 13:20:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x446000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:36 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100000000041640, 0x0) close(r0) socket(0xa, 0x2, 0x0) sendmsg$NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 13:20:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x44c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:36 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = dup2(r1, r0) sched_setscheduler(0x0, 0x5, &(0x7f0000000180)) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$BLKPBSZGET(r2, 0x127b, 0x0) 13:20:36 executing program 0: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0x5451, 0x0) 13:20:37 executing program 2: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, 0x0) 13:20:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LISTALL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[], 0x1c0}}, 0x2400c88c) 13:20:37 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 3067.486861][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3067.555560][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x452000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:37 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername(r0, 0x0, &(0x7f0000000600)) 13:20:37 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1, &(0x7f00000002c0)=@raw=[@jmp], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:20:37 executing program 0: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz0\x00', 0x200002, 0x0) 13:20:37 executing program 5: prctl$PR_GET_FPEXC(0x36, 0x0) 13:20:38 executing program 3: request_key(&(0x7f0000000000)='ceph\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='^&\x00', 0xffffffffffffffff) keyctl$get_persistent(0x3, 0xffffffffffffffff, 0x0) 13:20:38 executing program 2: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000040)) [ 3068.517165][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:38 executing program 4: 13:20:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x458000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, 0x0) 13:20:38 executing program 5: 13:20:38 executing program 3: 13:20:38 executing program 2: 13:20:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x45e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3069.556023][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:39 executing program 0: 13:20:39 executing program 3: 13:20:39 executing program 5: 13:20:39 executing program 2: 13:20:39 executing program 4: 13:20:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x464000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:39 executing program 0: 13:20:40 executing program 3: 13:20:40 executing program 4: [ 3070.596023][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3070.606196][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:40 executing program 2: 13:20:40 executing program 5: 13:20:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x46a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:40 executing program 0: 13:20:40 executing program 3: 13:20:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x480000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:41 executing program 5: 13:20:41 executing program 2: 13:20:41 executing program 4: 13:20:41 executing program 0: [ 3071.654327][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:41 executing program 3: 13:20:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x48a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:41 executing program 5: 13:20:41 executing program 4: 13:20:41 executing program 2: 13:20:42 executing program 0: 13:20:42 executing program 3: 13:20:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x494000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3072.675812][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:42 executing program 5: 13:20:42 executing program 4: 13:20:42 executing program 0: 13:20:42 executing program 2: 13:20:42 executing program 3: 13:20:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x49a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:43 executing program 5: 13:20:43 executing program 4: 13:20:43 executing program 0: 13:20:43 executing program 2: 13:20:43 executing program 3: [ 3073.630209][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3073.710990][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3073.719317][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4a4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:43 executing program 5: 13:20:43 executing program 4: 13:20:43 executing program 0: 13:20:44 executing program 2: 13:20:44 executing program 3: 13:20:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4aa000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:44 executing program 5: [ 3074.764082][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:44 executing program 3: 13:20:44 executing program 2: 13:20:44 executing program 4: 13:20:44 executing program 0: 13:20:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4b0000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:45 executing program 3: 13:20:45 executing program 5: 13:20:45 executing program 4: 13:20:45 executing program 0: 13:20:45 executing program 2: [ 3075.796040][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:45 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4b6000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:45 executing program 3: 13:20:45 executing program 5: 13:20:45 executing program 4: 13:20:45 executing program 0: 13:20:46 executing program 2: 13:20:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4bc000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:46 executing program 5: [ 3076.669602][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:46 executing program 3: 13:20:46 executing program 4: 13:20:46 executing program 0: [ 3076.837556][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:46 executing program 2: 13:20:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4c2000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:47 executing program 5: 13:20:47 executing program 3: 13:20:47 executing program 4: 13:20:47 executing program 0: 13:20:47 executing program 2: 13:20:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4c8000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:47 executing program 3: 13:20:47 executing program 5: [ 3077.884156][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:47 executing program 4: 13:20:48 executing program 2: 13:20:48 executing program 0: 13:20:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4de000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:48 executing program 5: 13:20:48 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, 0x0, 0x0) 13:20:48 executing program 4: r0 = socket(0x1, 0x1, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 13:20:48 executing program 2: r0 = socket(0x1, 0x1, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0xf0ff7f) 13:20:48 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000001f40)='IPVS\x00') [ 3078.925678][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4e6000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:49 executing program 5: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) syz_genetlink_get_family_id$tipc(0x0) 13:20:49 executing program 3: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_TTY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0xeec, 0x464, 0x0, 0x0, 0x0, "d84c469fecd119dd8daac48aec39909594fbf8086e624ded61742f7d6b33ea2730041e5bcd97b64b7c42043c10be701f37aefd0c2bdc1a5af1eecd5165c6f4e465295ac4330bc5b197600b916a7ed43a737c57ff7f552c369b38c8d502758f39614e7eca1e0fb6ef8d5978b851fb46c6b68d49450794fabf79ce57e10977e38b4a6599676f6b94943f99147d79fa5764188aa74a161c17ab96bb7bae57e5719c227ef303f81b30ae6dc6d6900b2be7c9681f373c304f50c2ec59911c0d90ceba276edac1984890a1fdb6af00c3198e9ac1a6af913aa7373fb37dceb4d122574d7db0cebb5909d990278233c8cc01eb552684f7bcb3e42886aa91f1e9416e26ee6a190cc08992c2d34f5d2cd1b84b5e80ba671aba53f957916389b4b93beda2439ea7f4bda2fe7eb360a0a1883f14299c6db42c29ea4dc28e80d859ae86f09dfb3aaa3671fcf2e4c2bb3f89268decaffe10b5f213875cc680f35d49c19adebf96c2d4a932b63c27654c880a738662fe957f9a617ebdef2d5e28c125b8db0b1d33a96427be042e010e5f0788b26574fe9bcf7da182bc3ac29fdc385c35f13ba88646659a52ede49b35f74f8425be3a2048ab53c303b55e323679b346dccc049d4df3029a2782e96078e6c4e48f281ba045d6033cbba6d59efa7677f6d178e3feabc360f28a8e72b35e7768c8c0d624adf81273c03f37cd611b3598567c02db79677b69b0f551f176ff82f6a8bf4f5de9955486c18535b63d0e4e2809bf222010d2effa5cc2e5961d3e9017d0b0c13a052cabcc8a68832a5e8e43ce4285b0551e4c2f6957809a1811094fa76333d2d845360e3bb72d66dbd3c7e3a9d1cd54a328874b5755dfe5a139532ab7e735fb2a735492bbdd1895042a88d97c0575a771892e9a9ef52e15733aa9a02cfd35764c2b55e1a670539b1e89f3fd2c58ee79595963c52a42d58d82eb59ffe7cac7b4c5751b039e651aa7191a376dc024869a4d738297291de2126b4dc090f16b97d813cb54da3d47a2bb7da8da473ea6ee060ca6eaaa6f6aab273a69de948bf56fccd04816366aab09a7a51d491af2171fa547c1d0760576b85a677bcee20b2862a8eaa4e187b2a5e044a2b462581412b54f1d1710042e485acec6573ac5fe28cdd8b0bad1799f8b97691cd5d0bb5ecca2d3198883dc7987e4715dbb861177960f879bab44d027260a65c39ebc9a4090a4a1f8c7b0501afb40bf28af2325107b8918b324e2ef6512a8d83c329cdddf7023239d6d12fb86797f1614b78b287a05458ad10df6e2c7c8e07bd801ba82fadb8426144866ff17176c457fe144338652e5db28576a19b83eca325302deb649a964a6745c38f0add11b57ce7e67bf7733abe898e3f21df8a7dbd140ca7581b5a946a3f64674b802fc4cd1bd8b08e1d0f10b6205a776684cf127e6e9da4517f1c1e6aa74578e7cd0bc98ed42da15999e18d559c6906c233a082c168d9ef48228e8f566453798e321d928caa51b9b273da33ad0f062ed1440eaef2f6cc0ceb2bbcfa1b1d65b7d326c291a091d7b4c39831ea2c681119af69db9bfb1d278f01e68f399ea000326ae811c77fcdbc220b34300e0028b8e1b36119f31f6fc37fd4b2fcf9daa288513dc4b28f83ff57ac3b4ae90325e28ca19df86eefcaa75a2fa596a00b59aa81d3d60394862f88de15162e62dad5d6c4b56a1b7447e471947c5ee0453a78903b0a3c26e97236b6ba72d959e7ea48f19c8eff3cdc5661f815757e3c5edda1d71c77d911326bd4e0bea6ba27feb2093cf4b271b2856976b5ab1893439bf6b64bc696da0aa227fa9d142d92ce1b875ab20905b2ce1ea64b1077a48d5be24b322cc482795411c1b98644d2fe6edbfc108329912d62ac495a5727f62dacd2baa4777db0d5d7eec112a984a545aa72b9b72f9ec91e7dd75d0c02767953f50a2c3e9875188a06d5614262da15bfc46ca9c838fe18ad95462611ab03e1b35c5f850fe199c924a7f6b6df74e37fcfc73fca84e64fafeb368e2911514c636218050634be6aba792666b605a66fbb471f079875046edee648644ad26974a7c91f38bcfa5251c9b709df804a7f63c6dd56a8e6c5aaee69f09d41770609e08840d06c1a242fd2cc4756d4ddb7ad60c7fd2e80a77ab2a68aa4559f3a29650c66c667d041134db354b3f32949b174c9fe410871f9a93bc268225de7554d3acb0f922d6465ee908598108fdfc4133306f39c0096a0d4c06bf651f3c1ced5b62dacfe48f3463b74fa65114d2779552317a6032cbd88eb0eeed435a4fa6d2fb04dd61461b8dd610c9876862a47562139b3c00345725fc897af375c2a9996ca1c5222383e53b31e1bb28c4acb27d2c06354c6558d900c9406107b0d3356e9bd9b81de9b8cb15ad7ea9e22c6adc82ecaf9061ffb9402216e45c81a2444c251d33d3561a1c658a6487536d9c6f81fe4189e8b7fdbf91d38d5a344153ad10cfee01def4879da5073894e0c2c3ea31cc5665db61bc339d381fcb0d160b4b646af8511dd166ead29da520c968c9e48dbcec2f77a12852932a627e8031d70284b0dcb55f128ee9632fa99e435fe8f1bd01e0c07ada4697a17bd678b2f74d4ecd641cc38a8752feaee4877e1383507945fa6bf946ce7c4ed0b0c7320276c1796a6ae2f004bbaf9af2363d4a195b8dee7dce50a43ddd0a43fe9039f7a024b44a4d08276a8de312be580a48c9d2a188b7dfc431d1eff4081043a644637bcdfeef7048229f85982632838347401c6e652fbf479833240d7790e46787a76b3bca0ae0ad42131626a04f5c040c9e36e5210f9a604c4ad42e5360e6010ef468dd47f0d2e218f1c703edc2b8e2d1a7f6c68cd3197dc63d38dbf0fb994d569d8edf752bcdc3e16b2c11833c8300840577b4a972b6c4c45e4cd14357645aeeec0eb7cd4f283be28379f4331cdd63d0889a1ba274fa8857d3f1cde7f877d08a5785e369bd082d627fc8ffe74c5943bdd3a5776dba9ca9def3d0095a3b09268fb2e7bec9aa6ce790bbc0b234fa53e2e5a2674eb6f40e06822f8fe8cb37ba8ccaf9719b816c63d1a2fd553700e1895d7a4151212cb2468e3b57d9c7a41c2865574e8838c1c5d3cd2094abbed99845a65d930acce2d167069a541ae6cbf10b1233362d60c9b4d592429c118653921ebb77502ed49d6e7f42c1dd50175bf775598e8691aca7caa90702126df8b1389c17e3c91c2d89fa6dfee94d3d2c5cc6c3822233aea79ac241b4577f5a2294bc1047ccff7fba4a51aeba7272cc2bcbc35f9ae5e08619f9f598d4f897b567eda9e1c8e1415aaa274e4d69c4ca3b77b4c5ef6bbd04caeec9b243e98936c8796a8d00b0646a1948ce9a8a5f933de184338585790fcbeab0c2d22494fafcc537f42dd9ae46591ab0a256665917085de905c824b56065d43f513aa5ebbce1411dd12f66642b0e59598c3e6e44911cd89bcfa25c5fd62d399e70f9166352c5df2cc65200b0e46ad2d9b106c03fc76663270da9480cd8600acb464d3c49f69e0fc981bd28485c4d92bb4e46832636807a1cc9522358b31875e31eea76a7ad4fc163d6b302bd2260281a63878fdbd8f1077609f4dfe07b5e971b1dfa42909d6fe6635fe04a0ac33ea114d65909dae87c8cd2b3782398ee373b49c42afff0ce89996c7b27c76c381bc5a8299456e51fccc508c8d4abefbd4a1fa19bf931655b8bce283a6da7c112b4cb57c1e2300a27c211b97404db564ef24a8f749b5d6ccabf4e64c1b785097f867f94237997e8f347cd098e5887c79a5410e700ca9148dc91fc9105e32bf53efb8076b34cc3fdbfaeaf291649fff1bcb0f1c217956bd0c45a1cc0e829e61a337ca4a6590da2f55722cf3a67cf789062cc289b841eee50fb87199721608c2daf40aec0c05554be798587da013c49f342cde81327b21825238bb87bfd52b09d9a0439a2956579b2ff8616667ffe19590cab98e9df3754af7084b0e00e4e9a3c74852a79ec8400dce5b755b1556af27e40f09f6bc8acec4c77f902df64d2349ae91d0cd9b8446dc0ce1ea0f464f08155f3cac76d72d29c58f78cc5774164ec8eb9d978a99b08f81ab399b82beffdefcaf4c15b65190397888982e5a575854ba756cead94e02256d0df97eb192821516aea069f798abb4e8f80a8aebbb270216909f4ff38364e3455131808b056f54ee9f908e94a29f7364d33872719b716fa635cd6f9bf5da1f5fe0da5de4f456da2f5e51e2d67787da29df11c5ac367407dbfe97c7dcaf2ea77065958701f5f4616ec92838000fb654010a0baa3590967a075019b27755195f7a942fb27871d59b286cad3a3aa9bacc8cc77dfb3dcb980affec4de854af09f761b16d3abbe8a575b739d7e5171c628cef67bf481d76e7eb34fcbd2aceeb14cd223ccf215cb31882ae7b25e002ac32eec1a0f908276a867aea3b61be42bf502ae7549fe02cf6b204567ec50f495a3dd99968999fd180b3907b20996d532bf22dd7f041654981e981d3adf911872bfe013245978036641ef8d8a86b0aec80de0a06d5c45b1768f5d60deb428959a3267b490e1e241421dfeb6609ec45faa2d59025d1045409c1d926d4856a6656d5bbb0dbfbe5b0aa006ca77217b64b250e10f6695e4bf25e91cef081814fa647e958333549755ea76028b3b54e713fa334cbe6200be4fe4baa208595c25f25e3e0bbd65bc035ebb0fb00473e6026f7afcb73ea120ef46191aab321011caed7a0968dff071a3306acd1f16840ab44c3f11c61ae7477c03cf8213b871f51db3e5d3a0c971f5ae856e131ee125c4ebec00968f3de0eca126f70275c2c0ba4e4f05c36249b21ef9fadf111e065dbaed17c9e119a3ba7e4edf4a5383fdb747a3a8019ddeab6e557806f5b86a52330657eb6ad0b72ca0e243fa6d6856c24581544e1e219baa3998f921bcf2da7cec1ab82cd131a32a81672a9a0d303f0dc8ab21f92a78aec4e18cdff5ebb621693ac316043a468fb18bec56a97532c2583562281ade3d0b2f9ee73d927ad8593d58110c13329acccad9466ca006406b5074355dd15e232b820b9688e5699bd09d6cb5331eb2bcdf00bc7262e2ae017d53f958042fd6f27a5adb923c490a815b29f1f98e48b86cf4e0e549ca144fca133502178d344c3a77072b8702205cd9eab42d7391442937699873b4f1d60c8c6cd168f0978f979c42580958cb5403b08224c08599d399f663d965c8f1a5b86968797afa383e89900ae79a3673d0b6b9d2364d821a4f96b3eab0ce3b478ed22741943ae66557152efea447b072c57115cf0566fb9d387913234a1f8396fcf1281320e3d86aacc2740e3cc10b0128b2186a47bfd141f62cea9b8c43e6a2338e094e3fa31a552e77fa26a3d5e5655a0fb7224f", ["", "", "", ""]}, 0xeec}}, 0x0) 13:20:49 executing program 4: socketpair(0x0, 0x80000, 0x0, &(0x7f0000000000)) 13:20:49 executing program 2: rt_sigqueueinfo(0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x80}) 13:20:49 executing program 0: r0 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="04", 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="7f", 0x1, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r0, r1, r1}, 0x0, 0x0, 0x0) [ 3079.709939][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3079.957015][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4ec000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:49 executing program 5: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='('], 0x28}, 0x1, 0x0, 0x0, 0x44800}, 0x4000000) 13:20:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0}, 0x1, 0x0, 0xffffff7f}, 0x0) 13:20:50 executing program 2: openat$ion(0xffffffffffffff9c, 0x0, 0x400000, 0x0) 13:20:50 executing program 4: syz_mount_image$minix(0x0, 0x0, 0x0, 0x3, &(0x7f0000001700)=[{&(0x7f00000002c0)="d0", 0x1}, {&(0x7f00000003c0)="fc", 0x1, 0x7625}, {&(0x7f0000000500)="8b", 0x1}], 0x0, 0x0) 13:20:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg$can_bcm(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000700)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x41) 13:20:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4f6000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3080.595597][T16129] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16129 comm=syz-executor.5 13:20:50 executing program 2: syz_genetlink_get_family_id$batadv(&(0x7f0000000300)='batadv\x00') 13:20:50 executing program 5: add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="ad", 0x1, 0xfffffffffffffffb) 13:20:50 executing program 3: sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, 0x0, 0x71c0adcd94049144) [ 3080.996476][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:51 executing program 0: openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000340)='TIPC\x00') 13:20:51 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x4000) 13:20:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4fc000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:51 executing program 2: syz_mount_image$minix(0x0, 0x0, 0x0, 0x2, &(0x7f0000001700)=[{&(0x7f00000002c0)="d0", 0x1, 0xfffffffffffff000}, {&(0x7f0000000500)="8b1adc7e7a1d66ee6da72b54e72373533fcd7d6e2451ef8c9c473fc72698e8ba0f833b86a59ad955715481d51d520cf203995720466bf9c6408423d6eb575708dfd2ae4e42a0066e479f46840b13cd92f2c03e60ea9158896a461687a2f7a58dca2981da2d61b12eb3370fde8af8c8d15b2a426ef2177b2247fd91fe72b9662aa39d7dbb8c384cd53118327dc1b7d33289151193c297cbb199b0ee764a9b22cafe9374fad2c7ed0dff64345b74a3a8358189eb9313af50b455e8afd2f0ddb8de1ebd9469dad34bc60599796e3a0838cd6268bb52e58378f145044046c9a059035b8e871c21c0f04e883ee08455bb3fcd273f1814fbfae302ab50c83955d111570d53943191d41ae90429e23a179efec6c8860ced0bc61d62a05c7c192a99c4f50ace0ee424dd6227747ebdecbdb2bdf34f7f7af67b30dedb13fb17f40aa127c38eb829846c85fe9dd84938ade16437eb4381180836fa7f431c64a51060858bb539565df6a005a446e97d54bff3ef2a677843587d8a183ced2acfd11073e81cfab0deaf9904507f423d921718f271f4502fe14a16d719cfc21e0315189aeb6095d23efba1cf8e29e74eee4f01a9ee661a35d1ab5d66161b3871a427de8aeadc5331f2bfeef6cc2bd3dd886dc36d9b4559972f1ba0fe336cc4e9abfc00ab3e9ef95a22e377eaec359aa7c96415b097b40d342ac13d803bd17b29294b81efc0df35d452bd51f5bcc2714570aaa8aa6700dd993dde231d18d1b3c5e1f91b6ed4c4fbfd6bd9cb5f7d00dc4d60fb57d6f2725f158ec9ddbc896902fb7750d36e24998a7237e1dbb13e54a778702db539146ab87ac61c1d4e025b870353deed18f572c3051fff92259ce8ecea48b88c34d4d9cb82b6c481488f92418e28447a57dbaa39ebb3cafd18646ead42aba5ee6380db209407fff604fe16bfc76068026f4a79d322dd308db7de8717626587212c677d5355109fe6332718942e6475f1f94e7c3043b7abd9be1744cf708182b2d752bc387d7361b20672ef72d06e86e07cd3c6e9f615eaa7d84b089ddd1c28bdb87e70280f6cb5a60eb69dce4a9540afb1d362b2a0a92494046e48d0e05d85bf2598f661bfc0e6d1014571175af5429b8663461e9a2ea7b9f668dfd64d3f503324a6a22764b9bebf4ed86f46e08ea6c4f830f6ceee9daaea9eacd8f241dcfca68fadf1c1c98b4bddd69540fff740aa83874a6c770b0ff8aef269eb60b1e68df68b17bc3b4a110d0b5843ff89496762e225f9cae499919be95eaab706bf4c15022c15cff9b966aa452df73f81a859a0af8f8a4369d9bd8b6b7c029bee09ff0e4966a735bc553be566873622a47b0775e8a6b71cb6a9b30740ecd76e0111822468e123b6f4749c3536f1fb056e9e4191f69bf34c6c162d0c660285b52c04e78679517124f5cb412cc2c1a80d27a1f235c3a8181342660a0e8534389debbc9997e99d17ed97834c068baa20a6ba75083c0faa02ec27547eaedc9e2d194ea0c7b9af36cbbcde4db5cea5ed632dc8824940fb72c29ffc494730a8ab8372160f45a4575bac3d2af8b0db2a267028021c8c5dec676ee3c61387dc409a9906866fa2e855ea872805b5ea3215c7c31db041aa01fbca4f13b9a623dc6d8859204de944be38d59858e072626e5772c8adb27e101f8327c59f42309b425c84829eb8f2d60edac4fa42be30f5dbda6dd78a9f41e7ec273fd96a3bdc54ce0b0370230dec3494aabd7f829f6c6e344fd07e18fc2a56fc7c448c5da2a83e9a4d9a60a9481a4430f4767613e0731623116419457c8d6deaf5c3cb4547d3fbcee3a149bf708c2913612a256c695306f041ad4ccccc50318a90381947314f2f25c5a2efef173bf8bb1362663a699bb531b54f8d9fe9bc26a73583fdb5b2f3385da6f0f6010ae5aa07f87ae2eaae69ffed3f5f4951bcab50f4552abd5fded41d44df996f40095fa14c82855dd0a286f958de860bb1607cb23d6fb831a6c3345ca3297ea69a6af092de25a26c77777264e22b45f79f01db9009b769cb66467e1c4d0d044abbee8e7ab6ae31188668ce7c7818f1c58296f89d59952530724ecd28a4cd4359373b85cfdd783efb14b54ce95f264e03f96c744e16baa387631c30085793fa8784d8483f592991148517085384c745dae252a1bbf3c07fbae0ec9eff81a01400084e7b9cb7509df9889a82b962561ac3ed3a780211ba1947dc151c5a47dd181b4ddd4e749a6cb4ef0ebccd846617c1a85e8e59cdee5607afd35196a71b343a05baa4d142a0f9a7a7f380f41ffa1e4ffe1da2fd1a6daf118d2551b977842277fd340e554339916c1755e22adaa8ef004029b6119cb1f6857185242035d6f60b9f5951283562743a740ff3790202908cab6e1cb4308d50e84269c1bfa30d8eaeb70daf4680e86463a7f65ff75947737d2d4dd77bec661d1d14df99efabbd13b2f84cf238e1f2431d4d362739003e6b91600a79e586cba8c752b5bbd82957e8806f50e3b13387ec52fc67d57f9f60c95ca83a02e867c380ef3056b6b34baf084ae392d428b095b8bac27810e279d9ef789e9f4a3668c3f729083464ef50c466c73dd1da6e0cadcf3a9ce7498351aa175b311778344bf1def81291b7fa67d201786af078d289c265cd1b904767bab9804e80814712bb3864c4eceec67cc3039c670e6eaacc117b98d57df77858aab8326e43c9853fe0d372abb449a41250a04bdef05765aecdaf135dbfda20da52ea2684ab891578d06be571f027032cd6a9f3868eb654c7bb280832d2f0d3c0ade26dd70073b9ff3ad51222c285ca7c3b39e0e2be36ac79c76feb7bedb665934889441e6358c8a47550aa75c3116a84dd2abc112bcbfa0bc3ac6d143fc92820bb559cdf20702c74baeaf1b8b943e5f2ccac65141797c97d9f16f599759924332b64a0cdcc798b728146bae82d11463886471c48b0d9251913e002f33ebd814e4e771369c0aa462985c751569db81851dae4a59edf0a60b78d7482f27e2a9a0a7e2f17db5abc9233c64a421fae082e46e85acd8056cefde4c90bd55d4c86717fdf191d605548e7addecb94dfb19313d39f87d14dbc2117fada4d8861ba711729786761f33c7eb0339c24b7c2301071c8f587252b3e4f5a5818c9128d64711b2226f5f8f1a430b36e356b3a955824aa4b45cf596a0c0ec9fc39cb422a78a5b0a5242b39200c7448492abdf45c0012d79a693e94e478b481fe06ea8b1f85b78a6d866db66880487f2b991394af7e0089cc2d4a0353edcfb6ac5c1f4e98ae183a3f3a40299261ef12b6e3bd3309780f89cff03e169819beb26d64c564081f544a4677f1d87d5229beabe4bba854a8f995aba537f882b9a45c79b0711a4dbe7337b7b2a4404dd8e2f3c87b0e63b34935dde5ba867afb6e2fe443c97e050497bfeaa81fd8d26b20a00566a7c035dd92b175c24445e05b312fb7f45bad0530c7fa16647eb6e20365345563ebb8459bf3716b7ffc7adfcce4b5513af501f2d25277772c8176d5a5ac866116907d8efe7c2beede25c35d07604ffdc4e9cd40b78cd17c5503773e9c33914eaad0ab77f7731cb801456f0a2a78722215f93e1ab43720ec2a848fc33f6d8e2d5169ec5c7c4688e3611679f4441ed4103a54a14666a051c136ae9b2103c7a7cff0826e42101e789476781b23e7c80e68da25cf3821c0dea2d159355d7af1e26328be0f3b271989d92770330303494d35825852d0e71dd1195100421718f3e5181764a129d490a466046417b958e4a25f92de70a8d94c6e68094a5a544674faa1668a84673215def771ef3c21824445ba1847a9b3739a13ffc43958afa10677583cbbac03a3e9df4cf1492354c20dc5ece3d86dabc4c58d7ce9af13553a8877e917843721a0da81be60864ef72b74aa6a2b2266dbda85edabcdf84323b34f47fddb907eadf24aa0a41bdcd5c5fbbd4b8b28f7590d31688b463168a76346a828a5bf39b0004bc4a8e8e2b1a9ba018fc8e6461b7b79c1ed62ab0a560f6b9975d24245a68e379f8b4b9c060608052e1291a308bcc599bab6ce1eb9a1b13b2f5b105893971a2c383398780c10ee19d52f72e06a12492fc0dfa4f76095279b834cc878cf95ec024ee8a79d479b049604e8a9927536b23ad8eccbe3a0448da91b47f758434f127a20e9d53d594760f36e052668062bee8c878760246e63c7ba73ac03f19fd4effd5c6c30bea5fb32db694662f109aed5fac2172096fe9689712da4008d68f23c21f4f9a2733670290ec4696dbab296893cb95fc529dd3959b917cc791012ec57436d8cfbb0f013d99e54e3073b588896af74ed610523d1bfd92a3013ae77e03df401a3d40a42ab487348fcfa629ac12b8253c33cd46958874f6787f1de77c3a97af6ecdb41d1cdb416cce873972c12e745c47007a0a07e44a538bf603b74b433bc0cd76ecf6429abdcb4a17e2651d1b2cf645920c2fd9bd32e86635cc44a566ec57649c2050dd98a6cba575c03cc71dc53a3a0a9dd4ce2bd075dabb89a14e378c3585181425bbb6775712ab0d17e1388333bff8ca7978ea5dbe550694e26156616a610608895a266cb03c1e28549f1a5d71b2e8681bfe7134ace4e5f7a56abd8a98b677e24fa154fe256d004936cd99a156d6262abbe91c47083bf0bd34536febc52975736191a5adcfe5d869257bc9fcbde808bbfea49c27ba5cc3c44f7048c3a985339524e462681e7f01df787e48b01b98e1fbdb9560082fcbfe512e7d2e2cc5dd4819d5bb84fb2c312f21c00dd9e8400e498a93a14f0676614e64e28aabfd9906415227d76443f63834b8832cdc26525971d9f380b8cf284dc473d5f01d2fe940c410274a756d4bd4e49a2dfc6d02fb3d8f4cc5c1d4523e28d9aa1aa5aa87bdeee3cb0e354e7eb19ee4fc056d97c3379276f3be30df797d182824369993fc067d37898b785a87a0a5731d361704527f64a07c01dbc3ee918cc39b11b36f4f4c0c2cbcd1dc37d173378e0d4b109e6b096564a1e6988be6b294d2847e37e54bbff43a0bcf31e843276aa2711ff34c38543b2bcc699e1d4ce89024f256747bafc380e3f31bb1c242bc107be45f2cdfe4f51b9ea38e9d8b75426e77d85e9c3057ffa5b02552ee364c5ec697998a8710e9b2b22fe5fd6b571677f3c23040857210b10fb9488bc13b3454a6d4f3ed7be5934c6f16a38f43c4f6e707632c2686fc1c308f9a25f4a817fd4ee7f3fe1fe8b8426c1d0e1ab5bfbf7be5caf2cc1668840c61c8e1ac69a1033120c5524c6b491a06dece58fdd2e28f920ab7929c4758a96890ae8f7d3648fe9ab394fa8d3151c68a319879675348ab32edd661c7b2ad036bb70b850159aa828f94174d00622f889979469a017afdbcbdbc3eb12f5b729cc3e011898a6dad1fe3096d91fa65a6bb18fba8bea374a98fa6983dff84d27664a6a96a43b5168ffadd88f6b8799170c1fd52abe90fe18ce66f37a208214f1ca7789b6d0dee54d39ba0d242a7be95f83d973e25d07c0e6f253e884f73dbfcfa72d603383581879319270c505ce7bc0a823ff8c9cbb7ed27f8f581286b1474364f8f2870044b87e1bbe365e8d6db9a7f4707a5227b75bb54b037b93d4", 0xf76, 0x8b}], 0x0, 0x0) 13:20:51 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000008c0)={0x7, 0x8}, 0x10) 13:20:51 executing program 3: socket$inet(0x2, 0x1, 0xd021) 13:20:51 executing program 0: openat$vsock(0xffffffffffffff9c, 0x0, 0x3a8c0, 0x0) 13:20:51 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x4000) [ 3082.036267][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x506000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:52 executing program 2: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_TTY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0x1004, 0x464, 0x0, 0x70bd2c, 0x0, "d84c469fecd119dd8daac48aec39909594fbf8086e624ded61742f7d6b33ea2730041e5bcd97b64b7c42043c10be701f37aefd0c2bdc1a5af1eecd5165c6f4e465295ac4330bc5b197600b916a7ed43a737c57ff7f552c369b38c8d502758f39614e7eca1e0fb6ef8d5978b851fb46c6b68d49450794fabf79ce57e10977e38b4a6599676f6b94943f99147d79fa5764188aa74a161c17ab96bb7bae57e5719c227ef303f81b30ae6dc6d6900b2be7c9681f373c304f50c2ec59911c0d90ceba276edac1984890a1fdb6af00c3198e9ac1a6af913aa7373fb37dceb4d122574d7db0cebb5909d990278233c8cc01eb552684f7bcb3e42886aa91f1e9416e26ee6a190cc08992c2d34f5d2cd1b84b5e80ba671aba53f957916389b4b93beda2439ea7f4bda2fe7eb360a0a1883f14299c6db42c29ea4dc28e80d859ae86f09dfb3aaa3671fcf2e4c2bb3f89268decaffe10b5f213875cc680f35d49c19adebf96c2d4a932b63c27654c880a738662fe957f9a617ebdef2d5e28c125b8db0b1d33a96427be042e010e5f0788b26574fe9bcf7da182bc3ac29fdc385c35f13ba88646659a52ede49b35f74f8425be3a2048ab53c303b55e323679b346dccc049d4df3029a2782e96078e6c4e48f281ba045d6033cbba6d59efa7677f6d178e3feabc360f28a8e72b35e7768c8c0d624adf81273c03f37cd611b3598567c02db79677b69b0f551f176ff82f6a8bf4f5de9955486c18535b63d0e4e2809bf222010d2effa5cc2e5961d3e9017d0b0c13a052cabcc8a68832a5e8e43ce4285b0551e4c2f6957809a1811094fa76333d2d845360e3bb72d66dbd3c7e3a9d1cd54a328874b5755dfe5a139532ab7e735fb2a735492bbdd1895042a88d97c0575a771892e9a9ef52e15733aa9a02cfd35764c2b55e1a670539b1e89f3fd2c58ee79595963c52a42d58d82eb59ffe7cac7b4c5751b039e651aa7191a376dc024869a4d738297291de2126b4dc090f16b97d813cb54da3d47a2bb7da8da473ea6ee060ca6eaaa6f6aab273a69de948bf56fccd04816366aab09a7a51d491af2171fa547c1d0760576b85a677bcee20b2862a8eaa4e187b2a5e044a2b462581412b54f1d1710042e485acec6573ac5fe28cdd8b0bad1799f8b97691cd5d0bb5ecca2d3198883dc7987e4715dbb861177960f879bab44d027260a65c39ebc9a4090a4a1f8c7b0501afb40bf28af2325107b8918b324e2ef6512a8d83c329cdddf7023239d6d12fb86797f1614b78b287a05458ad10df6e2c7c8e07bd801ba82fadb8426144866ff17176c457fe144338652e5db28576a19b83eca325302deb649a964a6745c38f0add11b57ce7e67bf7733abe898e3f21df8a7dbd140ca7581b5a946a3f64674b802fc4cd1bd8b08e1d0f10b6205a776684cf127e6e9da4517f1c1e6aa74578e7cd0bc98ed42da15999e18d559c6906c233a082c168d9ef48228e8f566453798e321d928caa51b9b273da33ad0f062ed1440eaef2f6cc0ceb2bbcfa1b1d65b7d326c291a091d7b4c39831ea2c681119af69db9bfb1d278f01e68f399ea000326ae811c77fcdbc220b34300e0028b8e1b36119f31f6fc37fd4b2fcf9daa288513dc4b28f83ff57ac3b4ae90325e28ca19df86eefcaa75a2fa596a00b59aa81d3d60394862f88de15162e62dad5d6c4b56a1b7447e471947c5ee0453a78903b0a3c26e97236b6ba72d959e7ea48f19c8eff3cdc5661f815757e3c5edda1d71c77d911326bd4e0bea6ba27feb2093cf4b271b2856976b5ab1893439bf6b64bc696da0aa227fa9d142d92ce1b875ab20905b2ce1ea64b1077a48d5be24b322cc482795411c1b98644d2fe6edbfc108329912d62ac495a5727f62dacd2baa4777db0d5d7eec112a984a545aa72b9b72f9ec91e7dd75d0c02767953f50a2c3e9875188a06d5614262da15bfc46ca9c838fe18ad95462611ab03e1b35c5f850fe199c924a7f6b6df74e37fcfc73fca84e64fafeb368e2911514c636218050634be6aba792666b605a66fbb471f079875046edee648644ad26974a7c91f38bcfa5251c9b709df804a7f63c6dd56a8e6c5aaee69f09d41770609e08840d06c1a242fd2cc4756d4ddb7ad60c7fd2e80a77ab2a68aa4559f3a29650c66c667d041134db354b3f32949b174c9fe410871f9a93bc268225de7554d3acb0f922d6465ee908598108fdfc4133306f39c0096a0d4c06bf651f3c1ced5b62dacfe48f3463b74fa65114d2779552317a6032cbd88eb0eeed435a4fa6d2fb04dd61461b8dd610c9876862a47562139b3c00345725fc897af375c2a9996ca1c5222383e53b31e1bb28c4acb27d2c06354c6558d900c9406107b0d3356e9bd9b81de9b8cb15ad7ea9e22c6adc82ecaf9061ffb9402216e45c81a2444c251d33d3561a1c658a6487536d9c6f81fe4189e8b7fdbf91d38d5a344153ad10cfee01def4879da5073894e0c2c3ea31cc5665db61bc339d381fcb0d160b4b646af8511dd166ead29da520c968c9e48dbcec2f77a12852932a627e8031d70284b0dcb55f128ee9632fa99e435fe8f1bd01e0c07ada4697a17bd678b2f74d4ecd641cc38a8752feaee4877e1383507945fa6bf946ce7c4ed0b0c7320276c1796a6ae2f004bbaf9af2363d4a195b8dee7dce50a43ddd0a43fe9039f7a024b44a4d08276a8de312be580a48c9d2a188b7dfc431d1eff4081043a644637bcdfeef7048229f85982632838347401c6e652fbf479833240d7790e46787a76b3bca0ae0ad42131626a04f5c040c9e36e5210f9a604c4ad42e5360e6010ef468dd47f0d2e218f1c703edc2b8e2d1a7f6c68cd3197dc63d38dbf0fb994d569d8edf752bcdc3e16b2c11833c8300840577b4a972b6c4c45e4cd14357645aeeec0eb7cd4f283be28379f4331cdd63d0889a1ba274fa8857d3f1cde7f877d08a5785e369bd082d627fc8ffe74c5943bdd3a5776dba9ca9def3d0095a3b09268fb2e7bec9aa6ce790bbc0b234fa53e2e5a2674eb6f40e06822f8fe8cb37ba8ccaf9719b816c63d1a2fd553700e1895d7a4151212cb2468e3b57d9c7a41c2865574e8838c1c5d3cd2094abbed99845a65d930acce2d167069a541ae6cbf10b1233362d60c9b4d592429c118653921ebb77502ed49d6e7f42c1dd50175bf775598e8691aca7caa90702126df8b1389c17e3c91c2d89fa6dfee94d3d2c5cc6c3822233aea79ac241b4577f5a2294bc1047ccff7fba4a51aeba7272cc2bcbc35f9ae5e08619f9f598d4f897b567eda9e1c8e1415aaa274e4d69c4ca3b77b4c5ef6bbd04caeec9b243e98936c8796a8d00b0646a1948ce9a8a5f933de184338585790fcbeab0c2d22494fafcc537f42dd9ae46591ab0a256665917085de905c824b56065d43f513aa5ebbce1411dd12f66642b0e59598c3e6e44911cd89bcfa25c5fd62d399e70f9166352c5df2cc65200b0e46ad2d9b106c03fc76663270da9480cd8600acb464d3c49f69e0fc981bd28485c4d92bb4e46832636807a1cc9522358b31875e31eea76a7ad4fc163d6b302bd2260281a63878fdbd8f1077609f4dfe07b5e971b1dfa42909d6fe6635fe04a0ac33ea114d65909dae87c8cd2b3782398ee373b49c42afff0ce89996c7b27c76c381bc5a8299456e51fccc508c8d4abefbd4a1fa19bf931655b8bce283a6da7c112b4cb57c1e2300a27c211b97404db564ef24a8f749b5d6ccabf4e64c1b785097f867f94237997e8f347cd098e5887c79a5410e700ca9148dc91fc9105e32bf53efb8076b34cc3fdbfaeaf291649fff1bcb0f1c217956bd0c45a1cc0e829e61a337ca4a6590da2f55722cf3a67cf789062cc289b841eee50fb87199721608c2daf40aec0c05554be798587da013c49f342cde81327b21825238bb87bfd52b09d9a0439a2956579b2ff8616667ffe19590cab98e9df3754af7084b0e00e4e9a3c74852a79ec8400dce5b755b1556af27e40f09f6bc8acec4c77f902df64d2349ae91d0cd9b8446dc0ce1ea0f464f08155f3cac76d72d29c58f78cc5774164ec8eb9d978a99b08f81ab399b82beffdefcaf4c15b65190397888982e5a575854ba756cead94e02256d0df97eb192821516aea069f798abb4e8f80a8aebbb270216909f4ff38364e3455131808b056f54ee9f908e94a29f7364d33872719b716fa635cd6f9bf5da1f5fe0da5de4f456da2f5e51e2d67787da29df11c5ac367407dbfe97c7dcaf2ea77065958701f5f4616ec92838000fb654010a0baa3590967a075019b27755195f7a942fb27871d59b286cad3a3aa9bacc8cc77dfb3dcb980affec4de854af09f761b16d3abbe8a575b739d7e5171c628cef67bf481d76e7eb34fcbd2aceeb14cd223ccf215cb31882ae7b25e002ac32eec1a0f908276a867aea3b61be42bf502ae7549fe02cf6b204567ec50f495a3dd99968999fd180b3907b20996d532bf22dd7f041654981e981d3adf911872bfe013245978036641ef8d8a86b0aec80de0a06d5c45b1768f5d60deb428959a3267b490e1e241421dfeb6609ec45faa2d59025d1045409c1d926d4856a6656d5bbb0dbfbe5b0aa006ca77217b64b250e10f6695e4bf25e91cef081814fa647e958333549755ea76028b3b54e713fa334cbe6200be4fe4baa208595c25f25e3e0bbd65bc035ebb0fb00473e6026f7afcb73ea120ef46191aab321011caed7a0968dff071a3306acd1f16840ab44c3f11c61ae7477c03cf8213b871f51db3e5d3a0c971f5ae856e131ee125c4ebec00968f3de0eca126f70275c2c0ba4e4f05c36249b21ef9fadf111e065dbaed17c9e119a3ba7e4edf4a5383fdb747a3a8019ddeab6e557806f5b86a52330657eb6ad0b72ca0e243fa6d6856c24581544e1e219baa3998f921bcf2da7cec1ab82cd131a32a81672a9a0d303f0dc8ab21f92a78aec4e18cdff5ebb621693ac316043a468fb18bec56a97532c2583562281ade3d0b2f9ee73d927ad8593d58110c13329acccad9466ca006406b5074355dd15e232b820b9688e5699bd09d6cb5331eb2bcdf00bc7262e2ae017d53f958042fd6f27a5adb923c490a815b29f1f98e48b86cf4e0e549ca144fca133502178d344c3a77072b8702205cd9eab42d7391442937699873b4f1d60c8c6cd168f0978f979c42580958cb5403b08224c08599d399f663d965c8f1a5b86968797afa383e89900ae79a3673d0b6b9d2364d821a4f96b3eab0ce3b478ed22741943ae66557152efea447b072c57115cf0566fb9d387913234a1f8396fcf1281320e3d86aacc2740e3cc10b0128b2186a47bfd141f62cea9b8c43e6a2338e094e3fa31a552e77fa26a3d5e5655a0fb7224fe2bc12d6e3ec1eac9cfa2dee080a35ba1c0d39a2ae6501805bba29ade3243f22b012f9bc7c8b7c2edf1bdbc881872e3ee5c25b988b0d77edc07ace6c83b4cbf57474bdb780b702e1efc05262322670634106f4f2c64df027347d9fb48a51554f8aea2b876898f8da08e9d7e7dafee243115266f08334f5ce557712ade6bd90e0b76b60118b4fdbe378f99fe56faee292368b7214dd01d5544a08f95c72d780ed832e46775050abf12f17394252ca71432c6a360023377d5ba67dc0b6a1f109675926d365eda56cdf90e8d76ac7e7d890bfb44aa2fcdc5cd668187d750d0f2e71dad0f0348edc18c9ba0fea4c7b3516228f637a43940a960ae1bced98ecf85c8245fb05bfff2e26c78519e0d2c3667967d1370a30f87f965744961c", ["", "", ""]}, 0x1004}}, 0x0) 13:20:52 executing program 5: syz_io_uring_setup(0x6735, &(0x7f00000005c0), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000640), &(0x7f0000000680)) 13:20:52 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001dc0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000001e80)={0x8, 0x120, 0xfa00, {0x0, {0x0, 0x0, "ece7170cb7e0243f7c0cbb2e8d4f4e34742627d2c4b1dd75e2b910ec215a648a8df2b79b055cb22f406564deb59e5d654117368fd330d13ae803d0d36492b7a8ed21286c7d3c4398cebac6dbaaedc11b8bf47dd3cf43ef81ffa2c946326abdcf5c9b3a106ab6bca6a6b685747bac79ee3711e6eb791393cb5e30d35583e512c3afc492c4af82870c4fe297932edc612ee2718affe30556e09e2de972cc2d38963175473c611c66a443931c0d42d2be0d1e7b29dca2d7da9c9df8f8b85816e6dd3b28e3466efa015d42c1d9cb9fe01ab322a89b78262c42baee25b883a47ba335fb711a2d2161241d230435c3c869b6f2f983f0b0f7c269abcb2c90357c7f05b0"}}}, 0x128) 13:20:52 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 13:20:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x510000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:52 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x4000) [ 3082.749616][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:52 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x2c}}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000200)='batadv\x00') [ 3083.077258][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:52 executing program 3: write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0) [ 3083.309812][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x51a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:53 executing program 5: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000004c40)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) syz_io_uring_setup(0x636, &(0x7f0000000040)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) 13:20:53 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_LISTEN(r0, 0x0, 0x0) 13:20:53 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x4000) 13:20:53 executing program 2: socket$inet(0x2, 0x0, 0x339e) 13:20:53 executing program 3: syz_io_uring_setup(0x6d35, &(0x7f0000000000)={0x0, 0x0, 0x31}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000d25000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 13:20:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x524000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:53 executing program 4: openat$mice(0xffffffffffffff9c, 0x0, 0x4000) [ 3084.116052][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:53 executing program 5: io_setup(0x8, &(0x7f0000000040)=0x0) io_getevents(r0, 0x8, 0x0, 0x0, 0x0) 13:20:54 executing program 0: socketpair(0x15, 0x80000, 0x0, &(0x7f0000000000)) 13:20:54 executing program 3: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002480)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) select(0x40, &(0x7f0000002540)={0x5}, 0x0, &(0x7f00000025c0), 0x0) 13:20:54 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) 13:20:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x52a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:54 executing program 4: openat$mice(0xffffffffffffff9c, 0x0, 0x4000) 13:20:54 executing program 0: r0 = socket$can_j1939(0x1d, 0x2, 0x7) sendmsg$can_j1939(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0) 13:20:54 executing program 5: syz_mount_image$minix(0x0, 0x0, 0x0, 0x3, &(0x7f0000001700)=[{&(0x7f00000002c0)="d0", 0x1, 0xfffffffffffff000}, {&(0x7f00000003c0)="fc", 0x1, 0x7625}, {&(0x7f00000004c0)="a2", 0x1}], 0x0, 0x0) 13:20:54 executing program 2: select(0x40, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000100)) [ 3085.164979][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:55 executing program 3: r0 = socket(0x29, 0x2, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 13:20:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x534000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:55 executing program 4: openat$mice(0xffffffffffffff9c, 0x0, 0x4000) 13:20:55 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x0) 13:20:55 executing program 5: r0 = socket(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 13:20:55 executing program 0: io_setup(0x6, &(0x7f0000000100)=0x0) io_getevents(r0, 0x1, 0x1, &(0x7f00000001c0)=[{}], &(0x7f0000000240)={0x77359400}) [ 3085.822651][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:55 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x2200) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f0000000500)={&(0x7f0000000040), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x42c, 0x3f3, 0x800, 0x70bd2d, 0x25dfdbfc, {0x10, 0x0, 0x21, [0x8, 0x0, 0x93e0, 0x6, 0x3, 0x6, 0x2, 0x0, 0x6, 0x6, 0x7, 0x9, 0x2, 0x3ff, 0x3, 0x6, 0x4, 0x401, 0x0, 0xb283, 0x1, 0x5, 0x3, 0x81, 0xae6f, 0x3f, 0x1ff, 0x80000000, 0x3ff, 0x2, 0x1, 0x200, 0x1203381d, 0x2373, 0x1ff, 0x6, 0x3, 0x1, 0x6d, 0x4, 0x40, 0x9, 0x0, 0x8001, 0x80000001, 0x2, 0x80, 0x2, 0x8a21, 0xffff8001, 0x8, 0x0, 0x7cd, 0x3f, 0x3ff, 0x0, 0xfffffffa, 0x1000, 0x7, 0x7, 0x8000, 0x7, 0x2, 0x2], [0x435ead2c, 0x6, 0x7, 0x4, 0x7fff, 0x200, 0x5, 0x7, 0xffffffef, 0x10000, 0x101, 0x4, 0x1, 0x5, 0x9, 0x700, 0x80000001, 0x9, 0x9, 0xf709, 0x80000001, 0x5, 0x10001, 0x9, 0x1, 0x3, 0x1f, 0x4, 0x2, 0x1ff, 0x642, 0xffff, 0x13, 0x9, 0x72, 0x70, 0x80, 0x2, 0x8, 0x19, 0x587, 0x200, 0x1, 0x1, 0x7fffffff, 0x2, 0x40, 0x100, 0xffff, 0xf2e, 0x5, 0xffffffed, 0x200, 0x0, 0x7fff, 0x2, 0xfffffff9, 0x4, 0x3, 0x9, 0x1f, 0x6, 0x4, 0x9], [0x0, 0x5, 0x3ff, 0x6, 0x1, 0x9, 0x2d970587, 0x1, 0x4f37, 0x5, 0x1, 0x10001, 0x6, 0xd07, 0x5, 0xd14, 0x7fff, 0x29c, 0xf2, 0x4, 0x3, 0x8f4, 0x5, 0x1, 0x9, 0x0, 0x7fffffff, 0x10001, 0x4, 0x15, 0x7, 0x9, 0x7fffffff, 0x6, 0x1, 0x20, 0x9, 0x3, 0x7f, 0xffffffff, 0xc5, 0x7, 0x0, 0x0, 0x0, 0x10000, 0x80, 0x5, 0x3ff, 0x40, 0x4, 0xf6c2, 0x7, 0x1, 0x0, 0x4, 0x205, 0x9, 0x5, 0xffff, 0x2b, 0x20, 0xfffffffb, 0xffffff00], [0xfffff000, 0x618b27b5, 0xfff, 0x1000, 0x2ca, 0x7ff, 0x101, 0x800, 0xf9b, 0x6, 0x9, 0x80000001, 0x2, 0x4, 0xffffffff, 0x5, 0xfffffff7, 0x0, 0x6, 0xfff, 0x9, 0x0, 0x6, 0x6, 0x0, 0xffff8000, 0x9, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x8, 0x6, 0x5, 0x0, 0xdc, 0x4, 0x3ff, 0x1ff, 0x2, 0x2, 0x7fff, 0x3, 0x80000000, 0x3ff, 0x101, 0x800, 0x0, 0x81, 0x26, 0x0, 0x0, 0x5, 0x3, 0x8000, 0x559e, 0x1, 0x3, 0x2, 0xfffffffc], 0xa, ['\x00', '\x00', '\x00', '\x00', '-.