last executing test programs:

1m45.170006193s ago: executing program 3 (id=43):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r2, &(0x7f0000000180)='`', 0x1, 0x488c0, &(0x7f0000000100)={0x21, 0x0, r1, 0x1, 0x4, 0x6, @broadcast}, 0x14)
accept$netrom(0xffffffffffffffff, &(0x7f0000000080)={{0x3, @rose}, [@null, @bcast, @rose, @default, @netrom, @remote, @remote, @null]}, &(0x7f0000000000)=0x48)

1m45.090609285s ago: executing program 3 (id=44):
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) (async)
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x17}, 0x5}, 0x1c) (async)
sendmmsg$inet(r0, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000c800) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0) (async)
r2 = gettid()
r3 = getpid()
rt_tgsigqueueinfo(r3, r2, 0x5, &(0x7f0000000140)={0x0, 0x0, 0x6}) (async)
rt_sigtimedwait(&(0x7f0000000000)={[0xb2]}, &(0x7f0000000040), 0x0, 0x8) (async)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r5 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) (async)
listen(r5, 0x101) (async)
r6 = socket$inet_dccp(0x2, 0x6, 0x0) (async)
r7 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xa, 0x0, r8) (async)
setsockopt(r6, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) (async)
connect$inet(r6, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x10)
close_range(r4, 0xffffffffffffffff, 0x0) (async)
r9 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r9, &(0x7f0000000300)={&(0x7f0000001080)={0x2, 0x4e20, @remote}, 0x10, &(0x7f00000074c0)=[{&(0x7f00000001c0)="a3", 0x1}], 0x1}, 0x0)
recvmsg$kcm(r9, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x40000000)

1m45.088402775s ago: executing program 3 (id=45):
r0 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffb000/0x4000)=nil)
shmctl$IPC_RMID(r1, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0xc1485544, &(0x7f00000003c0)=0x2000)

1m45.086719141s ago: executing program 3 (id=46):
syz_clone(0x8b0a600, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f00000020c0)='./file1\x00', 0x28c)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
lsetxattr$trusted_overlay_nlink(&(0x7f0000000240)='./file1\x00', &(0x7f0000000200), 0x0, 0x0, 0x1)
llistxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000180)=""/74, 0x4a)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

1m44.990175369s ago: executing program 3 (id=47):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r0, &(0x7f0000000080)='3', 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a09040000000000000000020000000000010073f92bbfa2688c350c8e45eaf680e5797a31000000000900010073797a30000000000400020073797a3200000000140000001100"], 0x8c}, 0x1, 0x0, 0x0, 0x40094}, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f00000000c0)={0xbe, 0x0, 0x1})

1m42.82660237s ago: executing program 3 (id=70):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff010067656e65766500001400028005000a0000000000060005004e200000"], 0x44}}, 0x1004)

1m42.789160096s ago: executing program 32 (id=70):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff010067656e65766500001400028005000a0000000000060005004e200000"], 0x44}}, 0x1004)

1m38.340366997s ago: executing program 2 (id=112):
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1cf90103", @ANYRES16=0x0, @ANYBLOB="c89045b2a6c0b186f6eb1f00000008003617"], 0x1c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r1, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000015c0)={0x34, 0xd, 0x6, 0x3, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
gettid()
mprotect(&(0x7f0000d2a000/0xe000)=nil, 0xe000, 0x6)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})
r3 = socket(0x28, 0x2, 0x7)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000001c0)="3c75c2015e8724b5a4c586f2ae924b277f0443ec773eab27570e28988217c9b0", 0x20)
r6 = accept$alg(r5, 0x0, 0x0)
sendmsg$alg(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)="c3c6c0a2d26edc1a7a3a415836614200", 0x10}], 0x1, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmmsg(r6, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000002080)=[{&(0x7f0000000800)=""/103, 0x67}], 0x1}}], 0x1, 0x32041, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)
getsockopt(r3, 0x200000000114, 0x2711, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0x2a)

1m38.175929801s ago: executing program 2 (id=113):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'})
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
getpgrp(0x0)
gettid()
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f00000002c0)={0x2})
ioctl$UI_SET_PROPBIT(0xffffffffffffffff, 0x4004556e, 0xf)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
shutdown(r3, 0x1)
sendto$inet6(r3, 0x0, 0x0, 0x20000003, &(0x7f0000b63fe4)={0xa, 0x2, 0xf5}, 0x1c) (fail_nth: 3)

1m38.153621714s ago: executing program 2 (id=114):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="04"], 0x10)
close(r2)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xc}, {}, {0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'ip6erspan0\x00'}]}}]}, 0x48}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0xfffffffffffffcfb, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x20}}, 0x20008040)

