last executing test programs:

4.846636995s ago: executing program 0 (id=80):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x2007, &(0x7f0000000980)=<r1=>0x0)
r2 = eventfd2(0x9, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffdc6c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
io_pgetevents(r1, 0x2, 0x2, &(0x7f0000000080)=[{}, {}], 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}])
io_destroy(r1)

3.657881466s ago: executing program 0 (id=90):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x0)

3.657599846s ago: executing program 1 (id=91):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="540000000206050000000000000000000000020005000400000000000900020073797a30000000000c0007800800064087550000050005000000000005000100060000000d000300686173683a6d6163"], 0x54}}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000000000500010007000000080009400000000114000880100007800a001100aa"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)

3.506626505s ago: executing program 0 (id=92):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x97}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c00000003060104000000000000000007000002050001000700"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000740)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]})
r3 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
clock_gettime(0x0, 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r3, 0x0)
lseek(r3, 0x1, 0x3)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x80000}, 0x18)

3.217002732s ago: executing program 1 (id=93):
r0 = syz_io_uring_setup(0x117b, &(0x7f0000000340)={0x0, 0x29d8, 0x10100, 0x200003, 0x60}, &(0x7f0000000140)=<r1=>0x0, &(0x7f00000006c0)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0, 0xffffffffffffffed, 0x0, 0x300}, {0x0, 0x0, 0xfffd}, {0x0, 0x0, 0x4}, {0x0}]}, 0x4}, 0x1)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r3, 0x0, 0x0, 0x0, 0x20044081, 0x1})
io_uring_enter(r0, 0x2762, 0x0, 0x43, 0x0, 0x0)

3.058886902s ago: executing program 0 (id=94):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0ffb}]})
acct(0x0)

3.058503462s ago: executing program 1 (id=95):
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007500000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000140)=r1, 0x4)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='6@\x00\x00&\x00'], 0xfe33)

2.950032556s ago: executing program 0 (id=96):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58)
listen(r0, 0x5)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r2 = accept4$inet6(r0, 0x0, 0x0, 0x800)
setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000400)=ANY=[], 0x28)

2.794134805s ago: executing program 1 (id=97):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00000002060108000100000000000000004000050005000a000000050001000700000005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e65740000000c00078008001240"], 0x5c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffff}, 0x18)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r4, 0x852ac000)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

370.003342ms ago: executing program 0 (id=98):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000000b40)=[{{&(0x7f00000001c0)={0xa, 0x4e01, 0x0, @remote, 0xc}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8008801)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0xc5)
fcntl$notify(r1, 0x402, 0x31)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x2)
sendmmsg$inet6(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)='e', 0x1}], 0x1}}], 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r4, 0x0)
r5 = gettid()
r6 = epoll_create1(0x0)
fallocate(r6, 0x15, 0x7fffffff, 0xa)
process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r7 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r7, &(0x7f0000000900)={&(0x7f0000000500)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000540)="e8691a913b", 0x1718}, {0x0, 0x2900}], 0x2, &(0x7f00000008c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @rand_addr=0x64010101}}}], 0x38}, 0x0)

168.467428ms ago: executing program 1 (id=99):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x515a02, 0x52abe154ad664f26)