>(\x00', '\x00']}, ["", "", "", "", "", ""]}, 0x42c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000001) r1 = socket$can_bcm(0x1d, 0x2, 0x2) recvmsg$can_bcm(r1, &(0x7f0000002d00)={0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001740)=""/240, 0xf0}, {&(0x7f0000001840)=""/156, 0x9c}, {&(0x7f0000001900)=""/112, 0x70}, {&(0x7f0000001980)=""/82, 0x52}, {0x0}, {&(0x7f0000002a00)}, {&(0x7f0000002a40)=""/91, 0x5b}, {&(0x7f0000002ac0)=""/4, 0x4}, {&(0x7f0000002b00)=""/218, 0xda}], 0x9, &(0x7f0000002cc0)=""/10, 0xa}, 0x20) openat$cgroup_devices(r0, &(0x7f0000002d40)='devices.deny\x00', 0x2, 0x0) shmget$private(0x0, 0x4000, 0x40, &(0x7f0000ff9000/0x4000)=nil) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000002d80)={0x30, 0x7, 0xf, 0x10, 0x8, 0x2, 0x0, 0x48, 0x1}) ioctl$PPPIOCSMRRU(r0, 0x4004743b, &(0x7f0000002dc0)=0x8001) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000002f40)={&(0x7f0000002e00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000002f00)={&(0x7f0000002e40)={0x9c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x76}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1={0xfc, 0x1, [], 0x1}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x27}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x21, 0x4}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x1}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x29, 0x8}}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x60}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2dba56d3}]}, 0x9c}, 0x1, 0x0, 0x0, 0x8090}, 0x20000080) io_uring_setup(0x3658, &(0x7f0000003840)={0x0, 0x519b, 0x2, 0x2, 0x5e}) 13:20:55 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001dc0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) 13:20:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x53a000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3086.196813][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:56 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x0) 13:20:56 executing program 5: select(0x0, 0x0, &(0x7f0000002580), &(0x7f00000025c0), 0x0) 13:20:56 executing program 3: select(0x0, 0x0, 0x0, &(0x7f00000025c0), 0x0) 13:20:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x54c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:56 executing program 4: openat$mice(0xffffffffffffff9c, &(0x7f0000000580)='/dev/input/mice\x00', 0x0) 13:20:56 executing program 5: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) select(0x40, &(0x7f0000002540), &(0x7f0000002580)={0x9}, 0x0, 0x0) 13:20:57 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(r0, 0x0, 0x0) [ 3087.245767][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:57 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) connect$nfc_llcp(r0, &(0x7f0000001840)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "84190f3662e320a6cca5c7c1260daeb00da4b124417ea58b5ed99f67e52cb79aa3e3e922aaa61e0292112db8ab2d53c30a3a75ef4e22e96952bd06cfffbca5"}, 0x60) 13:20:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x556000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:57 executing program 3: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002480)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) select(0x40, &(0x7f0000002540)={0x5}, &(0x7f0000002580)={0x9}, &(0x7f00000025c0)={0x7f}, &(0x7f0000002600)={0x77359400}) 13:20:57 executing program 5: r0 = socket(0x1, 0x805, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x30}}, 0x0) 13:20:57 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_IRQP_READ(r0, 0x8008700b, &(0x7f0000000140)) 13:20:57 executing program 0: r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="7f", 0x1, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f00000000c0)={0x0, r0, r0}, 0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={'blake2s-224-x86\x00'}}) 13:20:57 executing program 2: pipe(&(0x7f0000000600)={0xffffffffffffffff}) fchown(r0, 0x0, 0xffffffffffffffff) 13:20:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x560000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3088.285968][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:58 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_opts(r0, 0x0, 0x6, 0x0, 0x0) 13:20:58 executing program 3: shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x0) shmdt(0x0) 13:20:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_opts(r0, 0x0, 0xa, 0x0, 0x0) 13:20:58 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_opts(r0, 0x6, 0x10, 0x0, 0x0) 13:20:58 executing program 0: r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_opts(r0, 0x0, 0x1d, 0x0, 0x0) [ 3088.832493][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x566000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:58 executing program 4: pipe(&(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0xffff, 0x1022, 0x0, 0x0) 13:20:59 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000040)="a925609a4d0db92f3ad1c67bd00e7d818800bd2a", 0x14, 0x0, 0x0, 0x0) 13:20:59 executing program 3: sendmsg$unix(0xffffffffffffff9c, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000007c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) [ 3089.315838][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:20:59 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x0) 13:20:59 executing program 0: pipe(&(0x7f0000000600)={0xffffffffffffffff}) fcntl$setown(r0, 0x6, 0x0) 13:20:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x570000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:20:59 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$inet_opts(r0, 0x0, 0x5, 0x0, 0x0) 13:20:59 executing program 3: 13:20:59 executing program 5: 13:20:59 executing program 2: [ 3090.366056][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:00 executing program 2: 13:21:00 executing program 0: 13:21:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x576000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:00 executing program 3: 13:21:00 executing program 5: 13:21:00 executing program 4: 13:21:00 executing program 2: 13:21:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x57c000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:01 executing program 0: 13:21:01 executing program 3: [ 3091.401431][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:01 executing program 5: 13:21:01 executing program 4: 13:21:01 executing program 2: 13:21:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x582000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3091.871363][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:01 executing program 0: 13:21:01 executing program 5: 13:21:02 executing program 4: 13:21:02 executing program 2: 13:21:02 executing program 3: [ 3092.435817][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x588000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:02 executing program 0: 13:21:02 executing program 4: 13:21:02 executing program 5: 13:21:02 executing program 2: [ 3092.909597][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:02 executing program 3: 13:21:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x58e000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:03 executing program 0: 13:21:03 executing program 4: 13:21:03 executing program 5: [ 3093.485163][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:03 executing program 2: 13:21:03 executing program 3: 13:21:03 executing program 0: 13:21:03 executing program 4: 13:21:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x594000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:03 executing program 2: 13:21:04 executing program 5: 13:21:04 executing program 3: [ 3094.520491][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:04 executing program 4: 13:21:04 executing program 2: 13:21:04 executing program 0: 13:21:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5aa000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3094.909633][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:04 executing program 3: 13:21:04 executing program 5: 13:21:05 executing program 4: 13:21:05 executing program 2: [ 3095.555937][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:05 executing program 3: 13:21:05 executing program 0: 13:21:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5b4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:05 executing program 5: 13:21:05 executing program 2: 13:21:05 executing program 4: 13:21:05 executing program 3: 13:21:05 executing program 0: 13:21:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5be000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:06 executing program 5: 13:21:06 executing program 4: 13:21:06 executing program 2: [ 3096.599039][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:06 executing program 3: 13:21:06 executing program 0: 13:21:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5c4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:06 executing program 5: 13:21:07 executing program 4: 13:21:07 executing program 2: 13:21:07 executing program 3: 13:21:07 executing program 0: [ 3097.644933][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:07 executing program 5: 13:21:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5ce000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:07 executing program 2: 13:21:07 executing program 4: [ 3097.953182][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:07 executing program 3: 13:21:07 executing program 0: 13:21:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5d4000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:08 executing program 5: 13:21:08 executing program 2: 13:21:08 executing program 4: [ 3098.677206][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:08 executing program 3: syz_io_uring_setup(0x4, &(0x7f0000002200)={0x0, 0x0, 0x6}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000002280), &(0x7f00000022c0)) 13:21:08 executing program 0: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self\x00', 0x0, 0x0) 13:21:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5da000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:09 executing program 5: r0 = gettid() r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) poll(&(0x7f0000000100)=[{r1}], 0x1, 0xfffffffffffffffa) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x2) r3 = dup3(r2, r1, 0x0) write(r1, &(0x7f0000c34fff), 0xffffff0b) write$P9_RLERRORu(r3, 0x0, 0x0) tkill(r0, 0x1000000000016) 13:21:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSW2(r0, 0x402c542c, 0x0) 13:21:09 executing program 2: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000002080)='ns/pid_for_children\x00') 13:21:09 executing program 0: clone(0x800, 0x0, 0x0, 0x0, 0x0) 13:21:09 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000040000000030000002d0000000f0000000000000002000000020000000080000000800000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000001000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e373836333438323637", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000002f527b43270a4164871303f1137e5908010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500000000000000000000000000000000000000040100004d", 0x39, 0x540}, {&(0x7f0000000040)="00000000000000000000000000000000000000000000000000000000787371fe", 0x20, 0x7e0}, {&(0x7f0000010400)="0200000012000000220000002d000f00030004000000000031245cf20f0062e6000000000000000000000000000000000000000000000000d4189ee9", 0x3c, 0x1000}, {&(0x7f0000010500)="ff030400fc030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1000, 0x2000}, {&(0x7f0000011d00)="ffff01", 0x3, 0x12000}, {&(0x7f0000012f00)="ed410000001000002bc4645f2bc4645f2bc4645f00000000000004000800000000000800050000000af3010004000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f49000020004f3f54a9d2a254a9d2a2000000002bc4645f", 0x94, 0x22100}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00a560"]) socket$unix(0x1, 0x400040000000001, 0x0) dup(r0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x410481, 0x0) pwritev(r1, &(0x7f00000014c0)=[{&(0x7f0000000080)="d69f22713f08dc", 0xffffff30}], 0x1, 0x2, 0x20) [ 3099.733755][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5e0000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:09 executing program 4: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000000)) 13:21:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE(r1, 0x40084504, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = memfd_create(&(0x7f0000000300)='c\x9c\\\xd4\xa4-K\x98.U\xb4#\xe1)\x94:\x04\xff\x96\x13\xae\x83\x1d##\xe8A\x0fB\x13\xb7\xc9\xcc\x8c\xacn(sN\xe4\xfb?\xc5\xd0\"`\n)\xf0\xfc\xfb\x8fY\xa8\xc8\xa6\xe7\x97\xac3\'\x02m\xc1\xbfBR\xbe\xef\xb16\xe57\xb9\x13\xc4\x81j\x10\xaf\x95e|\x90\xf7\x99V\xfa\xc0&\xf2\xb8N\xb6\x1d\x8cG\xb9\xe7\xa5\x1d&\xc1\b\x8b\x88\x144r?3\xb6\x01#\xe2\x8c`QV\x9eA\xe4\x88C\x81\xc5\x01P\xd1^=', 0x0) write$cgroup_pid(r3, &(0x7f0000000040), 0x12) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x0) sendfile(r3, r3, &(0x7f0000000140), 0xa5ff) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) getgroups(0x2, &(0x7f00000000c0)=[0xee01, 0x0]) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000140)={[0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 13:21:10 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$sock(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}], 0x1}, 0x20008004) 13:21:10 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000040000000030000002d0000000f0000000000000002000000020000000080000000800000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000001000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e373836333438323637", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000002f527b43270a4164871303f1137e5908010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500000000000000000000000000000000000000040100004d", 0x39, 0x540}, {&(0x7f0000000040)="00000000000000000000000000000000000000000000000000000000787371fe", 0x20, 0x7e0}, {&(0x7f0000010400)="0200000012000000220000002d000f00030004000000000031245cf20f0062e6000000000000000000000000000000000000000000000000d4189ee9", 0x3c, 0x1000}, {&(0x7f0000010500)="ff030400fc030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1000, 0x2000}, {&(0x7f0000011d00)="ffff01", 0x3, 0x12000}, {&(0x7f0000012f00)="ed410000001000002bc4645f2bc4645f2bc4645f00000000000004000800000000000800050000000af3010004000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f49000020004f3f54a9d2a254a9d2a2000000002bc4645f", 0x94, 0x22100}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00a560"]) socket$unix(0x1, 0x400040000000001, 0x0) dup(r0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x410481, 0x0) pwritev(r1, &(0x7f00000014c0)=[{&(0x7f0000000080)="d69f22713f08dc", 0xffffff30}], 0x1, 0x2, 0x20) 13:21:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:10 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000140)={'ip6gre0\x00', 0x0}) [ 3100.756804][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3100.882589][T16492] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 3100.949856][T16496] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 3100.989838][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3101.795072][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3102.511203][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:12 executing program 5: perf_event_open(&(0x7f0000000980)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:21:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0) 13:21:12 executing program 3: setrlimit(0x0, &(0x7f0000000000)={0x3, 0xfa3d}) 13:21:12 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:12 executing program 4: openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) 13:21:12 executing program 2: syz_io_uring_setup(0x3382, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0) [ 3102.857305][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:12 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:12 executing program 3: keyctl$search(0x5, 0x0, &(0x7f00000000c0)='cifs.idmap\x00', 0x0, 0xfffffffffffffff8) 13:21:12 executing program 2: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo\x00') setresgid(0x0, 0xee00, 0x0) getdents64(r0, &(0x7f0000001580)=""/4109, 0x100d) r1 = syz_open_procfs(0x0, 0x0) read$alg(r1, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, 0x0, 0x8000) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0) 13:21:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:21:13 executing program 0: getresuid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)) 13:21:13 executing program 5: syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x4104a0) 13:21:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3104.035286][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3104.053477][T30690] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:13 executing program 3: keyctl$search(0x14, 0x0, &(0x7f00000000c0)='cifs.idmap\x00', &(0x7f0000000080)={'syz', 0x2}, 0xfffffffffffffff8) 13:21:14 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9b3, 0x0) write$P9_RREMOVE(r0, 0x0, 0x0) 13:21:14 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) connect(r0, &(0x7f00000001c0)=@in={0x2, 0x4e24, @remote}, 0x80) 13:21:14 executing program 5: openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self\x00', 0x103040, 0x0) [ 3105.083145][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:15 executing program 0: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$search(0x6, r0, &(0x7f00000000c0)='cifs.idmap\x00', &(0x7f0000000080)={'syz', 0x2}, 0xfffffffffffffff8) 13:21:15 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x9effffff}, 0x0) [ 3106.185882][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3107.125251][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3107.260374][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:17 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0xa, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_LINENO={0x8}]}, 0x1c}}, 0x0) 13:21:17 executing program 4: add_key$user(&(0x7f0000000540)='user\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc) 13:21:17 executing program 5: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002500), 0x0, &(0x7f0000002b00)={[{@session={'session'}}]}) 13:21:17 executing program 3: setrlimit(0xb, &(0x7f0000000000)={0x0, 0xfa3d}) 13:21:17 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) bpf$MAP_DELETE_BATCH(0x1b, 0x0, 0x0) r2 = openat$bsg(0xffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(r2, 0x0, 0x40008804) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6(0xa, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r3, &(0x7f00000001c0)=""/31, 0xfffffffffffffe3c, 0x100, &(0x7f0000001880), 0xfffffffffffffe7e) shutdown(r3, 0x1) sendto$inet6(r1, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x0) 13:21:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:17 executing program 2: setfsuid(0xee01) request_key(&(0x7f0000002180)='syzkaller\x00', &(0x7f00000021c0)={'syz', 0x3}, 0x0, 0xfffffffffffffffe) [ 3107.937008][T16558] ISOFS: Unable to identify CD-ROM format. 13:21:17 executing program 4: setrlimit(0x0, &(0x7f0000000000)={0x3}) 13:21:17 executing program 3: creat(&(0x7f0000000180)='./file0\x00', 0x0) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) [ 3107.982792][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 13:21:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x600a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:18 executing program 2: syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') prctl$PR_GET_TSC(0x19, &(0x7f0000000000)) [ 3108.300375][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3108.548358][T16558] ISOFS: Unable to identify CD-ROM format. 13:21:18 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x601100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:18 executing program 5: 13:21:18 executing program 4: 13:21:18 executing program 2: 13:21:18 executing program 3: 13:21:19 executing program 0: [ 3109.316052][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:19 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x601400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:19 executing program 5: 13:21:19 executing program 4: 13:21:19 executing program 3: 13:21:19 executing program 0: 13:21:19 executing program 2: 13:21:20 executing program 5: [ 3110.230332][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:20 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x601500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3110.358264][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:20 executing program 4: 13:21:20 executing program 3: 13:21:20 executing program 2: 13:21:20 executing program 0: 13:21:20 executing program 5: 13:21:20 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x601c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:20 executing program 4: 13:21:21 executing program 3: 13:21:21 executing program 2: [ 3111.396057][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:21 executing program 5: 13:21:21 executing program 0: 13:21:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x601f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:21 executing program 4: 13:21:21 executing program 3: 13:21:21 executing program 2: 13:21:21 executing program 5: [ 3112.113267][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3112.140077][T29248] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3112.191137][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3112.225664][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:22 executing program 0: 13:21:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x602000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:22 executing program 4: 13:21:22 executing program 5: 13:21:22 executing program 3: 13:21:22 executing program 2: 13:21:22 executing program 0: 13:21:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x602700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:23 executing program 4: 13:21:23 executing program 3: [ 3113.314889][ T5447] net_ratelimit: 1 callbacks suppressed [ 3113.314920][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:23 executing program 2: 13:21:23 executing program 5: [ 3113.476284][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:23 executing program 0: 13:21:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x602e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:23 executing program 3: 13:21:23 executing program 4: 13:21:23 executing program 5: 13:21:23 executing program 2: 13:21:24 executing program 0: 13:21:24 executing program 4: 13:21:24 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x603000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3114.536738][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f0000000c40)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet6(r0, &(0x7f0000001380)={&(0x7f0000000100)={0xa, 0x4e20, 0x0, @remote}, 0x1c, 0x0}, 0x0) 13:21:24 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) 13:21:24 executing program 2: r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000001340)={0x28, 0x0, 0x0, @host}, 0x10) [ 3115.567529][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:25 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, 0x0, 0x0) 13:21:25 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000200), 0x4) 13:21:25 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000000040)=""/191, 0x26, 0xbf, 0x1}, 0x20) 13:21:25 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x10, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x14, 0x0}, 0x78) 13:21:25 executing program 3: socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x1a, &(0x7f0000000200)={@local, @dev, @val={@void}, {@mpls_uc={0x8847, {[], @llc={@snap={0x0, 0x0, '#', "01f995"}}}}}}, 0x0) 13:21:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x603100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:25 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x18}, 0x40) [ 3116.349881][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:26 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x8916, &(0x7f0000000300)={0x0, @rc={0x1f, @fixed}, @can, @ethernet}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001c00)={'wlan1\x00'}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000040)={0x0, 'erspan0\x00', {}, 0x8}) 13:21:26 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r0, &(0x7f0000000440)={&(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={[], [], @empty}}, 0x1c, 0x0}, 0x0) 13:21:26 executing program 5: r0 = socket(0x1, 0x3, 0x0) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x4041) [ 3116.597022][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:26 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x603200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:26 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x73, 0x0, 0x22}]}}, &(0x7f0000000300)=""/230, 0x2a, 0xe6, 0x1}, 0x20) 13:21:26 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x31, 0x0, &(0x7f0000000100)) 13:21:27 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x2, 0x0, 0x0, 0x2}}, &(0x7f00000000c0)=""/229, 0x1a, 0xe5, 0x1}, 0x20) 13:21:27 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x12, 0x0, &(0x7f0000000100)) 13:21:27 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r0, &(0x7f0000001800)={&(0x7f0000000040)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}, 0x0) 13:21:27 executing program 2: r0 = socket(0x2, 0xa, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000300)={&(0x7f0000000100), 0xc, &(0x7f00000002c0)={0x0}}, 0x0) 13:21:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x604400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3117.636064][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:27 executing program 4: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r2 = socket(0x200000000000011, 0x4000000000080002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bind$packet(r2, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x1bdd307, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000100)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x1bdd307, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) 13:21:27 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x8994, &(0x7f0000000000)={'veth0_to_team\x00', @ifru_addrs=@can}) 13:21:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x8935, &(0x7f0000000040)={'ip6_vti0\x00', @ifru_addrs=@can}) 13:21:27 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x1}]}]}}, &(0x7f00000001c0)=""/183, 0x32, 0xb7, 0x1}, 0x20) 13:21:28 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x43, 0x0, &(0x7f0000000100)) 13:21:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x604b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3118.675818][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:28 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x2000000, 0x0, 0x0, 0x2}}, &(0x7f0000000040)=""/191, 0x1a, 0xbf, 0x1}, 0x20) 13:21:28 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000001f40)={'tunl0\x00', &(0x7f0000000700)=ANY=[@ANYBLOB='gretap0\x00\x00\x00\x00\x00\x00', @ANYRES32]}) 13:21:28 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xa}, 0x40) 13:21:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x604e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:29 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x891e, &(0x7f0000000000)={'sit0\x00', @ifru_flags}) [ 3119.399065][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3119.790907][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:29 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x11, 0x0, 0x0) 13:21:30 executing program 4: bpf$MAP_CREATE(0x10, &(0x7f0000000080), 0x40) 13:21:30 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0xc020660b, 0x0) 13:21:30 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x4c, 0x0, &(0x7f0000000100)) 13:21:30 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0xa, 0x0, 0x0) 13:21:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x604f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:30 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0x2}]}]}}, &(0x7f0000000040)=""/191, 0x2e, 0xbf, 0x1}, 0x20) [ 3120.833023][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x605000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="e90925bd7000fddbdf2503"], 0x30}}, 0x0) 13:21:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6(0xa, 0x80000, 0x8001) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x18, 0x20, @l2={'ib', 0x3a, 'vcan0\x00'}}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x8084}, 0x8000) ioctl$sock_SIOCADDRT(r0, 0x8916, &(0x7f0000000300)={0xfc, @nfc={0x27, 0x0, 0x1, 0x1}, @can, @ethernet={0x1, @random="e81ad846d01d"}}) 13:21:30 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x1600bd7f, &(0x7f0000000000)={'security\x00'}, &(0x7f0000000100)=0x24) 13:21:30 executing program 4: r0 = socket(0x11, 0x2, 0x0) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={0x0}}, 0x0) [ 3121.466580][T16760] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. 13:21:31 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000000)='m', 0x1) 13:21:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x605500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3121.586123][T16761] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. 