1m38.061122253s ago: executing program 2 (id=115):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
r4 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000002540))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="20000000080000000007000900000000fffffff90000000900007fff00000007000000030000d06a"], 0x0, 0x600)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x1000)=nil, 0x930, 0x0, 0x11, r6, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x0, 0x12, r6, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x28011, r7, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000007f000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, 0x0}], 0x1, 0x10, &(0x7f00000004c0)=[@cr4={0x1, 0x14242f}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000002a80)="8506093cf7918f92660dfd9d617cdc925aadd426edd496eacb3e7e25fa8bfb5d31a7b6146c855a546f2bfd6b63c2e0b3e7ce52d3bb41f613e885f0e91605412d1afef724bc3690ba2ebc5d76911af1b00bb3fa481fbb52419b17703f7e38d02cd922efd1348ceb3a80c435d1ed84c61d0432338432e3fc757f8c66db532539b2009989bd9ed9ec14c37a2ce3cf90136f061eccbae6b5a6851f4cb3f974ec4dce5c5e2cd6b9fe872e85333d757176e7fea1f66061ea2053d97ea477c53fbd4dc9b07d38c595f71c1a49af408b4b1187cb5b5487279d063b465d417a9dcc506e6866bc79df5f02c63e1ca733cad395ffc7f074136f2748edfb8800421541f2e9dde40d68fb1b4b818512714fdd8594e2f4718287470384f6e153ccb6d986ad03b479597fe6293091dd1bf4973e69292ad5f65227ecba45f01e6a463ecd1d24c52d26e59e35bb04a27a81bbd31f3e377d976f433555a48dd8722b16109ee0ddc441f156a0ad0a20b289bf5b0648797e52ffd8dbe77e03297e21bfb0c191625c8eee6423f182831f2d67e5796e7f69450cc8d2e2fa4ece8e5463a115d99c6ac5bbf95330f3c90e466630d0d2b0e044570dec21fc8c6b8102fec6fcba485e909202faf95a7d36ae09d5b0d1f42863d6143e27cdd78a7c67dbb15ece1af59412867ca9d186ffe9de680e747740d72ea6dfa28411de13f42d112c30060330668f27feb9d222d485ff5b98c10415780526d26b9731c4ddd6291204ed8189cebf4d31f2ec61c9de41321f04452061e1bc28629770ef3b19676eea1bac63b9385a393f36ff7f359ae03567ee03c97e26b69e1509ec61123c28840211287add4a92162422039e787f2ce7331f3f8029b4721abc701eefc67d8e81a10b7dc83d8001d375dc84a68ef054035e7eed4cbd1c2553430f75bdb6f7acc3793215edd5638584aa7226c6c907b7845f488220ff8c6ab75b75c7ad4d7912846088024741112e181583e70f10cdc0f86c3d7e8b318c36e256af072c2ddfaf1aab7e553d37cf7b8810c63fc15794295653ef75d9fafec42525f582c89d41e59e85ed2ec12b394c1bf3adfee33db4ccf3b53fb2634378a2dd7625a0af3383bea6533516657cdbb8c2739b1b156a8973cd452d4d9cc21419d0d5fc4d41e9f07c476e6662869affae0c97cbfd2d691b78693428385496830cf03906267393a5c229236377040b9368a987f2edfaca0e57730588249ac9bbd027f918938626c083b0dd14730c36023a201e71e9786faca6be137e27725f7ce92afe4bd3d7ce7bab99f37ce9338b8b394a1970355b5becb2b165f3b3d0c0f5a1bd0242e16afc1fac445dd17399319e6c487c9d671e4efa843336ea475d4e898bad6b145cc2f68fd0ea768efd2e4cc2ee927145132a1daf62ce471363cfabb638c194d89922bba563b7abb6918ab297688ae01f49b3bb674f2c05b5be00710b7ea329e0cefb6fa936cff17b3b6daca20834e0701ffa2c6a32c77c03060a8ddfb1cc019b69f39fe6f04e7fa4fb689257279f4c7fced441d2cee456e2dea25ec9a58daf1bdcdc405d488a96642f3b85fd1333eff2d9494718a51ec1e4688d7d11ba3a141f23b2d8a0376a78f30aae688909011ae67a5c6567f2a2b52234d4eef22b9db78f602591d61a90d9c0e2e0aabab62961fdca0871aeb01288f745675a422a4e5305d248978470b5c38e6e911b530cc5df06e159ea2806df649c529c4ea3b829b89a8d2d9bdc7c253eb4b284de505d0089efbbebb34b922e6864dbba4b721632a2e602ca22ca72dc005d013932303be333bb9f6229732ac2ff2dd791171d4ec4ffa8cc972ccdebb0b407fdff12a024932710efdfc82fa1a30d6f066dfae3845fe4e79d4cd9db85de46d1403ed90968c293405cc187c83d443ef57ef666577c4d95cf476c15267153d184a409dcaae4993aaefe19910d51fec949c872b327db8a588fa10ccc06bff853d84ae46835d32ed630348e", 0x581)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000001d80)={0x0, 0x0, &(0x7f0000001d40)={&(0x7f0000000580)={0x3c, 0x0, 0x809, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}]}, 0x3c}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0xa8, 0x0, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@handle=@pci={{0x8}, {0x11}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0x46, 0xa8, @random="6bad1e3a51af06617d1e0b193ffd6abd0f1fbfae9eda1d91110f365d78ff80f31d8db655440cb1a5d297037bf83b17edda99509661bf4d28b66df7c6315bf3655eaf"}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4800}, 0x8040)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

1m37.869345341s ago: executing program 2 (id=118):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000580)=""/277, 0x115)
lseek(r0, 0x400, 0x1)
getdents64(r0, &(0x7f00000000c0)=""/162, 0xa2)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r0, &(0x7f0000000000)='./file0\x00')
mkdir(&(0x7f0000004440)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0)

