program:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000003800)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x11}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "711fbe", 0xf98, 0x2f, 0x1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, {[@srh={0x2b, 0x0, 0x4, 0x0, 0x1, 0x0, 0xf001}], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0x8, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x0, 0x7}, 0x1, {0x10}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x4, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2a, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2, "a3fa0b2ebb6f37cd91bd4ca16e6e047ca9589db0023ce95dd5989e82718e5f256e08ca59ac43b9d7d089b016f69ebc37a8f1393fd6a1b1613b0cfb5e13fcd2317875c6cbd60edd184c3da4208ada877e2bf6a166e1f9f1a11139ae39c6e0fd6d42fdf3213fe3011a32a8555423acd7764776ae173c672505014da90883765cc90f06628a42d06f51031b0edb8bdaf0a567b6a15459b55b339fc39099bdf7465ea37208f964ad89a434760773b51e0c18385d285d004623384c284a67fe492c978b5683bb745c81ad8faac6894ad1247ef0e4b7e16317ef19caecba1f833d7ab32b10db075a2961bf34bbd37cc33582107f06631df7c9f340d8657e6c102aaf06a279df7587be59b8449e7a0e0987a14c2197d270c13383a22d5ee4aa97bb44a0b5e47c60753fd72c2cc07d0f9f7dbc239f11ff49363b3dde011182ed42fd2c9a6d208f12ea593fca6e2487e0dc39e09b51edede485c3c8e3c344a4eafd92c93dc59e0fb44019f6c4ab1899863e3ae65fe5f7aaf4929958cc373201b30c95fba0dfb570d4513ad1975754b899c8d8da4e20bae524b01bcb789051c32fcf831bba444eb19402fd4f17637b4649cd50c305ae71755968142a1ef55e35b0004679be8f912e10663691076118049042f94545c60798fe755db603a3f55311bbe17a3b180132cd9e5b660e08554c87bfba845f17b7b56b2ef93fa73406a71b91b4c82ebe80a5d675b40cd4d3b1c0783d2071b966c34cad93af384149c89b9b8e4e4f53775274b9ffb5ffc76c6e6bf3f64b0a61b52ae2abdcd92ee7649a983c4e5e41bfbda2fd2b7d0457c7ab85492571d150c201ac353e8f9944bc54b9bb5974d9d783955c1ba854bd9159a00fe61259020f7395624e12f12977cc5c499b0a149e605467b05156384b702855e848f852c8cca39218f44775039c0da353b2cc959b0a52c3e786bb338d3318b534724d0a560147b0e6b5938df49e615111b40d29cbbe0503a292b53c692f5cc74ab2585dd8bdc0343ea86b778b3c93540b2188069fc2554b2892dbcfe5aeba1eb2d0dfecab86e2f1ba558c82fa8f06d199ee0a7f051827d120b01919b89e731e3c795c399dcd008ce6dea61c98ed59fc1e19bec269b7fd0fea7ec009145cc8ec0f51e66db3cd3f372f33d7d0efcfcab4268def3071ff357190313dd43d9862a338165c71d06ec1c621c0f4f57145302d29f25a4f20d8f23ce022bcfce952895acfc8c5e11626f91b67cddddcd760beb785b97ece9da2c55812c3c351c956a38cda593a88d1c1006667f98892752a713ad8d58af57e633ac4212bdea0b5ce0a312b338f0575365b40b0cc0b7efb70f75d5a1f70dfd394c7e6c09bf5ad84b94a79eb98f3470f2aa3fdad97254e9435678fc8fdbeed58799c76a512faa6492293e80da4ea60e0ede30f304d43f69b5d3e0ce2e1a0620866cb31a34e588ad212f28118e2bc5a430bc799477a182e44d793d153ec7aa2b35b5d91baf644dcaea04e7200ae5cb707ae7e04a7e9f41dc01700bd40210dc7e8eee6406afdd23337fdd81f00ae4da9b4d017ec27fc5f3613e5cd694a53a8113afe2d416cf735a9024518e1eda2307ac0d93fb5888eb56b342b9b51f66a561430699d4b8f21cd92dc9fcc2c2379b0c9d8ff58ef3bbd9f9d80b0ba3e2517a798c9907fa26393778de93cd5f784fd465c454164e6f95fba78e57123c4ed85a769ddf9cbb85b5920c810551106446c7872ef47292934d28d1f2450159314f6ac92a86492534f04cf71bebd8b4fd8c04f87bafb0bb46bec88fe4257c6e69ad939856a32b1cb95eb81d02ab313737f2fecf6645016b1e736dc4d2834640336250c8718480f692cfcb6825ea09edd84ac4a536074909b3a256ecf1842f55a