program:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000a80)=ANY=[], 0x0)

[   68.930043][   T49] Bluetooth: hci0: command tx timeout
[   69.005059][ T5321] BUG: Bad page state in process syz.0.0  pfn:38b89
[   69.007693][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888038b89600 pfn:0x38b89
[   69.011761][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   69.014639][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   69.017895][ T5321] raw: ffff888038b89600 3fffffffffffffff 00000000ffffffff 0000000000000000
[   69.021164][ T5321] page dumped because: page_pool leak
[   69.023264][ T5321] page_owner tracks the page as allocated
[   69.025638][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004965340, free_ts 66951825351
[   69.032029][ T5321]  post_alloc_hook+0x1f4/0x240
[   69.034383][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   69.036514][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   69.038721][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   69.040891][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   69.043227][ T5321]  page_pool_alloc_frag_netmem+0x59c/0x940
[   69.045632][ T5321]  skb_pp_cow_data+0xcea/0x1720
[   69.047532][ T5321]  do_xdp_generic+0x505/0xd30
[   69.049341][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.051251][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.053208][ T5321]  vfs_write+0xacf/0xd10
[   69.054963][ T5321]  ksys_write+0x18f/0x2b0
[   69.056718][ T5321]  do_syscall_64+0xf3/0x230
[   69.058549][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.061190][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   69.064295][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   69.066568][ T5321]  __slab_free+0x2c2/0x380
[   69.068429][ T5321]  qlist_free_all+0x9a/0x140
[   69.070273][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   69.072280][ T5321]  __kasan_slab_alloc+0x23/0x80
[   69.074238][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   69.076477][ T5321]  __alloc_skb+0x1c3/0x440
[   69.078155][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   69.080138][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   69.081719][ T5321]  netdev_state_change+0x139/0x1a0
[   69.083662][ T5321]  linkwatch_do_dev+0x112/0x170
[   69.085789][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   69.087984][ T5321]  linkwatch_event+0x4c/0x60
[   69.089878][ T5321]  process_scheduled_works+0xabe/0x18e0
[   69.092064][ T5321]  worker_thread+0x870/0xd30
[   69.094035][ T5321]  kthread+0x7a9/0x920
[   69.095671][ T5321] Modules linked in:
[   69.097265][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-00624-g2f2d52945852 #0
[   69.097281][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.097288][ T5321] Call Trace:
[   69.097297][ T5321]  <TASK>
[   69.097304][ T5321]  dump_stack_lvl+0x241/0x360
[   69.097320][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.097332][ T5321]  ? __pfx_print_modules+0x10/0x10
[   69.097354][ T5321]  bad_page+0x176/0x1d0
[   69.097370][ T5321]  free_frozen_pages+0x1082/0x10e0
[   69.097393][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   69.097418][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   69.097435][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   69.097446][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   69.097476][ T5321]  do_xdp_generic+0x757/0xd30
[   69.097492][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   69.097506][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   69.097521][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   69.097539][ T5321]  ? tun_get_user+0x2914/0x4860
[   69.097557][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.097582][ T5321]  ? __lock_acquire+0x1397/0x2100
[   69.097601][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   69.097627][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   69.097643][ T5321]  ? tun_get+0x1e/0x2f0
[   69.097659][ T5321]  ? __pfx_lock_release+0x10/0x10
[   69.097683][ T5321]  ? tun_get+0x1e/0x2f0
[   69.097698][ T5321]  ? tun_get+0x27d/0x2f0
[   69.097714][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.097731][ T5321]  vfs_write+0xacf/0xd10
[   69.097744][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   69.097768][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   69.097782][ T5321]  ? __fget_files+0x2a/0x420
[   69.097801][ T5321]  ? __fget_files+0x2a/0x420
[   69.097822][ T5321]  ksys_write+0x18f/0x2b0
[   69.097834][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   69.097844][ T5321]  ? exc_page_fault+0x590/0x8b0
[   69.097861][ T5321]  ? do_syscall_64+0xb6/0x230
[   69.097877][ T5321]  do_syscall_64+0xf3/0x230
[   69.097890][ T5321]  ? clear_bhb_loop+0x35/0x90
[   69.097908][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.097923][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   69.097934][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   69.097944][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   69.097957][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   69.097964][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   69.097971][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   69.097978][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   69.097984][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   69.098000][ T5321]  </TASK>
[   69.098004][ T5321] Disabling lock debugging due to kernel taint
[   69.212983][ T5321] BUG: Bad page state in process syz.0.0  pfn:4080d
[   69.215543][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804080d100 pfn:0x4080d
[   69.219429][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   69.222211][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   69.225656][ T5321] raw: ffff88804080d100 0000000000000001 00000000ffffffff 0000000000000000
[   69.229118][ T5321] page dumped because: page_pool leak
[   69.231288][ T5321] page_owner tracks the page as allocated
[   69.233605][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004955921, free_ts 66951853416
[   69.240132][ T5321]  post_alloc_hook+0x1f4/0x240
[   69.241967][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   69.244232][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   69.246616][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   69.248782][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   69.250972][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   69.252949][ T5321]  do_xdp_generic+0x505/0xd30
[   69.254834][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.256487][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.258560][ T5321]  vfs_write+0xacf/0xd10
[   69.260129][ T5321]  ksys_write+0x18f/0x2b0
[   69.261710][ T5321]  do_syscall_64+0xf3/0x230
[   69.263591][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.265787][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   69.268195][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   69.269903][ T5321]  __slab_free+0x2c2/0x380
[   69.271587][ T5321]  qlist_free_all+0x9a/0x140
[   69.273260][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   69.275117][ T5321]  __kasan_slab_alloc+0x23/0x80
[   69.276865][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   69.279017][ T5321]  __alloc_skb+0x1c3/0x440
[   69.280635][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   69.282437][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   69.284073][ T5321]  netdev_state_change+0x139/0x1a0
[   69.285661][ T5321]  linkwatch_do_dev+0x112/0x170
[   69.287391][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   69.289388][ T5321]  linkwatch_event+0x4c/0x60
[   69.291176][ T5321]  process_scheduled_works+0xabe/0x18e0
[   69.293342][ T5321]  worker_thread+0x870/0xd30
[   69.295144][ T5321]  kthread+0x7a9/0x920
[   69.296615][ T5321] Modules linked in:
[   69.298131][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   69.298149][ T5321] Tainted: [B]=BAD_PAGE
[   69.298154][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.298161][ T5321] Call Trace:
[   69.298168][ T5321]  <TASK>
[   69.298175][ T5321]  dump_stack_lvl+0x241/0x360
[   69.298191][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.298203][ T5321]  ? __pfx_print_modules+0x10/0x10
[   69.298223][ T5321]  bad_page+0x176/0x1d0
[   69.298235][ T5321]  free_frozen_pages+0x1082/0x10e0
[   69.298252][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   69.298272][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   69.298284][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   69.298294][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   69.298316][ T5321]  do_xdp_generic+0x757/0xd30
[   69.298328][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   69.298339][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   69.298352][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   69.298365][ T5321]  ? tun_get_user+0x2914/0x4860
[   69.298381][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.298401][ T5321]  ? __lock_acquire+0x1397/0x2100
[   69.298418][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   69.298439][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   69.298455][ T5321]  ? tun_get+0x1e/0x2f0
[   69.298471][ T5321]  ? __pfx_lock_release+0x10/0x10
[   69.298487][ T5321]  ? tun_get+0x1e/0x2f0
[   69.298500][ T5321]  ? tun_get+0x27d/0x2f0
[   69.298513][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.298529][ T5321]  vfs_write+0xacf/0xd10
[   69.298540][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   69.298555][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   69.298566][ T5321]  ? __fget_files+0x2a/0x420
[   69.298580][ T5321]  ? __fget_files+0x2a/0x420
[   69.298590][ T5321]  ksys_write+0x18f/0x2b0
[   69.298597][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   69.298606][ T5321]  ? exc_page_fault+0x590/0x8b0
[   69.298619][ T5321]  ? do_syscall_64+0xb6/0x230
[   69.298635][ T5321]  do_syscall_64+0xf3/0x230
[   69.298649][ T5321]  ? clear_bhb_loop+0x35/0x90
[   69.298666][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.298680][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   69.298691][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   69.298700][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   69.298712][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   69.298720][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   69.298727][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   69.298734][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   69.298739][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   69.298749][ T5321]  </TASK>
[   69.298757][ T5321] BUG: Bad page state in process syz.0.0  pfn:413a4
[   69.415202][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880413a4000 pfn:0x413a4
[   69.419113][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   69.421939][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   69.425408][ T5321] raw: ffff8880413a4000 0000000000000001 00000000ffffffff 0000000000000000
[   69.428470][ T5321] page dumped because: page_pool leak
[   69.430306][ T5321] page_owner tracks the page as allocated
[   69.432183][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004948603, free_ts 66951869842
[   69.438199][ T5321]  post_alloc_hook+0x1f4/0x240
[   69.440117][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   69.442175][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   69.444534][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   69.446702][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   69.449240][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   69.451309][ T5321]  do_xdp_generic+0x505/0xd30
[   69.453315][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.455438][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.457291][ T5321]  vfs_write+0xacf/0xd10
[   69.458974][ T5321]  ksys_write+0x18f/0x2b0
[   69.460685][ T5321]  do_syscall_64+0xf3/0x230
[   69.462409][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.464772][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   69.467069][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   69.468785][ T5321]  __slab_free+0x2c2/0x380
[   69.470285][ T5321]  qlist_free_all+0x9a/0x140
[   69.471923][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   69.473582][ T5321]  __kasan_slab_alloc+0x23/0x80
[   69.475434][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   69.477730][ T5321]  __alloc_skb+0x1c3/0x440
[   69.479575][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   69.481762][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   69.483664][ T5321]  netdev_state_change+0x139/0x1a0
[   69.485948][ T5321]  linkwatch_do_dev+0x112/0x170
[   69.487786][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   69.489853][ T5321]  linkwatch_event+0x4c/0x60
[   69.491680][ T5321]  process_scheduled_works+0xabe/0x18e0
[   69.493848][ T5321]  worker_thread+0x870/0xd30
[   69.495868][ T5321]  kthread+0x7a9/0x920
[   69.497222][ T5321] Modules linked in:
[   69.498633][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   69.498652][ T5321] Tainted: [B]=BAD_PAGE
[   69.498657][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.498665][ T5321] Call Trace:
[   69.498671][ T5321]  <TASK>
[   69.498677][ T5321]  dump_stack_lvl+0x241/0x360
[   69.498693][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.498704][ T5321]  ? __pfx_print_modules+0x10/0x10
[   69.498723][ T5321]  bad_page+0x176/0x1d0
[   69.498736][ T5321]  free_frozen_pages+0x1082/0x10e0
[   69.498754][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   69.498772][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   69.498786][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   69.498796][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   69.498819][ T5321]  do_xdp_generic+0x757/0xd30
[   69.498831][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   69.498844][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   69.498858][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   69.498871][ T5321]  ? tun_get_user+0x2914/0x4860
[   69.498887][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.498905][ T5321]  ? __lock_acquire+0x1397/0x2100
[   69.498922][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   69.498941][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   69.498956][ T5321]  ? tun_get+0x1e/0x2f0
[   69.498970][ T5321]  ? __pfx_lock_release+0x10/0x10
[   69.498989][ T5321]  ? tun_get+0x1e/0x2f0
[   69.499003][ T5321]  ? tun_get+0x27d/0x2f0
[   69.499043][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.499062][ T5321]  vfs_write+0xacf/0xd10
[   69.499077][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   69.499092][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   69.499102][ T5321]  ? __fget_files+0x2a/0x420
[   69.499118][ T5321]  ? __fget_files+0x2a/0x420
[   69.499134][ T5321]  ksys_write+0x18f/0x2b0
[   69.499144][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   69.499155][ T5321]  ? exc_page_fault+0x590/0x8b0
[   69.499170][ T5321]  ? do_syscall_64+0xb6/0x230
[   69.499183][ T5321]  do_syscall_64+0xf3/0x230
[   69.499198][ T5321]  ? clear_bhb_loop+0x35/0x90
[   69.499213][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.499227][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   69.499238][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   69.499247][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   69.499260][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   69.499268][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   69.499275][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   69.499283][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   69.499290][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   69.499301][ T5321]  </TASK>