0s ago: executing program 1 (id=100):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000000580)=""/152, 0x98}], 0x1)
readv(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/215, 0xd7}], 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x39)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:28255' (ED25519) to the list of known hosts.
syzkaller login: [   79.721806][ T3309] cgroup: Unknown subsys name 'net'
[   79.903068][ T3309] cgroup: Unknown subsys name 'cpuset'
[   79.928865][ T3309] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   80.347029][ T3309] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.337297][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.352145][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.359955][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.398445][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.425356][ T3316] hsr_slave_0: entered promiscuous mode
[   90.433867][ T3316] hsr_slave_1: entered promiscuous mode
[   90.611496][ T3317] hsr_slave_0: entered promiscuous mode
[   90.617693][ T3317] hsr_slave_1: entered promiscuous mode
[   90.624236][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[   90.624999][ T3317] Cannot create hsr debugfs directory
[   91.428669][ T3316] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.496423][ T3316] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.511117][ T3316] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.556296][ T3316] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.672874][ T3317] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   91.701109][ T3317] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   91.720207][ T3317] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   91.769101][ T3317] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.592661][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.727903][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.626288][ T3316] veth0_vlan: entered promiscuous mode
[   95.686994][ T3316] veth1_vlan: entered promiscuous mode
[   95.846750][ T3316] veth0_macvtap: entered promiscuous mode
[   95.895800][ T3316] veth1_macvtap: entered promiscuous mode
[   96.069817][ T3317] veth0_vlan: entered promiscuous mode
[   96.178690][  T103] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.184949][ T3317] veth1_vlan: entered promiscuous mode
[   96.192244][  T103] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.192763][  T103] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.195310][  T103] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.528381][ T3317] veth0_macvtap: entered promiscuous mode
[   96.594039][ T3317] veth1_macvtap: entered promiscuous mode
[   96.776656][ T3316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.807370][ T2107] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.807951][ T2107] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.808101][ T2107] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.808240][ T2107] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.508742][   T30] audit: type=1326 audit(98.340:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3476 comm="syz.1.6" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[   98.513285][   T30] audit: type=1326 audit(98.350:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3476 comm="syz.1.6" exe="/syz-executor" sig=0 arch=c00000b7 syscall=135 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[   98.518337][   T30] audit: type=1326 audit(98.350:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3476 comm="syz.1.6" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[   98.944315][ T3481] netlink: 224 bytes leftover after parsing attributes in process `syz.0.8'.
[   99.168074][ T3483] process 'syz.0.9' launched '/dev/fd/4' with NULL argv: empty string added
[   99.316528][   T30] audit: type=1326 audit(99.160:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[   99.330259][   T30] audit: type=1326 audit(99.170:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[   99.334631][   T30] audit: type=1326 audit(99.170:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[   99.341034][   T30] audit: type=1326 audit(99.180:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[   99.344511][   T30] audit: type=1326 audit(99.180:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[   99.347475][   T30] audit: type=1326 audit(99.180:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=81 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[   99.576999][   T30] audit: type=1326 audit(99.420:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3485 comm="syz.0.10" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  100.449578][ T3494] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  101.245952][ T3506] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19'.
[  101.284497][ T3506] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19'.
[  102.561658][ T3540] netlink: 9 bytes leftover after parsing attributes in process `syz.1.36'.
[  102.585405][ T3540] netlink: 9 bytes leftover after parsing attributes in process `syz.1.36'.
[  103.595684][ T3557] netlink: 28 bytes leftover after parsing attributes in process `syz.1.43'.
[  103.607594][ T3557] lo: entered promiscuous mode
[  103.608136][ T3557] lo: entered allmulticast mode
[  103.990107][ T3565] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.098012][ T3565] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.541583][ T3565] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.649861][ T3565] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.959157][  T103] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.995378][  T103] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.033565][  T103] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.070177][  T103] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.328304][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  105.328868][   T30] audit: type=1326 audit(105.170:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3567 comm="syz.0.48" exe="/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x0