9488b4fb7a5dfaa79783b9d9cc7a36b28e1f0db84dcbdfa096f67fccc23dce710e0a2e52c2dca2379d411518d5870309e3a78d45df3a8a131f1213cd965b4137faab649a32bde829344997c9c7fd17aaa3dcd80ae26fa1cd7f67f1bc62a754f2ba12a921c90d70e8207892dd36e354f255828977078a57a0625888e8d21969ffeade4c6735387d4509b55ba3ca6ecbf28cb267be8fd61433863836f828cf0d97bfc23a1615b49f3cecf8245676c8ddf0ed4f7e7e53a8cbf94dd896449b30f7632562b6ceebf5bf2cdf4a8d3dcc4c88f2192adfafbcc6726197a16a7c4121116d92ef0fbf8b2b36d74cdde4600673ae4f9b2a6d1cb2bc46bc00514a4bb8c53067db429aa2ccfcea35ae35cbb8f2ac2a02fe7ee994e95d6c2af4da7954370b8618942e81161f18fc82efee8052dfb4bee654ca65715e8975e9b2b66f5aef685856f65d4940a13ccc450a64eec26ee5cd42e556636c48b0c29013286757e1c8ba57cbb0a4c0f8c8b00bca519a28b93ac655a107bb5ef2e0fa98e480afa5c2034c9e46fd94c37634ccc39798018a2debfb57a21a590d4074ed06d4be2190cf66c0c25ce3c797272d22a45453cb1298f5fc3010708b12156da3dbf98c95a4073006030794e8480fd34a2f8cc5657f8171277b616cbffc1050dbb98b9ac373afef117678c193bca9887fcebbb86a7bd2522755da0b62ff07b5556baad9fd08b11c07c24548bc1580441096c1cfc20808441508272bca549ed7b1562137330d0fb993c5dc380354c79a28021676aba3084b7e06488025e66635cae4b9cb3ca98643b7f40b60527eba6df3a1e56838cdfa8e45dc0340b0aab431d8066a79340704633f61cb9952ddc942575a13cc0233d2177a4876d969f28bd76946014a1e5d6687abd560cf5a7e3a941897d9fa99842cc50d2f45d34373fd0048ecd5ab6598e56f22f60306b48bcb299d214f6c88e88ee610639e35eda907c8fba10c46102eb9ece7b643b99255208655c4538b69cc875b235c86900cf0d26673ad8714ad3799eb70115aadd3f4348e96e56ee73e8ee27be19e28df802392bdbb0507f1b0934adfe9e717152177b3a6f14263ce3073d08f0cf412c4c60fbd4c3d5e6e57145e39ffa83a6adef9b5495d0390a0af75ff5a98acadefbbe8c01a3afcc0a481f3ecc419b911f55840b0129d0d16c19d2c421c3493531e787d053b012af4f22fb3f1932af5201f9de37ca69f67873c363126b42f663edfb42e3c3a366d4c358d203a3e59300e77f8ef880a885a5835829dfe11246e00a0c541b807af7eca4d485489ec851c048d8f14e4b0ca455350c46ed47db3b2074d6673fd3c8dbab04ab6c369b0483edb1343f5e671b7d3c5f3a76fc968804189beff1884351a1e3a4503312bcfd4fa695a1a5382249f290b45899fdb239442132bb3ba146822946aa48f780df4a23d3e82ef77a751b5621059d30448884610f957a32836e55682eacef97338a4d7931389fa0cd5e2087bca23d3d795cf607b09a72ada0a0625168f2b632224ef6c0e256f837791489a08b8780efcc53fec6f931c575747656708b7f0bfa5de5e23f7d99cda8dfe494b97ebc3b538bb36a8321d4ceaf2815457f589be6f4441e047f44276e309f6d6633983c2e1302885bc5f788e9cdf56bdd56c1423712c2341c9197961f344fb25fa51633386164f1732621f453e39c91688d1b0cc85cb7337bd147da19f443c3f94e8ce7d4ce996812b91b5b57c3581bedafed5101204d6511455a159197d52194eb2f734de875ef0dd04403d9d8e51826d8bffb7ab21844b458a4519e03f853e0644e3d62c7806f40406db746f997f704c576e576901bd3570fd53b3e9f848bc3a1bd57637c5fb94c73419a495eadf3c56b602dfd10b70804072d5b77b1e0f989c0b85776af2049fd10a3704efa60a4f04a00fa928a146a429d387a93dcf0aee57aa6c852032766e6a180a9d62ea4b4a87aa0643d81371bbdee29dfb469f3bde57e89538346e9fd98df5e3fd5fa32330d323dd04b6cef5423ecd55d0ce4df1f3cbeb2eb150b34858d41d38f2def87ffd50ee4493e678a97a0c5381bc28bbe0687d100de7feac80a29dfbf432d0dc7f73ade11e5b9d8627efb13908ada5043f0918333358ad1015fabf14f6679ad285029718ff40896774e40de192d052823e1cc8c0dcc325809f38fd4dd8ac8ddd7b13f9b78e9a9a96294f32e0191e69550a3644114a15c733693e76f9bc53cb6e2e63da7560d8a86295cf8e318e34f7170f7e6562fb8c7ead2e05c3539e89718f87322c06af15f077e6a6dc108c277c97f8bfb114f9e2ad