[   69.499310][ T5321] BUG: Bad page state in process syz.0.0  pfn:3f4ef
[   69.609161][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f4efe88 pfn:0x3f4ef
[   69.613148][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   69.615989][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   69.619088][ T5321] raw: ffff88803f4efe88 0000000000000001 00000000ffffffff 0000000000000000
[   69.622131][ T5321] page dumped because: page_pool leak
[   69.624141][ T5321] page_owner tracks the page as allocated
[   69.626152][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004941155, free_ts 66951875549
[   69.631834][ T5321]  post_alloc_hook+0x1f4/0x240
[   69.633551][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   69.635648][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   69.637742][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   69.639705][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   69.641806][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   69.643610][ T5321]  do_xdp_generic+0x505/0xd30
[   69.645463][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.647300][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.649313][ T5321]  vfs_write+0xacf/0xd10
[   69.650909][ T5321]  ksys_write+0x18f/0x2b0
[   69.652616][ T5321]  do_syscall_64+0xf3/0x230
[   69.654432][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.656756][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   69.659174][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   69.661055][ T5321]  __slab_free+0x2c2/0x380
[   69.662731][ T5321]  qlist_free_all+0x9a/0x140
[   69.664561][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   69.666706][ T5321]  __kasan_slab_alloc+0x23/0x80
[   69.668534][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   69.670733][ T5321]  __alloc_skb+0x1c3/0x440
[   69.672364][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   69.674403][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   69.676130][ T5321]  netdev_state_change+0x139/0x1a0
[   69.678052][ T5321]  linkwatch_do_dev+0x112/0x170
[   69.679920][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   69.681916][ T5321]  linkwatch_event+0x4c/0x60
[   69.683657][ T5321]  process_scheduled_works+0xabe/0x18e0
[   69.685886][ T5321]  worker_thread+0x870/0xd30
[   69.687678][ T5321]  kthread+0x7a9/0x920
[   69.689206][ T5321] Modules linked in:
[   69.690748][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   69.690768][ T5321] Tainted: [B]=BAD_PAGE
[   69.690773][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.690786][ T5321] Call Trace:
[   69.690792][ T5321]  <TASK>
[   69.690798][ T5321]  dump_stack_lvl+0x241/0x360
[   69.690812][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.690824][ T5321]  ? __pfx_print_modules+0x10/0x10
[   69.690842][ T5321]  bad_page+0x176/0x1d0
[   69.690857][ T5321]  free_frozen_pages+0x1082/0x10e0
[   69.690879][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   69.690899][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   69.690913][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   69.690924][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   69.690952][ T5321]  do_xdp_generic+0x757/0xd30
[   69.690965][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   69.690978][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   69.690994][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   69.691009][ T5321]  ? tun_get_user+0x2914/0x4860
[   69.691054][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.691075][ T5321]  ? __lock_acquire+0x1397/0x2100
[   69.691093][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   69.691112][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   69.691128][ T5321]  ? tun_get+0x1e/0x2f0
[   69.691142][ T5321]  ? __pfx_lock_release+0x10/0x10
[   69.691160][ T5321]  ? tun_get+0x1e/0x2f0
[   69.691175][ T5321]  ? tun_get+0x27d/0x2f0
[   69.691190][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.691207][ T5321]  vfs_write+0xacf/0xd10
[   69.691219][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   69.691235][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   69.691246][ T5321]  ? __fget_files+0x2a/0x420
[   69.691262][ T5321]  ? __fget_files+0x2a/0x420
[   69.691278][ T5321]  ksys_write+0x18f/0x2b0
[   69.691288][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   69.691299][ T5321]  ? exc_page_fault+0x590/0x8b0
[   69.691313][ T5321]  ? do_syscall_64+0xb6/0x230
[   69.691328][ T5321]  do_syscall_64+0xf3/0x230
[   69.691343][ T5321]  ? clear_bhb_loop+0x35/0x90
[   69.691361][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.691376][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   69.691388][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   69.691398][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   69.691410][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   69.691420][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   69.691427][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   69.691434][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   69.691441][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   69.691452][ T5321]  </TASK>
[   69.691461][ T5321] BUG: Bad page state in process syz.0.0  pfn:42858
[   69.800835][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888042858d80 pfn:0x42858
[   69.804787][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   69.807748][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   69.811414][ T5321] raw: ffff888042858d80 0000000000000001 00000000ffffffff 0000000000000000
[   69.815003][ T5321] page dumped because: page_pool leak
[   69.817226][ T5321] page_owner tracks the page as allocated
[   69.819504][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004934227, free_ts 66951880914
[   69.826092][ T5321]  post_alloc_hook+0x1f4/0x240
[   69.828100][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   69.830278][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   69.832612][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   69.834793][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   69.837218][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   69.839202][ T5321]  do_xdp_generic+0x505/0xd30
[   69.840973][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.842611][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.844517][ T5321]  vfs_write+0xacf/0xd10
[   69.846089][ T5321]  ksys_write+0x18f/0x2b0
[   69.847975][ T5321]  do_syscall_64+0xf3/0x230
[   69.850051][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.852620][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   69.855159][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   69.857196][ T5321]  __slab_free+0x2c2/0x380
[   69.858999][ T5321]  qlist_free_all+0x9a/0x140
[   69.860796][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   69.862938][ T5321]  __kasan_slab_alloc+0x23/0x80
[   69.865008][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   69.867336][ T5321]  __alloc_skb+0x1c3/0x440
[   69.869079][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   69.871175][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   69.872915][ T5321]  netdev_state_change+0x139/0x1a0
[   69.874995][ T5321]  linkwatch_do_dev+0x112/0x170
[   69.876933][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   69.878996][ T5321]  linkwatch_event+0x4c/0x60
[   69.880773][ T5321]  process_scheduled_works+0xabe/0x18e0
[   69.883002][ T5321]  worker_thread+0x870/0xd30
[   69.884935][ T5321]  kthread+0x7a9/0x920
[   69.886742][ T5321] Modules linked in:
[   69.888348][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   69.888365][ T5321] Tainted: [B]=BAD_PAGE