[  106.255556][ T3590] netlink: 'syz.0.58': attribute type 21 has an invalid length.
[  106.258645][ T3590] netlink: 132 bytes leftover after parsing attributes in process `syz.0.58'.
[  106.599983][   T30] audit: type=1326 audit(106.440:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.608431][   T30] audit: type=1326 audit(106.450:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.610342][   T30] audit: type=1326 audit(106.450:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.617014][   T30] audit: type=1326 audit(106.460:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.638234][   T30] audit: type=1326 audit(106.480:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.638795][   T30] audit: type=1326 audit(106.480:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.640192][   T30] audit: type=1326 audit(106.480:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.656127][   T30] audit: type=1326 audit(106.500:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  106.666059][   T30] audit: type=1326 audit(106.510:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3599 comm="syz.1.64" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b95c3e8 code=0x7ffc0000
[  108.071430][  T783] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  108.088330][  T783] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  108.330905][ T3626] netlink: 'syz.1.75': attribute type 13 has an invalid length.
[  108.391556][ T3626] gretap0: refused to change device tx_queue_len
[  108.406329][ T3626] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  108.678222][ T3625] fido_id[3625]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  108.908550][ T3630] rdma_op 00000000f7759e5e conn xmit_rdma 0000000000000000
[  110.770013][   T30] kauditd_printk_skb: 70 callbacks suppressed
[  110.772462][   T30] audit: type=1326 audit(110.610:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.775576][   T30] audit: type=1326 audit(110.610:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.783365][   T30] audit: type=1326 audit(110.620:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.783832][   T30] audit: type=1326 audit(110.620:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.783948][   T30] audit: type=1326 audit(110.620:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=113 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.784063][   T30] audit: type=1326 audit(110.620:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.784168][   T30] audit: type=1326 audit(110.620:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.784279][   T30] audit: type=1326 audit(110.620:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.784381][   T30] audit: type=1326 audit(110.620:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=62 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  110.784484][   T30] audit: type=1326 audit(110.620:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3662 comm="syz.0.92" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b55c3e8 code=0x7ffc0000
[  111.107233][ T3672] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.95'.
[  113.669987][ T3686] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  114.139468][ T3686] ==================================================================
[  114.142522][ T3686] BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc
[  114.144017][ T3686] Write at addr f2f000000450ba60 by task syz.0.98/3686
[  114.144439][ T3686] Pointer tag: [f2], memory tag: [fe]
[  114.144489][ T3686] 
[  114.145485][ T3686] CPU: 1 UID: 0 PID: 3686 Comm: syz.0.98 Not tainted syzkaller #0 PREEMPT 
[  114.145743][ T3686] Hardware name: linux,dummy-virt (DT)
[  114.145941][ T3686] Call trace:
[  114.146151][ T3686]  show_stack+0x18/0x24 (C)
[  114.146365][ T3686]  dump_stack_lvl+0x78/0x90
[  114.146434][ T3686]  print_report+0x108/0x61c
[  114.146463][ T3686]  kasan_report+0x88/0xac
[  114.146486][ T3686]  __do_kernel_fault+0x170/0x1c8
[  114.146513][ T3686]  do_bad_area+0x68/0x78
[  114.146539][ T3686]  do_tag_check_fault+0x34/0x44
[  114.146587][ T3686]  do_mem_abort+0x44/0x94
[  114.146613][ T3686]  el1_abort+0x44/0x68
[  114.146639][ T3686]  el1h_64_sync_handler+0x50/0xac
[  114.146665][ T3686]  el1h_64_sync+0x6c/0x70
[  114.146757][ T3686]  defer_free+0x3c/0xbc (P)
[  114.146788][ T3686]  kfree_nolock+0x1a0/0x1d4
[  114.146814][ T3686]  range_tree_clear+0x24c/0x6a8
[  114.146842][ T3686]  arena_vm_fault+0xf0/0x1a8
[  114.146867][ T3686]  __do_fault+0x3c/0x234
[  114.146896][ T3686]  do_fault+0xb8/0x680
[  114.146919][ T3686]  __handle_mm_fault+0x440/0xc2c
[  114.146984][ T3686]  handle_mm_fault+0x15c/0x30c
[  114.147010][ T3686]  __get_user_pages+0x1e0/0xcb4
[  114.147035][ T3686]  __gup_longterm_locked+0x35c/0x724
[  114.147060][ T3686]  pin_user_pages_remote+0x80/0xa8
[  114.147084][ T3686]  process_vm_rw_core.constprop.0+0x190/0x3f0
[  114.147111][ T3686]  process_vm_rw+0x140/0x164
[  114.147173][ T3686]  __arm64_sys_process_vm_writev+0x28/0x34
[  114.147208][ T3686]  invoke_syscall+0x48/0x110
[  114.147235][ T3686]  el0_svc_common.constprop.0+0x40/0xe0
[  114.147261][ T3686]  do_el0_svc+0x1c/0x28
[  114.147286][ T3686]  el0_svc+0x34/0x128
[  114.147311][ T3686]  el0t_64_sync_handler+0xa0/0xe4
[  114.147336][ T3686]  el0t_64_sync+0x1a4/0x1a8
[  114.147513][ T3686] 
[  114.147556][ T3686] Allocated by task 3686:
[  114.147679][ T3686]  kasan_save_stack+0x3c/0x64
[  114.147848][ T3686]  save_stack_info+0x40/0x158