13:21:31 executing program 2: socketpair(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random="64db8020dc4a"}, 0x14) [ 3121.713685][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:31 executing program 5: bpf$MAP_CREATE(0x11, &(0x7f0000000080), 0x40) 13:21:31 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000000)='m', 0x1) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000100), 0x8) 13:21:31 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@volatile]}}, &(0x7f0000000040)=""/191, 0x26, 0xbf, 0x1}, 0x20) [ 3121.894285][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:32 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x10000, 0x800, 0x0, 0x1}, 0x20) 13:21:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x605600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:32 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0xd, 0x0, 0x0) [ 3122.431118][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:32 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, &(0x7f0000000040)=""/191, 0x18, 0xbf, 0x1}, 0x20) 13:21:32 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x19, 0x4, 0x0, 0x1}, 0x40) 13:21:32 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x3a, 0x41, 0x0, 0x0) [ 3122.915347][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:32 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000300)={0x100000000000000, @rc={0x1f, @fixed}, @can, @ethernet, 0x0, 0x0, 0x0, 0x700}) 13:21:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x605700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:33 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001540)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x3}, {}]}]}, {0x0, [0x0, 0x0]}}, &(0x7f0000000540)=""/4096, 0x38, 0x1000, 0x1}, 0x20) 13:21:33 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xf, 0x0, 0x0, 0x1}, 0x40) 13:21:33 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001540)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x8, 0x5}, {0x3}, {0x0, 0x2}]}]}}, &(0x7f0000000540)=""/4096, 0x3e, 0x1000, 0x1}, 0x20) 13:21:33 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0xff) sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x1c, 0x0}, 0x0) 13:21:33 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000001240)={0x7, 0x0, 0x0, 0x53c17f9c, 0x0, 0x1}, 0x40) [ 3123.950635][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:33 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r2, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f0000000040)={0x0, 0x1, 0x6, @local}, 0x10) 13:21:33 executing program 3: 13:21:33 executing program 4: 13:21:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x700300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:34 executing program 0: [ 3124.397060][T16807] device batadv0 entered promiscuous mode [ 3124.427836][T16805] device batadv0 left promiscuous mode [ 3124.482422][T16807] device batadv0 entered promiscuous mode [ 3124.508988][T16805] device batadv0 left promiscuous mode 13:21:34 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x15, &(0x7f0000000000)="6dbf5b60fb9f5c9ce8078af4a8dac46408c60d86", 0x14) 13:21:34 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6(0xa, 0x80000, 0x8001) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x18, 0x20, @l2={'ib', 0x3a, 'vcan0\x00'}}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x8084}, 0x8000) ioctl$sock_SIOCADDRT(r0, 0x8916, &(0x7f0000000300)={0x0, @nfc={0x27, 0x1, 0x1, 0x14}, @can, @ethernet={0x1, @random="e81ad846d01d"}}) 13:21:34 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x3}, 0x40) 13:21:34 executing program 2: 13:21:34 executing program 0: 13:21:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3125.002269][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:35 executing program 5: [ 3125.477601][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:35 executing program 4: 13:21:35 executing program 0: 13:21:35 executing program 2: 13:21:35 executing program 3: 13:21:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3126.044763][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:35 executing program 4: 13:21:35 executing program 0: 13:21:36 executing program 5: 13:21:36 executing program 3: 13:21:36 executing program 2: 13:21:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:36 executing program 4: 13:21:36 executing program 5: 13:21:36 executing program 3: 13:21:36 executing program 0: 13:21:36 executing program 2: [ 3127.080774][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:37 executing program 3: 13:21:37 executing program 5: 13:21:37 executing program 4: 13:21:37 executing program 0: 13:21:37 executing program 2: 13:21:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3128.122017][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:37 executing program 3: 13:21:38 executing program 0: 13:21:38 executing program 5: 13:21:38 executing program 4: 13:21:38 executing program 2: [ 3128.514680][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:38 executing program 0: 13:21:38 executing program 3: 13:21:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:38 executing program 5: 13:21:38 executing program 2: [ 3129.157094][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:38 executing program 4: 13:21:39 executing program 3: 13:21:39 executing program 0: 13:21:39 executing program 5: 13:21:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:39 executing program 2: 13:21:39 executing program 4: 13:21:39 executing program 3: [ 3130.190499][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:40 executing program 5: 13:21:40 executing program 0: 13:21:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x800f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:40 executing program 2: 13:21:40 executing program 3: 13:21:40 executing program 4: 13:21:40 executing program 5: 13:21:41 executing program 2: 13:21:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x801600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3131.234490][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:41 executing program 3: 13:21:41 executing program 0: 13:21:41 executing program 4: [ 3131.312590][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:41 executing program 5: [ 3131.549501][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:41 executing program 4: 13:21:41 executing program 2: 13:21:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x801900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:41 executing program 3: 13:21:41 executing program 0: [ 3132.272062][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:42 executing program 5: 13:21:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x801a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:42 executing program 2: 13:21:42 executing program 4: 13:21:42 executing program 3: 13:21:42 executing program 0: 13:21:42 executing program 5: 13:21:43 executing program 4: 13:21:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x802100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3133.311182][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:43 executing program 2: 13:21:43 executing program 0: 13:21:43 executing program 3: 13:21:43 executing program 5: 13:21:43 executing program 4: 13:21:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x802800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:43 executing program 0: 13:21:44 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETATTR(r0, 0x0, 0xfffffffffffffc68) 13:21:44 executing program 3: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RSTAT(r0, 0x0, 0x48) 13:21:44 executing program 5: timer_create(0x4, &(0x7f0000003800)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, &(0x7f0000003840)) [ 3134.360302][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:44 executing program 4: syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000640), 0x0, 0x0) [ 3134.593892][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x802a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:44 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff}) getpeername(r0, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff}}, &(0x7f0000000000)=0x80) r2 = epoll_create(0x9) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)) 13:21:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x46) 13:21:44 executing program 3: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self\x00', 0x420000, 0x0) 13:21:45 executing program 5: openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x480c00, 0x0) 13:21:45 executing program 4: fchownat(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', 0x0, 0xee00, 0x0) [ 3135.427479][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:45 executing program 0: symlinkat(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00') futimesat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) 13:21:45 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x802b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:45 executing program 3: request_key(0x0, 0x0, 0x0, 0xfffffffffffffff9) 13:21:45 executing program 2: r0 = socket$unix(0x1, 0x5, 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}]) 13:21:45 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x0) 13:21:45 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmmsg$unix(r0, 0x0, 0x0, 0x4080) 13:21:46 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001200)='/dev/null\x00', 0x0, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000000)='cgroup.subtree_control\x00', 0x2, 0x0) 13:21:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x802c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:46 executing program 2: symlinkat(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00') linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x400) 13:21:46 executing program 3: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) [ 3136.429643][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:46 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RSTAT(r0, &(0x7f0000000080)={0x45, 0x7d, 0x0, {0x0, 0x3e, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x4, '\xfe]\\B', 0x4, '!\\).', 0x2, '&+', 0x1, '\''}}, 0x45) 13:21:46 executing program 5: io_submit(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) 13:21:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x803300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:46 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RWALK(r0, &(0x7f0000000180)={0x9}, 0x9) 13:21:46 executing program 2: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RREMOVE(r0, &(0x7f0000000080)={0x7}, 0x7) 13:21:47 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x402, 0x0) write$P9_RMKDIR(r0, 0x0, 0x10) [ 3137.488841][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3137.634430][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3137.662059][T29248] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x803800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3137.700220][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3137.725096][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:47 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) ioctl$NS_GET_USERNS(r0, 0xb701, 0x0) 13:21:47 executing program 3: r0 = socket$unix(0x1, 0x2, 0x0) connect(r0, 0x0, 0x0) 13:21:47 executing program 5: r0 = inotify_init() ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) 13:21:47 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x402, 0x0) dup3(r1, r0, 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) 13:21:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x803c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:48 executing program 2: execveat(0xffffffffffffffff, &(0x7f0000001280)='./file0\x00', 0x0, 0x0, 0x1500) [ 3138.512456][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:48 executing program 0: shmget(0x3, 0x4000, 0x0, &(0x7f0000ff9000/0x4000)=nil) 13:21:48 executing program 3: add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x1008, 0xfffffffffffffff8) 13:21:48 executing program 5: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RATTACH(r0, &(0x7f00000000c0)={0x14}, 0x14) 13:21:48 executing program 4: linkat(0xffffffffffffffff, &(0x7f0000002d80)='./file0\x00', 0xffffffffffffffff, &(0x7f0000002dc0)='./file0\x00', 0x0) 13:21:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x804000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:49 executing program 2: pselect6(0x0, 0x0, &(0x7f0000002700), 0x0, &(0x7f0000002780), &(0x7f0000002800)={0x0}) 13:21:49 executing program 3: recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x12000, 0x0, 0x0) 13:21:49 executing program 0: io_setup(0x0, &(0x7f0000000000)=0x0) io_getevents(r0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000080)={0x77359400}) [ 3139.559304][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:49 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r1, &(0x7f00000000c0)={0xfffffffffffffd7a}, 0xffffff97) r2 = fcntl$dupfd(r1, 0x0, r0) write$P9_RCREATE(r2, &(0x7f0000000080)={0x18}, 0x18) 13:21:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x804500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:49 executing program 2: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RREADLINK(r0, &(0x7f00000000c0)={0x10, 0x17, 0x0, {0x7, './file0'}}, 0xfffffffffffffe92) 13:21:49 executing program 3: openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x0, 0x0) 13:21:49 executing program 0: timer_create(0x4, 0x0, &(0x7f0000003840)) 13:21:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x804c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3140.590803][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3140.754908][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3140.912261][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:50 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40) 13:21:50 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) 13:21:50 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RWSTAT(r0, &(0x7f0000000040)={0x7}, 0x7) 13:21:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x805800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:50 executing program 4: timerfd_create(0x6, 0x0) 13:21:51 executing program 2: mprotect(&(0x7f0000ff6000/0x4000)=nil, 0x4000, 0x0) 13:21:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x80ffff, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:51 executing program 3: fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800) 13:21:51 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, 0x0) [ 3141.630416][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:51 executing program 5: io_submit(0x0, 0x0, &(0x7f00000001c0)) 13:21:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x900000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:51 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000000c0), 0x0, 0x4080) 13:21:51 executing program 4: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000100)=""/73) 13:21:52 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff}) write$P9_RSTATu(r0, 0x0, 0xfffffffffffffdb0) 13:21:52 executing program 3: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RWSTAT(r0, &(0x7f0000000080)={0x7}, 0x7) 13:21:52 executing program 5: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_ROPEN(r0, &(0x7f0000000080)={0x18}, 0x18) 13:21:52 executing program 2: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RXATTRWALK(r0, &(0x7f0000000180)={0xf}, 0xf) 13:21:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x900100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3142.670482][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:52 executing program 4: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RAUTH(r0, &(0x7f0000000000)={0x14}, 0x14) 13:21:52 executing program 0: pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RWRITE(r0, &(0x7f0000000140)={0xb}, 0xffffff97) write$P9_RAUTH(r0, &(0x7f0000000000)={0x14}, 0x14) 13:21:52 executing program 3: 13:21:53 executing program 2: 13:21:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:53 executing program 4: 13:21:53 executing program 3: 13:21:53 executing program 2: [ 3143.722319][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3143.794065][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:53 executing program 5: 13:21:53 executing program 4: 13:21:53 executing program 2: 13:21:53 executing program 3: 13:21:54 executing program 0: 13:21:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:54 executing program 5: 13:21:54 executing program 4: 13:21:54 executing program 2: [ 3144.751030][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:54 executing program 3: 13:21:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:54 executing program 0: 13:21:55 executing program 5: 13:21:55 executing program 4: 13:21:55 executing program 2: 13:21:55 executing program 3: 13:21:55 executing program 0: 13:21:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3145.789518][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:55 executing program 5: 13:21:55 executing program 2: 13:21:55 executing program 4: 13:21:56 executing program 3: 13:21:56 executing program 0: 13:21:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:56 executing program 5: 13:21:56 executing program 2: [ 3146.829337][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3146.839684][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:56 executing program 4: 13:21:56 executing program 3: 13:21:56 executing program 0: 13:21:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa00f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:57 executing program 2: 13:21:57 executing program 5: 13:21:57 executing program 4: 13:21:57 executing program 3: 13:21:57 executing program 0: [ 3147.870055][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa01700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:57 executing program 2: 13:21:58 executing program 4: 13:21:58 executing program 5: 13:21:58 executing program 3: 13:21:58 executing program 0: 13:21:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa01b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:21:58 executing program 2: [ 3148.921300][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:58 executing program 4: 13:21:58 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x321, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000280)='G', 0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r1 = gettid() recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/199, 0xc7}], 0x1}}], 0x40003a0, 0x0, 0x0) tkill(r1, 0x14) r2 = fcntl$dupfd(r0, 0x0, r0) write$P9_RLCREATE(r2, 0x0, 0x0) 13:21:58 executing program 3: 13:21:59 executing program 0: 13:21:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa02200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3149.562998][T17159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3149.572317][T17159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:59 executing program 2: 13:21:59 executing program 4: [ 3149.701598][T17159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3149.806401][T17161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3149.815588][T17161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3149.882227][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3149.893875][T17158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3149.903194][T17158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:59 executing program 0: [ 3149.949052][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3150.013886][T17159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3150.024242][T17159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:21:59 executing program 3: [ 3150.137646][T17159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3150.185100][T17161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa02400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:00 executing program 5: 13:22:00 executing program 2: 13:22:00 executing program 4: 13:22:00 executing program 0: 13:22:00 executing program 3: 13:22:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa02500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:01 executing program 4: syz_emit_ethernet(0x2e, &(0x7f0000000040)={@local, @local, @val, {@ipv4}}, 0x0) 13:22:01 executing program 2: sendmsg$unix(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x8, &(0x7f0000000240)=[{&(0x7f0000000340)="59359955a05fd0e124f3f85feb3cc9cf4a7e810f38a9f37b537877a365b5a0296ba06ada8ecba031c162ba3554fb302f1130bb67d2a88733cc009abfbaa7dd606154ef102147ae5eaaf36227102c269bc874c4ea08669bbe1ec5c2fb1564d03baa77e3e5cc6f6dd4d38f8be2177dfd718a6e61634f7684c8f8f12e2038a6c387940e40b74bbe89586738411cd2f8247da7af754126cbe8522b288f6911349ee32a6ff915a85873967564555a32490a0fd63c282713453cc2b7a2f8709a26ded5516aca8446f34557abb7404bafff7015aab3469b176e3e667cfcd73e704e6c46b74f107e", 0xe4}, {&(0x7f0000000180)="f1e5330dffa4ae22090acad9bf21a13f15719f1303fae859b55d510a10b1ac246ccc0a65ea1e696318deeb7566e7b5fcc75cc612a03ecf848b1269d15d8058f85895d7657dc9e25c9f7861150c54f037e2b0d935c92cd12fd43aff3f864c4120b723e9d18f8e0af9f12fba5f0c885c086dbdc870a8ebd1ba2a4c0255177e1743d6344a25fbcbd68712e3ad72dec22a9aa9e942ee71", 0x95}], 0x1000000000000221, &(0x7f00000002c0), 0x20}, 0x0) 13:22:01 executing program 0: socketpair(0x1, 0x3, 0x3d, 0x0) 13:22:01 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x0, 0x0) dup2(r0, 0xffffffffffffffff) 13:22:01 executing program 3: mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2) 13:22:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa02600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:01 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) dup2(r0, r1) 13:22:01 executing program 3: openat$null(0xffffffffffffff9c, &(0x7f0000000280)='/dev/null\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) 13:22:01 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r0, 0xffff, 0x10, 0x0, 0x0) 13:22:01 executing program 2: r0 = geteuid() r1 = getegid() lchown(&(0x7f0000000000)='.\x00', r0, r1) 13:22:02 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001140)='/dev/null\x00', 0x0, 0x0) getsockopt$sock_linger(r0, 0xffff, 0x80, 0x0, 0x0) 13:22:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa02d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:02 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r0, 0xffff, 0x1008, 0x0, 0x0) 13:22:02 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0xffff, 0x100, &(0x7f0000000180), 0x4) 13:22:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000080)="768ae26fc71ce3b29ee34234487579a31b4c3e4f698292715be47e54b91027af2e56e359307ca619493494306355f6bcad29be55c2e42243a7ca4a5b6015b61c562e105ed5d27c9c403bde74f4d69c3d06ece4a63008016365956d2e0ffd35593b889c37aa9ff41b34b57f4a3f26fd8ed2edd336e6459dc044eb889816445899804f9bccf8091ac1a8f785f0afee5134fae4b493c80c45fcc449ef8d7eb2f295d7680eac23b3e23294a98791158e242f06cea2b49cc4d72ba58908a88e4b09a1c56ab764b06d16ba635ebb4af92219312f762b3da6cb8cfc4d6c4db42c09da622efbffa68033b271cfcb756ceedc216507a5d980f89840799f4eac04156fa3c362d3dc95ee51d00127337d7cde7b1ebc4c5cc2ae6f592b89bd6d25cf1d757f17620faf5fefb74a9c1a1cdf8761b0a485410d4e32d85a5d981c35742b66e28d3a6fe6d9d434e44a58b2489c6cc7fdcad13ae7d7e49a06ecbd62a3a2f501bea62092fe0f314ccd50e9bbc408dba3290b499e", 0x171, 0x0, 0x0, 0x0) 13:22:02 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r0, 0xffff, 0x200, 0x0, 0x0) 13:22:02 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000b40)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x1}, 0x8, &(0x7f00000009c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) 13:22:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa03500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:03 executing program 3: r0 = getegid() r1 = syz_open_pts(0xffffffffffffffff, 0x0) getgroups(0x1, &(0x7f00000000c0)=[r0]) fchown(r1, 0xffffffffffffffff, r2) 13:22:03 executing program 2: symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') 13:22:03 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fchown(r0, 0x0, 0x0) 13:22:03 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r0, 0xffff, 0x1003, 0x0, 0x0) 13:22:03 executing program 5: recvmsg(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 13:22:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa03e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:04 executing program 0: utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x0) 13:22:04 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x0, 0x0) fchownat(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x0) 13:22:04 executing program 2: madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x6) 13:22:04 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001140)='/dev/null\x00', 0x0, 0x0) bind$inet6(r0, 0x0, 0x0) 13:22:04 executing program 5: shmctl$IPC_SET(0x0, 0x1, &(0x7f00000014c0)={{0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}}) 13:22:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa04200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:04 executing program 4: r0 = syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x40) syz_open_pts(0xffffffffffffffff, 0x0) 13:22:04 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) r2 = fcntl$dupfd(r1, 0x0, r0) bind$inet6(r2, 0x0, 0x0) 13:22:04 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0) [ 3155.149844][ T3244] net_ratelimit: 9 callbacks suppressed [ 3155.149875][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:04 executing program 3: openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) 13:22:05 executing program 5: syz_emit_ethernet(0x4a, &(0x7f0000000500)={@broadcast, @local, @val, {@ipv6}}, 0x0) 13:22:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa04300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:05 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$sock_int(r0, 0xffff, 0x8, 0x0, 0x0) 13:22:05 executing program 4: open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) 13:22:05 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f00000009c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) [ 3155.949264][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:05 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000340)=[{0x0}], 0x1, 0x0, 0x0) 13:22:05 executing program 5: getsockname(0xffffffffffffffff, 0x0, &(0x7f00000010c0)) clock_gettime(0x2, &(0x7f0000001300)) [ 3156.191691][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa04600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:06 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) shutdown(r0, 0x2) 13:22:06 executing program 4: recvmsg(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0) 13:22:06 executing program 3: poll(&(0x7f0000000040)=[{}, {}, {}, {}, {}], 0x5, 0x0) 13:22:06 executing program 0: madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0) 13:22:06 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_SET(r0, 0x1, 0x0) 13:22:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa04800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:07 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200, 0x0) open$dir(&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x0) [ 3157.239838][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:07 executing program 4: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) getpeername$unix(r1, 0x0, 0x0) 13:22:07 executing program 0: setsockopt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) 13:22:07 executing program 5: r0 = semget(0x3, 0x3, 0x0) semctl$GETZCNT(r0, 0x3, 0x7, 0x0) 13:22:07 executing program 3: mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x6812, 0xffffffffffffffff, 0x0) 13:22:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa04900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:07 executing program 2: semctl$SETALL(0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0]) 13:22:07 executing program 3: poll(&(0x7f0000000040)=[{}, {}, {}, {}], 0x4, 0x0) 13:22:07 executing program 4: mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 13:22:07 executing program 0: 13:22:07 executing program 5: [ 3158.271337][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa04a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:08 executing program 4: 13:22:08 executing program 2: 13:22:08 executing program 0: 13:22:08 executing program 3: 13:22:08 executing program 5: [ 3158.994985][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3159.309895][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa05100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:09 executing program 2: 13:22:09 executing program 3: 13:22:09 executing program 5: 13:22:09 executing program 4: 13:22:09 executing program 0: [ 3160.112252][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa05200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:10 executing program 3: 13:22:10 executing program 4: 13:22:10 executing program 5: 13:22:10 executing program 2: 13:22:10 executing program 0: [ 3160.350316][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:10 executing program 3: 13:22:10 executing program 2: 13:22:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa05300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:10 executing program 5: 13:22:10 executing program 4: 13:22:10 executing program 0: [ 3161.389153][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:11 executing program 2: 13:22:11 executing program 5: 13:22:11 executing program 0: 13:22:11 executing program 3: 13:22:11 executing program 4: 13:22:11 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa05a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3162.032050][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:12 executing program 0: [ 3162.433401][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:12 executing program 3: 13:22:12 executing program 2: 13:22:12 executing program 5: 13:22:12 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa05d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:12 executing program 4: 13:22:13 executing program 0: 13:22:13 executing program 3: 13:22:13 executing program 2: 13:22:13 executing program 5: 13:22:13 executing program 4: [ 3163.475307][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:13 executing program 0: 13:22:13 executing program 3: 13:22:13 executing program 5: 13:22:13 executing program 2: 13:22:14 executing program 4: 13:22:14 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3164.509317][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:14 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x2, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000180)=""/231, 0x1a, 0xe7, 0x1}, 0x20) 13:22:14 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000001240)={0x5}, 0x40) 13:22:14 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4}}]}}, &(0x7f0000000180)=""/231, 0x32, 0xe7, 0x1}, 0x20) 13:22:14 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x1, &(0x7f0000000040)=@raw=[@generic={0x5}], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x1000, &(0x7f00000004c0)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:14 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001100)={0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x80086301, 0x0) 13:22:14 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3165.070144][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:15 executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040)={r1}) 13:22:15 executing program 0: socketpair(0x2b, 0x1, 0xffffffff, &(0x7f0000000200)) 13:22:15 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x1, &(0x7f0000000040)=@raw=[@alu={0x0, 0x0, 0x4}], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x1000, &(0x7f00000004c0)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3165.549087][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:15 executing program 2: socketpair(0x2, 0x3, 0x0, &(0x7f0000001480)) 13:22:15 executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000680)={0x0, 0x30, &(0x7f00000005c0), 0x100000000000010e}, 0x0) 13:22:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:15 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000000)="82", 0x1}], 0x1}, 0x0) recvmsg(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/140, 0x8c}], 0x1}, 0x0) 13:22:15 executing program 3: sendmsg$sock(0xffffffffffffffff, 0x0, 0x72a79a27e2475284) 13:22:16 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000440)={&(0x7f0000000000)=@id, 0x10, 0x0}, 0x0) 13:22:16 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@int]}}, &(0x7f0000000180)=""/231, 0xfe7a, 0xe7, 0x1}, 0x20) [ 3166.589348][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:16 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:16 executing program 3: socketpair(0x28, 0x0, 0x0, &(0x7f0000001480)) 13:22:16 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00'}, 0x10) 13:22:16 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x3}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:16 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x6, [@var={0x3}]}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, &(0x7f00000000c0)=""/208, 0x2e, 0xd0, 0x1}, 0x20) 13:22:16 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000440)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x0, {0x0, 0x1}}, 0x10, 0x0}, 0x0) 13:22:17 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000840)={0x2, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 13:22:17 executing program 0: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8982, 0x0) 13:22:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3167.629478][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:17 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:17 executing program 5: socketpair(0x22, 0x3, 0x0, &(0x7f0000000240)) 13:22:17 executing program 3: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000000180)=""/231, 0x26, 0xe7, 0x1}, 0x20) close(r0) [ 3168.110367][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:17 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0xfffffffd, 0x3, 0x20000}, 0x40) 13:22:18 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc00900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:18 executing program 2: r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[], 0xa0}, 0x40084) 13:22:18 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 3168.669997][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3168.696153][ T8760] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:18 executing program 5: socketpair(0x2, 0x801, 0x0, &(0x7f0000000000)) 13:22:18 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3168.733243][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3168.774853][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:18 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0xb, 0x9, 0x1, 0x6, 0x11}, 0x40) 13:22:18 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:18 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000000180)=""/231, 0x1000000, 0xe7, 0x1}, 0x20) 13:22:18 executing program 2: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000001800)) 13:22:19 executing program 3: socketpair(0x23, 0x802, 0x0, &(0x7f0000001480)) 13:22:19 executing program 5: socketpair(0x2, 0x1, 0x0, &(0x7f0000001480)) 13:22:19 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:19 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3169.712442][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3169.870467][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:19 executing program 2: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000000c0)) 13:22:19 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x2, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x2}], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x1000, &(0x7f00000004c0)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:20 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x22, 0x1, &(0x7f0000000000)=@raw=[@exit], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:20 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:20 executing program 2: bpf$MAP_CREATE(0x8, 0x0, 0x2500) 13:22:20 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3170.909315][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3171.167198][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:21 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) 13:22:21 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, &(0x7f0000000180)=""/231, 0x26, 0xe7, 0x1}, 0x20) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) 13:22:21 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8904, 0x0) 13:22:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:21 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000005c0)={0x12, 0x20, 0x0, 0xab}, 0x40) 13:22:21 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) [ 3171.979633][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:22 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x2a, 0x7fff, 0x1ff, 0xc}, 0x40) 13:22:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:22 executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000100)) 13:22:22 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x100, 0x0, 0x100}, 0x40) 13:22:22 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 13:22:22 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)="1f4ed613358b93e23e26702a6439f120d1780896d22150c5dab8ff4bc5d3492d37a2ef3a734db4a966f6050470ac1f2f5ac156d436cfd7344aa2024268aff7e9f2b11e861ef4d5e2daf5c8c279cebbd6246dd207febecbc956636473de33345c9bd04c3959222c0387d301a3e60ecfe8a90d38d363", 0x75}], 0x1}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3172.993283][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:22 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:23 executing program 2: bpf$PROG_LOAD(0x6, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xb8) 13:22:23 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 13:22:23 executing program 0: bpf$BPF_MAP_GET_FD_BY_ID(0x1d, &(0x7f0000000080)={0x0, 0x0, 0x8}, 0xc) 13:22:23 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000180)=""/231, 0x1a, 0xe7, 0x8}, 0x20) 13:22:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:23 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:23 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:23 executing program 2: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000017c0)={0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000002580)={&(0x7f0000000000)=@name, 0x10, 0x0}, 0x0) [ 3174.029694][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3174.146194][T17530] BPF:No type found [ 3174.171934][T17530] BPF:No type found 13:22:24 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000001780)) [ 3174.192630][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:24 executing program 5: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000a80)) 13:22:24 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:24 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:24 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:24 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1, 0x0, 0x0, 0xe, 0x4}]}, {0x0, [0x2e]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) 13:22:24 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000009780)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 13:22:24 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int]}}, &(0x7f0000000180)=""/191, 0x2a, 0xbf, 0x1}, 0x20) [ 3175.085075][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc01f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:25 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:25 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:25 executing program 2: socketpair(0x26, 0x5, 0xe60, &(0x7f0000000000)) 13:22:25 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001280)=[@ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11}}], 0x30}, 0x0) 13:22:25 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x4}, 0x40) 13:22:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc02000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:25 executing program 3: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) [ 3176.114343][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:26 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x1a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x40) 13:22:26 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:26 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x12) unlink(&(0x7f0000000080)='./file0\x00') 13:22:26 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) close(r0) 13:22:26 