[   69.888370][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.888378][ T5321] Call Trace:
[   69.888386][ T5321]  <TASK>
[   69.888391][ T5321]  dump_stack_lvl+0x241/0x360
[   69.888407][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.888419][ T5321]  ? __pfx_print_modules+0x10/0x10
[   69.888438][ T5321]  bad_page+0x176/0x1d0
[   69.888451][ T5321]  free_frozen_pages+0x1082/0x10e0
[   69.888469][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   69.888488][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   69.888501][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   69.888511][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   69.888533][ T5321]  do_xdp_generic+0x757/0xd30
[   69.888551][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   69.888564][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   69.888579][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   69.888595][ T5321]  ? tun_get_user+0x2914/0x4860
[   69.888612][ T5321]  tun_get_user+0x2a4b/0x4860
[   69.888631][ T5321]  ? __lock_acquire+0x1397/0x2100
[   69.888648][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   69.888667][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   69.888684][ T5321]  ? tun_get+0x1e/0x2f0
[   69.888699][ T5321]  ? __pfx_lock_release+0x10/0x10
[   69.888717][ T5321]  ? tun_get+0x1e/0x2f0
[   69.888731][ T5321]  ? tun_get+0x27d/0x2f0
[   69.888745][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   69.888761][ T5321]  vfs_write+0xacf/0xd10
[   69.888774][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   69.888789][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   69.888800][ T5321]  ? __fget_files+0x2a/0x420
[   69.888817][ T5321]  ? __fget_files+0x2a/0x420
[   69.888832][ T5321]  ksys_write+0x18f/0x2b0
[   69.888842][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   69.888852][ T5321]  ? exc_page_fault+0x590/0x8b0
[   69.888866][ T5321]  ? do_syscall_64+0xb6/0x230
[   69.888879][ T5321]  do_syscall_64+0xf3/0x230
[   69.888892][ T5321]  ? clear_bhb_loop+0x35/0x90
[   69.888909][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.888926][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   69.888937][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   69.888945][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   69.888957][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   69.888966][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   69.888974][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   69.888982][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   69.888988][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   69.888999][ T5321]  </TASK>
[   69.889006][ T5321] BUG: Bad page state in process syz.0.0  pfn:43f0b
[   70.000304][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888043f0b360 pfn:0x43f0b
[   70.004153][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   70.006955][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   70.010161][ T5321] raw: ffff888043f0b360 0000000000000001 00000000ffffffff 0000000000000000
[   70.013352][ T5321] page dumped because: page_pool leak
[   70.015459][ T5321] page_owner tracks the page as allocated
[   70.017595][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004926841, free_ts 66951888054
[   70.023764][ T5321]  post_alloc_hook+0x1f4/0x240
[   70.025773][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   70.027962][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   70.030166][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   70.032194][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   70.034660][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   70.036624][ T5321]  do_xdp_generic+0x505/0xd30
[   70.038465][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.040322][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.042306][ T5321]  vfs_write+0xacf/0xd10
[   70.044024][ T5321]  ksys_write+0x18f/0x2b0
[   70.045765][ T5321]  do_syscall_64+0xf3/0x230
[   70.047630][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.049924][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   70.052400][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   70.054443][ T5321]  __slab_free+0x2c2/0x380
[   70.056302][ T5321]  qlist_free_all+0x9a/0x140
[   70.058195][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   70.060447][ T5321]  __kasan_slab_alloc+0x23/0x80
[   70.062284][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   70.064597][ T5321]  __alloc_skb+0x1c3/0x440
[   70.066406][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   70.068510][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   70.070321][ T5321]  netdev_state_change+0x139/0x1a0
[   70.072282][ T5321]  linkwatch_do_dev+0x112/0x170
[   70.074191][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   70.076394][ T5321]  linkwatch_event+0x4c/0x60
[   70.078339][ T5321]  process_scheduled_works+0xabe/0x18e0
[   70.080674][ T5321]  worker_thread+0x870/0xd30
[   70.082585][ T5321]  kthread+0x7a9/0x920
[   70.084425][ T5321] Modules linked in:
[   70.086096][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   70.086115][ T5321] Tainted: [B]=BAD_PAGE
[   70.086119][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.086126][ T5321] Call Trace:
[   70.086134][ T5321]  <TASK>
[   70.086140][ T5321]  dump_stack_lvl+0x241/0x360
[   70.086156][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.086169][ T5321]  ? __pfx_print_modules+0x10/0x10
[   70.086189][ T5321]  bad_page+0x176/0x1d0
[   70.086204][ T5321]  free_frozen_pages+0x1082/0x10e0
[   70.086223][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   70.086243][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   70.086257][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   70.086268][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   70.086294][ T5321]  do_xdp_generic+0x757/0xd30
[   70.086308][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   70.086328][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   70.086343][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   70.086376][ T5321]  ? tun_get_user+0x2914/0x4860
[   70.086394][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.086415][ T5321]  ? __lock_acquire+0x1397/0x2100
[   70.086433][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   70.086454][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   70.086470][ T5321]  ? tun_get+0x1e/0x2f0
[   70.086485][ T5321]  ? __pfx_lock_release+0x10/0x10
[   70.086504][ T5321]  ? tun_get+0x1e/0x2f0
[   70.086519][ T5321]  ? tun_get+0x27d/0x2f0
[   70.086535][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.086550][ T5321]  vfs_write+0xacf/0xd10
[   70.086563][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   70.086579][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   70.086591][ T5321]  ? __fget_files+0x2a/0x420
[   70.086609][ T5321]  ? __fget_files+0x2a/0x420
[   70.086627][ T5321]  ksys_write+0x18f/0x2b0
[   70.086638][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   70.086649][ T5321]  ? exc_page_fault+0x590/0x8b0
[   70.086663][ T5321]  ? do_syscall_64+0xb6/0x230
[   70.086679][ T5321]  do_syscall_64+0xf3/0x230
[   70.086694][ T5321]  ? clear_bhb_loop+0x35/0x90
[   70.086713][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.086730][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   70.086742][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.086753][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.086767][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   70.086777][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   70.086785][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.086800][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   70.086807][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   70.086820][ T5321]  </TASK>