712a8db4232b2bd174b46170427865f859d64e017da105a938cd53c551cdd91a6ee3d237e88ac8d650a661f5e713f95a585d0ce8b2646775f0ecbe388b9cec017b0de1b1d2eaad2816b359fc82dced572e116c50adb91280dc41cb943bb2facca2ae52ad299f6bafa90f375d06ce7c2c3f8cc797e072d83cc6b3e2ac30a3ff8cc60ce44f29c8a58dfbc214762c56a584d152df143975e9ab96f87f54fb4b8657d87ea6462c26d00a1b98c7ed798c618f99b85c4c7bef77f0ca1d0ffcc734db83301854e0e7959653eb14e5351a225c199d847e931852d5d01e887c15d2a93f60065372d4cf6e2cc2499a7c0a6519a7ad03f87490086c7ec8f7ce8e7610dcdb8df66beaadb884fcc0fb0744161f6c63e36ba69a8a08d715231a31ef7d45b8af2bf3ed9e821b2136ef89742409c8319fe58bef23440d9f05e6e6e8426c7b5e7eeb5ff82e1620b7530e8040f05e4835c48e471f37b5397b287c33040a036807fd20cd9c7c855a4b1cfdcc26c9759a7f8b0e3d5e8d354a25e50beb88671ff23e02ebcb191abc7bded17c60f686068a3559cd81094ab2a5fa97f27fef8e00a5dea758cd2a27fc4c2c54e12b93486e988f32fe00528bf9c8e94f8cea8315d7fa608a0d0f3b555840aebf546f3dcaf11a23d262ab20c98ee9953a9b93f42c186972cf6d2f9843928a80eda755212095151232a7d4eb605466a0c0ae0165623de7283f284d3bf6c268b4fa5b430bc74605aa7672b7459dcbc6d7ed52cb324c56613533964da91d94475ba283527d0c64dd1e6112c1c37ccf1050194eff07da860554b04c1491b276e29611956e1814481c904ef5d106d53ea34833ea063ff105572be335b8d5d45ae0644d9c3194744c7bce0056f71b9efa2660f555cb1fec1a43749af9f1109576bf12fb35b14c7e4e33ec995b48d801cc21e253c2681e2f12a27636d5db63bb1d9d5223ada6d8eb10dd9335d66a397ad5b65fad3023f7288421925bd4ad53ffb5993498f89b22e01ca6768cca9ad6d236cb19ea850752eafb9419af996e906ff3578f22365ea86b596f0ef6a0bf0fac7d08732c839fd5751be19c690a267a318d7b37aadb46c953dbc948b7d8e0aa8872b1e0a5c47953078f7be12ea78a0c2685615d2bd866b1676678be4ed11acb3d35e71d2cc10bcf93de0e1d7e676534984b3e3c1363e87c123fa0ad02b3448821bbe3615e0963fc8f2524f81e4561bcb38dc2a0082ff24a561171ba0f4edc5360dd31f58867ce2111ba052bfaf443959dba1c5d4f7ecaef29b44ce25925e91454a215c4f9e11ef4b9f9adb1d7f95377ee228374f0d302"}}}}}}, 0xfce)
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x15, @void}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r3}, 0x8)
listen(r0, 0x0)
open(&(0x7f0000000c40)='./file0\x00', 0x2200, 0x2)
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0000ce", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x5760}]}}}}}}}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000004000000040f2ff0002000000000000000000000300000000020000000200000020000000000000000000000105000000080000000000000001000005000000000000000001000000000000000000"], 0x0, 0x5a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

[   71.659341][ T4661] Bluetooth: hci0: command tx timeout
[   71.744945][ T5316] syz.0.0 uses obsolete (PF_INET,SOCK_PACKET)
[   71.756933][ T5316] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   72.753432][ T5316] ==================================================================
[   72.756338][ T5316] BUG: KASAN: vmalloc-out-of-bounds in vrealloc_noprof+0x341/0x3d0
[   72.759336][ T5316] Write of size 4064 at addr ffffc9000d521020 by task syz.0.0/5316
[   72.762149][ T5316] 
[   72.763084][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.0.0 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[   72.766771][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.770669][ T5316] Call Trace:
[   72.771965][ T5316]  <TASK>
[   72.773117][ T5316]  dump_stack_lvl+0x241/0x360