[  114.147869][ T3686]  kasan_save_alloc_info+0x14/0x20
[  114.147887][ T3686]  __kasan_kmalloc+0xb4/0xb8
[  114.147904][ T3686]  kmalloc_nolock_noprof+0x1dc/0x4fc
[  114.147924][ T3686]  range_tree_clear+0x3a4/0x6a8
[  114.147944][ T3686]  arena_vm_fault+0xf0/0x1a8
[  114.147963][ T3686]  __do_fault+0x3c/0x234
[  114.147983][ T3686]  do_fault+0xb8/0x680
[  114.148000][ T3686]  __handle_mm_fault+0x440/0xc2c
[  114.148030][ T3686]  handle_mm_fault+0x15c/0x30c
[  114.148068][ T3686]  __get_user_pages+0x1e0/0xcb4
[  114.148106][ T3686]  __gup_longterm_locked+0x35c/0x724
[  114.148142][ T3686]  pin_user_pages_remote+0x80/0xa8
[  114.148162][ T3686]  process_vm_rw_core.constprop.0+0x190/0x3f0
[  114.148181][ T3686]  process_vm_rw+0x140/0x164
[  114.148207][ T3686]  __arm64_sys_process_vm_writev+0x28/0x34
[  114.148226][ T3686]  invoke_syscall+0x48/0x110
[  114.148247][ T3686]  el0_svc_common.constprop.0+0x40/0xe0
[  114.148268][ T3686]  do_el0_svc+0x1c/0x28
[  114.148288][ T3686]  el0_svc+0x34/0x128
[  114.148307][ T3686]  el0t_64_sync_handler+0xa0/0xe4
[  114.148327][ T3686]  el0t_64_sync+0x1a4/0x1a8
[  114.148379][ T3686] 
[  114.148406][ T3686] Freed by task 3686:
[  114.148434][ T3686]  kasan_save_stack+0x3c/0x64
[  114.148454][ T3686]  save_stack_info+0x40/0x158
[  114.148471][ T3686]  kasan_save_free_info+0x18/0x24
[  114.148489][ T3686]  __kasan_slab_free+0x7c/0x8c
[  114.148507][ T3686]  kfree_nolock+0xcc/0x1d4
[  114.148526][ T3686]  range_tree_clear+0x24c/0x6a8
[  114.148545][ T3686]  arena_vm_fault+0xf0/0x1a8
[  114.148564][ T3686]  __do_fault+0x3c/0x234
[  114.148585][ T3686]  do_fault+0xb8/0x680
[  114.148602][ T3686]  __handle_mm_fault+0x440/0xc2c
[  114.148619][ T3686]  handle_mm_fault+0x15c/0x30c
[  114.148636][ T3686]  __get_user_pages+0x1e0/0xcb4
[  114.148655][ T3686]  __gup_longterm_locked+0x35c/0x724
[  114.148675][ T3686]  pin_user_pages_remote+0x80/0xa8
[  114.148695][ T3686]  process_vm_rw_core.constprop.0+0x190/0x3f0
[  114.148714][ T3686]  process_vm_rw+0x140/0x164
[  114.148732][ T3686]  __arm64_sys_process_vm_writev+0x28/0x34
[  114.148751][ T3686]  invoke_syscall+0x48/0x110
[  114.148822][ T3686]  el0_svc_common.constprop.0+0x40/0xe0
[  114.148863][ T3686]  do_el0_svc+0x1c/0x28
[  114.148884][ T3686]  el0_svc+0x34/0x128
[  114.148903][ T3686]  el0t_64_sync_handler+0xa0/0xe4
[  114.148923][ T3686]  el0t_64_sync+0x1a4/0x1a8
[  114.148962][ T3686] 
[  114.148987][ T3686] The buggy address belongs to the object at fff000000450ba40
[  114.148987][ T3686]  which belongs to the cache kmalloc-64 of size 64
[  114.149055][ T3686] The buggy address is located 32 bytes inside of
[  114.149055][ T3686]  64-byte region [fff000000450ba40, fff000000450ba80)
[  114.149080][ T3686] 
[  114.149234][ T3686] The buggy address belongs to the physical page:
[  114.149527][ T3686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf2f000000450bf00 pfn:0x4450b
[  114.149779][ T3686] flags: 0x1ffc00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x0)
[  114.150054][ T3686] page_type: f5(slab)
[  114.150496][ T3686] raw: 01ffc00000000000 f7f0000003001600 dead000000000122 0000000000000000
[  114.150532][ T3686] raw: f2f000000450bf00 000000008040003f 00000000f5000000 0000000000000000
[  114.150664][ T3686] page dumped because: kasan: bad access detected
[  114.150691][ T3686] 
[  114.150710][ T3686] Memory state around the buggy address:
[  114.150882][ T3686]  fff000000450b800: f2 f2 f2 fe fa fa fa fe fb fb fb fe f2 f2 f2 fe
[  114.150945][ T3686]  fff000000450b900: f7 f7 f7 fe f7 f7 f7 fe fe fe fe fe fe fe fe fe
[  114.150978][ T3686] >fff000000450ba00: f4 f4 f4 fe fe fe fe fe f5 f5 f5 fe f9 f9 f9 fe
[  114.151012][ T3686]                                      ^
[  114.151082][ T3686]  fff000000450bb00: f6 f6 f6 fe f8 f8 f8 fe fd fd fd fe f2 f2 f2 f2
[  114.151098][ T3686]  fff000000450bc00: f2 f2 f2 fe f4 f4 f4 fe f9 f9 f9 f9 f1 f1 f1 f1
[  114.151142][ T3686] ==================================================================
[  114.152751][ T3686] Disabling lock debugging due to kernel taint
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  115.231131][ T2122] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.308083][ T2122] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.397852][ T2122] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.459042][ T2122] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.024503][ T2122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  116.095596][ T2122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  116.136022][ T2122] bond0 (unregistering): Released all slaves
[  116.253465][ T2122] hsr_slave_0: left promiscuous mode
[  116.258723][ T2122] hsr_slave_1: left promiscuous mode
[  116.273031][ T2122] veth1_macvtap: left promiscuous mode
[  116.274129][ T2122] veth0_macvtap: left promiscuous mode
[  116.276043][ T2122] veth1_vlan: left promiscuous mode
[  116.278802][ T2122] veth0_vlan: left promiscuous mode
[  117.366434][ T2122] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.441369][ T2122] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.516317][ T2122] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.580161][ T2122] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.985887][ T2122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.009178][ T2122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.044729][ T2122] bond0 (unregistering): Released all slaves
[  118.118687][ T2122] hsr_slave_0: left promiscuous mode
[  118.124819][ T2122] hsr_slave_1: left promiscuous mode
[  118.137378][ T2122] veth1_macvtap: left promiscuous mode
[  118.138329][ T2122] veth0_macvtap: left promiscuous mode
[  118.139274][ T2122] veth1_vlan: left promiscuous mode
[  118.139995][ T2122] veth0_vlan: left promiscuous mode