[   70.086828][ T5321] BUG: Bad page state in process syz.0.0  pfn:3515b
[   70.205761][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803515b4d8 pfn:0x3515b
[   70.209590][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   70.212316][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   70.215585][ T5321] raw: ffff88803515b4d8 0000000000000001 00000000ffffffff 0000000000000000
[   70.218861][ T5321] page dumped because: page_pool leak
[   70.221077][ T5321] page_owner tracks the page as allocated
[   70.223428][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004919505, free_ts 66951892364
[   70.230032][ T5321]  post_alloc_hook+0x1f4/0x240
[   70.231927][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   70.234206][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   70.236525][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   70.238698][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   70.241248][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   70.243479][ T5321]  do_xdp_generic+0x505/0xd30
[   70.246067][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.248169][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.250183][ T5321]  vfs_write+0xacf/0xd10
[   70.252019][ T5321]  ksys_write+0x18f/0x2b0
[   70.253780][ T5321]  do_syscall_64+0xf3/0x230
[   70.255751][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.258263][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   70.260685][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   70.262800][ T5321]  __slab_free+0x2c2/0x380
[   70.264837][ T5321]  qlist_free_all+0x9a/0x140
[   70.266464][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   70.268486][ T5321]  __kasan_slab_alloc+0x23/0x80
[   70.270403][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   70.272680][ T5321]  __alloc_skb+0x1c3/0x440
[   70.274575][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   70.276674][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   70.278342][ T5321]  netdev_state_change+0x139/0x1a0
[   70.280711][ T5321]  linkwatch_do_dev+0x112/0x170
[   70.283061][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   70.285280][ T5321]  linkwatch_event+0x4c/0x60
[   70.287223][ T5321]  process_scheduled_works+0xabe/0x18e0
[   70.289640][ T5321]  worker_thread+0x870/0xd30
[   70.291537][ T5321]  kthread+0x7a9/0x920
[   70.293189][ T5321] Modules linked in:
[   70.294881][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   70.294899][ T5321] Tainted: [B]=BAD_PAGE
[   70.294909][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.294916][ T5321] Call Trace:
[   70.294982][ T5321]  <TASK>
[   70.295030][ T5321]  dump_stack_lvl+0x241/0x360
[   70.295048][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.295059][ T5321]  ? __pfx_print_modules+0x10/0x10
[   70.295078][ T5321]  bad_page+0x176/0x1d0
[   70.295091][ T5321]  free_frozen_pages+0x1082/0x10e0
[   70.295110][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   70.295155][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   70.295169][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   70.295180][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   70.295203][ T5321]  do_xdp_generic+0x757/0xd30
[   70.295214][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   70.295225][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   70.295240][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   70.295255][ T5321]  ? tun_get_user+0x2914/0x4860
[   70.295271][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.295299][ T5321]  ? __lock_acquire+0x1397/0x2100
[   70.295316][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   70.295335][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   70.295350][ T5321]  ? tun_get+0x1e/0x2f0
[   70.295365][ T5321]  ? __pfx_lock_release+0x10/0x10
[   70.295382][ T5321]  ? tun_get+0x1e/0x2f0
[   70.295396][ T5321]  ? tun_get+0x27d/0x2f0
[   70.295412][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.295427][ T5321]  vfs_write+0xacf/0xd10
[   70.295439][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   70.295454][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   70.295465][ T5321]  ? __fget_files+0x2a/0x420
[   70.295480][ T5321]  ? __fget_files+0x2a/0x420
[   70.295497][ T5321]  ksys_write+0x18f/0x2b0
[   70.295513][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   70.295524][ T5321]  ? exc_page_fault+0x590/0x8b0
[   70.295539][ T5321]  ? do_syscall_64+0xb6/0x230
[   70.295552][ T5321]  do_syscall_64+0xf3/0x230
[   70.295566][ T5321]  ? clear_bhb_loop+0x35/0x90
[   70.295582][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.295597][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   70.295608][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.295617][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.295629][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   70.295636][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   70.295643][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.295649][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   70.295655][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   70.295665][ T5321]  </TASK>
[   70.295729][ T5321] BUG: Bad page state in process syz.0.0  pfn:4040b
[   70.410472][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804040bc00 pfn:0x4040b
[   70.414725][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   70.417777][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   70.421340][ T5321] raw: ffff88804040bc00 0000000000000001 00000000ffffffff 0000000000000000
[   70.424978][ T5321] page dumped because: page_pool leak
[   70.427267][ T5321] page_owner tracks the page as allocated
[   70.429717][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004912299, free_ts 66951896509
[   70.436539][ T5321]  post_alloc_hook+0x1f4/0x240
[   70.438580][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   70.440872][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   70.442995][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   70.445144][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   70.447376][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   70.448815][ T5321]  do_xdp_generic+0x505/0xd30
[   70.450625][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.452481][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.454561][ T5321]  vfs_write+0xacf/0xd10
[   70.456250][ T5321]  ksys_write+0x18f/0x2b0
[   70.457919][ T5321]  do_syscall_64+0xf3/0x230
[   70.459797][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.462058][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   70.464609][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   70.466781][ T5321]  __slab_free+0x2c2/0x380
[   70.468743][ T5321]  qlist_free_all+0x9a/0x140
[   70.470741][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   70.472963][ T5321]  __kasan_slab_alloc+0x23/0x80
[   70.475133][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   70.478025][ T5321]  __alloc_skb+0x1c3/0x440
[   70.480406][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   70.483100][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   70.485516][ T5321]  netdev_state_change+0x139/0x1a0
[   70.488215][ T5321]  linkwatch_do_dev+0x112/0x170
[   70.490474][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   70.492604][ T5321]  linkwatch_event+0x4c/0x60
[   70.494623][ T5321]  process_scheduled_works+0xabe/0x18e0
[   70.496954][ T5321]  worker_thread+0x870/0xd30
[   70.498815][ T5321]  kthread+0x7a9/0x920
[   70.500582][ T5321] Modules linked in:
[   70.502135][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   70.502152][ T5321] Tainted: [B]=BAD_PAGE
[   70.502156][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.502163][ T5321] Call Trace:
[   70.502169][ T5321]  <TASK>
[   70.502175][ T5321]  dump_stack_lvl+0x241/0x360
[   70.502190][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.502200][ T5321]  ? __pfx_print_modules+0x10/0x10
[   70.502216][ T5321]  bad_page+0x176/0x1d0
[   70.502229][ T5321]  free_frozen_pages+0x1082/0x10e0
[   70.502247][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   70.502267][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   70.502280][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   70.502291][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   70.502312][ T5321]  do_xdp_generic+0x757/0xd30
[   70.502324][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   70.502336][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   70.502349][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   70.502364][ T5321]  ? tun_get_user+0x2914/0x4860
[   70.502379][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.502397][ T5321]  ? __lock_acquire+0x1397/0x2100
[   70.502413][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   70.502432][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   70.502447][ T5321]  ? tun_get+0x1e/0x2f0
[   70.502461][ T5321]  ? __pfx_lock_release+0x10/0x10
[   70.502479][ T5321]  ? tun_get+0x1e/0x2f0
[   70.502501][ T5321]  ? tun_get+0x27d/0x2f0
[   70.502515][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.502526][ T5321]  vfs_write+0xacf/0xd10
[   70.502534][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   70.502544][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   70.502550][ T5321]  ? __fget_files+0x2a/0x420
[   70.502561][ T5321]  ? __fget_files+0x2a/0x420
[   70.502573][ T5321]  ksys_write+0x18f/0x2b0
[   70.502584][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   70.502593][ T5321]  ? exc_page_fault+0x590/0x8b0
[   70.502607][ T5321]  ? do_syscall_64+0xb6/0x230
[   70.502620][ T5321]  do_syscall_64+0xf3/0x230
[   70.502633][ T5321]  ? clear_bhb_loop+0x35/0x90
[   70.502649][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.502662][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   70.502673][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.502681][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.502694][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   70.502701][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   70.502709][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.502715][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   70.502721][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   70.502732][ T5321]  </TASK>
[   70.502741][ T5321] BUG: Bad page state in process syz.0.0  pfn:412dc
[   70.617315][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880412dc400 pfn:0x412dc
[   70.621289][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   70.624170][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   70.627239][ T5321] raw: ffff8880412dc400 0000000000000001 00000000ffffffff 0000000000000000
[   70.630228][ T5321] page dumped because: page_pool leak
[   70.632243][ T5321] page_owner tracks the page as allocated
[   70.634417][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004904909, free_ts 66951901332
[   70.640360][ T5321]  post_alloc_hook+0x1f4/0x240
[   70.642244][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   70.644571][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   70.646849][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   70.649021][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   70.651360][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   70.653318][ T5321]  do_xdp_generic+0x505/0xd30
[   70.655384][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.657256][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.659218][ T5321]  vfs_write+0xacf/0xd10
[   70.660887][ T5321]  ksys_write+0x18f/0x2b0
[   70.662594][ T5321]  do_syscall_64+0xf3/0x230
[   70.664551][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.666799][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   70.669249][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   70.671227][ T5321]  __slab_free+0x2c2/0x380
[   70.672981][ T5321]  qlist_free_all+0x9a/0x140
[   70.674859][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   70.677111][ T5321]  __kasan_slab_alloc+0x23/0x80
[   70.679109][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   70.681486][ T5321]  __alloc_skb+0x1c3/0x440
[   70.683280][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   70.685416][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   70.687218][ T5321]  netdev_state_change+0x139/0x1a0
[   70.689153][ T5321]  linkwatch_do_dev+0x112/0x170
[   70.691071][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   70.693144][ T5321]  linkwatch_event+0x4c/0x60
[   70.695123][ T5321]  process_scheduled_works+0xabe/0x18e0
[   70.697161][ T5321]  worker_thread+0x870/0xd30
[   70.699028][ T5321]  kthread+0x7a9/0x920
[   70.700617][ T5321] Modules linked in:
[   70.702184][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   70.702202][ T5321] Tainted: [B]=BAD_PAGE
[   70.702206][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.702212][ T5321] Call Trace:
[   70.702219][ T5321]  <TASK>
[   70.702224][ T5321]  dump_stack_lvl+0x241/0x360
[   70.702237][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.702247][ T5321]  ? __pfx_print_modules+0x10/0x10
[   70.702264][ T5321]  bad_page+0x176/0x1d0
[   70.702277][ T5321]  free_frozen_pages+0x1082/0x10e0
[   70.702293][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   70.702313][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   70.702328][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   70.702338][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   70.702362][ T5321]  do_xdp_generic+0x757/0xd30
[   70.702374][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   70.702386][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   70.702399][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   70.702413][ T5321]  ? tun_get_user+0x2914/0x4860
[   70.702431][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.702449][ T5321]  ? __lock_acquire+0x1397/0x2100
[   70.702466][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   70.702485][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   70.702500][ T5321]  ? tun_get+0x1e/0x2f0
[   70.702514][ T5321]  ? __pfx_lock_release+0x10/0x10
[   70.702532][ T5321]  ? tun_get+0x1e/0x2f0
[   70.702546][ T5321]  ? tun_get+0x27d/0x2f0
[   70.702560][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.702583][ T5321]  vfs_write+0xacf/0xd10
[   70.702594][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   70.702608][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   70.702619][ T5321]  ? __fget_files+0x2a/0x420
[   70.702635][ T5321]  ? __fget_files+0x2a/0x420
[   70.702649][ T5321]  ksys_write+0x18f/0x2b0
[   70.702659][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   70.702670][ T5321]  ? exc_page_fault+0x590/0x8b0
[   70.702682][ T5321]  ? do_syscall_64+0xb6/0x230
[   70.702696][ T5321]  do_syscall_64+0xf3/0x230
[   70.702709][ T5321]  ? clear_bhb_loop+0x35/0x90
[   70.702725][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.702740][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   70.702750][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.702756][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.702765][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   70.702770][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   70.702776][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.702782][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   70.702788][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   70.702798][ T5321]  </TASK>
[   70.702806][ T5321] BUG: Bad page state in process syz.0.0  pfn:4285c