[   72.774909][ T5316]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.776919][ T5316]  ? __pfx__printk+0x10/0x10
[   72.778717][ T5316]  ? _printk+0xd5/0x120
[   72.780343][ T5316]  print_report+0x169/0x550
[   72.782042][ T5316]  ? __virt_addr_valid+0xbd/0x530
[   72.783940][ T5316]  ? vrealloc_noprof+0x341/0x3d0
[   72.785740][ T5316]  kasan_report+0x143/0x180
[   72.787389][ T5316]  ? vrealloc_noprof+0x341/0x3d0
[   72.789232][ T5316]  kasan_check_range+0x282/0x290
[   72.791061][ T5316]  __asan_memset+0x23/0x50
[   72.792716][ T5316]  vrealloc_noprof+0x341/0x3d0
[   72.794543][ T5316]  push_insn_history+0x16c/0x6a0
[   72.796477][ T5316]  do_check+0x692f/0xfcd0
[   72.798142][ T5316]  ? __pfx_do_check+0x10/0x10
[   72.799981][ T5316]  ? mark_reg_not_init+0xd4/0x4b0
[   72.801909][ T5316]  ? __asan_memcpy+0x40/0x70
[   72.803544][ T5316]  ? mark_reg_not_init+0xd4/0x4b0
[   72.805300][ T5316]  do_check_common+0x1564/0x2010
[   72.807227][ T5316]  bpf_check+0x804e/0x1fc90
[   72.809034][ T5316]  ? validate_chain+0x11e/0x5920
[   72.810979][ T5316]  ? __lock_acquire+0x1397/0x2100
[   72.812882][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.814772][ T5316]  ? mark_lock+0x9a/0x360
[   72.816318][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.818287][ T5316]  ? validate_chain+0x11e/0x5920
[   72.820221][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.822106][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.824001][ T5316]  ? validate_chain+0x11e/0x5920
[   72.825703][ T5316]  ? validate_chain+0x11e/0x5920
[   72.827445][ T5316]  ? mark_lock+0x9a/0x360
[   72.828990][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.831021][ T5316]  ? validate_chain+0x11e/0x5920
[   72.832971][ T5316]  ? validate_chain+0x11e/0x5920
[   72.834857][ T5316]  ? validate_chain+0x11e/0x5920
[   72.836821][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.838820][ T5316]  ? validate_chain+0x11e/0x5920
[   72.840740][ T5316]  ? validate_chain+0x11e/0x5920
[   72.842521][ T5316]  ? validate_chain+0x11e/0x5920
[   72.844391][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.846459][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   72.848473][ T5316]  ? __pfx_bpf_check+0x10/0x10
[   72.850213][ T5316]  ? mark_lock+0x9a/0x360
[   72.851776][ T5316]  ? __lock_acquire+0x1397/0x2100
[   72.853584][ T5316]  ? mark_lock+0x9a/0x360
[   72.855229][ T5316]  ? __lock_acquire+0x1397/0x2100
[   72.857172][ T5316]  ? __pfx_lock_acquire+0x10/0x10
[   72.859074][ T5316]  ? ktime_get_with_offset+0x8c/0x290
[   72.860988][ T5316]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   72.863176][ T5316]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   72.865511][ T5316]  ? ktime_get_with_offset+0x8c/0x290
[   72.867617][ T5316]  ? seqcount_lockdep_reader_access+0x157/0x220
[   72.869973][ T5316]  ? lockdep_hardirqs_on+0x99/0x150
[   72.871908][ T5316]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[   72.874182][ T5316]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   72.876713][ T5316]  ? bpf_obj_name_cpy+0x18a/0x1d0
[   72.878698][ T5316]  bpf_prog_load+0x1667/0x20f0
[   72.880558][ T5316]  ? __pfx_bpf_prog_load+0x10/0x10
[   72.882493][ T5316]  ? __pfx___might_resched+0x10/0x10