1m37.448905213s ago: executing program 2 (id=123):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/44, 0x2c, 0x8, 0x4, 0x2, 0x2, 0x41}}, 0x120)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000200)={<r2=>r0, 0xa6, 0x101, 0xffffffffffffff49})
sendto$inet6(r2, &(0x7f0000000240)="d2bf2e474d5c07736b61067c92f41d89b47d5250d1976073f3461f74539478367bed4be73f637b5f189e3311c0a103fc29c7efea5eb4f0ee140699928f8c6f9e30d643bc1ad92a6eda48e673ca46b03ff3e41dd00a99b4b50a86a21a0e9b665bb1c1b04d3e5c63fccec70fc9d9942c90d1ff6966864aae23df9350243ce771a2d8e021a823eff7387973e494b409f82f51e467d30c6048b12eb896d4a895fd2626154256bec5359b7658603fa5c736a74e6743a63b9c42", 0xb7, 0x810, &(0x7f0000000300)={0xa, 0x4e20, 0x7, @mcast2, 0x8000}, 0x1c)
readv(r2, &(0x7f0000000440)=[{&(0x7f0000000340)=""/255, 0xff}], 0x1)
ioctl$CDROMRESUME(r2, 0x5302)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000480)={0x0, 0x38, "b40dbd18a1a60cba39b1b6c2ef9a8053389960e5169e66ab7bc9317bc14cb413656c44708945e5c609453fcc750ff702f30021061f0e1771"}, &(0x7f00000004c0)=0x40)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000500)={0x5, 0x0, 0x723, 0xe, 0xff})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000580)={'veth1\x00', &(0x7f0000000540)=@ethtool_eeprom={0xb, 0xfffffffa, 0x7fff, 0x3, "0d2393"}})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f00000005c0)=0x11, 0x4)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000600), 0x200000, 0x0)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000640)=@gcm_256={{0x304}, "692964e5f181a3ca", "b7e8adb91ee46a78688bc5b5b5880798e2817f8384ac5325abeb5b6b749e3f1c", "42c83b9b", "4ae56aaead17b040"}, 0x38)
setsockopt$MRT_FLUSH(r2, 0x0, 0xd4, &(0x7f0000000680)=0x1, 0x4)
r5 = signalfd(r3, &(0x7f00000006c0)={[0x9]}, 0x8)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000007c0)={'syztnl2\x00', &(0x7f0000000740)={'ip_vti0\x00', <r6=>0x0, 0x0, 0x10, 0x2, 0xbfc0, {{0x15, 0x4, 0x0, 0x4, 0x54, 0x65, 0x0, 0x7, 0x29, 0x0, @private=0xa010101, @private=0xa010101, {[@timestamp_prespec={0x44, 0x14, 0xff, 0x3, 0xa, [{@dev={0xac, 0x14, 0x14, 0x21}, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}]}, @timestamp_prespec={0x44, 0x2c, 0x30, 0x3, 0x4, [{@broadcast, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@multicast1, 0x5}, {@broadcast, 0x10000}, {@rand_addr=0x64010102, 0xaf5e}]}]}}}}})
sendmsg$nl_route(r5, &(0x7f00000008c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)=@ipv4_getaddr={0x4c, 0x16, 0x4, 0x70bd26, 0x25dfdbff, {0x2, 0x10, 0x80, 0xfd, r6}, [@IFA_FLAGS={0x8, 0x8, 0x2}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7fffffff}, @IFA_ADDRESS={0x8, 0x1, @multicast2}, @IFA_CACHEINFO={0x14, 0x6, {0xfffffff8, 0x0, 0x68, 0x1}}, @IFA_FLAGS={0x8, 0x8, 0x40}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000000}, 0x20000000)
r7 = syz_open_dev$vim2m(&(0x7f0000000900), 0x70, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000940)={0xd, 0x2, 0x1, "de5eca91c6df08c7f0c50c305988595955e32a35dd9259b3e82863d597745f14", 0x41414270})
fsetxattr(r5, &(0x7f0000000980)=@random={'os2.', '\x00'}, &(0x7f00000009c0)='{@+$.&),#}\'\x00', 0xc, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000cc0)={r1, 0xe0, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8, &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0x3e, &(0x7f0000000ac0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000b00), &(0x7f0000000b40), 0x8, 0xe9, 0x8, 0x8, &(0x7f0000000b80)}}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000d00)={r2, r6, 0x25, 0xa, @val=@tracing={r8, 0xd}}, 0x20)
syz_io_uring_setup(0x1724, &(0x7f0000000d40)={0x0, 0xd4e9, 0x20, 0x1, 0x3e5}, &(0x7f0000000dc0)=<r9=>0x0, &(0x7f0000000e00))
syz_io_uring_setup(0x4be, &(0x7f0000000e40)={0x0, 0x884b, 0x40, 0x0, 0x249, 0x0, r2}, &(0x7f0000000ec0), &(0x7f0000000f00)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000f80)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r2, 0x0, &(0x7f0000000f40)='./file0\x00', 0x42, 0x200000, 0x23456, {0x0, r11}})
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0xab7392fcac8c6099}, 0xc, &(0x7f0000001400)={&(0x7f0000001040)={0x3c0, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x48c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x317}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x454}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffeff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x69}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}]}, @TIPC_NLA_BEARER={0xd0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x14, 0x2, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x40}}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xde3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb026}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x43, @local}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x672, @mcast1, 0x2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_LINK={0x50, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffa}, @TIPC_NLA_PROP_MTU={0x8}]}]}, @TIPC_NLA_MEDIA={0x58, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8af3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa5e4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf944}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x488}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x476}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_LINK={0x108, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x837d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfea5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f22}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}]}, @TIPC_NLA_NODE={0x38, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_ID={0x4}]}, @TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "9c764c2437de719eaabc3a68cbc03793007e0f45"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x3c0}, 0x1, 0x0, 0x0, 0x4010}, 0x20000000)