[   70.813806][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804285c600 pfn:0x4285c
[   70.817893][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   70.820640][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   70.823745][ T5321] raw: ffff88804285c600 0000000000000001 00000000ffffffff 0000000000000000
[   70.827208][ T5321] page dumped because: page_pool leak
[   70.829224][ T5321] page_owner tracks the page as allocated
[   70.831488][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004897725, free_ts 66951990052
[   70.837746][ T5321]  post_alloc_hook+0x1f4/0x240
[   70.839507][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   70.841526][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   70.843820][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   70.846072][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   70.848426][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   70.850327][ T5321]  do_xdp_generic+0x505/0xd30
[   70.852256][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.854349][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.856377][ T5321]  vfs_write+0xacf/0xd10
[   70.858077][ T5321]  ksys_write+0x18f/0x2b0
[   70.859805][ T5321]  do_syscall_64+0xf3/0x230
[   70.861507][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.863859][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   70.866458][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   70.868412][ T5321]  __slab_free+0x2c2/0x380
[   70.870137][ T5321]  qlist_free_all+0x9a/0x140
[   70.872016][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   70.874238][ T5321]  __kasan_slab_alloc+0x23/0x80
[   70.876055][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   70.878048][ T5321]  __alloc_skb+0x1c3/0x440
[   70.879848][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   70.881968][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   70.883879][ T5321]  netdev_state_change+0x139/0x1a0
[   70.886010][ T5321]  linkwatch_do_dev+0x112/0x170
[   70.887899][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   70.890033][ T5321]  linkwatch_event+0x4c/0x60
[   70.891945][ T5321]  process_scheduled_works+0xabe/0x18e0
[   70.894262][ T5321]  worker_thread+0x870/0xd30
[   70.896069][ T5321]  kthread+0x7a9/0x920
[   70.897690][ T5321] Modules linked in:
[   70.899295][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   70.899313][ T5321] Tainted: [B]=BAD_PAGE
[   70.899317][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.899324][ T5321] Call Trace:
[   70.899331][ T5321]  <TASK>
[   70.899337][ T5321]  dump_stack_lvl+0x241/0x360
[   70.899352][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.899362][ T5321]  ? __pfx_print_modules+0x10/0x10
[   70.899381][ T5321]  bad_page+0x176/0x1d0
[   70.899395][ T5321]  free_frozen_pages+0x1082/0x10e0
[   70.899414][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   70.899433][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   70.899446][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   70.899456][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   70.899481][ T5321]  do_xdp_generic+0x757/0xd30
[   70.899492][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   70.899504][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   70.899519][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   70.899532][ T5321]  ? tun_get_user+0x2914/0x4860
[   70.899549][ T5321]  tun_get_user+0x2a4b/0x4860
[   70.899576][ T5321]  ? __lock_acquire+0x1397/0x2100
[   70.899593][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   70.899613][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   70.899629][ T5321]  ? tun_get+0x1e/0x2f0
[   70.899644][ T5321]  ? __pfx_lock_release+0x10/0x10
[   70.899662][ T5321]  ? tun_get+0x1e/0x2f0
[   70.899676][ T5321]  ? tun_get+0x27d/0x2f0
[   70.899691][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   70.899707][ T5321]  vfs_write+0xacf/0xd10
[   70.899719][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   70.899735][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   70.899746][ T5321]  ? __fget_files+0x2a/0x420
[   70.899762][ T5321]  ? __fget_files+0x2a/0x420
[   70.899778][ T5321]  ksys_write+0x18f/0x2b0
[   70.899789][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   70.899799][ T5321]  ? exc_page_fault+0x590/0x8b0
[   70.899813][ T5321]  ? do_syscall_64+0xb6/0x230
[   70.899827][ T5321]  do_syscall_64+0xf3/0x230
[   70.899841][ T5321]  ? clear_bhb_loop+0x35/0x90
[   70.899857][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.899872][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   70.899883][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.899892][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.899905][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   70.899912][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   70.899920][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.899926][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   70.899933][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   70.899944][ T5321]  </TASK>
[   70.899953][ T5321] BUG: Bad page state in process syz.0.0  pfn:3f28b
[   71.018447][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f28b510 pfn:0x3f28b
[   71.022642][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   71.025761][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   71.029136][ T5321] raw: ffff88803f28b510 0000000000000001 00000000ffffffff 0000000000000000
[   71.032714][ T5321] page dumped because: page_pool leak
[   71.035126][ T5321] page_owner tracks the page as allocated
[   71.037530][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004890161, free_ts 66952003627
[   71.044301][ T5321]  post_alloc_hook+0x1f4/0x240
[   71.046369][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   71.048736][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   71.051212][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   71.053552][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   71.056222][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   71.058344][ T5321]  do_xdp_generic+0x505/0xd30
[   71.060358][ T5321]  tun_get_user+0x2a4b/0x4860
[   71.062375][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   71.064616][ T5321]  vfs_write+0xacf/0xd10
[   71.066467][ T5321]  ksys_write+0x18f/0x2b0
[   71.068315][ T5321]  do_syscall_64+0xf3/0x230
[   71.070241][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.072773][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   71.075518][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   71.077646][ T5321]  __slab_free+0x2c2/0x380
[   71.079598][ T5321]  qlist_free_all+0x9a/0x140
[   71.081553][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   71.083902][ T5321]  __kasan_slab_alloc+0x23/0x80
[   71.086097][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   71.088644][ T5321]  __alloc_skb+0x1c3/0x440
[   71.090542][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   71.092812][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   71.094772][ T5321]  netdev_state_change+0x139/0x1a0
[   71.096866][ T5321]  linkwatch_do_dev+0x112/0x170
[   71.098902][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   71.101130][ T5321]  linkwatch_event+0x4c/0x60
[   71.103002][ T5321]  process_scheduled_works+0xabe/0x18e0
[   71.105477][ T5321]  worker_thread+0x870/0xd30
[   71.107494][ T5321]  kthread+0x7a9/0x920
[   71.109254][ T5321] Modules linked in:
[   71.110907][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   71.110926][ T5321] Tainted: [B]=BAD_PAGE
[   71.110931][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   71.110938][ T5321] Call Trace:
[   71.110946][ T5321]  <TASK>
[   71.110952][ T5321]  dump_stack_lvl+0x241/0x360