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc02700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:26 executing program 3: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 13:22:26 executing program 2: bpf$PROG_LOAD(0x2, 0x0, 0xe7) 13:22:26 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3177.149857][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:27 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 3177.229218][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:27 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x2}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc02f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:27 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x12, 0x0, 0x0, 0x2e6a}, 0x40) 13:22:27 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:27 executing program 3: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 13:22:27 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb00000014"], &(0x7f0000000240)=""/203, 0x30, 0xcb, 0xffffffff}, 0x20) 13:22:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc03200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3178.194110][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:28 executing program 2: socketpair(0x2, 0x0, 0x6c000000, &(0x7f0000001480)) 13:22:28 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:28 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/236, 0x0, 0xec, 0x1}, 0x20) 13:22:28 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000800)={0xffffffffffffffff}) ioctl$TUNSETIFF(r0, 0x8940, 0x0) 13:22:28 executing program 5: socketpair(0x25, 0x80805, 0x4, &(0x7f0000000200)) 13:22:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc03900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:28 executing program 2: socketpair(0x1a, 0x0, 0x0, &(0x7f0000001480)) 13:22:28 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/236, 0x0, 0xec, 0x1}, 0x20) [ 3179.247010][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:29 executing program 0: bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001180)={0xffffffffffffffff}, 0xc) 13:22:29 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3179.312833][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:29 executing program 5: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x2, 0x0) 13:22:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc03c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:29 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) unlink(&(0x7f0000000080)='./file0\x00') 13:22:29 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/236, 0x0, 0xec, 0x1}, 0x20) 13:22:29 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x1}]}}, &(0x7f0000000180)=""/231, 0x26, 0xe7, 0x1}, 0x20) 13:22:29 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:22:30 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc04400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3180.284618][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3180.293647][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:30 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x1c, 0xec, 0x1}, 0x20) 13:22:30 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x2, &(0x7f0000000040)=@raw=[@map_val], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:30 executing program 0: r0 = gettid() perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x380}, r0, 0x0, 0xffffffffffffffff, 0x0) 13:22:30 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000001240)={0x1b, 0x0, 0x0, 0x3}, 0x40) 13:22:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc04b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:30 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3181.309803][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:31 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x1c, 0xec, 0x1}, 0x20) 13:22:31 executing program 2: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x200002, 0x0) 13:22:31 executing program 0: socketpair(0x15, 0x0, 0x0, &(0x7f0000000240)) 13:22:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc04e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:31 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x7fff, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@func, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @call={0x85, 0x0, 0x0, 0x65}, @exit, @map_val, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x1000, &(0x7f00000004c0)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x2f}, 0x78) 13:22:31 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:31 executing program 0: socketpair(0x22, 0x0, 0x4, &(0x7f0000001840)) 13:22:31 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x1c, 0xec, 0x1}, 0x20) 13:22:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc04f00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:32 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1, 0x1, &(0x7f0000000000)=@raw=[@alu], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 3182.363103][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:32 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000800)={0xffffffffffffffff}) ioctl$TUNSETIFF(r0, 0x8903, 0x0) 13:22:32 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:32 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func]}}, &(0x7f0000000240)=""/135, 0x26, 0x87, 0x1}, 0x20) 13:22:32 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc05400, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:32 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}]}}, &(0x7f0000000340)=""/228, 0x26, 0xe4, 0x8}, 0x20) 13:22:33 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:33 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array]}}, &(0x7f0000000080)=""/240, 0x32, 0xf0, 0x1}, 0x20) [ 3183.314618][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3183.390208][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3183.612590][T17699] BPF:[1] FUNC_PROTO (anon) [ 3183.617427][T17699] BPF:return=2 args=( [ 3183.622061][T17699] BPF:void [ 3183.625160][T17699] BPF:) [ 3183.627971][T17699] BPF: [ 3183.634493][T17699] BPF:Invalid return type [ 3183.640541][T17699] BPF: [ 3183.640541][T17699] 13:22:33 executing program 0: bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0x0, 0x0, 0x4}, 0xc) 13:22:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc05700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:33 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) [ 3183.800414][T17699] BPF:[1] FUNC_PROTO (anon) [ 3183.805281][T17699] BPF:return=2 args=( [ 3183.809673][T17699] BPF:void [ 3183.812779][T17699] BPF:) [ 3183.815693][T17699] BPF: [ 3183.818589][T17699] BPF:Invalid return type [ 3183.822998][T17699] BPF: [ 3183.822998][T17699] 13:22:33 executing program 5: bpf$BPF_BTF_LOAD(0x13, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) 13:22:33 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}]}}, &(0x7f0000000340)=""/228, 0x26, 0xe4, 0x8}, 0x20) 13:22:34 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:34 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) [ 3184.432872][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:34 executing program 0: perf_event_open(&(0x7f0000000700)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:22:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xd00200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3184.503089][T17713] BPF:[1] FUNC_PROTO (anon) [ 3184.508041][T17713] BPF:return=2 args=( [ 3184.512818][T17713] BPF:void [ 3184.515926][T17713] BPF:) [ 3184.519113][T17713] BPF: [ 3184.522197][T17713] BPF:Invalid return type [ 3184.526618][T17713] BPF: [ 3184.526618][T17713] 13:22:34 executing program 5: 13:22:34 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}]}}, &(0x7f0000000340)=""/228, 0x26, 0xe4, 0x8}, 0x20) 13:22:34 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1}]}, {0x0, [0x2e]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) 13:22:35 executing program 0: 13:22:35 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:35 executing program 5: [ 3185.406379][T17726] BPF:[1] FUNC_PROTO (anon) [ 3185.411458][T17726] BPF:return=2 args=( [ 3185.415519][T17726] BPF:void [ 3185.418889][T17726] BPF:) [ 3185.421711][T17726] BPF: [ 3185.424530][T17726] BPF:Invalid return type [ 3185.429019][T17726] BPF: [ 3185.429019][T17726] [ 3185.478283][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:35 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1}]}, {0x0, [0x2e]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) 13:22:35 executing program 2: 13:22:35 executing program 0: 13:22:35 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:35 executing program 5: [ 3186.368406][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3186.514163][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:36 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1}]}, {0x0, [0x2e]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) 13:22:36 executing program 2: 13:22:36 executing program 0: 13:22:36 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:36 executing program 5: 13:22:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:37 executing program 2: 13:22:37 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x0]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:37 executing program 0: 13:22:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3187.550031][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:37 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:22:37 executing program 5: 13:22:37 executing program 2: 13:22:37 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x0]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:37 executing program 0: 13:22:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:38 executing program 5: 13:22:38 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:38 executing program 2: [ 3188.622993][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:38 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x0]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:38 executing program 0: [ 3188.921673][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:38 executing program 5: 13:22:38 executing program 2: 13:22:38 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:39 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1}]}, {0x0, [0x18]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) [ 3189.395910][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:39 executing program 0: [ 3189.635257][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe00e00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:39 executing program 5: 13:22:39 executing program 2: 13:22:39 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1}]}, {0x0, [0x18]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) 13:22:39 executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80ffffff}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:40 executing program 0: 13:22:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe01600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:40 executing program 5: 13:22:40 executing program 2: [ 3190.679678][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:40 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x3, [@var={0x1}]}, {0x0, [0x18]}}, &(0x7f00000002c0)=""/236, 0x2b, 0xec, 0x1}, 0x20) 13:22:40 executing program 0: 13:22:40 executing program 4: 13:22:40 executing program 5: 13:22:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe01900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:41 executing program 4: 13:22:41 executing program 2: 13:22:41 executing program 0: 13:22:41 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x0, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) [ 3191.715574][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:41 executing program 5: 13:22:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe01a00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:41 executing program 2: 13:22:42 executing program 4: 13:22:42 executing program 0: 13:22:42 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x0, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) [ 3192.440499][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:42 executing program 5: [ 3192.761888][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe02100, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:42 executing program 0: 13:22:42 executing program 2: 13:22:42 executing program 4: 13:22:42 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x0, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec, 0x1}, 0x20) 13:22:43 executing program 5: 13:22:43 executing program 4: 13:22:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe02900, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:43 executing program 0: 13:22:43 executing program 2: 13:22:43 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, 0x0, 0x2c, 0x0, 0x1}, 0x20) [ 3193.800058][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:43 executing program 5: 13:22:44 executing program 4: 13:22:44 executing program 0: 13:22:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe02c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:44 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, 0x0, 0x2c, 0x0, 0x1}, 0x20) 13:22:44 executing program 2: [ 3194.834682][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:44 executing program 5: 13:22:44 executing program 4: 13:22:44 executing program 0: 13:22:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe03300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:45 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, 0x0, 0x2c, 0x0, 0x1}, 0x20) 13:22:45 executing program 2: 13:22:45 executing program 4: [ 3195.470429][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:45 executing program 5: 13:22:45 executing program 0: 13:22:45 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe03600, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3195.872279][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:45 executing program 2: 13:22:45 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec}, 0x20) 13:22:46 executing program 4: 13:22:46 executing program 5: 13:22:46 executing program 0: 13:22:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe03700, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:46 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec}, 0x20) 13:22:46 executing program 2: 13:22:46 executing program 5: 13:22:46 executing program 4: [ 3196.910264][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:46 executing program 0: 13:22:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe03800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:47 executing program 2: 13:22:47 executing program 5: 13:22:47 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x18]}}, &(0x7f00000002c0)=""/236, 0x2c, 0xec}, 0x20) 13:22:47 executing program 0: 13:22:47 executing program 4: 13:22:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe03d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3197.980130][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:47 executing program 2: 13:22:48 executing program 5: 13:22:48 executing program 0: 13:22:48 executing program 4: 13:22:48 executing program 3: [ 3198.518808][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3198.527369][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe04000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:48 executing program 5: 13:22:48 executing program 0: fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0) 13:22:48 executing program 2: [ 3198.995054][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:48 executing program 4: 13:22:48 executing program 3: 13:22:49 executing program 5: 13:22:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe04500, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:49 executing program 2: 13:22:49 executing program 0: lsetxattr(&(0x7f0000000000)='.\x00', &(0x7f0000000040)=@random={'user.', '.!\x17/&%,\x00'}, 0x0, 0x0, 0x1) 13:22:49 executing program 4: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0) 13:22:49 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) write$P9_RFSYNC(r0, &(0x7f00000000c0)={0x7}, 0x7) [ 3200.029560][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, &(0x7f0000000180)=""/4066, 0xfe2, 0x21, 0x0, 0x0) sendto(r1, &(0x7f0000000100)="f5", 0x1, 0x0, 0x0, 0x0) 13:22:49 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) write$P9_RXATTRWALK(r0, &(0x7f0000000080)={0xf}, 0xf) 13:22:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe04d00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x20, 0x0, 0x0) sendto(r1, &(0x7f0000000100)="f5", 0x1, 0x0, 0x0, 0x0) 13:22:50 executing program 4: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) write$P9_RMKDIR(r0, &(0x7f0000000180)={0x14}, 0x14) 13:22:50 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) writev(r0, &(0x7f0000000600)=[{&(0x7f0000000200)="d2", 0x1}], 0x1) 13:22:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe05800, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3201.079488][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x1, 0x0, 0x0) 13:22:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, &(0x7f0000000180)=""/4096, 0x1000, 0x101, 0x0, 0x0) sendto(r1, &(0x7f0000000000)='\n', 0x1, 0x0, 0x0, 0x0) [ 3201.559690][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:51 executing program 5: add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) 13:22:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe05b00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:51 executing program 0: r0 = epoll_create(0xe6e3) epoll_pwait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0, 0x0, 0x0) 13:22:51 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) [ 3202.109850][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:51 executing program 4: get_mempolicy(0x0, 0x0, 0x1000000001, &(0x7f0000d04000/0x2000)=nil, 0x4) 13:22:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe05c00, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:52 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x8000) 13:22:52 executing program 0: pipe(&(0x7f0000000480)={0xffffffffffffffff}) read$eventfd(r0, 0x0, 0x0) 13:22:52 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) writev(r0, &(0x7f0000000600)=[{&(0x7f0000000200)="d2", 0x1}], 0x1) 13:22:52 executing program 4: pipe2$9p(&(0x7f0000000240), 0x800) 13:22:52 executing program 3: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) 13:22:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xf00000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:52 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCLUNK(r0, &(0x7f0000000040)={0x62}, 0xfffffe8d) write$P9_RAUTH(r0, &(0x7f0000000080)={0x14}, 0x14) 13:22:52 executing program 0: r0 = epoll_create1(0x0) r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) [ 3203.152426][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xf00300, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, &(0x7f0000000180)=""/4090, 0x1000, 0x0, 0x0, 0xffffff5d) sendto(r1, &(0x7f0000000100)="f5", 0x1, 0x0, 0x0, 0x0) 13:22:53 executing program 0: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self\x00', 0x0, 0x0) fremovexattr(r0, &(0x7f0000000040)=@known='user.syz\x00') 13:22:53 executing program 2: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_pid(r0, 0x0, 0x0) [ 3204.190532][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:54 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) statx(r0, &(0x7f00000000c0)='\x00', 0x1000, 0x20, &(0x7f00000009c0)) 13:22:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x1000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:54 executing program 4: 13:22:54 executing program 2: 13:22:54 executing program 5: [ 3204.592515][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:54 executing program 0: 13:22:54 executing program 4: 13:22:54 executing program 3: 13:22:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x2000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3205.232541][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:55 executing program 2: 13:22:55 executing program 5: 13:22:55 executing program 4: 13:22:55 executing program 0: 13:22:55 executing program 3: 13:22:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:55 executing program 5: 13:22:55 executing program 2: 13:22:56 executing program 0: 13:22:56 executing program 4: [ 3206.270659][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:56 executing program 3: 13:22:56 executing program 5: 13:22:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:56 executing program 2: 13:22:56 executing program 4: 13:22:56 executing program 0: 13:22:56 executing program 3: 13:22:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x5000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:57 executing program 2: [ 3207.320097][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:57 executing program 5: 13:22:57 executing program 4: [ 3207.632311][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:57 executing program 0: 13:22:57 executing program 3: 13:22:57 executing program 5: 13:22:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x6000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:57 executing program 2: [ 3208.115819][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:58 executing program 4: 13:22:58 executing program 0: [ 3208.379522][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:58 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001300)='/dev/zero\x00', 0x0, 0x0) sendmsg$SMC_PNETID_GET(r0, 0x0, 0x0) 13:22:58 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x0, 0x0) pread64(r0, 0x0, 0x0, 0x0) 13:22:58 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, 0x0, 0x0, 0x1, &(0x7f0000002380)={0x77359400}) 13:22:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x7000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:58 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) 13:22:58 executing program 0: pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, 0x0) 13:22:58 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) setsockopt$packet_add_memb(r2, 0x107, 0x1, 0x0, 0x0) 13:22:59 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$SO_COOKIE(r0, 0x1, 0x39, 0x0, 0x0) [ 3209.391809][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:22:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x8000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:22:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f0000000280), 0x4) 13:22:59 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x4000) 13:22:59 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = dup2(r0, r1) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={0x0}}, 0x4080) 13:22:59 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x80a7) 13:22:59 executing program 2: socketpair(0x2c, 0x0, 0x0, 0x0) 13:23:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x9000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:00 executing program 5: pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) r2 = dup2(r1, r0) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r4 = dup2(r2, r3) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r4, 0x89f9, 0x0) [ 3210.429973][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3210.682890][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:00 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x40201) write$binfmt_misc(r0, &(0x7f0000000040)={'syz1'}, 0x4) 13:23:01 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001300)='/dev/zero\x00', 0x0, 0x0) sendmsg$NL80211_CMD_ADD_TX_TS(r0, 0x0, 0x0) 13:23:01 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, 0x0) 13:23:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xa000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:01 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x20000000) 13:23:01 executing program 5: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) [ 3211.487348][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:01 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x800000000, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0) 13:23:01 executing program 4: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, 0x0, 0x0) 13:23:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xb000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:01 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, 0x0) 13:23:01 executing program 0: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x840) 13:23:02 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={0x0}}, 0x0) 13:23:02 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={0x0}}, 0x5) [ 3212.516281][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:02 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r1, 0x0, r0) sendmsg$NL80211_CMD_ABORT_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 13:23:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xc000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:02 executing program 2: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 13:23:02 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0) 13:23:02 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x8010) 13:23:02 executing program 3: epoll_wait(0xffffffffffffffff, &(0x7f00000001c0)=[{}], 0x1, 0x0) 13:23:03 executing program 4: fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 13:23:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xd000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3213.561490][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:03 executing program 2: socketpair(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) [ 3213.709564][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:03 executing program 0: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) signalfd(r0, &(0x7f0000001f80), 0x8) 13:23:03 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x800) 13:23:03 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, 0x0, 0x0) 13:23:03 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x240440d4) 13:23:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xe000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:04 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000340)={&(0x7f0000000080), 0xc, &(0x7f0000000300)={0x0}}, 0x0) 13:23:04 executing program 0: open$dir(&(0x7f00000000c0)='./file0\x00', 0xc0, 0x0) [ 3214.589735][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:04 executing program 5: pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_type(r0, 0x0, 0x0) 13:23:04 executing program 3: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, 0x0, 0x0) 13:23:04 executing program 4: pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, 0x0, 0x0) 13:23:04 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', 0x0}) 13:23:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xf000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:04 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x24044080) 13:23:05 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001300)='/dev/zero\x00', 0x0, 0x0) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, 0x0, 0x0) 13:23:05 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r0, &(0x7f00000000c0), 0x0, 0x840) [ 3215.630784][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:05 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$setownex(r0, 0xf, &(0x7f0000000440)) 13:23:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x10000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:05 executing program 5: openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x440, 0x0) 13:23:05 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x141600, 0x0) 13:23:05 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, 0x0) 13:23:05 executing program 3: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, 0x0) 13:23:06 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001300)='/dev/zero\x00', 0x0, 0x0) futimesat(r0, 0x0, &(0x7f0000000040)={{0x0, 0xea60}}) 13:23:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x11000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:06 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, 0x0) 13:23:06 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={0x0}}, 0x0) [ 3216.673121][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:06 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)) 13:23:06 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000080)={'syztnl1\x00', 0x0}) [ 3216.760784][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:06 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$sock(r0, &(0x7f0000000a40), 0x0, 0x80) 13:23:07 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, 0x0, 0x0) 13:23:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x12000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:07 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x4044000) 13:23:07 executing program 0: open$dir(&(0x7f0000000000)='./file0\x00', 0x40, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x88000, 0x4d) [ 3217.713097][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3217.721410][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:07 executing program 4: openat$autofs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/autofs\x00', 0x2100, 0x0) 13:23:07 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x0, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, 0x0) 13:23:07 executing program 2: pipe(&(0x7f0000001780)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, 0x0) 13:23:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x14000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:07 executing program 5: pipe(&(0x7f0000001780)={0xffffffffffffffff}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 13:23:08 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) fcntl$lock(r0, 0x26, &(0x7f00000001c0)) 13:23:08 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xb) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) 13:23:08 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000038c0)='/dev/zero\x00', 0x0, 0x0) getsockopt$IP_SET_OP_VERSION(r0, 0x1, 0x53, 0x0, 0x0) 13:23:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x18000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:08 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = dup2(r0, r0) sendmsg$NL80211_CMD_SET_WOWLAN(r1, &(0x7f0000001f80)={&(0x7f0000000040), 0xc, &(0x7f0000001f40)={0x0}}, 0x0) [ 3218.760575][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:08 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = dup2(r1, r0) sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4000) 13:23:08 executing program 4: socketpair(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 13:23:08 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) fchown(r0, 0x0, 0xffffffffffffffff) 13:23:08 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f0000002240), 0x0, 0x1, &(0x7f0000002380)={0x77359400}) 13:23:09 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000001780)={'ip6gre0\x00', 0x0}) 13:23:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x1f000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:09 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001300)='/dev/zero\x00', 0x0, 0x0) sendmsg$GTP_CMD_DELPDP(r0, 0x0, 0x0) [ 3219.789514][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3219.798350][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:09 executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) pipe(&(0x7f0000001780)={0xffffffffffffffff}) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, &(0x7f0000000240)={0x0}}, 0x0) 13:23:09 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r0, 0x0, 0x0, 0x40000000, 0x0) 13:23:09 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x40000) 13:23:10 executing program 2: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:23:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x20000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:10 executing program 0: socketpair(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 13:23:10 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000080)) 13:23:10 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) 13:23:10 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) [ 3220.834627][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:10 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x40081) write$cgroup_netprio_ifpriomap(r0, 0x0, 0x0) 13:23:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x25000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:10 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x12}}, 0x80) 13:23:11 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) getsockname$inet(r1, 0x0, &(0x7f0000001100)) 13:23:11 executing program 4: pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) 13:23:11 executing program 5: 13:23:11 executing program 2: r0 = epoll_create(0xda7) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000240)) 13:23:11 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3c000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3221.870271][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:11 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x40012101, 0x0, 0x0) 13:23:11 executing program 3: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10000, 0x0) 13:23:11 executing program 4: mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x380000a, 0x11031, 0xffffffffffffffff, 0x0) 13:23:12 executing program 5: r0 = epoll_create(0xda7) epoll_wait(r0, &(0x7f00000001c0)=[{}], 0x1, 0x0) 13:23:12 executing program 2: sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x0) 13:23:12 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x3f000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:12 executing program 0: openat$tun(0xffffffffffffff9c, &(0x7f0000001880)='/dev/net/tun\x00', 0x40001, 0x0) [ 3222.833488][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:12 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000100), &(0x7f0000000180)=0x4) 13:23:12 executing program 3: syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x105d00) [ 3222.910037][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:12 executing program 5: sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, 0x0, 0x0) 13:23:13 executing program 2: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, 0x0) 13:23:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x40000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:13 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180), 0x4) 13:23:13 executing program 4: munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) sigaltstack(&(0x7f0000ffe000/0x2000)=nil, 0x0) 13:23:13 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, 0x0) 13:23:13 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x50) 13:23:13 executing program 2: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x89f6, 0x0) [ 3223.950392][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x48000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:13 executing program 0: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x0, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r0, 0x0, 0x0) 13:23:14 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001300)='/dev/zero\x00', 0x0, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, 0x0, 0x0) 13:23:14 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, 0x0, 0x0) 13:23:14 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000040)="23c20400fa986996a68e83fcdc8fbaa63c0b20699af93a8fb3d4bcd9ae1fdc2d60b730d6cbc59d5b9fd23738170b5e9a64a7a28bc40d2f6f9141", 0x1, 0xc050, 0x0, 0xfffffffffffffd76) 13:23:14 executing program 2: r0 = msgget$private(0x0, 0x0) msgctl$MSG_STAT(r0, 0xb, &(0x7f0000001a00)=""/22) 13:23:14 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x4c000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:14 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={0x0}}, 0x48000) [ 3224.989748][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:14 executing program 4: pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, 0x0) 13:23:15 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r1, r0) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f0000000280)={0x0}}, 0x0) 13:23:15 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x14) 13:23:15 