1m37.420859502s ago: executing program 33 (id=123):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/44, 0x2c, 0x8, 0x4, 0x2, 0x2, 0x41}}, 0x120)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000200)={<r2=>r0, 0xa6, 0x101, 0xffffffffffffff49})
sendto$inet6(r2, &(0x7f0000000240)="d2bf2e474d5c07736b61067c92f41d89b47d5250d1976073f3461f74539478367bed4be73f637b5f189e3311c0a103fc29c7efea5eb4f0ee140699928f8c6f9e30d643bc1ad92a6eda48e673ca46b03ff3e41dd00a99b4b50a86a21a0e9b665bb1c1b04d3e5c63fccec70fc9d9942c90d1ff6966864aae23df9350243ce771a2d8e021a823eff7387973e494b409f82f51e467d30c6048b12eb896d4a895fd2626154256bec5359b7658603fa5c736a74e6743a63b9c42", 0xb7, 0x810, &(0x7f0000000300)={0xa, 0x4e20, 0x7, @mcast2, 0x8000}, 0x1c)
readv(r2, &(0x7f0000000440)=[{&(0x7f0000000340)=""/255, 0xff}], 0x1)
ioctl$CDROMRESUME(r2, 0x5302)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000480)={0x0, 0x38, "b40dbd18a1a60cba39b1b6c2ef9a8053389960e5169e66ab7bc9317bc14cb413656c44708945e5c609453fcc750ff702f30021061f0e1771"}, &(0x7f00000004c0)=0x40)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000500)={0x5, 0x0, 0x723, 0xe, 0xff})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000580)={'veth1\x00', &(0x7f0000000540)=@ethtool_eeprom={0xb, 0xfffffffa, 0x7fff, 0x3, "0d2393"}})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f00000005c0)=0x11, 0x4)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000600), 0x200000, 0x0)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000640)=@gcm_256={{0x304}, "692964e5f181a3ca", "b7e8adb91ee46a78688bc5b5b5880798e2817f8384ac5325abeb5b6b749e3f1c", "42c83b9b", "4ae56aaead17b040"}, 0x38)
setsockopt$MRT_FLUSH(r2, 0x0, 0xd4, &(0x7f0000000680)=0x1, 0x4)
r5 = signalfd(r3, &(0x7f00000006c0)={[0x9]}, 0x8)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000007c0)={'syztnl2\x00', &(0x7f0000000740)={'ip_vti0\x00', <r6=>0x0, 0x0, 0x10, 0x2, 0xbfc0, {{0x15, 0x4, 0x0, 0x4, 0x54, 0x65, 0x0, 0x7, 0x29, 0x0, @private=0xa010101, @private=0xa010101, {[@timestamp_prespec={0x44, 0x14, 0xff, 0x3, 0xa, [{@dev={0xac, 0x14, 0x14, 0x21}, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}]}, @timestamp_prespec={0x44, 0x2c, 0x30, 0x3, 0x4, [{@broadcast, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@multicast1, 0x5}, {@broadcast, 0x10000}, {@rand_addr=0x64010102, 0xaf5e}]}]}}}}})
sendmsg$nl_route(r5, &(0x7f00000008c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)=@ipv4_getaddr={0x4c, 0x16, 0x4, 0x70bd26, 0x25dfdbff, {0x2, 0x10, 0x80, 0xfd, r6}, [@IFA_FLAGS={0x8, 0x8, 0x2}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7fffffff}, @IFA_ADDRESS={0x8, 0x1, @multicast2}, @IFA_CACHEINFO={0x14, 0x6, {0xfffffff8, 0x0, 0x68, 0x1}}, @IFA_FLAGS={0x8, 0x8, 0x40}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000000}, 0x20000000)
r7 = syz_open_dev$vim2m(&(0x7f0000000900), 0x70, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000940)={0xd, 0x2, 0x1, "de5eca91c6df08c7f0c50c305988595955e32a35dd9259b3e82863d597745f14", 0x41414270})
fsetxattr(r5, &(0x7f0000000980)=@random={'os2.', '\x00'}, &(0x7f00000009c0)='{@+$.&),#}\'\x00', 0xc, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000cc0)={r1, 0xe0, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8, &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0x3e, &(0x7f0000000ac0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000b00), &(0x7f0000000b40), 0x8, 0xe9, 0x8, 0x8, &(0x7f0000000b80)}}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000d00)={r2, r6, 0x25, 0xa, @val=@tracing={r8, 0xd}}, 0x20)
syz_io_uring_setup(0x1724, &(0x7f0000000d40)={0x0, 0xd4e9, 0x20, 0x1, 0x3e5}, &(0x7f0000000dc0)=<r9=>0x0, &(0x7f0000000e00))
syz_io_uring_setup(0x4be, &(0x7f0000000e40)={0x0, 0x884b, 0x40, 0x0, 0x249, 0x0, r2}, &(0x7f0000000ec0), &(0x7f0000000f00)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000f80)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r2, 0x0, &(0x7f0000000f40)='./file0\x00', 0x42, 0x200000, 0x23456, {0x0, r11}})
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0xab7392fcac8c6099}, 0xc, &(0x7f0000001400)={&(0x7f0000001040)={0x3c0, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x48c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x317}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x454}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffeff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x69}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}]}, @TIPC_NLA_BEARER={0xd0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x14, 0x2, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x40}}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xde3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb026}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x43, @local}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x672, @mcast1, 0x2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_LINK={0x50, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffa}, @TIPC_NLA_PROP_MTU={0x8}]}]}, @TIPC_NLA_MEDIA={0x58, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8af3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa5e4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf944}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x488}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x476}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_LINK={0x108, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x837d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfea5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f22}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}]}, @TIPC_NLA_NODE={0x38, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_ID={0x4}]}, @TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "9c764c2437de719eaabc3a68cbc03793007e0f45"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x3c0}, 0x1, 0x0, 0x0, 0x4010}, 0x20000000)