[   71.110968][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   71.110981][ T5321]  ? __pfx_print_modules+0x10/0x10
[   71.111000][ T5321]  bad_page+0x176/0x1d0
[   71.111037][ T5321]  free_frozen_pages+0x1082/0x10e0
[   71.111057][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   71.111080][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   71.111096][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   71.111107][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   71.111133][ T5321]  do_xdp_generic+0x757/0xd30
[   71.111146][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   71.111160][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   71.111175][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   71.111191][ T5321]  ? tun_get_user+0x2914/0x4860
[   71.111209][ T5321]  tun_get_user+0x2a4b/0x4860
[   71.111229][ T5321]  ? __lock_acquire+0x1397/0x2100
[   71.111248][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   71.111270][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   71.111286][ T5321]  ? tun_get+0x1e/0x2f0
[   71.111302][ T5321]  ? __pfx_lock_release+0x10/0x10
[   71.111322][ T5321]  ? tun_get+0x1e/0x2f0
[   71.111338][ T5321]  ? tun_get+0x27d/0x2f0
[   71.111354][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   71.111372][ T5321]  vfs_write+0xacf/0xd10
[   71.111386][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   71.111403][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   71.111416][ T5321]  ? __fget_files+0x2a/0x420
[   71.111432][ T5321]  ? __fget_files+0x2a/0x420
[   71.111450][ T5321]  ksys_write+0x18f/0x2b0
[   71.111463][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   71.111474][ T5321]  ? exc_page_fault+0x590/0x8b0
[   71.111488][ T5321]  ? do_syscall_64+0xb6/0x230
[   71.111500][ T5321]  do_syscall_64+0xf3/0x230
[   71.111518][ T5321]  ? clear_bhb_loop+0x35/0x90
[   71.111536][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.111552][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   71.111569][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   71.111579][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   71.111593][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   71.111601][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   71.111609][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   71.111616][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   71.111623][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   71.111635][ T5321]  </TASK>
[   71.111645][ T5321] BUG: Bad page state in process syz.0.0  pfn:3f849
[   71.226894][ T5321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f8499b0 pfn:0x3f849
[   71.230969][ T5321] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   71.233836][ T5321] raw: 04fff00000000000 dead000000000040 ffff88801e4d0000 0000000000000000
[   71.237280][ T5321] raw: ffff88803f8499b0 0000000000000001 00000000ffffffff 0000000000000000
[   71.241408][ T5321] page dumped because: page_pool leak
[   71.243997][ T5321] page_owner tracks the page as allocated
[   71.246400][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5321, tgid 5320 (syz.0.0), ts 69004882308, free_ts 66952007656
[   71.252982][ T5321]  post_alloc_hook+0x1f4/0x240
[   71.254987][ T5321]  get_page_from_freelist+0x365c/0x37a0
[   71.257395][ T5321]  __alloc_frozen_pages_noprof+0x292/0x710
[   71.259749][ T5321]  alloc_pages_bulk_noprof+0x847/0xae0
[   71.261937][ T5321]  __page_pool_alloc_pages_slow+0x11f/0x690
[   71.264485][ T5321]  skb_pp_cow_data+0xcc8/0x1720
[   71.266456][ T5321]  do_xdp_generic+0x505/0xd30
[   71.268338][ T5321]  tun_get_user+0x2a4b/0x4860
[   71.270213][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   71.272309][ T5321]  vfs_write+0xacf/0xd10
[   71.274104][ T5321]  ksys_write+0x18f/0x2b0
[   71.275854][ T5321]  do_syscall_64+0xf3/0x230
[   71.277696][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.280063][ T5321] page last free pid 3056 tgid 3056 stack trace:
[   71.282793][ T5321]  free_frozen_pages+0xe0d/0x10e0
[   71.284908][ T5321]  __slab_free+0x2c2/0x380
[   71.286854][ T5321]  qlist_free_all+0x9a/0x140
[   71.288757][ T5321]  kasan_quarantine_reduce+0x14f/0x170
[   71.290882][ T5321]  __kasan_slab_alloc+0x23/0x80
[   71.292751][ T5321]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[   71.295108][ T5321]  __alloc_skb+0x1c3/0x440
[   71.296795][ T5321]  rtmsg_ifinfo_build_skb+0x84/0x260
[   71.298933][ T5321]  rtmsg_ifinfo+0x91/0x1b0
[   71.300773][ T5321]  netdev_state_change+0x139/0x1a0
[   71.302828][ T5321]  linkwatch_do_dev+0x112/0x170
[   71.304915][ T5321]  __linkwatch_run_queue+0x44f/0x6c0
[   71.307073][ T5321]  linkwatch_event+0x4c/0x60
[   71.308938][ T5321]  process_scheduled_works+0xabe/0x18e0
[   71.311191][ T5321]  worker_thread+0x870/0xd30
[   71.313057][ T5321]  kthread+0x7a9/0x920
[   71.314815][ T5321] Modules linked in:
[   71.316446][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Tainted: G    B              6.14.0-syzkaller-00624-g2f2d52945852 #0
[   71.316464][ T5321] Tainted: [B]=BAD_PAGE
[   71.316468][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   71.316476][ T5321] Call Trace:
[   71.316484][ T5321]  <TASK>
[   71.316491][ T5321]  dump_stack_lvl+0x241/0x360
[   71.316506][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   71.316517][ T5321]  ? __pfx_print_modules+0x10/0x10
[   71.316537][ T5321]  bad_page+0x176/0x1d0
[   71.316552][ T5321]  free_frozen_pages+0x1082/0x10e0
[   71.316571][ T5321]  bpf_xdp_frags_shrink_tail+0x3b3/0x780
[   71.316592][ T5321]  bpf_xdp_adjust_tail+0x1c6/0x210
[   71.316607][ T5321]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   71.316618][ T5321]  bpf_prog_run_generic_xdp+0x686/0x1510
[   71.316649][ T5321]  do_xdp_generic+0x757/0xd30
[   71.316661][ T5321]  ? __pfx_do_xdp_generic+0x10/0x10
[   71.316674][ T5321]  ? __local_bh_disable_ip+0x179/0x220
[   71.316688][ T5321]  ? __pfx_eth_type_trans+0x10/0x10
[   71.316703][ T5321]  ? tun_get_user+0x2914/0x4860
[   71.316720][ T5321]  tun_get_user+0x2a4b/0x4860
[   71.316738][ T5321]  ? __lock_acquire+0x1397/0x2100
[   71.316757][ T5321]  ? __pfx_tun_get_user+0x10/0x10
[   71.316775][ T5321]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   71.316792][ T5321]  ? tun_get+0x1e/0x2f0
[   71.316806][ T5321]  ? __pfx_lock_release+0x10/0x10
[   71.316826][ T5321]  ? tun_get+0x1e/0x2f0
[   71.316840][ T5321]  ? tun_get+0x27d/0x2f0
[   71.316856][ T5321]  tun_chr_write_iter+0x10d/0x1f0
[   71.316872][ T5321]  vfs_write+0xacf/0xd10
[   71.316884][ T5321]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   71.316900][ T5321]  ? __pfx_vfs_write+0x10/0x10
[   71.316911][ T5321]  ? __fget_files+0x2a/0x420
[   71.316928][ T5321]  ? __fget_files+0x2a/0x420
[   71.316944][ T5321]  ksys_write+0x18f/0x2b0
[   71.316955][ T5321]  ? __pfx_ksys_write+0x10/0x10
[   71.316965][ T5321]  ? exc_page_fault+0x590/0x8b0
[   71.316979][ T5321]  ? do_syscall_64+0xb6/0x230
[   71.316993][ T5321]  do_syscall_64+0xf3/0x230
[   71.317007][ T5321]  ? clear_bhb_loop+0x35/0x90
[   71.317024][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.317039][ T5321] RIP: 0033:0x7f6e0ab8bc1f
[   71.317050][ T5321] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   71.317060][ T5321] RSP: 002b:00007f6e0baa7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   71.317072][ T5321] RAX: ffffffffffffffda RBX: 00007f6e0ada5fa0 RCX: 00007f6e0ab8bc1f
[   71.317080][ T5321] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   71.317086][ T5321] RBP: 00007f6e0ac0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   71.317093][ T5321] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   71.317100][ T5321] R13: 0000000000000000 R14: 00007f6e0ada5fa0 R15: 00007fffd70c18f8
[   71.317110][ T5321]  </TASK>
[   71.444149][   T49] Bluetooth: hci0: command tx timeout