[   72.884458][ T5316]  ? __might_fault+0xc6/0x120
[   72.886519][ T5316]  __sys_bpf+0x4ee/0x810
[   72.888212][ T5316]  ? __pfx___sys_bpf+0x10/0x10
[   72.890104][ T5316]  ? __rseq_handle_notify_resume+0x34d/0x14e0
[   72.892544][ T5316]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   72.895019][ T5316]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   72.897355][ T5316]  ? do_syscall_64+0x100/0x230
[   72.899213][ T5316]  __x64_sys_bpf+0x7c/0x90
[   72.900853][ T5316]  do_syscall_64+0xf3/0x230
[   72.902352][ T5316]  ? clear_bhb_loop+0x35/0x90
[   72.904229][ T5316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.906622][ T5316] RIP: 0033:0x7f73c6d85d29
[   72.908336][ T5316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.915440][ T5316] RSP: 002b:00007f73c7c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   72.918672][ T5316] RAX: ffffffffffffffda RBX: 00007f73c6f75fa0 RCX: 00007f73c6d85d29
[   72.921551][ T5316] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[   72.924521][ T5316] RBP: 00007f73c6e01b08 R08: 0000000000000000 R09: 0000000000000000
[   72.927477][ T5316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   72.930295][ T5316] R13: 0000000000000000 R14: 00007f73c6f75fa0 R15: 00007fff6600da58
[   72.933302][ T5316]  </TASK>
[   72.934521][ T5316] 
[   72.935473][ T5316] The buggy address belongs to the virtual mapping at
[   72.935473][ T5316]  [ffffc9000d501000, ffffc9000d523000) created by:
[   72.935473][ T5316]  kvrealloc_noprof+0xc7/0x120
[   72.942052][ T5316] 
[   72.943000][ T5316] The buggy address belongs to the physical page:
[   72.945393][ T5316] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88803a34a000 pfn:0x3a34a
[   72.949315][ T5316] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   72.952659][ T5316] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[   72.955868][ T5316] raw: ffff88803a34a000 0000000000000000 00000001ffffffff 0000000000000000
[   72.959037][ T5316] page dumped because: kasan: bad access detected
[   72.961587][ T5316] page_owner tracks the page as allocated
[   72.963809][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 5316, tgid 5315 (syz.0.0), ts 72753287252, free_ts 72255390604
[   72.970371][ T5316]  post_alloc_hook+0x1f3/0x230
[   72.972155][ T5316]  get_page_from_freelist+0x365c/0x37a0
[   72.974095][ T5316]  __alloc_pages_slowpath+0x414/0x1020
[   72.976015][ T5316]  __alloc_pages_noprof+0x49b/0x710
[   72.977796][ T5316]  alloc_pages_mpol_noprof+0x3e8/0x680
[   72.979588][ T5316]  __vmalloc_node_range_noprof+0x9c9/0x1380
[   72.981537][ T5316]  __kvmalloc_node_noprof+0x142/0x190
[   72.983327][ T5316]  kvrealloc_noprof+0xc7/0x120
[   72.984877][ T5316]  push_insn_history+0x16c/0x6a0
[   72.986526][ T5316]  do_check+0x692f/0xfcd0
[   72.988001][ T5316]  do_check_common+0x1564/0x2010
[   72.989695][ T5316]  bpf_check+0x804e/0x1fc90
[   72.991251][ T5316]  bpf_prog_load+0x1667/0x20f0
[   72.992909][ T5316]  __sys_bpf+0x4ee/0x810
[   72.994378][ T5316]  __x64_sys_bpf+0x7c/0x90
[   72.996001][ T5316]  do_syscall_64+0xf3/0x230
[   72.997664][ T5316] page last free pid 8 tgid 8 stack trace:
[   72.999749][ T5316]  free_unref_page+0xd3f/0x1010
[   73.001521][ T5316]  __slab_free+0x2c2/0x380
[   73.003158][ T5316]  qlist_free_all+0x9a/0x140