55.469487271s ago: executing program 5 (id=602):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000040)={@remote, @empty, 0x1, "4ef7289910e0843a8f13f2fe244b73fb24e0fe49951c925bca907f6a609d8f49"}, 0x3c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000000))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r7, 0xc01864b0, &(0x7f0000000080)={0x0, 0x0, 0xb})
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r8, 0xae9a)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f00000002c0), 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="6c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000440012800b000100697036746e6c000034000280e7ff030001000000140003000000000000000000000000000000000014000200fe80000000000000000000000000000e08001f0068000000"], 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r9 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
ioctl$IMDELTIMER(r9, 0x80044941, &(0x7f00000002c0)=0x3)
ioctl$SG_SET_FORCE_PACK_ID(r3, 0x227b, &(0x7f0000000180))
ioctl$F2FS_IOC_RESIZE_FS(r8, 0x4008f510, &(0x7f0000000340)=0x8)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f00000000c0)={@hyper})

55.169369068s ago: executing program 5 (id=604):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket(0x10, 0x3, 0x0)
io_setup(0x8, &(0x7f0000000000)=<r2=>0x0)
r3 = eventfd2(0x0, 0x0)
io_submit(r2, 0x1de, &(0x7f00000002c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000400)="f7624a800e6dc300a7c8af1073f7f80565d85cb0e73f45f4f3d53666f000784332e6113ff3e3a0d49c7ea76f4a31561cf1828eae6bec281c2a70ddd7a233e68eba25eff429708fdad8cd4dc88934bf913ef2a79bd435292a074c9a8a298e27f22767d72c2d10aa827a7c6f0d6779605e2612dfc3dddcdd7a0e", 0x8}])
io_destroy(r2)
writev(r3, &(0x7f0000000480)=[{&(0x7f0000000340)="7e9adf65e9c6bafa", 0x8}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
tee(r1, r1, 0xb9, 0xa)
r4 = fsmount(0xffffffffffffffff, 0x0, 0x102)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$inet6(0xa, 0x3, 0x7)
close_range(r5, 0xffffffffffffffff, 0x0)
open_by_handle_at(r5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1c1900008200001ac1691a00000000000000a1f4ce917400"/33], 0x0)
msync(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3)
syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r4)
socket$packet(0x11, 0x3, 0x300)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
accept4$unix(r1, 0x0, &(0x7f0000000240), 0x80000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000002c0)='ext4_ext_convert_to_initialized_fastpath\x00', r7}, 0x10)
sendmmsg$inet(r6, &(0x7f0000002f80)=[{{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000300)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_ttl={{0x14, 0x0, 0x34}}], 0x18}}], 0x2, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

54.918940614s ago: executing program 5 (id=605):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0xdb}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f0000000280)}, 0x20)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/42, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000280)=""/59})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000005c0)={0x2, 0x0, [{0x104000, 0x8c, &(0x7f0000000480)=""/114}, {0x0, 0xa8, &(0x7f0000000500)=""/168}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x90)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
getpgid(0xffffffffffffffff)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16, @ANYRES32, @ANYBLOB="e201330080000000ffffffffffff0802110000000b605fcc36fc0000000000000000000064002000000004060000000000000602000005040000006825030000002a01003c04010008012d1a0000000000000000000000000000000000000000000000000000710700000000000000dd88", @ANYRESHEX], 0x200}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
fsetxattr$trusted_overlay_origin(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
sched_setscheduler(0x0, 0x0, 0x0)

54.129843696s ago: executing program 5 (id=606):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="620af8ff0c200021bfa13ed4af83dfefbdbf0000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc56f8bff7246b3013a69935304465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b22d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa09000000083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f46306000000442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff35405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e658795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e59581fb59d9c14a1919899e52c335e2bc5d90986733991b6e012396dd938daa468c9cf34e3101c5889005c31ab80f6a457333db07d035c29f27117541af654cb6a03d2b93c0ac1cec32e706ed42"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x0, 0xfffffffc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x2000, 0x3})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@ipv6_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x0, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x0, {0x0, 0x0, 0x10}}}}}, @RTA_OIF={0x8, 0x4, r5}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x44}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000002940)=ANY=[@ANYRESHEX=r5, @ANYRES64=r6, @ANYBLOB="0600000000000000000000000000000000000000abc422a9311061ac02bc7141b7b2020e10da9703c810d606a481db375a1a1e79303780ab249de81e5249ecad6207ec3ae350609b41f09281cc675f16293f52ae54ad7078361ef5", @ANYRESHEX=r3, @ANYRES64=r2, @ANYRES64=r3, @ANYRES32=r1, @ANYRES16=r5], 0x50)
ioctl$TUNGETDEVNETNS(r2, 0x40086602, 0x1000000000000000)
lseek(r2, 0x8, 0x1)
syz_open_dev$vim2m(&(0x7f0000000000), 0x8000000000000000, 0x2)