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000480)={{}, "45dc376f1defd89657103417c79b50670bb3061d948ed3a330f1bb73f7cab14bae4eec1972c929b342e0a163c18dbb20cc8f5bc0616923fe1f2a85984b5af3dccf15866ce552044da05e2d404630695fd74cc9b0e71cf0d8018986c13abeebc7a2891a96a048c21de1dead7e867587a9955a6b40b636282562d04868d53055e2c2053982caf58f65bc55e7d34881e1240f9f31f493decb7d383d8db68588a0a05965c09429b46bfc1bd13e62dfd510c4f9cd4a82abd3fdcf8a5a656d3bfff8699d5c1e3f6cdaf8483633e56ab56d26d3cb57426bb574f899a3145a99d3a730afa8eed811380370d4d4a8cba989d52eaf64134bebd22a4323b61d688871f6f851e5c3cf89db5adf8b5ef7a5a6a0e49dc913205a8cf94166693e36dde070dd55db80fb05174accedd73f34bf2668ef920478f6e5a77d6e25d057333fc2224ca7d5a459b25b72c66c5c09c7ee0d3fe42b7a0bc1acae743a682952436df77d0fc4f7e7ea5e0d15adb4b55d3d2383de22a123b1ba8ea6e669a1575d37835e4e49c6ad6333cf9a3dbb5d80dfdc912524a182e008d2b86112b7ac178b32e2a442cd459365fb832c667808bd7d4a5d7721a489930f5348af894848f1b06b7d2906bc2cb1ec0ccc6d29c4817e57eaaa42faa836904b72997d079c9d26c8baa0520b7e3dc7120536a6e9d77ac5f6fd3c23012a5713755b86d92fb771bd2316ee8b35dd6fd5a5724569145124e7eb6a5efc2970ebab0a59fd9e537c5c1eb5b7145d6b386390b697300bd9b70145ded54f2d6f7ce03e5ef0a8afc3531d9f72992fef71886621d540e1b6592abed2f007f65f4a0b5b6e981e5a472b641d584c07bd20f0d9fc71564331c99e4cd0c03a865a3493cd76cfaaed08f39be850e5a618b01b4d906e50719ed4006f101de338ff9a44eb0a6a923cbff4300460ba7caa6575dc80177e52f68e3e9eb317044c75b97329d4ac2d1cdf2fac6a4857510947040c98350d6b2c1d2ae9e9f84c6529d05ee9049e8e65c10c574c83a351eae34fa05380734f8bf89685f4637397015a7baf8de9d3eda24d6644f9c984b454b30284b4c1aca1cab17835f0af8d9bb48c8f6278ce6045a269a3f0f5f03c1120af4151d899fb21da890828986a784cc492519a21cacb920b2fe7f802e57fd151a45a396e22d5a02c882c3601e0b33427f2483d42b9c49f37ca35202cb3e09d4d75f058906856435d413168a735a20aef7c50f2ae5e058da30f91b1cf2a0b05b60ff61767cb11e8a9f6cbb00453c089bf901a663f180adf95e6475645526f94e1741777c2bc9193e00fecef1b66f770bdc4449972b4c1ac918a14a23db3d81c415690e3b1f03898a314073d3dc118fd0cae476b87ebbad6301de7abd0d05399a3c36053bc384e653bc9f5dbf2893f01d1cac0e0c67722f53093ca4fe6071b20ae8d8c5d54d0b719800848ea7060418d72d2fd60fbd5653535d905c0e57af7d68c65f80c8b7f8a8cf78e756f5d1fb5bd907899ec93d24231b225fba1a6a00616728d4cf2ed2d4809591d341e9fecbcf99747a1965c6f4d2cb3a1e4b20f319825f14b0836c877963375dd3d7a8a4005058438e04e54bad941ef679a2f06fbb1fe29a534654f1996691e5aa7c2bca9e20c4a94e44645d647f22607e77460c8a6dd2931294a55b0a171016a27290d9f7c2e67d17c0dd60dc8ec01792e463646cb14c90acb02ba638ebd1de8cd456cdbffa9dc7bddea1744beaf684d011031d9a968e2b3c7f787d57c2827a2bbbbac3fe0707cdbc3fb98a743b9f87888e90bf6eafa7e7c2f35bd478ea047272209ed9a1e206d2447ff86287ce4355f37f455b8b89397bad60af830e2d1625203eeaaddc65dff5cc3e1112a0def4e03e6c1f201709fa1df19ec6c0622cd2a48abef0519380870ed3ddadbc01bea56c0612ee723a111ac9acb5658081117de2bd7d5629dcc4db180ad800428bd389c18cd326bc65226b4c689b8e850dbb3caf890339a7f4776917a3f552f1baba1980653a9a73b7b33b0a4ce53691a77737a533ee85513fccdcf716f6c031950d83c378b53dded3cc9a357290c762c51252d33e1d67cd951bb911afc7960bff131cdaf999c7077e0b6b8d39344b6292d67a633fe0663f16269f8fd19061091b5110e6ef9010d1bd4c1e4935386b7293a23c8e467a3500267a7bec215a2ea7ef3202a5bc95fbdc6b65f76fd07f8f0bfc01ff83c9d74b56db5c541de255ef5b30713ee49fdd3bffd766a2060af7f1a608f48b943ded84a3202426962c0df638efb5361f59791f7203ae696fd4b91ab92d99bf39eaad18e29b014e4aafbc72bbe3e47f1e3ecbc4f5a7359b2a98d38ff8fb4b4c611882a512084e29e4db21d8b2a828ed9c59936d3a195ba03de6d2c83772405becc24f2966434127a523b2ac2b6472a155f064d1aed39ee18d7a737e3994dc6b679b21593e2f3c10284a57ec64f6e418cc862e8d12ed87a60c57f4c92f6280f8c7471554652842a4b9d19d81bfe1b546f8da85ecf09cf8b9b22476eb7b203b77b369806a189493b9260a1299380163c9df62b9dea1c1730b189c4cf05783b1108f7a1363bbc6f93db54e81f3daf6e286dfa4cce4d5fd5987808d6ac3471db2fb6aa04aa139f6df346e45c48275d1987c1412deacf342c80bf99977d26f22f437a83fe852c1540a70bdefdd2b927770ffb2a93008a46bc48cebab4f4f70e8fa199f5d2969916b773b5768b9f620d7f03b8add37b2cc2c026c2b73a1f23adf7acd684b59f500baa06a740b849ed9e627ac620fa0b163776e1ad46a99333d4ce2556ec3468eae73beb6fc658ac60a1d2eadf83ab1ddbe608a7888c3d8dcfa20338391dfbfd6719a469f59f1bae673e97c116df1e1990c18535cf19f083f2927296a7ad76fd72cbd69efd0a8e4a88088b3fee068975f4de53ed93bc6d1756e5a5446f7ecda7773bd7a84aae02258ef6aa09c1a29411ad1b7328666e989e496a17145c6b01b0c0b0c8ce95910fe63ee982ea9eafac12c5e8615287996a14716281e26b28e57dec36dcea42d43b82fb1a13599f44e3bb4ce274b7a413d6ee917947704c989e496d400cfd26f419a9a7ff227eea97c891941080d8d365f6a6fff156384696851dad2e052a8882979eae1e0158a16e16acc08af24004f3d163dcc739551971f18935c64c5a8ca80ed451711bc00943a884c35e40ee95fdfe583c155699fc67aefd3e60c8a7f53aa9c8b75130ddfed353cf9efdd3a84762cc9e268b44568d3ad1b47ec5d400880a43b33a39bd87f6adfb90ebabbaef76a44272e4d6ce41b8a11b1d57e79f5671383b3467c426320cd2679ed54fb5386dcafa951cb706367d33f7da643246bec58047b39c65bf86a204c9d0b98f3c64f1dd00c79941a0fe2036b64d9b0e23f4b328c3fe94889e1fd997c6cf9903678d7307a340fb372c1c51407a1e78bb764f0b8c32139d00a2b56b9967eca843d88406fca04d1b822ed829ef41dc310103c7bd30ae1e041979177a73805551daaec4c320ffbd90dd627bdca0f442c20031fe1e01c58b8b54d6357fac717bd0f10e1a15409d05e3e012b5b5dbd9419a7bd1f664209c6165bb180e46cfe3dabffe868b5f2f5acd76affe0761b472a3db48037be900acb93d88060a768846e7ecf4a68247319d7787085f13732a16e678269629b5cf51a214b6c0aec464bef703608e27e3aec60ad76bfd604f08cfceb87ab9aad8897862d4b4791c169b4d879ce96716d7b50339460efb673418013b9c902e396e802789cf24818f04a9abaa2beffcb6b121401ae339cc0e9da63f3d0a71acb23c762d3236a640edbee552283aece4dcbea42b7c7eb415ff206c49289c71126e1616e3df379d6ccc88d50107c493548a6027441f8086fbe43f5ff16d8c2dc4f199fea2fbd8a43601c0bf5c402536b8d611f5f05705d3c423cd1ef5debbdcef350e2eea4404055ffd4c7e6d6e521b54a55c5bc69c53bbf35fa5cbec9109c5290f0df6ce08ec7707a0767861322ecd89086ebb64898177de1f7b68117bae384e332a5506eee9a3c969561caed944b8142b26b4278db86a4fbc157362fd58cb0784628c777d5c0848fb33a2d76dcc8c22000da4279eee180a0656e750cb4c71eaf0201b693d730396f21430a8ece75780a4deb1f30c5f9e653a3020c60392cb456defec56a7de0a6bd9e10545158cc0a9197c370c49ea3dddbe21b5c0b65b80aaa95d0558c7e13e3bb703ea3d02b7d8d5034b17dd7c21d79b8d023f239d16e88707b32426d8a81fa5d57c052e8b71f3bb38f93c3f9e3304c088423addd5fc9b86c46344098d58a7882fbc350a9e219461f631af7c05c632de89ec8e5a9f6f55e211d50a79cbb5ccd26dd225213e6bb889ec2f0db45ee54ef3e4416bba233360cba70a3346f0dd57ac5ecbece4e16dbd526373c75be9cffc587e44305e495416af794cc3168d49d078968cf94e22fcde5766b4bd5aed2d5b10a9b0a646b2b5d0070c01ba5e6527f422818e9ccf3cbff3f33221be92f146d317091c2b1621137d8036732f5307c21f4c2a9fef18ca6421f3281cb5f72d12dc6abbe1b0d4fd8f456b82a2f499e0fd6359f35a6e3d5ca0c297825f603f9ed6dda56fd00526da93e511448473a0ada0a267a036aeea4f8c129f3828f33e0a11742e437bbb4339fc1da6f8ae266f754474f27e6d946318c1e07844698ec088416da6a89c055da60f3302770c158eb3a333fe675fee961f32c4e04338192af951b1b012cdc493ae6c2fa922ebd2088c031c50b3a39eabdf5aec36dd9dfa8a4bc3a17a7a7cc1cb9fbd5cf261915e0c60ef2ff9a5fcb29eb064a8bb0bd4125f69483d2f1d62788a57e725ed645d82c5466535fc862111d874803ed875c76643dfdd05149ee9a0187e740d261e8727ad7b940f3c6e26cb045bd928a8a7ea9bbd0b7112dc629d01ec70966ca556b5933353365ad89e5eb91ea089b2467827ca9388f8076ab0dbaa398acd8ab2b79dc89eb3a26ccfba9f79f20d31138aeff57780ff4c05dc97c1fdb27c1bd1808f257e9b1d147d4e0f48c0d0cff9a637222fbb6f5ab2223214342e4bbe996c8ad54ac156a1c67c25aa93da08157fe5374e8fe992af8b3fc101a6828bac08bacb93675ff1d219f6862d17fc4f04a12868a35f2a703b91c3a492ee8173a87be0b09921a687e2f24bd137b0875fed341f5224100e64d392ceb8e63457510e0646ba91154dde15351bab024383b7f50f71121d7111e1ab9458193df2dc340cd44ce6e2a90d5620378963e08bcd81853bc7719ae6e3107d78ed8d819f8414597189a1f46a002806dceaa8685ceb24e84eedd359130f8161af46048844a46cd47091be48338530ba7d1b89f94daae6f97dc1bcd47630bae586b976ece5b69a058ab249fe1f497f431f98307b86d9c7169d0ffa9c451cacaef97f3830bf1cbe60156429da16c99b6dbe0c158c83718aeb8130eee93589602c7f6cecf6afb9b49bfb9029bbc230973252f2e0f7af90d217bfa8f3f487a5690346473902e85a354c21482016c9cfa0b5af8442122751993589f3251927e22fc95099f46e3d0d2e6e2137965e3a9fc10707913517d4ca7784d2e689f3aa3f472fc7e62d78c7d6312325b994fdef7a9de4c8e40cbcdc9ebc8ef80b2984dc345919c2b204e0a1566d3fe12e2903f9f24300ac71928a343d3479022d947607c96971430c070ae1e6430b0d3c5130dbd956e696abcd26991d19ed12480786ae76650dc091b9729965285b07a4df44fb23ac4ef4c3289cb8e911742d3359349adc"}) 13:23:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x68000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:15 executing program 0: setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) [ 3225.872850][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 13:23:15 executing program 2: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, 0x0) [ 3226.030291][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:15 executing program 3: socketpair(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f0000000180), 0x0, 0x4002, &(0x7f0000000000)=@abs, 0x6e) 13:23:15 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKTRACESTOP(r0, 0x1275, 0x0) 13:23:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x6c000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:16 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0) 13:23:16 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = dup2(r0, r1) sendmsg$NBD_CMD_CONNECT(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4884) 13:23:16 executing program 2: socketpair(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)=@abs, 0x6e) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 13:23:16 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x74000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:16 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, 0x0, 0x0) 13:23:16 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x0, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, 0x0, 0x0) [ 3227.094688][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:16 executing program 0: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000880)='/dev/vcsa\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, 0x0) [ 3227.314951][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:17 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) 13:23:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x7a000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:17 executing program 3: pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$packet(r0, 0x0, 0x0, 0x0) 13:23:17 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x88091) 13:23:17 executing program 5: sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, 0x0, 0x0) 13:23:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={0x0}}, 0x20000000) [ 3228.111404][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:17 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) 13:23:18 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x85ffffff, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:18 executing program 4: socketpair(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 13:23:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000028c0)={'syztnl0\x00', 0x0}) 13:23:18 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x10) 13:23:18 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = dup2(r0, r1) sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x44814) 13:23:18 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x0, 0x0) sendmmsg$sock(r0, 0x0, 0x0, 0x0) [ 3228.936591][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:18 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) pipe(&(0x7f0000001780)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) timerfd_gettime(r2, 0x0) [ 3229.150335][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:18 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x9cffffff, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:19 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x2060, 0x0, 0x0) 13:23:19 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4000001) 13:23:19 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, 0x0) 13:23:19 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, 0x0) 13:23:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) write$vga_arbiter(r1, 0x0, 0x0) 13:23:19 executing program 5: openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x10000, 0x0) 13:23:19 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x1, 0x0) write$tun(r0, 0x0, 0x0) 13:23:19 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x9fffffff, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3230.193359][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:20 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) 13:23:20 executing program 4: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x80000, 0x0) 13:23:20 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4000) 13:23:20 executing program 5: r0 = syz_open_dev$hidraw(&(0x7f0000000100)='/dev/hidraw#\x00', 0x0, 0x41) write$hidraw(r0, 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000000200)='/dev/hidraw#\x00', 0x0, 0x200) r1 = syz_open_dev$hidraw(&(0x7f0000000100)='/dev/hidraw#\x00', 0x0, 0x641) write$hidraw(r1, &(0x7f0000000000)='4', 0x20000001) r2 = syz_open_dev$hidraw(&(0x7f0000000180)='/dev/hidraw#\x00', 0x0, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000002c0)={0x55, 0x0, 0x0, {0x9}, {}, @period={0x5b, 0xddc, 0x0, 0x7fff, 0x0, {}, 0x0, 0x0}}) r3 = syz_open_dev$hidraw(&(0x7f0000000180)='/dev/hidraw#\x00', 0x0, 0x0) read$hidraw(r3, &(0x7f0000000100)=""/218, 0x200001da) read$hidraw(r2, &(0x7f0000000100)=""/218, 0x200001da) syz_open_dev$hiddev(0x0, 0x0, 0x0) write$hidraw(0xffffffffffffffff, 0x0, 0x0) ioctl$HIDIOCGREPORTINFO(0xffffffffffffffff, 0x400c4807, &(0x7f0000000000)) syz_open_dev$hidraw(0x0, 0x0, 0x0) syz_open_dev$hiddev(&(0x7f00000000c0)='/dev/usb/hiddev#\x00', 0x0, 0x0) ioctl$HIDIOCGCOLLECTIONINFO(0xffffffffffffffff, 0xc0104811, 0x0) 13:23:20 executing program 3: syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000200086d0423c64000010203010902204ee2328d56ed6f"], 0xfffffffffffffffe) 13:23:20 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xac000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:20 executing program 0: syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x200000) 13:23:21 executing program 2: syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0xbb, 0x21, 0xcf, 0x20, 0x6cd, 0x119, 0xe6d1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x34, 0x51, 0x98}}]}}]}}, 0x0) syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 13:23:21 executing program 4: syz_open_dev$hidraw(&(0x7f0000000440)='/dev/hidraw#\x00', 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000340)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x4020940d, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, "e77255a54dd215a64cb4d11d4f38f4ed3350a4805baadbd9e27e8e4c42544803"}) [ 3231.242624][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3231.608949][T16622] usb 4-1: new high-speed USB device number 5 using dummy_hcd 13:23:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xce150200, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:21 executing program 0: syz_usb_connect$uac1(0x2, 0x84, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@mixer_unit={0x6, 0x24, 0x4, 0x0, 0x0, "9a"}, @feature_unit={0xd, 0x24, 0x6, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0xffffffffffffffff) [ 3231.869735][T16622] usb 4-1: Using ep0 maxpacket: 8 [ 3231.938860][ T8753] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 3231.979456][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3231.992446][T16622] usb 4-1: config index 0 descriptor too short (expected 20000, got 45) [ 3232.001730][T16622] usb 4-1: config 50 has too many interfaces: 226, using maximum allowed: 32 [ 3232.011134][T16622] usb 4-1: config 50 has an invalid descriptor of length 111, skipping remainder of the config [ 3232.021934][T16622] usb 4-1: config 50 has 0 interfaces, different from the descriptor's value: 226 13:23:22 executing program 4: syz_usb_connect$uac1(0x0, 0x84, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@mixer_unit={0x6, 0x24, 0x4, 0x1, 0x7, "9a"}, @feature_unit={0xd, 0x24, 0x6, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x1, 0x0, 0x0, {0x7}}}}}}}]}}, 0xffffffffffffffff) [ 3232.194352][ T8753] usb 3-1: Using ep0 maxpacket: 32 [ 3232.264070][T16622] usb 4-1: string descriptor 0 read error: -71 [ 3232.273384][T16622] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40 [ 3232.279630][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3232.284151][T16622] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 13:23:22 executing program 5: syz_usb_connect(0x1, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x42, 0xaf, 0xa0, 0x8, 0x930, 0x215, 0xa7f3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x4a, 0x7f, 0xbb, 0x0, [], [{{0x9, 0x5, 0x7}}]}}]}}]}}, 0xffffffffffffffff) 13:23:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xff000000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3232.469438][T16622] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 3232.520178][T16622] usb 4-1: USB disconnect, device number 5 [ 3232.521273][ T8753] usb 3-1: New USB device found, idVendor=06cd, idProduct=0119, bcdDevice=e6.d1 [ 3232.535481][ T8753] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3232.543830][ T8753] usb 3-1: Product: syz [ 3232.548150][ T8753] usb 3-1: Manufacturer: syz [ 3232.553049][ T8753] usb 3-1: SerialNumber: syz [ 3232.727273][ T8753] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 3232.911431][T17450] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 3232.931874][T16622] usb 4-1: new high-speed USB device number 6 using dummy_hcd 13:23:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xffff8000, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3233.058829][T27563] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 3233.129111][ T8753] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 3233.200243][T16622] usb 4-1: Using ep0 maxpacket: 8 [ 3233.310328][T27563] usb 5-1: Using ep0 maxpacket: 32 [ 3233.316108][T17450] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 3233.320568][T16622] usb 4-1: config index 0 descriptor too short (expected 20000, got 45) [ 3233.325519][T17450] usb 1-1: config 1 has no interface number 1 [ 3233.333809][T16622] usb 4-1: config 50 has too many interfaces: 226, using maximum allowed: 32 [ 3233.340060][T17450] usb 1-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 3233.348847][T16622] usb 4-1: config 50 has an invalid descriptor of length 111, skipping remainder of the config [ 3233.357933][T17450] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 3233.368455][T16622] usb 4-1: config 50 has 0 interfaces, different from the descriptor's value: 226 [ 3233.379522][T17450] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 3233.411405][T10870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3233.520515][T27563] usb 5-1: too many endpoints for config 1 interface 1 altsetting 7: 154, using maximum allowed: 30 [ 3233.531797][T27563] usb 5-1: config 1 interface 1 altsetting 7 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 3233.543055][T27563] usb 5-1: config 1 interface 1 altsetting 7 endpoint 0x1 has invalid wMaxPacketSize 0 [ 3233.553140][T27563] usb 5-1: config 1 interface 1 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 154 [ 3233.566499][T27563] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 3233.576544][T27563] usb 5-1: config 1 interface 1 has no altsetting 0 [ 3233.640921][ T8753] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 3233.729676][ T8753] usb 6-1: string descriptor 0 read error: -71 [ 3233.736463][ T8753] usb 6-1: New USB device found, idVendor=0930, idProduct=0215, bcdDevice=a7.f3 [ 3233.745908][ T8753] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 13:23:23 executing program 3: syz_open_dev$hidraw(&(0x7f00000000c0)='/dev/hidraw#\x00', 0x0, 0x10440) [ 3233.952068][ T8753] usbip-host 6-1: 6-1 is not in match_busid table... skip! 13:23:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xffffff85, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3234.041518][ T8753] usb 6-1: USB disconnect, device number 2 [ 3234.101553][T27563] usb 5-1: string descriptor 0 read error: -71 [ 3234.108200][T27563] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 3234.119024][T16622] usb 4-1: string descriptor 0 read error: -71 [ 3234.119461][T16622] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40 [ 3234.119659][T16622] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3234.143943][T27563] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3234.157569][T16622] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 3234.222317][T17450] usb 1-1: string descriptor 0 read error: -71 [ 3234.229192][T17450] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 3234.238334][T17450] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3234.244820][T16622] usb 4-1: USB disconnect, device number 6 [ 3234.399933][T17450] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 3234.445827][ T3244] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3234.460727][T17450] usb 1-1: USB disconnect, device number 2 [ 3234.487462][T27563] usbip-host 5-1: 5-1 is not in match_busid table... skip! [ 3234.574943][T27563] usb 5-1: USB disconnect, device number 5 [ 3234.599033][ T8753] usb 6-1: new low-speed USB device number 3 using dummy_hcd 13:23:24 executing program 3: syz_usb_connect$cdc_ecm(0x0, 0x7f, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000020000202505a1a440000102030109026d00010100a002090400000302060000062406000026052400feff0d240f010000000002000100020c241b24020014241300bf6abd"], 0xffffffffffffffff) 13:23:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x3954fea3dce66ff9) ioctl$EVIOCSFF(r0, 0x40304580, 0x0) [ 3234.863455][T16622] usb 3-1: USB disconnect, device number 3 [ 3234.903826][T17450] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 3234.993392][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3235.013710][ T8753] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 3235.029492][T27563] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 3235.089511][ T8753] usb 6-1: string descriptor 0 read error: -71 [ 3235.096335][ T8753] usb 6-1: New USB device found, idVendor=0930, idProduct=0215, bcdDevice=a7.f3 [ 3235.105902][ T8753] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3235.177745][ T8753] usbip-host 6-1: 6-1 is not in match_busid table... skip! 13:23:25 executing program 5: syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x200700) [ 3235.220631][ T8753] usb 6-1: USB disconnect, device number 3 [ 3235.293195][T17450] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 3235.302810][T17450] usb 1-1: config 1 has no interface number 1 [ 3235.310983][T17450] usb 1-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 3235.321032][T17450] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 3235.332315][T17450] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 3235.346191][T27563] usb 5-1: Using ep0 maxpacket: 32 [ 3235.419307][T17450] usb 1-1: string descriptor 0 read error: -71 [ 3235.426015][T17450] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 3235.436838][T17450] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3235.470008][T10870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3235.490678][T27563] usb 5-1: too many endpoints for config 1 interface 1 altsetting 7: 154, using maximum allowed: 30 [ 3235.502425][T27563] usb 5-1: config 1 interface 1 altsetting 7 endpoint 0x1 has an invalid bInterval 0, changing to 7 13:23:25 executing program 0: [ 3235.514331][T27563] usb 5-1: config 1 interface 1 altsetting 7 endpoint 0x1 has invalid wMaxPacketSize 0 [ 3235.524536][T27563] usb 5-1: config 1 interface 1 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 154 [ 3235.537992][T27563] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 3235.550847][T27563] usb 5-1: config 1 interface 1 has no altsetting 0 13:23:25 executing program 4: [ 3235.622840][T17450] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 3235.649526][T17450] usb 1-1: USB disconnect, device number 3 [ 3235.760036][T27563] usb 5-1: string descriptor 0 read error: -71 [ 3235.766644][T27563] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 3235.776867][T27563] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3235.861725][T27563] usbip-host 5-1: 5-1 is not in match_busid table... skip! [ 3235.920784][T27563] usb 5-1: USB disconnect, device number 6 [ 3236.510459][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:26 executing program 2: 13:23:26 executing program 0: 13:23:26 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xffffff9c, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3236.688805][T27563] usb 4-1: new high-speed USB device number 7 using dummy_hcd 13:23:26 executing program 5: 13:23:26 executing program 4: [ 3236.909788][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3236.939392][T27563] usb 4-1: Using ep0 maxpacket: 32 [ 3237.077731][T27563] usb 4-1: config 1 has an invalid descriptor of length 189, skipping remainder of the config [ 3237.088486][T27563] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 13:23:26 executing program 0: [ 3237.213663][T27563] usb 4-1: string descriptor 0 read error: -71 [ 3237.220559][T27563] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 3237.229988][T27563] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 13:23:27 executing program 2: [ 3237.387099][T27563] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 3237.509415][T27563] usb 4-1: USB disconnect, device number 7 [ 3237.554055][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3238.008919][T27563] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 3238.033328][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3238.279004][T27563] usb 4-1: Using ep0 maxpacket: 32 [ 3238.399106][T27563] usb 4-1: config 1 has an invalid descriptor of length 189, skipping remainder of the config [ 3238.409702][T27563] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 13:23:28 executing program 3: 13:23:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0xffffff9f, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:28 executing program 4: 13:23:28 executing program 5: 13:23:28 executing program 0: 13:23:28 executing program 2: [ 3238.489882][T27563] usb 4-1: string descriptor 0 read error: -71 [ 3238.496588][T27563] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 3238.506096][T27563] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3238.589826][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3238.638001][T27563] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 3238.747772][T27563] usb 4-1: USB disconnect, device number 8 13:23:28 executing program 5: 13:23:28 executing program 0: 13:23:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:28 executing program 4: 13:23:28 executing program 2: 13:23:29 executing program 3: 13:23:29 executing program 5: [ 3239.631227][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:29 executing program 0: 13:23:29 executing program 4: 13:23:29 executing program 2: 13:23:29 executing program 3: 13:23:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:30 executing program 5: 13:23:30 executing program 4: 13:23:30 executing program 0: 13:23:30 executing program 2: 13:23:30 executing program 3: [ 3240.672627][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x3], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:30 executing program 5: 13:23:30 executing program 4: [ 3241.074233][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:30 executing program 2: 13:23:30 executing program 0: 13:23:31 executing program 3: 13:23:31 executing program 5: 13:23:31 executing program 2: [ 3241.710993][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:31 executing program 0: 13:23:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x4], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:31 executing program 4: 13:23:31 executing program 3: 13:23:32 executing program 2: 13:23:32 executing program 4: 13:23:32 executing program 5: 13:23:32 executing program 0: 13:23:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x5], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:32 executing program 3: [ 3242.752851][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:32 executing program 2: 13:23:32 executing program 5: 13:23:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x6], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:33 executing program 4: 13:23:33 executing program 0: 13:23:33 executing program 3: 13:23:33 executing program 2: 13:23:33 executing program 5: [ 3243.790520][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x7], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:33 executing program 4: 13:23:33 executing program 0: [ 3244.115254][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:34 executing program 2: 13:23:34 executing program 3: 13:23:34 executing program 5: 13:23:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x8], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:34 executing program 4: 13:23:34 executing program 0: [ 3244.832019][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:34 executing program 2: 13:23:34 executing program 3: 13:23:34 executing program 5: 13:23:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x9], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:35 executing program 2: 13:23:35 executing program 0: 13:23:35 executing program 4: 13:23:35 executing program 3: [ 3245.875886][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:35 executing program 5: 13:23:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xa], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:35 executing program 0: 13:23:35 executing program 2: 13:23:36 executing program 3: 13:23:36 executing program 4: [ 3246.519240][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:36 executing program 5: 13:23:36 executing program 0: 13:23:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xb], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:36 executing program 2: [ 3246.910112][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3247.158754][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:36 executing program 3: 13:23:37 executing program 4: 13:23:37 executing program 5: 13:23:37 executing program 0: 13:23:37 executing program 2: 13:23:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xc], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:37 executing program 4: 13:23:37 executing program 3: [ 3247.951321][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:37 executing program 0: 13:23:37 executing program 5: 13:23:38 executing program 2: 13:23:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xd], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:38 executing program 4: 13:23:38 executing program 3: 13:23:38 executing program 0: 13:23:38 executing program 5: [ 3249.004617][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:38 executing program 2: 13:23:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xe], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:39 executing program 3: 13:23:39 executing program 4: 13:23:39 executing program 5: 13:23:39 executing program 0: 13:23:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xf], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:39 executing program 2: 13:23:39 executing program 3: [ 3250.030468][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:39 executing program 5: 13:23:39 executing program 4: [ 3250.211843][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:40 executing program 0: 13:23:40 executing program 2: 13:23:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x10], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:40 executing program 3: 13:23:40 executing program 5: 13:23:40 executing program 4: 13:23:40 executing program 0: 13:23:40 executing program 2: 13:23:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x11], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3251.080955][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:41 executing program 3: 13:23:41 executing program 5: 13:23:41 executing program 2: 13:23:41 executing program 4: 13:23:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x12], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:41 executing program 0: 13:23:41 executing program 3: 13:23:41 executing program 2: 13:23:41 executing program 5: [ 3252.115686][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x14], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:42 executing program 3: 13:23:42 executing program 4: 13:23:42 executing program 2: 13:23:42 executing program 0: 13:23:42 executing program 5: 13:23:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x18], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:42 executing program 2: 13:23:42 executing program 3: [ 3253.151010][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3253.230034][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:43 executing program 4: 13:23:43 executing program 0: 13:23:43 executing program 5: 13:23:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x25], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:43 executing program 3: 13:23:43 executing program 2: 13:23:43 executing program 0: 13:23:43 executing program 4: 13:23:44 executing program 5: [ 3254.195762][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x3c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:44 executing program 2: 13:23:44 executing program 3: 13:23:44 executing program 0: 13:23:44 executing program 4: 13:23:44 executing program 5: 13:23:44 executing program 2: 13:23:44 executing program 3: 13:23:45 executing program 0: [ 3255.242203][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:45 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x48], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:45 executing program 5: 13:23:45 executing program 4: 13:23:45 executing program 3: 13:23:45 executing program 2: 13:23:45 executing program 0: 13:23:45 executing program 5: 13:23:45 executing program 4: [ 3256.112961][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3256.275276][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3256.285588][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:46 executing program 3: 13:23:46 executing program 0: 13:23:46 executing program 2: 13:23:46 executing program 5: [ 3257.309931][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x4c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:47 executing program 4: 13:23:47 executing program 0: 13:23:47 executing program 3: 13:23:47 executing program 2: 13:23:47 executing program 5: 13:23:47 executing program 3: 13:23:47 executing program 2: 13:23:47 executing program 4: 13:23:47 executing program 0: 13:23:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x68], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:47 executing program 5: [ 3258.361170][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:48 executing program 2: 13:23:48 executing program 3: 13:23:48 executing program 4: 13:23:48 executing program 0: 13:23:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x6c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:48 executing program 5: 13:23:48 executing program 0: 13:23:48 executing program 4: 13:23:48 executing program 3: 13:23:48 executing program 2: r0 = socket$inet6_sctp(0x1c, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0x3}, 0x1c) r1 = dup2(r0, r0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x19, &(0x7f0000000140), &(0x7f0000000200)=0x8) [ 3259.325521][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3259.399860][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x74], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:49 executing program 5: 13:23:49 executing program 3: 13:23:49 executing program 0: 13:23:49 executing program 4: 13:23:50 executing program 2: 13:23:50 executing program 5: setitimer(0x2, &(0x7f0000000100)={{0x8}, {0x2}}, 0x0) [ 3260.430544][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x7a], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:50 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000100)={&(0x7f0000000040)=@in={0x10, 0x2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="88", 0x1}], 0x1}, 0x20081) 13:23:50 executing program 3: r0 = socket$inet_sctp(0x2, 0x8000000020000001, 0x84) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x10, 0x2}, 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000040)=ANY=[@ANYBLOB="1002"], 0xa0) 13:23:50 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f00000005c0)={&(0x7f0000000040)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7, &(0x7f0000000280)=ANY=[], 0x8c) 13:23:50 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/140, 0x8c}], 0x1}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xffffff68, 0x0, 0x0, 0x800e00547) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)=""/9, 0x9}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8}, 0x2) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r4, 0x0, 0xd051, 0x0, 0x0, 0x800e00556) shutdown(r3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r5, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000001c0)=""/172, 0xac}], 