[   73.004870][ T5316]  kasan_quarantine_reduce+0x14f/0x170
[   73.007043][ T5316]  __kasan_slab_alloc+0x23/0x80
[   73.008875][ T5316]  __kmalloc_cache_noprof+0x1d9/0x390
[   73.010992][ T5316]  nsim_fib_event_work+0xe1a/0x4130
[   73.013081][ T5316]  process_scheduled_works+0xa66/0x1840
[   73.015269][ T5316]  worker_thread+0x870/0xd30
[   73.016988][ T5316]  kthread+0x2f0/0x390
[   73.018526][ T5316]  ret_from_fork+0x4b/0x80
[   73.020239][ T5316]  ret_from_fork_asm+0x1a/0x30
[   73.022009][ T5316] 
[   73.022926][ T5316] Memory state around the buggy address:
[   73.024976][ T5316]  ffffc9000d520f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.028062][ T5316]  ffffc9000d520f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.030706][ T5316] >ffffc9000d521000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   73.033605][ T5316]                                ^
[   73.035532][ T5316]  ffffc9000d521080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   73.038425][ T5316]  ffffc9000d521100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   73.041377][ T5316] ==================================================================
[   73.145767][ T5316] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   73.148494][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.0.0 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0
[   73.152016][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.155986][ T5316] Call Trace:
[   73.157074][ T5316]  <TASK>
[   73.158027][ T5316]  dump_stack_lvl+0x241/0x360
[   73.159833][ T5316]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.161788][ T5316]  ? __pfx__printk+0x10/0x10
[   73.163466][ T5316]  ? preempt_schedule+0xe1/0xf0
[   73.165250][ T5316]  ? vscnprintf+0x5d/0x90
[   73.166852][ T5316]  panic+0x349/0x880
[   73.168385][ T5316]  ? check_panic_on_warn+0x21/0xb0
[   73.170388][ T5316]  ? __pfx_panic+0x10/0x10
[   73.172015][ T5316]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   73.174215][ T5316]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   73.176735][ T5316]  ? print_report+0x502/0x550
[   73.178585][ T5316]  check_panic_on_warn+0x86/0xb0
[   73.180457][ T5316]  ? vrealloc_noprof+0x341/0x3d0
[   73.182283][ T5316]  end_report+0x77/0x160
[   73.183902][ T5316]  kasan_report+0x154/0x180
[   73.185574][ T5316]  ? vrealloc_noprof+0x341/0x3d0
[   73.187509][ T5316]  kasan_check_range+0x282/0x290
[   73.189424][ T5316]  __asan_memset+0x23/0x50
[   73.191116][ T5316]  vrealloc_noprof+0x341/0x3d0
[   73.192917][ T5316]  push_insn_history+0x16c/0x6a0
[   73.194828][ T5316]  do_check+0x692f/0xfcd0
[   73.196461][ T5316]  ? __pfx_do_check+0x10/0x10
[   73.198297][ T5316]  ? mark_reg_not_init+0xd4/0x4b0
[   73.200219][ T5316]  ? __asan_memcpy+0x40/0x70
[   73.201989][ T5316]  ? mark_reg_not_init+0xd4/0x4b0
[   73.203900][ T5316]  do_check_common+0x1564/0x2010
[   73.205671][ T5316]  bpf_check+0x804e/0x1fc90
[   73.207459][ T5316]  ? validate_chain+0x11e/0x5920
[   73.209443][ T5316]  ? __lock_acquire+0x1397/0x2100
[   73.211394][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.213382][ T5316]  ? mark_lock+0x9a/0x360
[   73.215012][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.216967][ T5316]  ? validate_chain+0x11e/0x5920