VM DIAGNOSIS:
14:57:02  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800080012164 X00=0000000000000000 X01=0000000000000000
X02=0000000000000101 X03=0000000000000000 X04=ffff8000831ec000
X05=0000000000000000 X06=ffff800082deb780 X07=0000000000000000
X08=ffff800082deb980 X09=00000000000a2820 X10=ffff800082debd78
X11=000000000000005a X12=ffff800082adf208 X13=ffff8000831ebb8d
X14=ffff8000831ebb98 X15=ffff8000831eba00 X16=ffff800082de8000
X17=fff07ffffcef4000 X18=00000000ffffffff X19=ffff800080171f90
X20=ffff800082deb740 X21=fdf0000003ef8000 X22=0000000000000000
X23=89ef800080172188 X24=0000000000000000 X25=0000000000000280
X26=0000000000000001 X27=fdf000000329d600 X28=f6f0000012beec10
X29=ffff800082deb630 X30=89ef800080172188  SP=ffff800082deb630
PSTATE=004023c9 ---- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000000000000000 P01=0000000000000000 P02=0000000000000000
P03=0000000000000000 P04=0000000000000000 P05=0000000000000000
P06=0000000000000000 P07=0000000000000000 P08=0000000000000000
P09=0000000000000000 P10=0000000000000000 P11=0000000000000000
P12=0000000000000000 P13=0000000000000000 P14=0000000000000000
P15=0000000000000000 FFR=0000000000000000
Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00706d742e313a37:622f617461642f76
Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c000000000000000:0003000000003000
Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00ff00000000ff00
Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3303330333033303:3303330333033303
Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c000000003000030:c000000003000030
Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000073:0000aaab16d2bc90
Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000074:0000aaab16d28f70
Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffff5bf9340:0000fffff5bf9340
Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd8:0000fffff5bf9310
Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
info registers vcpu 1