53.828184797s ago: executing program 5 (id=608):
openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-simd\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400ff7f10005bd300"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)={0x44, 0x0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x99e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}]]}, 0x44}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088a817008847", 0x33fe0}], 0x1}, 0x0)
r2 = accept$alg(r0, 0x0, 0x0)
r3 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x1000000000204)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000bc0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f8, 0x0, 0x4c, 0x1a, 0x0, 0x25, 0x228, 0x258, 0x258, 0x228, 0x258, 0x3, 0x0, {[{{@ipv6={@mcast2, @loopback, [], [], 'wg2\x00', 'macvlan1\x00'}, 0x0, 0x108, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@statistic={{0x38}, {0x0, 0x3b0}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'team_slave_1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000580)=""/277, 0x115)
lseek(r5, 0x400, 0x1)
getdents64(r5, &(0x7f00000000c0)=""/162, 0xa2)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$sock_buf(r6, 0x1, 0x1c, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, r3, 0x0)
madvise(&(0x7f0000600000/0x3000)=nil, 0x3000, 0xb)
syz_clone(0x62280100, &(0x7f0000000700)="984437729f8e9837b6f4cbaa406516626d44bf53c228f384b106858b4645b30a890783268342bffc286d080b59071bc040f07c3837d4db827160c77ae2107123f5524988ddf55ea6e4469ed0e2502472321d405f8c128a979cff478cdec2e0d90a88ecc387519be718aa490a80443f3693bef6962698620f32c56ab3b772f86588353f066824e01df4772dc10258b728d4833b24241cee07063b4c8138937e64b2a426c1629920c6d1a0f16dd2f783c14b623354721f10f475f1ca5ee2a0c3c9b395df9150d9e43942bd84cea205c1cf3199e92af4b8777faf0684929063fb3731a128e6d6c21d217fad839a379b1504e8be8542148001ecea8ea10a78efc291c03481c12b9f572d4b14979dcc739dae889e6897340711ce4ea84c3cc01f532d79fb2e92d7eb9d56c52b9916d1306bcf03f4ab1cf481c34452a5da77b3321682dbeadd7044f63ff0d16f73bbff6915d3a6371444b6f603a8b4099a5f1cd7809be44afdf864437691c5530fc4f0f9852df2dcd62787ffc4adda34b2db88b5fb9fbdf217ff0727d2e5161a5b2a7f5f271a36a3d637c9e10c8b8900f0521fc90f215a3d1d6fa1bb27ea67542922ef52d84380a4cd9019ca89c58a1acfb64b", 0x1bd, 0x0, 0x0, 0x0)

53.609723014s ago: executing program 5 (id=612):
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddfa)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x9)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

45.559944126s ago: executing program 4 (id=661):
unshare(0x2a000600)
r0 = syz_io_uring_setup(0x5c23, &(0x7f0000000240)={0x0, 0x0, 0x13290}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index})
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x22e881, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r3, &(0x7f0000000080)=[{&(0x7f0000000000)=""/88, 0x58}], 0xd, &(0x7f0000000140)=[{&(0x7f0000002280)=""/4096, 0x1000}], 0x1, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x1, 0x0, 0x1000000)

45.430476226s ago: executing program 4 (id=662):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) (async, rerun: 64)
creat(&(0x7f0000000040)='./bus\x00', 0x0) (rerun: 64)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00') (async)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

45.429480973s ago: executing program 4 (id=663):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c000000000000040000000000000900010073797a31000000001c0004800800f2400000000008000540080000000800084000000000"], 0x3c}}, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000040)=ANY=[], 0x0) (async)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) (async)
ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$pvfs2(&(0x7f00000001c0), &(0x7f0000000200)='./file1\x00', &(0x7f0000000280), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x2, 0x0}, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x1010, r3, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="62a82aee345fd487f498e794884ad2eddcae95f5cc9dbaf5f323c9c7d668443ac0c99266d2bf82b41b2a853dff952d0d265497132539c94b71389d21044b108aa251a96431eaca", 0x47}, {&(0x7f00000000c0)="2bf1a315589752e28ab9b9ae48406664fbd5a462d22d71c7d63bc55f5cddadab05dd3b134ded0f6ec5c004a8110a", 0x2e}, {&(0x7f0000000440)="97c1f67518fa08076e8fb8", 0xb}], 0x3}, 0x0) (async)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="62a82aee345fd487f498e794884ad2eddcae95f5cc9dbaf5f323c9c7d668443ac0c99266d2bf82b41b2a853dff952d0d265497132539c94b71389d21044b108aa251a96431eaca", 0x47}, {&(0x7f00000000c0)="2bf1a315589752e28ab9b9ae48406664fbd5a462d22d71c7d63bc55f5cddadab05dd3b134ded0f6ec5c004a8110a", 0x2e}, {&(0x7f0000000440)="97c1f67518fa08076e8fb8", 0xb}], 0x3}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="7800000039000900000f0f000000000001000000040000000c000180cafc080005470000080002"], 0x78}}, 0x0)

42.383001871s ago: executing program 4 (id=671):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x558, 0x368, 0xd0, 0x0, 0x1b0, 0x0, 0x488, 0x488, 0x488, 0x488, 0x488, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {}, 0x203}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [], [], '\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0, 0x48000000}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r1, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_async', 0x902, 0x40)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

42.319892204s ago: executing program 4 (id=672):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = syz_io_uring_setup(0x620, &(0x7f0000000300)={0x0, 0x0, 0x2}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_ACCEPT={0xd, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x528c0ed6c66125f3})
open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xb00)
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)={0x34, r1, 0x1, 0x0, 0x0, {0x1d}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