[   73.218825][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.220752][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.222730][ T5316]  ? validate_chain+0x11e/0x5920
[   73.224512][ T5316]  ? validate_chain+0x11e/0x5920
[   73.226387][ T5316]  ? mark_lock+0x9a/0x360
[   73.228039][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.230068][ T5316]  ? validate_chain+0x11e/0x5920
[   73.231953][ T5316]  ? validate_chain+0x11e/0x5920
[   73.233862][ T5316]  ? validate_chain+0x11e/0x5920
[   73.235674][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.237606][ T5316]  ? validate_chain+0x11e/0x5920
[   73.239513][ T5316]  ? validate_chain+0x11e/0x5920
[   73.241455][ T5316]  ? validate_chain+0x11e/0x5920
[   73.243314][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.245241][ T5316]  ? __pfx_validate_chain+0x10/0x10
[   73.247220][ T5316]  ? __pfx_bpf_check+0x10/0x10
[   73.249000][ T5316]  ? mark_lock+0x9a/0x360
[   73.250759][ T5316]  ? __lock_acquire+0x1397/0x2100
[   73.252679][ T5316]  ? mark_lock+0x9a/0x360
[   73.254263][ T5316]  ? __lock_acquire+0x1397/0x2100
[   73.256029][ T5316]  ? __pfx_lock_acquire+0x10/0x10
[   73.257841][ T5316]  ? ktime_get_with_offset+0x8c/0x290
[   73.259728][ T5316]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   73.261809][ T5316]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   73.264009][ T5316]  ? ktime_get_with_offset+0x8c/0x290
[   73.265931][ T5316]  ? seqcount_lockdep_reader_access+0x157/0x220
[   73.268081][ T5316]  ? lockdep_hardirqs_on+0x99/0x150
[   73.269984][ T5316]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[   73.272266][ T5316]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   73.274639][ T5316]  ? bpf_obj_name_cpy+0x18a/0x1d0
[   73.276518][ T5316]  bpf_prog_load+0x1667/0x20f0
[   73.278308][ T5316]  ? __pfx_bpf_prog_load+0x10/0x10
[   73.280239][ T5316]  ? __pfx___might_resched+0x10/0x10
[   73.282192][ T5316]  ? __might_fault+0xc6/0x120
[   73.284026][ T5316]  __sys_bpf+0x4ee/0x810
[   73.285594][ T5316]  ? __pfx___sys_bpf+0x10/0x10
[   73.287435][ T5316]  ? __rseq_handle_notify_resume+0x34d/0x14e0
[   73.289618][ T5316]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   73.291818][ T5316]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   73.294100][ T5316]  ? do_syscall_64+0x100/0x230
[   73.295801][ T5316]  __x64_sys_bpf+0x7c/0x90
[   73.297371][ T5316]  do_syscall_64+0xf3/0x230
[   73.299009][ T5316]  ? clear_bhb_loop+0x35/0x90
[   73.300669][ T5316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.302763][ T5316] RIP: 0033:0x7f73c6d85d29
[   73.304415][ T5316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.311499][ T5316] RSP: 002b:00007f73c7c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   73.314583][ T5316] RAX: ffffffffffffffda RBX: 00007f73c6f75fa0 RCX: 00007f73c6d85d29
[   73.317643][ T5316] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[   73.320669][ T5316] RBP: 00007f73c6e01b08 R08: 0000000000000000 R09: 0000000000000000
[   73.323623][ T5316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.326501][ T5316] R13: 0000000000000000 R14: 00007f73c6f75fa0 R15: 00007fff6600da58
[   73.329516][ T5316]  </TASK>
[   73.331006][ T5316] Kernel Offset: disabled
[   73.332653][ T5316] Rebooting in 86400 seconds..