CPU#1
 PC=ffff800081b86744 X00=0000000000000000 X01=0000000057ac6e9d
X02=fff07ffffcf0d000 X03=0000000000000000 X04=0000000000000002
X05=ffff800082a03000 X06=0000000000000002 X07=ffff800082a03ad8
X08=ffffffffffffffff X09=f7f0000003001600 X10=0000000000000000
X11=00000000000000c0 X12=000000000006f0d1 X13=0000000000000002
X14=0000000000000002 X15=0000000000000000 X16=ffff800082df0000
X17=fff07ffffcf0d000 X18=0000000000000001 X19=ffff8000829e3b80
X20=fff000007f8f0b80 X21=0000000000000001 X22=fbf000000b245280
X23=0000000000000001 X24=fbf000000b245280 X25=9c8f800081b87570
X26=f2f000000450ba58 X27=00000000000008f8 X28=fbf000000b245280
X29=ffff800086dd35f0 X30=ffff800081b86750  SP=ffff800086dd35f0
PSTATE=80402009 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000000000000000 P01=0000000000000000 P02=0000000000000000
P03=0000000000000000 P04=0000000000000000 P05=0000000000000000
P06=0000000000000000 P07=0000000000000000 P08=0000000000000000
P09=0000000000000000 P10=0000000000000000 P11=0000000000000000
P12=0000000000000000 P13=0000000000000000 P14=0000000000000000
P15=0000000000000000 FFR=0000000000000000
Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8bb76438:0000ffff8bb76450
Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8bb76448:0000ffff8bb76490
Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8c6dca20:0000ffff8bb76430
Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8bb76468:0000ffff8bb76440
Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8bb76478:0000ffff8bb76470
Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8bb76478:0000ffff8bb76470
Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff8bb76488:0000ffff8bb76480
Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffe17f1510:0000ffffe17f1510
Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffe17f14e0
Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000