42.319439182s ago: executing program 4 (id=673):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x0)
syz_emit_ethernet(0x176, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaa48847000000000000000000000000603f599001340600fe8000000000000000000000000000aafe8000000000000000000000000000000000000000000000c204000000000000000c000000000000fc02000000000000000000000000000000000000000000000000ffff00000000fe800000000000000000000000000000fe80000000000000000000000000000000000000000000000000000000000000fc00"/190, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000907800006c3e4af6e95497a4e1f23137ae5d9ab0d6a6a3ff1ff52b15b109af0f93abe7bddfe72723968479f91c26bda6d7d589fb8cb68c4f8760051117d27ab8434eb2818254ab55825a80ba277e953c42c3e3a34d6f1998abd85935442e96e25dc77ffb0469578ffae16aa69caf18e96b08085370c0c242147969cf393604407755c55c4b539a2e36241dc73a3d65b8b2585660c1365e7ec6c7a536a08d21e53aa4e60cad0bd8eb60a00943"], 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f51b0001c0"])
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) (async)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) (async)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000008c0)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x2c, 0x16, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x0, 0xb00, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc}]}], {0x14, 0x10}}, 0xa0}}, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000800000003003c02ffffffef3501"], 0x7c8) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
llistxattr(&(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x0) (async)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90524fc600d00030004000100ff3582c137153e370248018010001700d1bd", 0x33fe0}], 0x1}, 0x0)

38.452978311s ago: executing program 34 (id=612):
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddfa)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x9)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

37.19755375s ago: executing program 1 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$inet6(0xa, 0x1, 0x6)
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x48)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x36, 0x1, 0x1, "0088f200000000000000000000000096c300", 0x32314d56})
fcntl$setstatus(r0, 0x4, 0x2000)
io_setup(0x202, &(0x7f0000000200)=<r2=>0x0)
r3 = socket(0x15, 0x5, 0x0)
bind$packet(r3, &(0x7f0000000100)={0x11, 0x18, 0x0, 0x1, 0x5, 0x6, @remote}, 0x14)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000680)=""/102400, &(0x7f0000000040)=0x19000)
sync()
r4 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x38}}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)="550801", 0x3, 0x0, 0x0, 0x0, r0}])

31.944873149s ago: executing program 1 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$inet6(0xa, 0x1, 0x6)
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x48)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x36, 0x1, 0x1, "0088f200000000000000000000000096c300", 0x32314d56})
fcntl$setstatus(r0, 0x4, 0x2000)
io_setup(0x202, &(0x7f0000000200)=<r2=>0x0)
r3 = socket(0x15, 0x5, 0x0)
bind$packet(r3, &(0x7f0000000100)={0x11, 0x18, 0x0, 0x1, 0x5, 0x6, @remote}, 0x14)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000680)=""/102400, &(0x7f0000000040)=0x19000)
sync()
r4 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x38}}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)="550801", 0x3, 0x0, 0x0, 0x0, r0}])

26.677931617s ago: executing program 35 (id=673):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x0)
syz_emit_ethernet(0x176, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaa48847000000000000000000000000603f599001340600fe8000000000000000000000000000aafe8000000000000000000000000000000000000000000000c204000000000000000c000000000000fc02000000000000000000000000000000000000000000000000ffff00000000fe800000000000000000000000000000fe80000000000000000000000000000000000000000000000000000000000000fc00"/190, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000907800006c3e4af6e95497a4e1f23137ae5d9ab0d6a6a3ff1ff52b15b109af0f93abe7bddfe72723968479f91c26bda6d7d589fb8cb68c4f8760051117d27ab8434eb2818254ab55825a80ba277e953c42c3e3a34d6f1998abd85935442e96e25dc77ffb0469578ffae16aa69caf18e96b08085370c0c242147969cf393604407755c55c4b539a2e36241dc73a3d65b8b2585660c1365e7ec6c7a536a08d21e53aa4e60cad0bd8eb60a00943"], 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f51b0001c0"])
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) (async)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) (async)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000008c0)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x2c, 0x16, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x0, 0xb00, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc}]}], {0x14, 0x10}}, 0xa0}}, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000800000003003c02ffffffef3501"], 0x7c8) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
llistxattr(&(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x0) (async)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90524fc600d00030004000100ff3582c137153e370248018010001700d1bd", 0x33fe0}], 0x1}, 0x0)

24.658270028s ago: executing program 1 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$inet6(0xa, 0x1, 0x6)
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x48)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x36, 0x1, 0x1, "0088f200000000000000000000000096c300", 0x32314d56})
fcntl$setstatus(r0, 0x4, 0x2000)
io_setup(0x202, &(0x7f0000000200)=<r2=>0x0)
r3 = socket(0x15, 0x5, 0x0)
bind$packet(r3, &(0x7f0000000100)={0x11, 0x18, 0x0, 0x1, 0x5, 0x6, @remote}, 0x14)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000680)=""/102400, &(0x7f0000000040)=0x19000)
sync()
r4 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x38}}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)="550801", 0x3, 0x0, 0x0, 0x0, r0}])

17.417816358s ago: executing program 1 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$inet6(0xa, 0x1, 0x6)
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x48)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x36, 0x1, 0x1, "0088f200000000000000000000000096c300", 0x32314d56})
fcntl$setstatus(r0, 0x4, 0x2000)
io_setup(0x202, &(0x7f0000000200)=<r2=>0x0)
r3 = socket(0x15, 0x5, 0x0)
bind$packet(r3, &(0x7f0000000100)={0x11, 0x18, 0x0, 0x1, 0x5, 0x6, @remote}, 0x14)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000680)=""/102400, &(0x7f0000000040)=0x19000)
sync()
r4 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x38}}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)="550801", 0x3, 0x0, 0x0, 0x0, r0}])

9.358063956s ago: executing program 1 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$inet6(0xa, 0x1, 0x6)
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x48)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x36, 0x1, 0x1, "0088f200000000000000000000000096c300", 0x32314d56})
fcntl$setstatus(r0, 0x4, 0x2000)
io_setup(0x202, &(0x7f0000000200)=<r2=>0x0)
r3 = socket(0x15, 0x5, 0x0)
bind$packet(r3, &(0x7f0000000100)={0x11, 0x18, 0x0, 0x1, 0x5, 0x6, @remote}, 0x14)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000680)=""/102400, &(0x7f0000000040)=0x19000)
sync()
r4 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x38}}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)="550801", 0x3, 0x0, 0x0, 0x0, r0}])