0x1}, 0x0) shutdown(r4, 0x0) 13:23:50 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x9, 0x0, &(0x7f0000000040)) 13:23:51 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$unix(r0, &(0x7f0000000480)={&(0x7f0000000000)=@file={0xa}, 0xa, 0x0}, 0x188) 13:23:51 executing program 0: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) r1 = dup2(r0, r0) sendmsg$inet_sctp(r1, &(0x7f0000000340)={&(0x7f0000000140)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0, 0x0, &(0x7f0000000300)=[@init={0x14}, @dstaddrv4={0x10, 0x84, 0x9, @broadcast}], 0x24}, 0x0) 13:23:51 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0xf, &(0x7f0000000100), &(0x7f0000000140)=0xc) 13:23:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0xac], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3261.472036][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:51 executing program 5: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) r1 = dup2(r0, r0) recvfrom(r1, 0x0, 0x0, 0x1, 0x0, 0x0) 13:23:51 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_int(r0, 0x0, 0x4, 0x0, &(0x7f0000000040)) 13:23:51 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0) 13:23:51 executing program 0: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) r1 = dup2(r0, r0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x10, &(0x7f0000000100), &(0x7f0000000140)=0x4) 13:23:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3262.385223][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:52 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f00000001c0)={0x0, @in, 0x9}, 0xa0) [ 3262.517130][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:52 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) recvmsg(r0, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=""/47, 0x2f}, 0x83) 13:23:52 executing program 3: r0 = socket$inet6_icmp_raw(0x1c, 0x3, 0x3a) ppoll(&(0x7f0000000040)=[{r0, 0x2000}], 0x1, &(0x7f0000000080), 0x0, 0x0) 13:23:52 executing program 0: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) connect$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0x3}, 0x1c) r1 = dup2(r0, r0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x28, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x21, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, r3}, 0x10) 13:23:52 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) read(r0, &(0x7f0000000100)=""/179, 0xb3) 13:23:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:53 executing program 5: r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x2203, &(0x7f0000000100)) 13:23:53 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) read$char_usb(r0, 0x0, 0x0) [ 3263.553294][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:53 executing program 4: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/fb0\x00', 0x0, 0x0) ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f0000000040)={0x19, 0x2}) 13:23:53 executing program 0: r0 = openat$uhid(0xffffff9c, &(0x7f00000000c0)='/dev/uhid\x00', 0x802, 0x0) write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000100), 0xa) 13:23:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x3], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:53 executing program 3: r0 = syz_open_dev$rtc(&(0x7f0000000280)='/dev/rtc#\x00', 0x0, 0x0) ioctl$RTC_ALM_READ(r0, 0x80247008, 0x0) 13:23:53 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x1279, 0xffffffffffffffff) 13:23:54 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='environ\x00') read(r0, 0x0, 0x0) 13:23:54 executing program 0: openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self\x00', 0x40, 0x0) [ 3264.596269][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:54 executing program 4: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$revoke(0x3, r0) 13:23:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:54 executing program 5: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$invalidate(0x15, r0) 13:23:54 executing program 3: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$invalidate(0x15, r0) keyctl$set_timeout(0xf, r0, 0x0) 13:23:55 executing program 0: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000080)='freezer.state\x00', 0x2, 0x0) write$cgroup_freezer_state(r1, &(0x7f00000000c0)='THAWED\x00', 0x7) 13:23:55 executing program 2: [ 3265.394481][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:55 executing program 4: 13:23:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x5], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3265.630531][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:55 executing program 5: [ 3265.713191][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:55 executing program 3: 13:23:55 executing program 2: 13:23:55 executing program 4: 13:23:55 executing program 0: 13:23:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x6], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:56 executing program 5: 13:23:56 executing program 2: 13:23:56 executing program 3: 13:23:56 executing program 4: [ 3266.670773][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:56 executing program 0: 13:23:57 executing program 4: 13:23:57 executing program 2: 13:23:57 executing program 5: 13:23:57 executing program 3: 13:23:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x7], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:57 executing program 0: [ 3267.724497][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:57 executing program 4: 13:23:57 executing program 2: 13:23:57 executing program 5: 13:23:57 executing program 3: 13:23:57 executing program 0: 13:23:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x8], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3268.433111][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:58 executing program 4: 13:23:58 executing program 2: 13:23:58 executing program 5: 13:23:58 executing program 0: 13:23:58 executing program 3: [ 3268.758814][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x9], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:59 executing program 2: 13:23:59 executing program 4: 13:23:59 executing program 5: 13:23:59 executing program 0: 13:23:59 executing program 3: [ 3269.790561][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:23:59 executing program 4: 13:23:59 executing program 5: 13:23:59 executing program 2: 13:23:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xa], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:23:59 executing program 0: 13:24:00 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x5452, 0xffffffffffffffff) 13:24:00 executing program 4: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE(r0, 0x40046103, 0x21000000) 13:24:00 executing program 5: r0 = socket(0x2, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8983, &(0x7f0000000400)={'lo\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 13:24:00 executing program 2: pipe2$9p(&(0x7f0000000d40)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RREMOVE(r0, &(0x7f0000000d80)={0x7}, 0xffffffffffffff81) 13:24:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xb], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3270.843398][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:00 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x80044501, 0x0) [ 3271.154893][T18998] QAT: failed to copy from user. 13:24:01 executing program 3: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self\x00', 0x10000, 0x0) 13:24:01 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) recvmmsg(r0, &(0x7f0000001c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0xe, 0x6, 0x101}, 0x14}}, 0x0) 13:24:01 executing program 4: r0 = socket(0x2, 0x2, 0x0) getsockname$packet(r0, 0x0, &(0x7f00000001c0)) [ 3271.471178][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:01 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = gettid() r2 = epoll_create(0x4) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r0, &(0x7f0000000180)={r2}) 13:24:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xc], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3271.871863][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:02 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000400)={'lo\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 13:24:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x0, 0x2, 0x201}, 0x14}}, 0x0) 13:24:02 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x80084504, &(0x7f0000000340)) 13:24:02 executing program 5: sendmsg$NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, 0x0, 0x0) 13:24:02 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/protocols\x00') read$FUSE(r0, 0x0, 0x0) 13:24:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xd], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3272.911475][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:02 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x30, 0x2, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}, @NFQA_CFG_PARAMS={0x9}, @NFQA_CFG_MASK={0x8}]}, 0x30}}, 0x0) 13:24:02 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x101, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}}, 0x0) 13:24:02 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) recvmsg(r0, &(0x7f0000001440)={&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @random}}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000240)=""/214, 0xd6}], 0x1}, 0x40000122) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x14, 0x1, 0x1, 0x201}, 0x14}}, 0x0) 13:24:03 executing program 0: r0 = socket(0x2, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8942, &(0x7f0000000400)={'lo\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 13:24:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xe], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:03 executing program 3: syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000)='NLBL_MGMT\x00') r0 = socket(0x2, 0x3, 0x5) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, @in={0x2, 0x4e21, @multicast1=0xe0000014}, @phonet={0x23, 0x2, 0xed, 0x8}, @l2={0x1f, 0x5, @any, 0x4, 0x1}, 0xffff, 0x0, 0x0, 0x0, 0x81, &(0x7f0000000040)='veth0_to_hsr\x00', 0x4}) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x2}, 0x2000014c, &(0x7f00000001c0)={0x0}}, 0x0) 13:24:03 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x5460, 0xc) 13:24:03 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x0) r1 = inotify_init1(0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) [ 3274.301356][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3274.514380][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:04 executing program 0: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:24:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xf], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:04 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x105001) write$binfmt_script(r0, 0x0, 0xf0ffffff7f0000) 13:24:04 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x14, 0x18, 0xa, 0x301}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x201}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELRULE={0x18, 0x8, 0xa, 0x301, 0x0, 0x0, {}, [@NFTA_RULE_USERDATA={0x4}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0xdc}}, 0x0) 13:24:04 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000100)={0x16, 0x1, &(0x7f0000000000)="f8"}) 13:24:04 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000640)=""/54) 13:24:04 executing program 0: r0 = socket(0x2, 0x1, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x0, 0x0, 0x0, {{}, {}, {0x8}}}, 0x24}}, 0x24000000) 13:24:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x10], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3275.312461][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3275.324737][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:05 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x2, 0x12, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_sec_ctx={0x1}]}, 0x18}}, 0x0) 13:24:05 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x105001) fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x1}) 13:24:05 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x0, 0x3, 0x201}, 0x14}}, 0x0) 13:24:05 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2, 0x16, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 13:24:05 executing program 0: r0 = socket(0x2, 0x3, 0x5) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, @in={0x2, 0x0, @multicast1}, @phonet, @l2, 0xffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='veth0_to_hsr\x00', 0x4}) 13:24:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x11], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:05 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x13, 0x0, 0x0) 13:24:06 executing program 3: syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0x0, 0x0) syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x80800) 13:24:06 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000580)="c1", 0x10) [ 3276.352171][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:06 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x3, 0x0, 0x0) 13:24:06 executing program 5: syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000)='NLBL_MGMT\x00') r0 = socket(0x2, 0x3, 0x5) ioctl$sock_SIOCADDRT(r0, 0x890c, &(0x7f0000000080)={0x0, @in={0x2, 0x4e21, @multicast1}, @phonet={0x23, 0x2, 0xed, 0x8}, @l2={0x1f, 0x5, @any, 0x4, 0x1}, 0xffff, 0x0, 0x0, 0x0, 0x81, &(0x7f0000000040)='veth0_to_hsr\x00', 0x4}) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x2}, 0x2000014c, &(0x7f00000001c0)={0x0}}, 0x0) 13:24:06 executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0xc, &(0x7f0000000000)="f7ecc16a", 0x4) 13:24:06 executing program 3: shmat(0x0, &(0x7f0000ffa000/0x6000)=nil, 0x0) 13:24:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x12], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:06 executing program 2: mincore(&(0x7f0000bfe000/0x400000)=nil, 0x400000, &(0x7f0000000000)=""/30) [ 3277.253473][T19094] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3277.390083][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:07 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x1c, 0x3, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_MARK={0x8}]}, 0x1c}}, 0x0) [ 3277.566163][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:07 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x105001) fcntl$lock(r0, 0x409, &(0x7f0000000040)) 13:24:07 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000080)={0x2020}, 0x2020) 13:24:07 executing program 3: shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000300)=""/6) 13:24:07 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0xc0481273, 0xffffffffffffffff) 13:24:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x14], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:08 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_adj\x00') read$FUSE(r0, 0x0, 0x0) 13:24:08 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) bind$alg(r0, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58) 13:24:08 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x7, 0x1, 0x201}, 0x14}}, 0x0) [ 3278.442576][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:08 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/netstat\x00') read(r0, &(0x7f0000000040)=""/70, 0x46) read$FUSE(r0, 0x0, 0x0) 13:24:08 executing program 2: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000020c0)='/dev/full\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000000080)={0x2020}, 0x2020) 13:24:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x18], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:08 executing program 0: shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) 13:24:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r0, 0x127f, 0xffffffffffffffff) 13:24:09 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc}]}], {0x14}}, 0x74}}, 0x0) 13:24:09 executing program 4: syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1101401, &(0x7f0000001580)) 13:24:09 executing program 2: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x24, 0x0, 0xb, 0x0, 0x0, 0x0, {}, [@NFTA_COMPAT_REV={0x8}, @NFTA_COMPAT_NAME={0x8, 0x1, '%+}\x00'}]}, 0x24}}, 0x0) [ 3279.469206][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:09 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d87", 0xab}], 0x4, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01, 0xee01}}}, 0x78) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) 13:24:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x25], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:09 executing program 3: r0 = socket(0x2, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8915, &(0x7f0000000400)={'lo\x00', @ifru_settings={0x0, 0x0, @te1=0x0}}) 13:24:09 executing program 4: r0 = epoll_create(0x7) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000003c0)) 13:24:09 executing program 5: syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0x0, 0x80) 13:24:09 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, '(@\xcd'}}]}) 13:24:09 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58) [ 3280.159338][T19148] ptrace attach of "/root/syz-executor.0"[19147] was attempted by "/root/syz-executor.0"[19148] 13:24:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x3c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:10 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, 0x0, 0x1, 0x201}, 0x14}}, 0x0) [ 3280.512024][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:10 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x18, 0x1, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}}, 0x0) [ 3280.595711][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:10 executing program 5: r0 = getpgrp(0x0) r1 = getpid() r2 = inotify_init1(0x0) r3 = inotify_init1(0x0) kcmp(r0, r1, 0x0, r2, r3) 13:24:10 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) 13:24:10 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) 13:24:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x48], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:10 executing program 4: 13:24:11 executing program 3: 13:24:11 executing program 5: [ 3281.552798][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:11 executing program 2: 13:24:11 executing program 0: 13:24:11 executing program 4: 13:24:11 executing program 3: 13:24:11 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x4c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:12 executing program 5: 13:24:12 executing program 0: 13:24:12 executing program 2: 13:24:12 executing program 4: [ 3282.589254][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:12 executing program 3: 13:24:12 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x68], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:12 executing program 5: 13:24:12 executing program 2: 13:24:12 executing program 0: 13:24:12 executing program 4: 13:24:13 executing program 3: 13:24:13 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x6c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3283.639266][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3283.653025][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:13 executing program 0: 13:24:13 executing program 2: 13:24:13 executing program 4: 13:24:13 executing program 5: 13:24:13 executing program 3: 13:24:14 executing program 0: 13:24:14 executing program 2: 13:24:14 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x74], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:14 executing program 4: 13:24:14 executing program 5: [ 3284.669754][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:14 executing program 3: [ 3284.915732][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3284.939594][T29248] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3284.976594][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:14 executing program 0: 13:24:14 executing program 2: 13:24:15 executing program 4: 13:24:15 executing program 5: 13:24:15 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x7a], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:15 executing program 3: [ 3285.710183][T27563] net_ratelimit: 1 callbacks suppressed [ 3285.710213][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:15 executing program 2: 13:24:15 executing program 0: 13:24:15 executing program 5: 13:24:15 executing program 4: 13:24:15 executing program 3: 13:24:16 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0xac], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:16 executing program 2: 13:24:16 executing program 0: 13:24:16 executing program 4: 13:24:16 executing program 5: 13:24:16 executing program 3: [ 3286.669114][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3286.763158][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:16 executing program 2: 13:24:16 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:16 executing program 0: 13:24:17 executing program 4: 13:24:17 executing program 5: 13:24:17 executing program 3: 13:24:17 executing program 2: 13:24:17 executing program 0: [ 3287.804115][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:17 executing program 5: 13:24:17 executing program 4: 13:24:17 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:17 executing program 2: 13:24:17 executing program 3: 13:24:17 executing program 0: 13:24:18 executing program 5: 13:24:18 executing program 4: 13:24:18 executing program 3: 13:24:18 executing program 2: 13:24:18 executing program 0: [ 3288.829687][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:18 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x3], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:18 executing program 5: 13:24:19 executing program 4: 13:24:19 executing program 2: 13:24:19 executing program 0: 13:24:19 executing program 3: 13:24:19 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:19 executing program 5: [ 3289.720943][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3289.875005][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:19 executing program 2: 13:24:19 executing program 4: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x205d010, &(0x7f0000000200)) 13:24:19 executing program 0: syz_emit_ethernet(0x44e, &(0x7f0000000600)={@random="5f161034c15f", @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f2f2f1", 0x418, 0x3a, 0xff, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2]}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xb, "a78c000004ff000053d5dea6b259fe8000000000000023493b87aa0568f00b0d71a8242373244ad2439adc07df0a69748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c11b37adac15084dbaf736b41e5a803721d"}, {0x0, 0x16, "84f0da1684f0da1313968050378ee824f4dffba6feed320516e05a45c70daf0622c51c7a93e357f7671975afc9c545c59d6137c8ce680ba2d2e8794cc0ee661ab31313a50f67f637326bdc20eee126a2c281295ae9405b24d13dc48b7b6aa26e8a94498418f3472f7281922377d30a3b5ed2c6a2990e5ea6b275c1d5bddf59f3d1843df268e8551f1f8f4723b8c825c6b2cff208dfb5cd8283d0dcd52a6de228bf697d3d6506afec30ef7e07413c7afc1eb139e0"}, {0x0, 0x5e, "062bf7b5e0f2dbbdc849b90d4e80a0e3f7af088060d01a1cfcfad88ef4512c6ef5c0ead4b9cc87484b106a060a9899d50f595204418f51e91480b395741dd314136a262cadf02b071d88e61703f037caded0b315701274012fa532ddd69499074e1a2df196e0afcffd928fb3d82ab8160253a47d3efc3d7cead55c28610ae20f69aaced0a1a6ce815344cf8d0bc8a0dfcdd1e8cd7242601777ec653c2d4b704397dcb1350982afd017eaa630c840d71589499fd68239ae0c0aa2fc9b949d1a716d40a24f078e92e8c268ff726290944b5f3a3bea9559f2d2a51405fba224411ecc49544dea47917a98bf79c3c8eed70429abf70a52ecbda21c9bf0f6a70cd2c2c887391e4095ad223437c60abf829447b47bd231ca2a98d9da7519a4bd28e803fa000fafc0dc453ed56cdf4356d7abcfec4eed0b94a4f78ce44a7177c6684026bb4f26a17e52e326c8bb7be5e2ea5780d7169d8f4ff62cb2b223f1d6221f62e0ee0244d86042560edd36853c464b23be536c65b87cd5ea60932ed90607b369ed2017f645afcb5cd07f6896a08473bd5dea2bfb52ac501a39c338ede985aa4a7755db876cc1558aac15ad4d6c078834be4d944f3cce006cd2ad9ba8d17f01a614052aadbd4af0fd282f594dc4530ee49b6c9ae6d5d80a073e678594be2e2f0869baa2a58dd2d0f6a995fb706c4d1b618d57da1c2d8f55611f746105a947b4f6bb74dbdbffb1b3c1f2316f6a28a07f0145b1bf8345b6aa4e9d5a819497856792121219ea151c1f8e2f86356039bc5b87fe4cad68b6afa08687e6e751803865165eac0c34bdddae1bbe52f55d08cc4a0865f8df372635e8a26ac4ac9716a124ac4e83349f17b612e2b1893b5eaccecc7d812bb4f4fc6b313f57c2035a90f782a4a97b5f5309b6c5798d72b9187f3d411e84041e3671fe35e39fa1887846721c38d501b471990b919d2ad9ca9bc71157a843d75838c0aa4ff0dabd74284709f1f87f324ec4f56eacd70e6bb5e9677e719786c4d4284e4c1904bd0566ca1a1fbfd602d9d91c223c69cca535f3f6afa4290a1ac2b11fc57e"}]}}}}}}, 0x0) 13:24:20 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r0, &(0x7f0000000080)="f976e4488ed3ac4b", 0x8, 0x40008c2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10) 13:24:20 executing program 5: 13:24:20 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x5], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:20 executing program 4: 13:24:20 executing program 2: 13:24:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x28, r1, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_DST={0x14, 0x1, @private1}]}, 0x28}}, 0x0) [ 3290.909882][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:20 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_mreqn(r0, 0x0, 0x12, 0x0, &(0x7f0000000040)) 13:24:20 executing program 5: bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) 13:24:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x6], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:21 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000001040)={0x2, 0x0, @loopback}, 0x10) 13:24:21 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000000)=@raw=[@jmp, @alu, @jmp], &(0x7f0000000040)='syzkaller\x00', 0x0, 0xf3, &(0x7f0000000080)=""/243, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180), 0x8, 0x10, &(0x7f00000001c0), 0x10, 0xffffffffffffffff}, 0x24) 13:24:21 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x4) 13:24:21 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_mreqn(r0, 0x0, 0xf, 0x0, &(0x7f0000000040)) 13:24:21 executing program 5: r0 = socket(0x11, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000003c0)={'sit0\x00', &(0x7f0000000340)={'sit0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast1, @private1}}) 13:24:21 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCDELRT(r0, 0x8906, 0x0) [ 3291.949273][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:21 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x7], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:21 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_mreqn(r0, 0x0, 0x7, 0x0, &(0x7f0000000040)) 13:24:21 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_mreqn(r0, 0x0, 0x4, 0x0, &(0x7f0000000040)) 13:24:22 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r0, &(0x7f0000000080)="123c", 0x2, 0xfffffffe, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) 13:24:22 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_mreqn(r0, 0x0, 0x19, 0x0, &(0x7f0000000040)) 13:24:22 executing program 2: io_setup(0x401, &(0x7f0000000380)=0x0) io_submit(r0, 0x1, &(0x7f0000001640)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000400)='/dev/full\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x0, r1, 0x0}]) 13:24:22 executing program 4: readlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/185, 0xb9) syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1, &(0x7f0000000340)=[{0x0, 0x0, 0x100000000}], 0x208800, &(0x7f00000003c0)={[], [{@subj_role={'subj_role', 0x3d, '!*'}}, {@smackfsfloor={'smackfsfloor', 0x3d, ':)\x00'}}, {@obj_type={'obj_type', 0x3d, ']*-@)][,},^..{,*[}@}\\\x99@\'&\\[%{'}}]}) [ 3292.752825][ T5447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:22 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x8], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3292.989926][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:22 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=@ipv4_newnexthop={0x17, 0x68, 0x1}, 0x18}}, 0x0) 13:24:22 executing program 3: r0 = socket(0x1, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x89f6, &(0x7f0000000740)={'sit0\x00', 0x0}) 13:24:22 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000100)) 13:24:23 executing program 5: bpf$MAP_CREATE(0x15, &(0x7f0000000080), 0x40) 13:24:23 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {0x0, 0x3}]}]}}, &(0x7f0000000200)=""/158, 0x36, 0x9e, 0x1}, 0x20) 13:24:23 executing program 0: r0 = socket(0x11, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f0000000200)={'ip6gre0\x00', 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @empty, @dev}}) 13:24:23 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x9], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:23 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000009440)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}], 0x1, 0x55) 13:24:23 executing program 4: add_key$fscrypt_provisioning(&(0x7f0000000000)='fscrypt-provisioning\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd) 13:24:23 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x9}, 0x40) [ 3294.031254][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:23 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004c00)={&(0x7f0000003b40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef]}}, &(0x7f0000003c00)=""/4096, 0x26, 0x1000, 0x1}, 0x20) 13:24:24 executing program 0: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000200)={[{@nodots='nodots'}, {@dots='dots'}, {@fat=@dos1xfloppy='dos1xfloppy'}, {@fat=@check_normal='check=normal'}], [{@func={'func', 0x3d, 'MMAP_CHECK'}}]}) [ 3294.509811][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:24 executing program 4: migrate_pages(0x0, 0x3, 0x0, &(0x7f0000000040)=0x9) 13:24:24 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'}) 13:24:24 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xa], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:24 executing program 2: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004c00)={&(0x7f0000003b40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@typedef={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0]}}, &(0x7f0000003c00)=""/4096, 0x2a, 0x1000, 0x1}, 0x20) 13:24:24 executing program 5: io_setup(0x401, &(0x7f0000000380)=0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000400)='/dev/full\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x400000000000000}]) [ 3295.069160][ T8753] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:24 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:25 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:24:25 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@ipv4_newnexthop={0x20, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ID={0x8}]}, 0x20}}, 0x0) 13:24:25 executing program 2: bpf$MAP_CREATE(0x9, &(0x7f0000000080), 0x40) 13:24:25 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xb], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:25 executing program 5: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[{&(0x7f0000000180)="4fc7a70d93962c0af6e3", 0xa}], 0x0, 0x0) 13:24:25 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCDELRT(r0, 0x894c, 0x0) [ 3295.835319][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:25 executing program 0: [ 3296.109291][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:26 executing program 2: 13:24:26 executing program 3: 13:24:26 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xc], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:26 executing program 4: 13:24:26 executing program 0: 13:24:26 executing program 0: 13:24:26 executing program 5: 13:24:26 executing program 4: 13:24:26 executing program 2: 13:24:26 executing program 3: 13:24:26 executing program 0: [ 3297.149977][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xd], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:27 executing program 4: 13:24:27 executing program 2: 13:24:27 executing program 5: 13:24:27 executing program 0: 13:24:27 executing program 3: 13:24:27 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xe], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:27 executing program 2: [ 3298.189250][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:28 executing program 5: 13:24:28 executing program 4: 13:24:28 executing program 0: 13:24:28 executing program 3: 13:24:28 executing program 2: 13:24:28 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xf], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3298.911461][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:28 executing program 4: 13:24:28 executing program 5: [ 3299.229477][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:29 executing program 0: 13:24:29 executing program 3: 13:24:29 executing program 2: 13:24:29 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x10], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:29 executing program 4: 13:24:29 executing program 5: 13:24:29 executing program 0: 13:24:29 executing program 2: 13:24:29 executing program 3: 13:24:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x11], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3300.281774][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:30 executing program 5: 13:24:30 executing program 4: 13:24:30 executing program 0: 13:24:30 executing program 2: 13:24:30 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) recvmmsg(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 13:24:30 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x12], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000ac0)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0x0, 0x0, 0xd0e0000, 0xd4, 0x100, 0x1ac, 0x1d8, 0x1d8, 0x1ac, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00'}, 0x0, 0xb0, 0xd4, 0x0, {}, [@common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffe}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x29c) 13:24:31 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x3, &(0x7f0000000ac0)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0x0, 0x0, 0xd0e0000, 0xd4, 0x100, 0x1ac, 0x1d8, 0x1d8, 0x1ac, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00'}, 0x0, 0xb0, 0xd4, 0x0, {}, [@common=@unspec=@connlimit={{0x40, 'connlimit\x00'}}]}, @common=@unspec=@STANDARD={0x24}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x29c) bind$inet(r0, 0x0, 0x0) 13:24:31 executing program 0: 13:24:31 executing program 2: [ 3301.309804][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:31 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x14], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:31 executing program 3: [ 3301.768425][T19465] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3301.847503][T19469] xt_CT: You must specify a L4 protocol and not use inversions on it 13:24:31 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3301.950325][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:31 executing program 0: r0 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$update(0x2, r0, 0x0, 0x0) 13:24:31 executing program 2: perf_event_open(&(0x7f0000000000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:31 executing program 5: r0 = socket(0x11, 0x2, 0x0) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={0x0}}, 0x0) [ 3302.349374][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:32 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x9, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x74) 13:24:32 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x18], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:32 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:32 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0xd, 0x0, 0x0) 13:24:32 executing program 5: syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0xfffffe01, 0x2c0902) 13:24:32 executing program 0: perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xaf, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nvram(0xffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x0, 0x0) 13:24:32 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x2, 0x0, 0x0) [ 3303.407238][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x2080, 0x4) 13:24:33 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x25], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:33 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:33 executing program 0: bpf$BPF_LINK_CREATE(0x3, 0x0, 0x7) 13:24:33 executing program 5: bpf$BPF_LINK_CREATE(0x7, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0xfc7c3e0a86de1d3a}, 0x10) 13:24:33 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xc) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0) 13:24:33 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 3304.184851][ T8737] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x3c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3304.429615][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:34 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="0300023af466f2"], 0x1}}, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10040}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x3, 0x0, 0x2], 0x1f000}) ioctl$KVM_RUN(r3, 0x5452, 0x0) shmget(0x0, 0x4000, 0x0, &(0x7f0000015000/0x4000)=nil) 13:24:34 executing program 5: bpf$BPF_LINK_CREATE(0x8, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0xfc7c3e0a86de1d3a}, 0x10) 13:24:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000003f80)='devlink\x00') sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f00000042c0)={&(0x7f0000003f40), 0xc, &(0x7f0000004280)={&(0x7f0000003fc0)={0x14, r1, 0x103dca2c6c1b8b4b}, 0x14}}, 0x0) [ 3304.993285][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3305.017605][ T8724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:34 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x48], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:34 executing program 2: perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 3305.062650][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3305.091988][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:34 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:35 executing program 5: bpf$BPF_LINK_CREATE(0x11, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7}, 0x10) 13:24:35 executing program 0: perf_event_open(&(0x7f0000000000)={0x8, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:35 executing program 2: perf_event_open(&(0x7f0000000000)={0x8, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:35 executing program 3: syz_open_procfs(0x0, &(0x7f0000000040)='timers\x00') 13:24:35 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x4c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:35 executing program 5: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:24:36 executing program 0: perf_event_open(&(0x7f0000000000)={0x8, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:36 executing program 2: bpf$BPF_LINK_CREATE(0x6, 0x0, 0x0) [ 3306.509205][T17450] net_ratelimit: 1 callbacks suppressed [ 3306.509236][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:36 executing program 3: r0 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$search(0xf, r0, &(0x7f00000000c0)='encrypted\x00', 0x0, 0xfffffffffffffff9) 13:24:36 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000240)={0xd04, 0x0, 0x0, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x580, 0x8, 0x0, 0x1, [{0x4f0, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3c333b48f2832fa23415a6e6be0feb97e0526d78ebf5799081abe5aae87a9c98"}, @WGPEER_A_ALLOWEDIPS={0x4b0, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x63, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0x148, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}]}, {0x14, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "718701e834845dda1aa9ab3f5941b909f75d3e9c2febcecfbaa812baf59e6c0c"}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @dev}}, @WGPEER_A_FLAGS={0x8}]}]}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_PEERS={0x70c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3c153f2dcc860760a2ad93b6ac5f40e57b9a15482a98360045c570447807c087"}]}, {0x24, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}]}, {0x6bc, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "e81a08a8e8e7e4bb2e03b1e87607914bc3c0f4821f76f282d45a083483def3a8"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x800}, @WGPEER_A_ALLOWEDIPS={0x4a4, 0x9, 0x0, 0x1, [{0xe8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x7}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x42}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, [], 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x3f}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}, {0x124, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xa}}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, [], 0x1}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8}, {0x5}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "a5218e4ef1f1b2e2fc331f3e5409601e9513b622518a56ab10e5e4b7b4cb79c8"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x0, @multicast2}}, @WGPEER_A_ALLOWEDIPS={0x17c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}]}, {0x4}]}]}]}]}, 0xd04}}, 0x8010) 13:24:36 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x68], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:36 executing program 0: bpf$BPF_LINK_CREATE(0x17, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0xfc7c3e0a86de1d3a}, 0x10) 13:24:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000240)={0xd04, 0x0, 0x0, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x580, 0x8, 0x0, 0x1, [{0x4f0, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3c333b48f2832fa23415a6e6be0feb97e0526d78ebf5799081abe5aae87a9c98"}, @WGPEER_A_ALLOWEDIPS={0x4b0, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv4={{0x6}, {0x8}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0x148, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}]}, {0x14, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "718701e834845dda1aa9ab3f5941b909f75d3e9c2febcecfbaa812baf59e6c0c"}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @dev}}, @WGPEER_A_FLAGS={0x8}]}]}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_PEERS={0x70c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3c153f2dcc860760a2ad93b6ac5f40e57b9a15482a98360045c570447807c087"}]}, {0x24, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}]}, {0x6bc, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "e81a08a8e8e7e4bb2e03b1e87607914bc3c0f4821f76f282d45a083483def3a8"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x4a4, 0x9, 0x0, 0x1, [{0xe8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}, {0x124, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8}, {0x5}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "a5218e4ef1f1b2e2fc331f3e5409601e9513b622518a56ab10e5e4b7b4cb79c8"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x0, @multicast2}}, @WGPEER_A_ALLOWEDIPS={0x184, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}]}]}]}]}]}, 0xd04}}, 0x0) [ 3307.142298][T19583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19583 comm=syz-executor.5 13:24:37 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0xd8c, 0x7fffffff, 0x40, 0x0, 0x1}, 0x40) 13:24:37 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='pagemap\x00') read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) [ 3307.549189][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3307.669442][T19597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19597 comm=syz-executor.2 13:24:37 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x6c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:37 executing program 0: syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00') 13:24:37 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000240)={0xd04, 0x0, 0x0, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x580, 0x8, 0x0, 0x1, [{0x4f0, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3c333b48f2832fa23415a6e6be0feb97e0526d78ebf5799081abe5aae87a9c98"}, @WGPEER_A_ALLOWEDIPS={0x4b0, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x63, 0x0}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}, {0x148, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3}]}, {0x14, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xd6}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "718701e834845dda1aa9ab3f5941b909f75d3e9c2febcecfbaa812baf59e6c0c"}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, [], 0x29}, 0x10000}}, @WGPEER_A_FLAGS={0x8}]}]}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_PEERS={0x70c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3c153f2dcc860760a2ad93b6ac5f40e57b9a15482a98360045c570447807c087"}]}, {0x24, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x10001}}]}, {0x694, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "e81a08a8e8e7e4bb2e03b1e87607914bc3c0f4821f76f282d45a083483def3a8"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x4a4, 0x9, 0x0, 0x1, [{0xe8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x42}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, [], 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x3f}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}, {0x124, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xa}}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, [], 0x1}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8}, {0x5}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "a5218e4ef1f1b2e2fc331f3e5409601e9513b622518a56ab10e5e4b7b4cb79c8"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @multicast2}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x154, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x3}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}]}]}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x81, @rand_addr=' \x01\x00', 0x400}}]}]}]}, 0xd04}}, 0x0) [ 3308.112142][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:38 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/keys\x00', 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x60001) sendfile(r1, r0, 0x0, 0x10054) 13:24:38 executing program 3: perf_event_open(&(0x7f0000000000)={0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:38 executing program 0: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000000)=0x108002, 0x4) [ 3308.589656][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3308.616418][T19609] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19609 comm=syz-executor.2 13:24:38 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:38 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x74], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:38 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x20000160, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x74) 13:24:38 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, r0, 0x0) 13:24:38 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x0, 0x103382) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000000)='B', 0x1}], 0x1, 0x81805, 0x0) sendfile(r0, r1, 0x0, 0x24002d00) 13:24:39 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:39 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x19, &(0x7f0000000ac0)=@raw={'raw\x00', 0x8, 0x3, 0x200, 0x0, 0x0, 0xd0e0000, 0xd4, 0x100, 0x1ac, 0x1d8, 0x1d8, 0x1ac, 0x1d8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00'}, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x25c) 13:24:39 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x7a], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:39 executing program 2: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='sched\x00') [ 3309.636477][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:39 executing program 3: perf_event_open(&(0x7f0000000000)={0x8, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 13:24:39 executing program 0: 13:24:39 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:40 executing program 5: 13:24:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0xac], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:40 executing program 2: 13:24:40 executing program 3: [ 3310.669551][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:40 executing program 0: 13:24:40 executing program 5: 13:24:40 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:40 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3311.149407][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:40 executing program 2: 13:24:41 executing program 3: 13:24:41 executing program 0: 13:24:41 executing program 5: 13:24:41 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3311.724681][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:41 executing program 2: 13:24:41 executing program 3: 13:24:41 executing program 0: 13:24:42 executing program 5: 13:24:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:42 executing program 2: 13:24:42 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x3], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:42 executing program 3: 13:24:42 executing program 0: [ 3312.768861][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:42 executing program 5: 13:24:42 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:42 executing program 2: 13:24:43 executing program 3: 13:24:43 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:43 executing program 0: 13:24:43 executing program 5: 13:24:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3313.712614][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3313.789165][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:43 executing program 2: 13:24:43 executing program 3: 13:24:43 executing program 0: [ 3314.196269][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:44 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:44 executing program 5: 13:24:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x5], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:44 executing program 2: 13:24:44 executing program 3: 13:24:44 executing program 0: [ 3314.829600][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:44 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:44 executing program 5: 13:24:44 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x6], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:44 executing program 2: ioctl$FIONREAD(0xffffffffffffffff, 0x541b, 0x0) 13:24:45 executing program 3: 13:24:45 executing program 0: 13:24:45 executing program 5: 13:24:45 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:45 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:45 executing program 3: [ 3315.873001][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:45 executing program 2: 13:24:45 executing program 0: openat$urandom(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom\x00', 0x1, 0x0) 13:24:46 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/null\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) 13:24:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:46 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='ns\x00') fchown(r0, 0xee00, 0x0) 13:24:46 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) sync_file_range(r0, 0x0, 0x0, 0x0) 13:24:46 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x8], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:46 executing program 0: timer_create(0x3, &(0x7f0000000100)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000140)) 13:24:46 executing program 5: write$P9_RMKDIR(0xffffffffffffffff, 0x0, 0x0) [ 3316.910080][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3317.230855][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:47 executing program 2: setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) 13:24:47 executing program 3: pipe(&(0x7f0000002840)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) 13:24:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x9], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:47 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$dupfd(r0, 0x0, r1) 13:24:47 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x24440, 0x15) 13:24:47 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000300)={0xd000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3317.949151][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:47 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xa], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x26) 13:24:48 executing program 3: mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8) [ 3318.301224][ T27] audit: type=1800 audit(1601645088.059:54): pid=19759 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15783 res=0 errno=0 [ 3318.323213][ T27] audit: type=1800 audit(1601645088.069:55): pid=19759 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15783 res=0 errno=0 13:24:48 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x420c0, 0x0) 13:24:48 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x101081, 0x0) write$P9_RREAD(r0, 0x0, 0x0) 13:24:48 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) 13:24:48 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000200)='/dev/net/tun\x00', 0x141040, 0x0) 13:24:48 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xb], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:48 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f0000000000), &(0x7f0000000040)=0x4) [ 3318.990894][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:48 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/null\x00', 0x0, 0x0) sync_file_range(r0, 0x0, 0x0, 0x5) 13:24:49 executing program 5: pipe(&(0x7f0000002840)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TCGETA(r0, 0x5405, 0x0) 13:24:49 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) 13:24:49 executing program 2: timer_create(0x0, 0x0, &(0x7f0000000140)=0x0) timer_gettime(r0, &(0x7f0000000240)) 13:24:49 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xc], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:49 executing program 3: getrandom(&(0x7f0000000040)=""/29, 0x1d, 0x2) 13:24:49 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x34540, 0x0) fsync(r0) [ 3320.034240][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:49 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCL_SETVESABLANK(r0, 0x541c, 0x0) 13:24:50 executing program 2: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) 13:24:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) [ 3320.272421][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:50 executing program 3: r0 = getpid() tgkill(r0, r0, 0x0) 13:24:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:50 executing program 0: pipe(&(0x7f0000002840)={0xffffffffffffffff}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, 0x0) 13:24:50 executing program 2: pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$cgroup_subtree(r0, &(0x7f00000001c0)=ANY=[], 0x2d) 13:24:50 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x101081, 0x0) write$P9_RMKDIR(r0, 0x0, 0x0) 13:24:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 3321.070076][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:50 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xe], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:51 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x24440, 0x4) 13:24:51 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4) 13:24:51 executing program 2: mincore(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0) [ 3321.689398][ T27] audit: type=1800 audit(1601645091.439:56): pid=19836 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16364 res=0 errno=0 13:24:51 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) syz_open_pts(r1, 0x0) [ 3321.857269][ T27] audit: type=1800 audit(1601645091.499:57): pid=19836 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16364 res=0 errno=0 13:24:51 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:51 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) fchown(r0, 0x0, 0x0) 13:24:51 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xf], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:51 executing program 3: io_submit(0x0, 0x1, &(0x7f0000001b40)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) [ 3322.109338][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:52 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0) syncfs(r0) 13:24:52 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) fcntl$dupfd(r0, 0x0, r1) 13:24:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 13:24:52 executing program 0: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self\x00', 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) 13:24:52 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x10], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:52 executing program 3: 13:24:52 executing program 2: [ 3323.150335][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3323.312552][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3323.322232][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:53 executing program 4: 13:24:53 executing program 5: 13:24:53 executing program 0: 13:24:53 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x11], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:53 executing program 3: 13:24:53 executing program 2: 13:24:53 executing program 4: [ 3324.189286][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:54 executing program 5: 13:24:54 executing program 0: 13:24:54 executing program 3: 13:24:54 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x12], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:54 executing program 2: 13:24:54 executing program 4: 13:24:54 executing program 0: 13:24:54 executing program 5: 13:24:54 executing program 3: 13:24:55 executing program 2: [ 3325.240481][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x14], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:55 executing program 4: 13:24:55 executing program 5: 13:24:55 executing program 0: 13:24:55 executing program 3: 13:24:55 executing program 2: 13:24:55 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x18], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:55 executing program 4: [ 3326.269559][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3326.351774][T10003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:56 executing program 5: 13:24:56 executing program 0: 13:24:56 executing program 3: 13:24:56 executing program 2: 13:24:56 executing program 4: 13:24:56 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x25], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:56 executing program 0: 13:24:57 executing program 5: 13:24:57 executing program 3: [ 3327.309784][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:57 executing program 2: 13:24:57 executing program 4: 13:24:57 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x3c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:57 executing program 5: 13:24:57 executing program 0: 13:24:57 executing program 3: 13:24:57 executing program 4: r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000180)={0x1d, r1}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000200)={&(0x7f0000000000), 0x18, &(0x7f00000001c0)={&(0x7f0000000040)='=', 0x1}}, 0x0) 13:24:58 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100), 0xc) [ 3328.351848][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:58 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={&(0x7f0000000140), 0xc, &(0x7f0000000a00)={&(0x7f00000002c0)={0x10, r1, 0x1, 0x0, 0x0, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8}}, {0x8}}}]}}]}, 0x60}}, 0x0) 13:24:58 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x48], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:58 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0xefc, 0x453, 0x0, 0x0, 0x0, "28af5aacbbe3f4734e565e1cb5bc6312eb459bc8b4ccf834d24636d5896a2bd71e436e35f57b523ddcc298b78d53521e92170c95a88534139d723a639f84154e755b1c75061da16a7ed654b43ae804f90f8e621a10c5feb37db998f68b0c4d2cb5bf703e487e20c7bf6c64f790810d3e3a77886d5930a5a6dbe3f48eef089ef85bab1611dfabb348205812d4820e53048fd566e75235b22e4e34bc654b45d77817cefe8f8763ef8aefbfc3c4dd9b939ee7e79e428fa52a051a828d2ea814b341affadd4c758cd58587b193399a3e57762d31e338879438000ba98538be6d06d8b727f24470f56a2a7da4157076a7bcad43d43060a8d4cf2999fdc57e21c4b580bc467ac22a440f7689be2e63d8dc66931f59495959d3ac2d819b4f93d23717af6e6b25e3c97d2f4e3a181e0c325cf73adf265460550a6527d856758b696a60bc996908a632f726f25197f763eef92d04f7210721a2b82ecc4301c32c0b39c4bad564899a8c4c1fc0d9bb1e58091d8b54a8b676f30d6fee56e7398862a7804b9d5afe39b08ae1c7bd828e99a9048b8f6550fa7d911527eda42d9457a79b41545d6ab430200ab1ef48166f07422a2718c45440d1be209297fc81b43d804cb0361cbcdf26d50823ddf7bf27f77b7a99a04a4aa0b9c92479406cd161c02cb4f4b6ae6be2c80eab3b532d87d0f7a53ad2e705ba6b793477baa038ac1407d4f4057411de04bfcf7da223143c331c43bef145b89af6c870dc43725d7d4587bafbea2210650f343057b83c9d7a5e979a39c267b4dd9d7df79a5068781f5d1a811b1cec37890854274514502b32e2846c536920dde4444a6061e22de5849750222769a755b351cec204972c7c22a11e79e96f4bb0ff702c3d668480f2071090a8c334f5aa9816ec6b6e60acca1880f115b5f99eddb56693e235bef46430bcf1382e1ada05c16c7084afb7926c7a82489190a03a63ebccce40e509646d02af66924e7753ce84c47e1a3c405a5768e5abce0259ef7194444d7f06adc9b8dab3b6e6831891fbf561b19875d8c261c5e335433a07f94683d1ca1b435e6aa262443542eb114bffd4b9fb0197664490f770d9e47087a35cf87c474f75a8a73d96ca62c5587232f5b277423efdb2c8f90e117f22f9526050414848bcc590b9484600965508409a1edbcfe2eeec057ae51d34cd9128d7ca300cba69fdfb153de928f860a53109eadd235f0774a57059b6a4b2fa28fe8efcc7aefdab2796b1c4ad187135f1b0001eba1b2454f5ba96d3ba0a251dc305ba6fd4d0ed774176d38784218e0b5b8015b63747be0dc5d95cb146fc271fe0315b1ed126c98d123dde83d56e3eae54cb545a0fc774665b8c05ca3d29210770b0dacbfc85fab78c892a974291f147524e4df7496fcdf5d761cd6b4b47735dbb72137ee1f572f2c7c0627ceff51d8bd1848f6463fab4f1d5cc33a781116986606904d69f3fa6771b932f62c54435f02594a6a45f3b1e514f72529f67658d46dc5ef9bc7d956c4167b83d1e995bcf3d3316b001cc330a57f4f718bd40183ea6d128ef46548a550459a88d3d26f92409c1969de8a835cc89e7a01f297a1d453b1e9676c185d3eccfe3b717cdd6fc2c6df613219e62d7e32d03dfd24f3f0caf0c6fb318b5fc58991cef46220ef21725a738dff1f1f8dd2514bd56c6ffba66a5fa5fc5a0f29b7c911e6ea8064135dd4c4a474ad9b0d223f58b92a9695aa5778cb798c317055a80f4b1cddf0cf7d14ebac9caa5a5846413716626ec35f5b0c28307fd4ced2aacb003af2b9655329b0738ac8cd54c183f4e66f6a27e53cff7713dae1b71bff25030c9f4d7de31a0a93078fcd5d7bdd35a64bec0b45cee86cbabf003f27f831738a4899e58fc3c0b791b1c74c9f4f0f4b1de4705b63f7a9ee47c9013783b0ff6859dfe259b5362ba1f844e8192e273ef1a0e85569cc0ec1d3596d20879493af9e1247c1bff8f475dc0457f0a9490c96b74fd152bcd967f11dce77b4e66487372dfab1f9ff393991b9640a30514af4d3790cc3b8708f4c0082b27e4b6cf0fa921feb2462310d294b028b2c74a2c68b07d16fa8305c4df01bde6e8d87549d547a15fcfcf1d22446e177317ad7d6898e2d1207fd5ea6c64b2c702f76b7dce84147a55518bb3dcf973ba173ecedf87130225716bbdc88987479b2ec32719dde7f41d3f08db78348002283d3520917a70cccfbac4972481dca96ec9ca37e8acafa3ba58541c4a49dff33018bdf342523f77cd87069a60ff25688753ed78d7e6dd72d2ea24d10fc519bb69930108629807a073f1398fd3f2cefae3cc890bafea96b8132ec085a1eacb23b2616b86f89d20ee9a35ff76cb8e522fafc24d8b5b698d4c4701e03e7ce30ab5186dac24ae65164a40a6ea0213970c51d934d4e7742d03f5a2c1e5d194309532e6024f31a64d6df85157ca3c2dc32ffc0fce6deee6e1a22a355003ca67bcdcacd8b91255ce886b74a97842fdd3fdf593ae2323231c31804ddf2aba9bc4308f73a5de279ea35cbf760d577a66490aa3f92d21bc392da427069ea103892c7190c97d787a0d6e63b798c64134946e229ddba7a0caedb8549175274faf7665048dd47abc8394028d523307cdcabb42367fd5a3f29bc4f18f3f6a247e8ab6c5f75557038f8c9905ac32f5b120501b748e18e8b2dbd1b023d357faf0a4ba2d66b2236fa4144485e086a86a1277ed803afdd852ee5e516e78782138273fbe9ecec8ca5ea8cadec2554f5a82fe2648e5f5bc5ea99995fdc09cea750dcfdda4109e66fac7715e83557956a1f30fb0473c6d551cb3677dd558abf08866d976d3e53bbd0b8cbc544d788376ab0d9e32662e97fd3cee89bf3561bc17fcdd535597e1f067961029eec72837cb7eb7deab6541a4b9f1979ecdc3de6eb306e174bf9e9e761b9e5321e0e907659654a41c9924084e0b734daf6651ef5644aa58f7961052b6b290b44fbe4d485551376395a6259ae2c9b754d67127016286a2cd8959597e973ca93aece2c07a4b049264db8f3c53404c3ff086c7b6a577eca05034bafcc94ff5904126e8fb622a93a026b5b53bdfae435b92396f4c2d328f2a62c3679337ca19f1086aac5294c1b8efeebf2ed91f9ef43052b19543b6a832c22c6c23f857ab0e77c83d9b9d5f58a48ae9fe086d77026c61dd93fa693240100eb421d036e9263878cf15d204cef5cbdf239bd9ed9e748eecba4f0adfa9e210c3f30e7f71e211a2b2555b35e4e4c7d3613c833e58ab79fcb87045fdd63b563bc12079c47dfa7139ebd79aeefe6a2cdbac58383efccc61a617ae218ececfe908c089f51f638bc52ab84c07c1bc1f78c1b854d03993e44fab453ed872e26a79d69f168d4f41eacb713c5c33fd10cb5d22fdaf2404bfa2883a35d75ca81ced1f730a3006df1968c4d015bc6900d425082e846791694e6aebecd138e2f1d6b4b7bb08c776642ba1e33c17d64fbd034eba85c332308d22d56e4aee95fb067043240022136d49e49f16f34c34e13d2f4863da27744dbd3e6ce5c4f72aa30e4cc033af9e7b8db936d32925dc06f2d8804ab9e87a212b0f5170e7ff8b672e67417d46160406625a78bb673eec95842ecc34f93c93c2195764669e704c4cea58f581ce3de03019274ef61273c32acec8534f92f72ed1d1c000ea4f8eec53556f47aa5bb44286ce0b2438896c32d4026f07524694155fbc5b4efb890218410b3c237836749f0ca9681b834be5bc6f2d9f9b1936f88e7dc2f391e5a3bc08db2af7dc7e7e6303716ec2a236be278e56b845b08284731827c92ae86774381dc523baf02b69b3877cfda2bb051d7ba120f630392c05ee1e9e6d9bff0d6b9a91ed4777be65d55d524d8b8a0cb9121884da78bb81bc47b665fea2a99c24eb55e4d2fb97e2a634042a5c2e49868d6276061e139f707754d3d65330c999e51785b815753e05b2dae44b3e88bf461b8ad808f61380fb02353505c3343c7916b097909d2bc7e47467bb6900e511af1075163889e788b84e255926df39879f50637451572438fa9360a1ac50a107aa2723c85e0126593d3d763ad7de60bbaa98c6762682dee218e9620a8724df2e3e609e3b577377f020ea4b97b0224a011494800456016c03daf155f71907423fee031f8e94a3ca2961085a2abb3cb06b8f03dcd5d5b0e58715998a44fd0e462db6ad912c842587dfda68ed210758b590860ab163ba7993d99ab303a405aceeaf86ca7ea7f7c5eb58421c88d30c77514b2c95f447efe18395a9a03052e66bddbb1261f401124dd3d0bcebd5b96bbcc57db4727a34aee80fea5328325c9b4db85b6a7d212e5b07d3798dc0379e167ccbab95b465786e03fc84c320035749730c19db9009fdcc72db5a0f474f8e30b6bd247e95d46d41db983349ecfec3d4b499705bc9763f7a432fa582b47cdbc2d85ff2789127ae2f8c6867d683547a403a38d87711d7b20caab0aa171126f6cca17b4495ddd0ea8741cc6d71ee272cc8ca4a98f82708432e25cac0536de983c8eac8432a3e920ce2e91211d3bcbc9cb18a48d5a3186f0faad81fecd95b2ea0a4ba6994283fafaa6e9061aa5710dd8c2db0c0d114d2f06dd2e8192ef2d0ac9122c7a080952986878321bcc7d6c17f8b457b39f382eabc829ea82734172d144979b096c523869a12c73508c4fb269e5c35685e8083d1ee1c54a5184916581651fb08e9b769d518b31ba37e91df631d8aeba206d865a7cdea53e6be7e400bd66856eb1ca93dc7e6edd0c80abd01444c7aeb5e0044b2e10bdb8c557b08aa9dc0d517047d3355724e2e55f08235575d98c8194b97a60e02692fa5430c64690bb9593d7576b2ee28a968503772951f7ecd8ff6b2b32b540bf408746fca84bc96474e0c0251e9e95b9b599a535dc554b40e96d46af2726a4d06f00e0842504e49f7947a1146f36d698f959288bb37d63c65b6c583e9a8f4c77b071de6808195a3a88daf78b2d56594d6466f3fecf42048c8c59864078e83b4b81a2b4d4b1ed031ec3bc8f5e6c9f65ec09232832f3ccda2721257c0dd4c73b4b31e374e15e22de947a5b4ebf9e58b3434a996e87eb2fd19fc1bfee9b86f81e77d0f7907fbc1ad67362a013cee326d59eebdcbd77b681e715ebdd333a72e0a32c9f93ba399c7a8d6feb736b0dcb4b62c15b9c39c3fce31ddfa5b22cf5fe8b077a0a936286a10f58ffbaf44e5f62c5b737bd832a2c7d0846c6302cc4a8e5242f82576da2b9281dd6e0dfd45b3d632c0297835e40ca21371ba5a1c02a672acb3609a169dcaf8e079d18fd16e335c6a0391fb367c776f19d4a2c438ceb3e9be04451c9b404232d249fc32325741c77e85c5b20348e954f270bcd07057fa10aafc6ed8056b39ff40610acb90af60a731cd15c19a043d5f1edb8cce9d", ["", ""]}, 0xefc}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 13:24:58 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10) 13:24:58 executing program 2: bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x5079583513777f9b}, 0x10) [ 3329.304270][ T27] audit: type=1107 audit(1601645099.059:58): pid=19935 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='(ZsNV^cEȴ4F6Չj+Cn5{R=˜SR 4r:cNu[uj~T:b} M,p>H~ ǿld >:wmY0[߫H XԂSfR5.N4eKExcݛB*.ALuՅ9>Wv-188' [ 3329.390875][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3329.400322][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:24:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:24:59 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, 0x78) 13:24:59 executing program 0: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0xc0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}}, 0xffffffffffffffcd) 13:24:59 executing program 3: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000400)={&(0x7f0000000280), 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x58, 0x13, 0x9031e264817d797, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0x8, 0x1, "f2b7b010"}]}, 0x58}}, 0x0) 13:24:59 executing program 2: pselect6(0x0, 0x0, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000140)={&(0x7f0000000100), 0x8}) [ 3330.445236][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3331.473828][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:01 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, 0x0, &(0x7f0000000040)) 13:25:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x68], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:01 executing program 5: bpf$MAP_DELETE_BATCH(0x13, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}, 0x38) 13:25:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000002c0)={0x14, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0xc0}}, 0x0) 13:25:01 executing program 3: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$netlink(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1c000000000000000100000002"], 0x48}, 0x0) 13:25:01 executing program 2: bpf$MAP_DELETE_BATCH(0x22, 0x0, 0x9a) 13:25:01 executing program 3: r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000180)={0x1d, r1, 0x0, {0x0, 0xf0}}, 0x18) 13:25:01 executing program 2: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0}, 0x40) 13:25:01 executing program 5: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000140)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdaac5e718312a086, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:25:01 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000380), 0x4) 13:25:01 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x6c], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:02 executing program 4: pselect6(0x40, &(0x7f0000000000)={0x2}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) [ 3332.429922][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3332.509635][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:02 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x4) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 13:25:02 executing program 2: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) ioctl$sock_SIOCADDDLCI(r0, 0x8980, 0x0) 13:25:02 executing program 0: socket(0x3, 0x0, 0xfffffff9) 13:25:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x74], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:02 executing program 5: bpf$MAP_DELETE_BATCH(0x10, 0x0, 0x0) 13:25:02 executing program 4: r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000180)={0x1d, r1}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x1d, 0x0, 0x2}, 0x18, &(0x7f00000001c0)={&(0x7f0000000040)='=', 0x1}}, 0x0) [ 3332.922447][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:03 executing program 3: socketpair(0xa, 0x0, 0xc2c, &(0x7f0000000280)) [ 3333.276968][T19992] vxcan0: tx drop: invalid da for name 0x0000000000000002 13:25:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x15) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={0x0}}, 0x0) 13:25:03 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7a], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:03 executing program 2: pipe(&(0x7f0000000180)) bpf$MAP_DELETE_BATCH(0x1b, 0x0, 0x0) 13:25:03 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv6_getnetconf={0x14, 0x52, 0x1}, 0x14}}, 0x0) [ 3333.557808][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:03 executing program 4: write$tun(0xffffffffffffffff, 0x0, 0x0) 13:25:03 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={0x0}, 0x1, 0x0, 0x5000}, 0x0) 13:25:03 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x1, &(0x7f00000000c0)=@raw=[@ldst={0x2, 0x0, 0x3}], &(0x7f0000000100)='syzkaller\x00', 0x7, 0x9d, &(0x7f0000000200)=""/157, 0x0, 0xf, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:25:03 executing program 2: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, &(0x7f0000000100)) 13:25:03 executing program 4: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$rose(r0, 0x0, 0x0, 0x400) 13:25:04 executing program 5: socketpair(0x2, 0x2, 0x1, &(0x7f00000002c0)) 13:25:04 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0xac], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:04 executing program 0: r0 = socket(0x2a, 0x2, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8000) [ 3334.626402][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3334.650223][ T8724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:04 executing program 3: bpf$MAP_DELETE_BATCH(0x10, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}, 0x38) [ 3334.696218][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3334.722352][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:04 executing program 4: socketpair(0x2, 0x2, 0x0, &(0x7f00000002c0)) 13:25:04 executing program 2: socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, &(0x7f0000000100)) 13:25:05 executing program 0: r0 = socket(0x8, 0x1, 0x3afbf6a1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff) r1 = socket$netlink(0x10, 0x3, 0x15) sendmsg$SOCK_DESTROY(r1, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000600)={&(0x7f00000000c0)={0x52c, 0x15, 0x10, 0x70bd25, 0x25dfdbfd, {0x21, 0x9}, [@INET_DIAG_REQ_BYTECODE={0xf7, 0x1, "0d4fb13ef0e59247b5aa91ea6a4c785bd7b79676cf5fea7c3fc68225efce916c08ff2e6fc2ba43e3dd9e225cf596905b02802a55f88fd7d1acd660bf2aef7b1613eb73494be0d61f45b0d3f15eec54b64234ab584c814f41849bab59da575b1eeb2a6436068b03951a5d8ed3c5538afefc2d02b8627bc63401be5df98b7143ef80d1cc59b52e176a75b0d0e92be810d556cc00e9e0d7150c96e9eacec1e98aea2268086f4a7d30603c1fa2bc9d60c19c48bf4a28855aa91bea45129e2080a4e2134e2d970d50c9d98486caa2452303c21d6398eebff6bb30e9cdf7d4ea2e904d2ef88bca79b45d42069fe1d2efe70791d26726"}, @INET_DIAG_REQ_BYTECODE={0x75, 0x1, "740a51ff4d941b7c69a3c4c8590de9d1c83addc3967509bf58c2c2ae82071af8bd1f714330e00aaf4e23d8042aa1882b8d7276e60f14fa4964c32696ee955fe0dc7f6de6c910aafdba99a3a2164ef9ee5a474f89a367bebf57d334333485cdc84ef578ad00881011d864c1157157a40163"}, @INET_DIAG_REQ_BYTECODE={0x2f, 0x1, "f0c29d8661948cdd1980ee1a3addec7bfc4d018041b1be09d35a47488b1bbc16c5e0299715d4e0cae286a5"}, @INET_DIAG_REQ_BYTECODE={0x102, 0x1, "a011309286ba90d917140acee61b06b923ff4da9e1161afb73bf0bcad935c8717ad857a8110f6da77299939c6f58b0387eb6647878719f80e2551f77a5411ef800c939a5425a0ac1dd9dd82b3efdd45a2cee5ea3c83fbbbf558933d8289f3436648e5b0f770e083bcb8aace67e086029e935f166a4b1cb413d714a8ab2fe7c048f7362bf09db522e44ebdfcd29ff0e982bd2dc3a0d55186810583ae5195a9465f627e64e1743be93bf147b4c9ca5a81af563b9bff6c0e53ad265e70e1596750e7095c41ac57b3a7859385fc5255c5fc8a84f3421ffee966b838995867425a32b1f315f40a478697c3cdce3b0ca39eefc26a3f90f18826ae0331a71370731"}, @INET_DIAG_REQ_BYTECODE={0x7b, 0x1, "ebf3257ab5780300b6dfa90faaf95eb1e1c73f2b8570ef61290407301d5905d9ad7731778a47855f55d832f574323ad36e46102b056b2405e05fd88105d76c938fe2e74f51cb8007887a98ebf9e9a911ba4ff0f4abab5ec2b5291f3c629b39dcd3287cdb621226949ac5e8f3808c14b6b892f84d4d69aa"}, @INET_DIAG_REQ_BYTECODE={0x5a, 0x1, "8143412f7d35510cdfb66e8e751be09d7e32597b3ac5202618d50d5d762e0723f64b9097505cb849e24821edaa2cfb8c33c0e71ddab4329e1014c9e1b72211bdba2c13ccdf92ad74af297d841f56cdd132444721e073"}, @INET_DIAG_REQ_BYTECODE={0xa9, 0x1, "300baeec80545fc3871924ddfa6fa59b6f6f07ee45c84ed6045846fcaac2adc17436a995ca45105d1271c52782a3149fc6f126d56c5da8fcb9bb746f2e250488c7f182746c0ecf0986c8a3d23d53a8fc55f5c9cea4bb9a658a91b166a481624bd0d580f7f473ec9178196b724df73fc1f624b8ab9cec407359c56df4652ea86e637938fc297b30cb4b280708b57945debbe2433bb0441bf2ee24f09a6ddc00c9623762ccd8"}, @INET_DIAG_REQ_BYTECODE={0x6f, 0x1, "e6e1061a853b999a65bbf9bbb2cffe17a62b565cb0ac6e1baad62374b386fba2bdff43140a31d15af6829914d05310b1417dbb70c121e0918ae74237f5261580bc4af692d142e10b47ae21d0c49721cf1fbf3adc7b0023e64134f24d23740fb7e37699a58fb4c83780c8ba"}, @INET_DIAG_REQ_BYTECODE={0x80, 0x1, "17e089ff2fd4662ed594df919498185b77f75f526a8e2c0d4e8a3bd1434c432a0e91b9ab14d462bc9a872324373115adcff44a61e88f99d2a98d0dbda0f14c2d67c4c7ce9f8114fa2ee45f12ce07ce8e4a554c9b3accfb23f1048c6ffb584d85e385ff7190f85ce22013d83499d37be5f866e488187324325adb5df8"}]}, 0x52c}, 0x1, 0x0, 0x0, 0x44801}, 0x4000) 13:25:05 executing program 3: socketpair(0x9, 0x0, 0x0, &(0x7f00000000c0)) [ 3335.474669][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:05 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x14, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:25:05 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:05 executing program 4: r0 = socket$inet(0x2, 0x3, 0x7) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, 0x0) 13:25:05 executing program 2: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc) [ 3335.792589][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:05 executing program 0: r0 = socket(0x8, 0x1, 0x3afbf6a1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff) r1 = socket$netlink(0x10, 0x3, 0x15) sendmsg$SOCK_DESTROY(r1, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000600)={&(0x7f00000000c0)={0x52c, 0x15, 0x10, 0x70bd25, 0x25dfdbfd, {0x21, 0x9}, [@INET_DIAG_REQ_BYTECODE={0xf7, 0x1, "0d4fb13ef0e59247b5aa91ea6a4c785bd7b79676cf5fea7c3fc68225efce916c08ff2e6fc2ba43e3dd9e225cf596905b02802a55f88fd7d1acd660bf2aef7b1613eb73494be0d61f45b0d3f15eec54b64234ab584c814f41849bab59da575b1eeb2a6436068b03951a5d8ed3c5538afefc2d02b8627bc63401be5df98b7143ef80d1cc59b52e176a75b0d0e92be810d556cc00e9e0d7150c96e9eacec1e98aea2268086f4a7d30603c1fa2bc9d60c19c48bf4a28855aa91bea45129e2080a4e2134e2d970d50c9d98486caa2452303c21d6398eebff6bb30e9cdf7d4ea2e904d2ef88bca79b45d42069fe1d2efe70791d26726"}, @INET_DIAG_REQ_BYTECODE={0x75, 0x1, "740a51ff4d941b7c69a3c4c8590de9d1c83addc3967509bf58c2c2ae82071af8bd1f714330e00aaf4e23d8042aa1882b8d7276e60f14fa4964c32696ee955fe0dc7f6de6c910aafdba99a3a2164ef9ee5a474f89a367bebf57d334333485cdc84ef578ad00881011d864c1157157a40163"}, @INET_DIAG_REQ_BYTECODE={0x2f, 0x1, "f0c29d8661948cdd1980ee1a3addec7bfc4d018041b1be09d35a47488b1bbc16c5e0299715d4e0cae286a5"}, @INET_DIAG_REQ_BYTECODE={0x102, 0x1, "a011309286ba90d917140acee61b06b923ff4da9e1161afb73bf0bcad935c8717ad857a8110f6da77299939c6f58b0387eb6647878719f80e2551f77a5411ef800c939a5425a0ac1dd9dd82b3efdd45a2cee5ea3c83fbbbf558933d8289f3436648e5b0f770e083bcb8aace67e086029e935f166a4b1cb413d714a8ab2fe7c048f7362bf09db522e44ebdfcd29ff0e982bd2dc3a0d55186810583ae5195a9465f627e64e1743be93bf147b4c9ca5a81af563b9bff6c0e53ad265e70e1596750e7095c41ac57b3a7859385fc5255c5fc8a84f3421ffee966b838995867425a32b1f315f40a478697c3cdce3b0ca39eefc26a3f90f18826ae0331a71370731"}, @INET_DIAG_REQ_BYTECODE={0x7b, 0x1, "ebf3257ab5780300b6dfa90faaf95eb1e1c73f2b8570ef61290407301d5905d9ad7731778a47855f55d832f574323ad36e46102b056b2405e05fd88105d76c938fe2e74f51cb8007887a98ebf9e9a911ba4ff0f4abab5ec2b5291f3c629b39dcd3287cdb621226949ac5e8f3808c14b6b892f84d4d69aa"}, @INET_DIAG_REQ_BYTECODE={0x5a, 0x1, "8143412f7d35510cdfb66e8e751be09d7e32597b3ac5202618d50d5d762e0723f64b9097505cb849e24821edaa2cfb8c33c0e71ddab4329e1014c9e1b72211bdba2c13ccdf92ad74af297d841f56cdd132444721e073"}, @INET_DIAG_REQ_BYTECODE={0xa9, 0x1, "300baeec80545fc3871924ddfa6fa59b6f6f07ee45c84ed6045846fcaac2adc17436a995ca45105d1271c52782a3149fc6f126d56c5da8fcb9bb746f2e250488c7f182746c0ecf0986c8a3d23d53a8fc55f5c9cea4bb9a658a91b166a481624bd0d580f7f473ec9178196b724df73fc1f624b8ab9cec407359c56df4652ea86e637938fc297b30cb4b280708b57945debbe2433bb0441bf2ee24f09a6ddc00c9623762ccd8"}, @INET_DIAG_REQ_BYTECODE={0x6f, 0x1, "e6e1061a853b999a65bbf9bbb2cffe17a62b565cb0ac6e1baad62374b386fba2bdff43140a31d15af6829914d05310b1417dbb70c121e0918ae74237f5261580bc4af692d142e10b47ae21d0c49721cf1fbf3adc7b0023e64134f24d23740fb7e37699a58fb4c83780c8ba"}, @INET_DIAG_REQ_BYTECODE={0x80, 0x1, "17e089ff2fd4662ed594df919498185b77f75f526a8e2c0d4e8a3bd1434c432a0e91b9ab14d462bc9a872324373115adcff44a61e88f99d2a98d0dbda0f14c2d67c4c7ce9f8114fa2ee45f12ce07ce8e4a554c9b3accfb23f1048c6ffb584d85e385ff7190f85ce22013d83499d37be5f866e488187324325adb5df8"}]}, 0x52c}, 0x1, 0x0, 0x0, 0x44801}, 0x4000) 13:25:05 executing program 5: socketpair(0x1f, 0x0, 0x0, &(0x7f00000000c0)) 13:25:05 executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10) 13:25:05 executing program 4: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) bind$netlink(r0, &(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc) 13:25:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:06 executing program 2: r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000180)={'wg1\x00', 0x0}) sendmsg$AUDIT_USER_TTY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYRES32=r1], 0xb4}}, 0x0) 13:25:06 executing program 0: r0 = socket(0x8, 0x1, 0x3afbf6a1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff) r1 = socket$netlink(0x10, 0x3, 0x15) sendmsg$SOCK_DESTROY(r1, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000600)={&(0x7f00000000c0)={0x52c, 0x15, 0x10, 0x70bd25, 0x25dfdbfd, {0x21, 0x9}, [@INET_DIAG_REQ_BYTECODE={0xf7, 0x1, "0d4fb13ef0e59247b5aa91ea6a4c785bd7b79676cf5fea7c3fc68225efce916c08ff2e6fc2ba43e3dd9e225cf596905b02802a55f88fd7d1acd660bf2aef7b1613eb73494be0d61f45b0d3f15eec54b64234ab584c814f41849bab59da575b1eeb2a6436068b03951a5d8ed3c5538afefc2d02b8627bc63401be5df98b7143ef80d1cc59b52e176a75b0d0e92be810d556cc00e9e0d7150c96e9eacec1e98aea2268086f4a7d30603c1fa2bc9d60c19c48bf4a28855aa91bea45129e2080a4e2134e2d970d50c9d98486caa2452303c21d6398eebff6bb30e9cdf7d4ea2e904d2ef88bca79b45d42069fe1d2efe70791d26726"}, @INET_DIAG_REQ_BYTECODE={0x75, 0x1, "740a51ff4d941b7c69a3c4c8590de9d1c83addc3967509bf58c2c2ae82071af8bd1f714330e00aaf4e23d8042aa1882b8d7276e60f14fa4964c32696ee955fe0dc7f6de6c910aafdba99a3a2164ef9ee5a474f89a367bebf57d334333485cdc84ef578ad00881011d864c1157157a40163"}, @INET_DIAG_REQ_BYTECODE={0x2f, 0x1, "f0c29d8661948cdd1980ee1a3addec7bfc4d018041b1be09d35a47488b1bbc16c5e0299715d4e0cae286a5"}, @INET_DIAG_REQ_BYTECODE={0x102, 0x1, "a011309286ba90d917140acee61b06b923ff4da9e1161afb73bf0bcad935c8717ad857a8110f6da77299939c6f58b0387eb6647878719f80e2551f77a5411ef800c939a5425a0ac1dd9dd82b3efdd45a2cee5ea3c83fbbbf558933d8289f3436648e5b0f770e083bcb8aace67e086029e935f166a4b1cb413d714a8ab2fe7c048f7362bf09db522e44ebdfcd29ff0e982bd2dc3a0d55186810583ae5195a9465f627e64e1743be93bf147b4c9ca5a81af563b9bff6c0e53ad265e70e1596750e7095c41ac57b3a7859385fc5255c5fc8a84f3421ffee966b838995867425a32b1f315f40a478697c3cdce3b0ca39eefc26a3f90f18826ae0331a71370731"}, @INET_DIAG_REQ_BYTECODE={0x7b, 0x1, "ebf3257ab5780300b6dfa90faaf95eb1e1c73f2b8570ef61290407301d5905d9ad7731778a47855f55d832f574323ad36e46102b056b2405e05fd88105d76c938fe2e74f51cb8007887a98ebf9e9a911ba4ff0f4abab5ec2b5291f3c629b39dcd3287cdb621226949ac5e8f3808c14b6b892f84d4d69aa"}, @INET_DIAG_REQ_BYTECODE={0x5a, 0x1, "8143412f7d35510cdfb66e8e751be09d7e32597b3ac5202618d50d5d762e0723f64b9097505cb849e24821edaa2cfb8c33c0e71ddab4329e1014c9e1b72211bdba2c13ccdf92ad74af297d841f56cdd132444721e073"}, @INET_DIAG_REQ_BYTECODE={0xa9, 0x1, "300baeec80545fc3871924ddfa6fa59b6f6f07ee45c84ed6045846fcaac2adc17436a995ca45105d1271c52782a3149fc6f126d56c5da8fcb9bb746f2e250488c7f182746c0ecf0986c8a3d23d53a8fc55f5c9cea4bb9a658a91b166a481624bd0d580f7f473ec9178196b724df73fc1f624b8ab9cec407359c56df4652ea86e637938fc297b30cb4b280708b57945debbe2433bb0441bf2ee24f09a6ddc00c9623762ccd8"}, @INET_DIAG_REQ_BYTECODE={0x6f, 0x1, "e6e1061a853b999a65bbf9bbb2cffe17a62b565cb0ac6e1baad62374b386fba2bdff43140a31d15af6829914d05310b1417dbb70c121e0918ae74237f5261580bc4af692d142e10b47ae21d0c49721cf1fbf3adc7b0023e64134f24d23740fb7e37699a58fb4c83780c8ba"}, @INET_DIAG_REQ_BYTECODE={0x80, 0x1, "17e089ff2fd4662ed594df919498185b77f75f526a8e2c0d4e8a3bd1434c432a0e91b9ab14d462bc9a872324373115adcff44a61e88f99d2a98d0dbda0f14c2d67c4c7ce9f8114fa2ee45f12ce07ce8e4a554c9b3accfb23f1048c6ffb584d85e385ff7190f85ce22013d83499d37be5f866e488187324325adb5df8"}]}, 0x52c}, 0x1, 0x0, 0x0, 0x44801}, 0x4000) 13:25:06 executing program 3: bpf$MAP_DELETE_BATCH(0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}, 0x38) [ 3336.813183][T20055] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20055 comm=syz-executor.2 13:25:06 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 13:25:06 executing program 4: r0 = socket$l2tp6(0xa, 0x2, 0x73) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000040)) [ 3336.931514][T20056] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20056 comm=syz-executor.2 13:25:06 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:06 executing program 2: r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000040)={'wg0\x00'}) 13:25:06 executing program 0: r0 = socket(0x8, 0x1, 0x3afbf6a1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff) r1 = socket$netlink(0x10, 0x3, 0x15) sendmsg$SOCK_DESTROY(r1, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000600)={&(0x7f00000000c0)={0x52c, 0x15, 0x10, 0x70bd25, 0x25dfdbfd, {0x21, 0x9}, [@INET_DIAG_REQ_BYTECODE={0xf7, 0x1, "0d4fb13ef0e59247b5aa91ea6a4c785bd7b79676cf5fea7c3fc68225efce916c08ff2e6fc2ba43e3dd9e225cf596905b02802a55f88fd7d1acd660bf2aef7b1613eb73494be0d61f45b0d3f15eec54b64234ab584c814f41849bab59da575b1eeb2a6436068b03951a5d8ed3c5538afefc2d02b8627bc63401be5df98b7143ef80d1cc59b52e176a75b0d0e92be810d556cc00e9e0d7150c96e9eacec1e98aea2268086f4a7d30603c1fa2bc9d60c19c48bf4a28855aa91bea45129e2080a4e2134e2d970d50c9d98486caa2452303c21d6398eebff6bb30e9cdf7d4ea2e904d2ef88bca79b45d42069fe1d2efe70791d26726"}, @INET_DIAG_REQ_BYTECODE={0x75, 0x1, "740a51ff4d941b7c69a3c4c8590de9d1c83addc3967509bf58c2c2ae82071af8bd1f714330e00aaf4e23d8042aa1882b8d7276e60f14fa4964c32696ee955fe0dc7f6de6c910aafdba99a3a2164ef9ee5a474f89a367bebf57d334333485cdc84ef578ad00881011d864c1157157a40163"}, @INET_DIAG_REQ_BYTECODE={0x2f, 0x1, "f0c29d8661948cdd1980ee1a3addec7bfc4d018041b1be09d35a47488b1bbc16c5e0299715d4e0cae286a5"}, @INET_DIAG_REQ_BYTECODE={0x102, 0x1, "a011309286ba90d917140acee61b06b923ff4da9e1161afb73bf0bcad935c8717ad857a8110f6da77299939c6f58b0387eb6647878719f80e2551f77a5411ef800c939a5425a0ac1dd9dd82b3efdd45a2cee5ea3c83fbbbf558933d8289f3436648e5b0f770e083bcb8aace67e086029e935f166a4b1cb413d714a8ab2fe7c048f7362bf09db522e44ebdfcd29ff0e982bd2dc3a0d55186810583ae5195a9465f627e64e1743be93bf147b4c9ca5a81af563b9bff6c0e53ad265e70e1596750e7095c41ac57b3a7859385fc5255c5fc8a84f3421ffee966b838995867425a32b1f315f40a478697c3cdce3b0ca39eefc26a3f90f18826ae0331a71370731"}, @INET_DIAG_REQ_BYTECODE={0x7b, 0x1, "ebf3257ab5780300b6dfa90faaf95eb1e1c73f2b8570ef61290407301d5905d9ad7731778a47855f55d832f574323ad36e46102b056b2405e05fd88105d76c938fe2e74f51cb8007887a98ebf9e9a911ba4ff0f4abab5ec2b5291f3c629b39dcd3287cdb621226949ac5e8f3808c14b6b892f84d4d69aa"}, @INET_DIAG_REQ_BYTECODE={0x5a, 0x1, "8143412f7d35510cdfb66e8e751be09d7e32597b3ac5202618d50d5d762e0723f64b9097505cb849e24821edaa2cfb8c33c0e71ddab4329e1014c9e1b72211bdba2c13ccdf92ad74af297d841f56cdd132444721e073"}, @INET_DIAG_REQ_BYTECODE={0xa9, 0x1, "300baeec80545fc3871924ddfa6fa59b6f6f07ee45c84ed6045846fcaac2adc17436a995ca45105d1271c52782a3149fc6f126d56c5da8fcb9bb746f2e250488c7f182746c0ecf0986c8a3d23d53a8fc55f5c9cea4bb9a658a91b166a481624bd0d580f7f473ec9178196b724df73fc1f624b8ab9cec407359c56df4652ea86e637938fc297b30cb4b280708b57945debbe2433bb0441bf2ee24f09a6ddc00c9623762ccd8"}, @INET_DIAG_REQ_BYTECODE={0x6f, 0x1, "e6e1061a853b999a65bbf9bbb2cffe17a62b565cb0ac6e1baad62374b386fba2bdff43140a31d15af6829914d05310b1417dbb70c121e0918ae74237f5261580bc4af692d142e10b47ae21d0c49721cf1fbf3adc7b0023e64134f24d23740fb7e37699a58fb4c83780c8ba"}, @INET_DIAG_REQ_BYTECODE={0x80, 0x1, "17e089ff2fd4662ed594df919498185b77f75f526a8e2c0d4e8a3bd1434c432a0e91b9ab14d462bc9a872324373115adcff44a61e88f99d2a98d0dbda0f14c2d67c4c7ce9f8114fa2ee45f12ce07ce8e4a554c9b3accfb23f1048c6ffb584d85e385ff7190f85ce22013d83499d37be5f866e488187324325adb5df8"}]}, 0x52c}, 0x1, 0x0, 0x0, 0x44801}, 0x4000) [ 3337.427039][ T27] audit: type=1400 audit(1601645107.179:59): avc: denied { ioctl } for pid=20065 comm="syz-executor.5" path="socket:[171626]" dev="sockfs" ino=171626 ioctlcmd=0x943c scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 13:25:07 executing program 3: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) 13:25:07 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0) 13:25:07 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) 13:25:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3337.870667][T27563] net_ratelimit: 1 callbacks suppressed [ 3337.870698][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:07 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x0, 0x0, 0x0, 0x310}, 0x40) 13:25:07 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)={0x4c, 0x13, 0x1}, 0x4c}}, 0x0) 13:25:07 executing program 4: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(r0, 0x104, 0x7, &(0x7f0000000000)=0x7, 0x4) 13:25:08 executing program 3: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$llc(r0, 0x0, 0x0, 0x0) [ 3338.425488][T20086] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'. 13:25:08 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000)=0x3f, 0x4) [ 3338.514657][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:08 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:08 executing program 2: r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = socket$phonet(0x23, 0x2, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000180)={0x1d, r2, 0x0, {0x2}}, 0x18) 13:25:08 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001100)={0x3e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 13:25:08 executing program 4: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25ADDUID(r0, 0x541b, &(0x7f0000000040)={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0xee00}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$netlink(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000002c0)={0x20, r3, 0x1, 0x0, 0x0, {}, [{{0x8}, {0x4}}]}, 0x20}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000001080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000010c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000001100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001140)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x15, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x15, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000001180)={'batadv0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002fc0)={{{@in6=@private0, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@remote}}, &(0x7f00000030c0)=0xe8) getsockname$packet(0xffffffffffffffff, &(0x7f0000001340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001380)=0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000003540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000003500)={&(0x7f00000013c0)={0x3d0, r3, 0x300, 0x70bd29, 0x25dfdbfe, {}, [{{0x8}, {0x23c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @name={{0x0, 0x1, 'mode\x00'}, {}, {0x0, 0x4, 'loadbalance\x00'}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x2c, 0x4, [{0xb5a, 0x65, 0x3, 0x1ff}, {0xee3c, 0x1, 0x1, 0x25}, {0x8, 0x7, 0x6, 0x1}, {0x7, 0x3, 0x9, 0x5}, {0x8, 0x79, 0x1, 0x6}]}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0xcadf}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8, 0x4, r4}}, {0x8}}}, {0x6c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x3c, 0x4, [{0x2, 0x81, 0x40, 0x2}, {0x4, 0x2, 0x7, 0x3}, {0x7fff, 0x5, 0x6, 0xfffffffa}, {0xff, 0x0, 0xf9, 0x401}, {0x7f, 0x2, 0xff}, {0xd400, 0x85, 0xfa, 0x8000}, {0x9, 0x0, 0x2, 0xcce}]}}}]}}, {{0x8, 0x1, r6}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8, 0x4, 0x80000001}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0xcc}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8, 0x4, 0x10000}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}]}}]}, 0x3d0}, 0x1, 0x0, 0x0, 0x8004}, 0x20000000) pipe(&(0x7f0000000b40)={0xffffffffffffffff}) accept4(r10, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r10, 0xd0009411, &(0x7f0000000080)={{0x0, 0x5d35, 0xde6c, 0x0, 0x1f, 0x3, 0x4, 0x100010, 0x5, 0x4, 0x478f, 0x3, 0x218, 0xfffffffffffffffa, 0xb80b}}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000011c0)='./cgroup.net/syz0\x00', 0x1ff) [ 3338.912496][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:08 executing program 3: bpf$MAP_DELETE_BATCH(0x2, 0x0, 0x0) 13:25:09 executing program 5: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, &(0x7f0000000040)=0x9) 13:25:09 executing program 2: r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000006c0)=@newchain={0x2c, 0x64, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x0, 0xfff2}}, [@TCA_RATE={0x6}]}, 0x2c}}, 0x0) 13:25:09 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:09 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001540)={0x11, 0x3, &(0x7f0000000340)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000014c0), 0x8, 0x10, 0x0}, 0x78) 13:25:09 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000), 0x8) [ 3339.950632][T27563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:09 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000380)={'syztnl1\x00', 0x0}) 13:25:10 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x6) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, 0x0) 13:25:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:10 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockname(r0, 0x0, &(0x7f00000005c0)) 13:25:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000f7ffffffffff0c000000080005"], 0x28}}, 0x0) 13:25:10 executing program 3: openat$tun(0xffffffffffffff9c, 0x0, 0x200, 0x0) 13:25:10 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={&(0x7f0000000140), 0xc, &(0x7f0000000a00)={&(0x7f00000002c0)={0x60, r1, 0x1, 0x0, 0x0, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x3}}, {0x8}}}]}}]}, 0x60}}, 0x0) [ 3340.993130][T17450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 13:25:10 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:10 executing program 5: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x80042, 0x0) 13:25:10 executing program 0: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) 13:25:11 executing program 3: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x453, 0x4, 0x0, 0x0, 'd'}, 0x14}}, 0x0) [ 3341.398854][T20141] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3341.447742][T20144] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. 13:25:11 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) [ 3341.562140][T20082] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3341.625170][ T27] audit: type=1107 audit(1601645111.379:60): pid=20145 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='d' 13:25:11 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:11 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000000)=ANY=[@ANYBLOB="600000007f94bd"], 0x60}}, 0x0) 13:25:11 executing program 0: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0xec4, 0x453, 0x0, 0x70bd2c, 0x0, "28af5aacbbe3f4734e565e1cb5bc6312eb459bc8b4ccf834d24636d5896a2bd71e436e35f57b523ddcc298b78d53521e92170c95a88534139d723a639f84154e755b1c75061da16a7ed654b43ae804f90f8e621a10c5feb37db998f68b0c4d2cb5bf703e487e20c7bf6c64f790810d3e3a77886d5930a5a6dbe3f48eef089ef85bab1611dfabb348205812d4820e53048fd566e75235b22e4e34bc654b45d77817cefe8f8763ef8aefbfc3c4dd9b939ee7e79e428fa52a051a828d2ea814b341affadd4c758cd58587b193399a3e57762d31e338879438000ba98538be6d06d8b727f24470f56a2a7da4157076a7bcad43d43060a8d4cf2999fdc57e21c4b580bc467ac22a440f7689be2e63d8dc66931f59495959d3ac2d819b4f93d23717af6e6b25e3c97d2f4e3a181e0c325cf73adf265460550a6527d856758b696a60bc996908a632f726f25197f763eef92d04f7210721a2b82ecc4301c32c0b39c4bad564899a8c4c1fc0d9bb1e58091d8b54a8b676f30d6fee56e7398862a7804b9d5afe39b08ae1c7bd828e99a9048b8f6550fa7d911527eda42d9457a79b41545d6ab430200ab1ef48166f07422a2718c45440d1be209297fc81b43d804cb0361cbcdf26d50823ddf7bf27f77b7a99a04a4aa0b9c92479406cd161c02cb4f4b6ae6be2c80eab3b532d87d0f7a53ad2e705ba6b793477baa038ac1407d4f4057411de04bfcf7da223143c331c43bef145b89af6c870dc43725d7d4587bafbea2210650f343057b83c9d7a5e979a39c267b4dd9d7df79a5068781f5d1a811b1cec37890854274514502b32e2846c536920dde4444a6061e22de5849750222769a755b351cec204972c7c22a11e79e96f4bb0ff702c3d668480f2071090a8c334f5aa9816ec6b6e60acca1880f115b5f99eddb56693e235bef46430bcf1382e1ada05c16c7084afb7926c7a82489190a03a63ebccce40e509646d02af66924e7753ce84c47e1a3c405a5768e5abce0259ef7194444d7f06adc9b8dab3b6e6831891fbf561b19875d8c261c5e335433a07f94683d1ca1b435e6aa262443542eb114bffd4b9fb0197664490f770d9e47087a35cf87c474f75a8a73d96ca62c5587232f5b277423efdb2c8f90e117f22f9526050414848bcc590b9484600965508409a1edbcfe2eeec057ae51d34cd9128d7ca300cba69fdfb153de928f860a53109eadd235f0774a57059b6a4b2fa28fe8efcc7aefdab2796b1c4ad187135f1b0001eba1b2454f5ba96d3ba0a251dc305ba6fd4d0ed774176d38784218e0b5b8015b63747be0dc5d95cb146fc271fe0315b1ed126c98d123dde83d56e3eae54cb545a0fc774665b8c05ca3d29210770b0dacbfc85fab78c892a974291f147524e4df7496fcdf5d761cd6b4b47735dbb72137ee1f572f2c7c0627ceff51d8bd1848f6463fab4f1d5cc33a781116986606904d69f3fa6771b932f62c54435f02594a6a45f3b1e514f72529f67658d46dc5ef9bc7d956c4167b83d1e995bcf3d3316b001cc330a57f4f718bd40183ea6d128ef46548a550459a88d3d26f92409c1969de8a835cc89e7a01f297a1d453b1e9676c185d3eccfe3b717cdd6fc2c6df613219e62d7e32d03dfd24f3f0caf0c6fb318b5fc58991cef46220ef21725a738dff1f1f8dd2514bd56c6ffba66a5fa5fc5a0f29b7c911e6ea8064135dd4c4a474ad9b0d223f58b92a9695aa5778cb798c317055a80f4b1cddf0cf7d14ebac9caa5a5846413716626ec35f5b0c28307fd4ced2aacb003af2b9655329b0738ac8cd54c183f4e66f6a27e53cff7713dae1b71bff25030c9f4d7de31a0a93078fcd5d7bdd35a64bec0b45cee86cbabf003f27f831738a4899e58fc3c0b791b1c74c9f4f0f4b1de4705b63f7a9ee47c9013783b0ff6859dfe259b5362ba1f844e8192e273ef1a0e85569cc0ec1d3596d20879493af9e1247c1bff8f475dc0457f0a9490c96b74fd152bcd967f11dce77b4e66487372dfab1f9ff393991b9640a30514af4d3790cc3b8708f4c0082b27e4b6cf0fa921feb2462310d294b028b2c74a2c68b07d16fa8305c4df01bde6e8d87549d547a15fcfcf1d22446e177317ad7d6898e2d1207fd5ea6c64b2c702f76b7dce84147a55518bb3dcf973ba173ecedf87130225716bbdc88987479b2ec32719dde7f41d3f08db78348002283d3520917a70cccfbac4972481dca96ec9ca37e8acafa3ba58541c4a49dff33018bdf342523f77cd87069a60ff25688753ed78d7e6dd72d2ea24d10fc519bb69930108629807a073f1398fd3f2cefae3cc890bafea96b8132ec085a1eacb23b2616b86f89d20ee9a35ff76cb8e522fafc24d8b5b698d4c4701e03e7ce30ab5186dac24ae65164a40a6ea0213970c51d934d4e7742d03f5a2c1e5d194309532e6024f31a64d6df85157ca3c2dc32ffc0fce6deee6e1a22a355003ca67bcdcacd8b91255ce886b74a97842fdd3fdf593ae2323231c31804ddf2aba9bc4308f73a5de279ea35cbf760d577a66490aa3f92d21bc392da427069ea103892c7190c97d787a0d6e63b798c64134946e229ddba7a0caedb8549175274faf7665048dd47abc8394028d523307cdcabb42367fd5a3f29bc4f18f3f6a247e8ab6c5f75557038f8c9905ac32f5b120501b748e18e8b2dbd1b023d357faf0a4ba2d66b2236fa4144485e086a86a1277ed803afdd852ee5e516e78782138273fbe9ecec8ca5ea8cadec2554f5a82fe2648e5f5bc5ea99995fdc09cea750dcfdda4109e66fac7715e83557956a1f30fb0473c6d551cb3677dd558abf08866d976d3e53bbd0b8cbc544d788376ab0d9e32662e97fd3cee89bf3561bc17fcdd535597e1f067961029eec72837cb7eb7deab6541a4b9f1979ecdc3de6eb306e174bf9e9e761b9e5321e0e907659654a41c9924084e0b734daf6651ef5644aa58f7961052b6b290b44fbe4d485551376395a6259ae2c9b754d67127016286a2cd8959597e973ca93aece2c07a4b049264db8f3c53404c3ff086c7b6a577eca05034bafcc94ff5904126e8fb622a93a026b5b53bdfae435b92396f4c2d328f2a62c3679337ca19f1086aac5294c1b8efeebf2ed91f9ef43052b19543b6a832c22c6c23f857ab0e77c83d9b9d5f58a48ae9fe086d77026c61dd93fa693240100eb421d036e9263878cf15d204cef5cbdf239bd9ed9e748eecba4f0adfa9e210c3f30e7f71e211a2b2555b35e4e4c7d3613c833e58ab79fcb87045fdd63b563bc12079c47dfa7139ebd79aeefe6a2cdbac58383efccc61a617ae218ececfe908c089f51f638bc52ab84c07c1bc1f78c1b854d03993e44fab453ed872e26a79d69f168d4f41eacb713c5c33fd10cb5d22fdaf2404bfa2883a35d75ca81ced1f730a3006df1968c4d015bc6900d425082e846791694e6aebecd138e2f1d6b4b7bb08c776642ba1e33c17d64fbd034eba85c332308d22d56e4aee95fb067043240022136d49e49f16f34c34e13d2f4863da27744dbd3e6ce5c4f72aa30e4cc033af9e7b8db936d32925dc06f2d8804ab9e87a212b0f5170e7ff8b672e67417d46160406625a78bb673eec95842ecc34f93c93c2195764669e704c4cea58f581ce3de03019274ef61273c32acec8534f92f72ed1d1c000ea4f8eec53556f47aa5bb44286ce0b2438896c32d4026f07524694155fbc5b4efb890218410b3c237836749f0ca9681b834be5bc6f2d9f9b1936f88e7dc2f391e5a3bc08db2af7dc7e7e6303716ec2a236be278e56b845b08284731827c92ae86774381dc523baf02b69b3877cfda2bb051d7ba120f630392c05ee1e9e6d9bff0d6b9a91ed4777be65d55d524d8b8a0cb9121884da78bb81bc47b665fea2a99c24eb55e4d2fb97e2a634042a5c2e49868d6276061e139f707754d3d65330c999e51785b815753e05b2dae44b3e88bf461b8ad808f61380fb02353505c3343c7916b097909d2bc7e47467bb6900e511af1075163889e788b84e255926df39879f50637451572438fa9360a1ac50a107aa2723c85e0126593d3d763ad7de60bbaa98c6762682dee218e9620a8724df2e3e609e3b577377f020ea4b97b0224a011494800456016c03daf155f71907423fee031f8e94a3ca2961085a2abb3cb06b8f03dcd5d5b0e58715998a44fd0e462db6ad912c842587dfda68ed210758b590860ab163ba7993d99ab303a405aceeaf86ca7ea7f7c5eb58421c88d30c77514b2c95f447efe18395a9a03052e66bddbb1261f401124dd3d0bcebd5b96bbcc57db4727a34aee80fea5328325c9b4db85b6a7d212e5b07d3798dc0379e167ccbab95b465786e03fc84c320035749730c19db9009fdcc72db5a0f474f8e30b6bd247e95d46d41db983349ecfec3d4b499705bc9763f7a432fa582b47cdbc2d85ff2789127ae2f8c6867d683547a403a38d87711d7b20caab0aa171126f6cca17b4495ddd0ea8741cc6d71ee272cc8ca4a98f82708432e25cac0536de983c8eac8432a3e920ce2e91211d3bcbc9cb18a48d5a3186f0faad81fecd95b2ea0a4ba6994283fafaa6e9061aa5710dd8c2db0c0d114d2f06dd2e8192ef2d0ac9122c7a080952986878321bcc7d6c17f8b457b39f382eabc829ea82734172d144979b096c523869a12c73508c4fb269e5c35685e8083d1ee1c54a5184916581651fb08e9b769d518b31ba37e91df631d8aeba206d865a7cdea53e6be7e400bd66856eb1ca93dc7e6edd0c80abd01444c7aeb5e0044b2e10bdb8c557b08aa9dc0d517047d3355724e2e55f08235575d98c8194b97a60e02692fa5430c64690bb9593d7576b2ee28a968503772951f7ecd8ff6b2b32b540bf408746fca84bc96474e0c0251e9e95b9b599a535dc554b40e96d46af2726a4d06f00e0842504e49f7947a1146f36d698f959288bb37d63c65b6c583e9a8f4c77b071de6808195a3a88daf78b2d56594d6466f3fecf42048c8c59864078e83b4b81a2b4d4b1ed031ec3bc8f5e6c9f65ec09232832f3ccda2721257c0dd4c73b4b31e374e15e22de947a5b4ebf9e58b3434a996e87eb2fd19fc1bfee9b86f81e77d0f7907fbc1ad67362a013cee326d59eebdcbd77b681e715ebdd333a72e0a32c9f93ba399c7a8d6feb736b0dcb4b62c15b9c39c3fce31ddfa5b22cf5fe8b077a0a936286a10f58ffbaf44e5f62c5b737bd832a2c7d0846c6302cc4a8e5242f82576da2b9281dd6e0dfd45b3d632c0297835e40ca21371ba5a1c02a672acb3609a169dcaf8e079d18fd16e335c6a0391fb367c776f19d4a2c438ceb3e9be04", [""]}, 0xec4}}, 0x0) 13:25:11 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="100016"], 0x60}}, 0x0) [ 3342.032431][ T5334] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3342.124446][T20154] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=38015 sclass=netlink_route_socket pid=20154 comm=syz-executor.4 [ 3342.259397][ T27] audit: type=1107 audit(1601645112.009:61): pid=20155 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='(ZsNV^cEȴ4F6Չj+Cn5{R=˜SR 4r:cNu[uj~T:b} M,p>H~ ǿld >:wmY0[߫H XԂSfR5.N4eKExcݛB*.ALuՅ9>Wv-188' [ 3342.540272][T16622] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 3342.832034][T20163] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3342.860739][T20164] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 13:25:12 executing program 2: bpf$MAP_DELETE_BATCH(0xc, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}, 0x38) 13:25:12 executing program 5: pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x1}, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) 13:25:12 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004140)={0xa, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xad, &(0x7f00000000c0)=""/173, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 13:25:12 executing program 3: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x58, 0x13, 0x9031e264817d797, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0x8, 0x1, "f2b7b010"}]}, 0x58}}, 0x0) 13:25:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_PORT_SPLIT(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="8c010002"], 0x18c}}, 0x0) 13:25:12 executing program 0: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)={0x50, 0x13, 0x1, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x4, 0x3}]}, 0x50}}, 0x0) [ 3343.043764][T20170] ===================================================== [ 3343.051444][T20170] BUG: KMSAN: uninit-value in inet_diag_cmd_exact+0x67e/0xb40 [ 3343.059394][T20170] CPU: 1 PID: 20170 Comm: syz-executor.0 Not tainted 5.9.0-rc4-syzkaller #0 [ 3343.069700][T20170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3343.080843][T20170] Call Trace: [ 3343.085200][T20170] dump_stack+0x21c/0x280 [ 3343.091739][T20170] kmsan_report+0xf7/0x1e0 [ 3343.096879][T20170] __msan_warning+0x58/0xa0 [ 3343.102531][T20170] inet_diag_cmd_exact+0x67e/0xb40 [ 3343.108093][T20170] ? kmsan_memcpy_memmove_metadata+0x10c/0x2e0 [ 3343.114854][T20170] inet_diag_rcv_msg_compat+0x537/0x6c0 [ 3343.120704][T20170] ? inet_diag_unregister+0x130/0x130 [ 3343.126570][T20170] sock_diag_rcv_msg+0x24f/0x620 [ 3343.133423][T20170] ? kmsan_get_metadata+0x116/0x180 [ 3343.139227][T20170] netlink_rcv_skb+0x6d7/0x7e0 [ 3343.144745][T20170] ? sock_diag_bind+0x180/0x180 [ 3343.149760][T20170] sock_diag_rcv+0x63/0x80 [ 3343.155275][T20170] netlink_unicast+0x11c8/0x1490 [ 3343.161140][T20170] ? diag_net_exit+0x90/0x90 [ 3343.167054][T20170] netlink_sendmsg+0x173a/0x1840 [ 3343.172942][T20170] ____sys_sendmsg+0xc82/0x1240 [ 3343.178621][T20170] ? netlink_getsockopt+0x17e0/0x17e0 [ 3343.184402][T20170] __sys_sendmsg+0x6d1/0x820 [ 3343.189170][T20170] ? kmsan_copy_to_user+0x81/0x90 [ 3343.195252][T20170] ? kmsan_get_metadata+0x116/0x180 [ 3343.202137][T20170] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3343.209639][T20170] ? kmsan_get_metadata+0x116/0x180 [ 3343.215217][T20170] __se_compat_sys_sendmsg+0xa7/0xc0 [ 3343.220829][T20170] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 3343.227079][T20170] __do_fast_syscall_32+0x129/0x180 [ 3343.234112][T20170] do_fast_syscall_32+0x6a/0xc0 [ 3343.241876][T20170] do_SYSENTER_32+0x73/0x90 [ 3343.247582][T20170] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3343.256622][T20170] RIP: 0023:0xf7f67549 [ 3343.261931][T20170] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3343.285716][T20170] RSP: 002b:00000000f55610cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 3343.295212][T20170] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000480 [ 3343.304115][T20170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 3343.313763][T20170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3343.322748][T20170] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3343.332139][T20170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3343.342094][T20170] [ 3343.344738][T20170] Uninit was created at: [ 3343.350016][T20170] kmsan_internal_poison_shadow+0x66/0xd0 [ 3343.356166][T20170] kmsan_slab_alloc+0x8a/0xe0 [ 3343.361132][T20170] __kmalloc_node_track_caller+0x9aa/0x12f0 [ 3343.367463][T20170] __alloc_skb+0x35f/0xb30 [ 3343.372315][T20170] netlink_sendmsg+0xdb9/0x1840 [ 3343.377526][T20170] ____sys_sendmsg+0xc82/0x1240 [ 3343.382821][T20170] __sys_sendmsg+0x6d1/0x820 [ 3343.388367][T20170] __se_compat_sys_sendmsg+0xa7/0xc0 [ 3343.394829][T20170] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 3343.400613][T20170] __do_fast_syscall_32+0x129/0x180 [ 3343.406582][T20170] do_fast_syscall_32+0x6a/0xc0 [ 3343.412267][T20170] do_SYSENTER_32+0x73/0x90 [ 3343.417209][T20170] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3343.424247][T20170] ===================================================== [ 3343.431918][T20170] Disabling lock debugging due to kernel taint [ 3343.438513][T20170] Kernel panic - not syncing: panic_on_warn set ... [ 3343.446037][T20170] CPU: 1 PID: 20170 Comm: syz-executor.0 Tainted: G B 5.9.0-rc4-syzkaller #0 [ 3343.457443][T20170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3343.468328][T20170] Call Trace: [ 3343.471945][T20170] dump_stack+0x21c/0x280 [ 3343.476749][T20170] panic+0x4d7/0xef7 [ 3343.480983][T20170] ? add_taint+0x17c/0x210 [ 3343.485958][T20170] kmsan_report+0x1df/0x1e0 [ 3343.491007][T20170] __msan_warning+0x58/0xa0 [ 3343.495895][T20170] inet_diag_cmd_exact+0x67e/0xb40 [ 3343.501734][T20170] ? kmsan_memcpy_memmove_metadata+0x10c/0x2e0 [ 3343.509906][T20170] inet_diag_rcv_msg_compat+0x537/0x6c0 [ 3343.515746][T20170] ? inet_diag_unregister+0x130/0x130 [ 3343.521905][T20170] sock_diag_rcv_msg+0x24f/0x620 [ 3343.527330][T20170] ? kmsan_get_metadata+0x116/0x180 [ 3343.532863][T20170] netlink_rcv_skb+0x6d7/0x7e0 [ 3343.538195][T20170] ? sock_diag_bind+0x180/0x180 [ 3343.543660][T20170] sock_diag_rcv+0x63/0x80 [ 3343.549785][T20170] netlink_unicast+0x11c8/0x1490 [ 3343.556663][T20170] ? diag_net_exit+0x90/0x90 [ 3343.562604][T20170] netlink_sendmsg+0x173a/0x1840 [ 3343.570457][T20170] ____sys_sendmsg+0xc82/0x1240 [ 3343.576005][T20170] ? netlink_getsockopt+0x17e0/0x17e0 [ 3343.581675][T20170] __sys_sendmsg+0x6d1/0x820 [ 3343.587295][T20170] ? kmsan_copy_to_user+0x81/0x90 [ 3343.594494][T20170] ? kmsan_get_metadata+0x116/0x180 [ 3343.600719][T20170] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3343.606879][T20170] ? kmsan_get_metadata+0x116/0x180 [ 3343.612458][T20170] __se_compat_sys_sendmsg+0xa7/0xc0 [ 3343.618409][T20170] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 3343.624181][T20170] __do_fast_syscall_32+0x129/0x180 [ 3343.630323][T20170] do_fast_syscall_32+0x6a/0xc0 [ 3343.635580][T20170] do_SYSENTER_32+0x73/0x90 [ 3343.640311][T20170] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 3343.647926][T20170] RIP: 0023:0xf7f67549 [ 3343.652993][T20170] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3343.674356][T20170] RSP: 002b:00000000f55610cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 3343.684214][T20170] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000480 [ 3343.692765][T20170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 3343.702276][T20170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3343.710891][T20170] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3343.719074][T20170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3343.729264][T20170] Kernel Offset: disabled [ 3343.739547][T20170] Rebooting in 86400 seconds..