2.607576829s ago: executing program 1 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f0000000140)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$inet6(0xa, 0x1, 0x6)
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x48)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x36, 0x1, 0x1, "0088f200000000000000000000000096c300", 0x32314d56})
fcntl$setstatus(r0, 0x4, 0x2000)
io_setup(0x202, &(0x7f0000000200)=<r2=>0x0)
r3 = socket(0x15, 0x5, 0x0)
bind$packet(r3, &(0x7f0000000100)={0x11, 0x18, 0x0, 0x1, 0x5, 0x6, @remote}, 0x14)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000680)=""/102400, &(0x7f0000000040)=0x19000)
sync()
r4 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYRES32=r2], 0x38}}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)="550801", 0x3, 0x0, 0x0, 0x0, r0}])

1.640120789s ago: executing program 6 (id=948):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000040)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x6)

1.577612878s ago: executing program 6 (id=951):
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
setsockopt$RDS_GET_MR(r3, 0x114, 0x6, &(0x7f0000000440)={{0x0}, 0x0}, 0x20)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000300)=""/104, 0x68)
getdents(r4, 0x0, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000c80)={{{@in6=@mcast2, @in6=@dev={0xfe, 0x80, '\x00', 0x1e}, 0x0, 0x3d88, 0x0, 0x0, 0xa, 0x10, 0x40, 0x3b, 0x0, 0xee01}, {0x0, 0x4000003, 0x0, 0x0, 0x0, 0x0, 0x10001}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x32}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c)
r6 = accept4$llc(r4, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x800)
write$P9_RLERRORu(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000380), 0x421000, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@cache_none}, {@access_any}, {@msize={'msize', 0x3d, 0x10}}, {@version_9p2000}], [{@uid_eq={'uid', 0x3d, r8}}, {@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffffc}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@euid_lt={'euid<', r8}}, {@smackfshat={'smackfshat', 0x3d, 'access=any'}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@subj_type={'subj_type', 0x3d, '\x00'}}], 0x6b}})
syz_emit_ethernet(0xda, &(0x7f0000001600)={@local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x2a, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x0, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}, @cipso={0x86, 0x4c, 0x0, [{0x0, 0x7, "4b6cefc500"}, {0x0, 0xc, "df61168c24ac88ad078c"}, {0x0, 0xa, "2189ea43a2149b84"}, {0x0, 0x12, "ffd11634eea26b0faffa0dea2e903528"}, {0x0, 0x9, "02a20948fd7406"}, {0x0, 0xe, "ccf0294e2a3bdb4aa40b249e"}]}, @timestamp={0x44, 0x8, 0x0, 0x0, 0x0, [0x0]}]}}, "a815a23da43974ff"}}}}}, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r10 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r12 = accept4(r11, 0x0, 0x0, 0x0)
sendmsg$unix(r12, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="e077494ceddc98fd3a7c67ab1ab412e5fd48209c95ad2dcf9dd820ef62bacac905d3a926ebfb27d2b3fe293842b37c59ac7bc7d5cadc6ad79f0a0e86f1a39eb725584ab91372c08fd3b56eded2", 0x4d}, {&(0x7f00000000c0)="3bf764bac88298e99ad46d79a52f48786c69c5689656c8a6e9af002e752498602595d2cee9ea5847ec4260acd66b9efd9880282d97f1d23b959fa5db77af419517d0a46cf85d6c706392a8dc33fbf61af711ea19a9820aa5d12123bf3460a846eb9f6d5f9720dcd27cd54399c0c7a24af2e63f", 0x73}], 0x2}, 0x0)
sendfile(r10, r9, 0x0, 0x100800001)

1.577461598s ago: executing program 0 (id=952):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1a00fe00000000bfa10000000a000007010000f8ff6fffb702000008000000b70300000000000085000000c700000095"], &(0x7f0000000040)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.518839837s ago: executing program 6 (id=954):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1000d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x880)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000440)=0x1c, 0x800)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0)
pwritev2(r3, &(0x7f00000008c0)=[{&(0x7f0000000240)="e7", 0x1}], 0x1, 0x0, 0x0, 0x20)
setsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f0000000480)=@dstopts={0x4, 0x3, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x81}, @ra={0x5, 0x2, 0x1}, @enc_lim={0x4, 0x1, 0x3}, @enc_lim={0x4, 0x1, 0x16}, @jumbo={0xc2, 0x4, 0x10000}]}, 0x28)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='macvlan1\x00', 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
mq_open(&(0x7f0000000140)='{\x00', 0xc2, 0x10, &(0x7f0000000180)={0x3, 0xe45, 0x2, 0x4})
fstat(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
write$P9_RGETATTR(r0, &(0x7f00000001c0)={0xa0, 0x19, 0x1, {0x80, {0x8, 0x0, 0x2}, 0x9, 0xffffffffffffffff, r4, 0xfff, 0x1, 0x3, 0x3, 0xffffffffffff0000, 0x8000000000000001, 0xbf65, 0x2, 0x3, 0x80000001, 0xc, 0x2, 0x4482, 0xffffffffffffffff, 0x2}}, 0xa0)
r5 = syz_open_dev$vbi(&(0x7f0000000300), 0x0, 0x2)
ioctl$VIDIOC_OVERLAY(r5, 0x4004560e, &(0x7f0000000340)=0x6)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r6, 0x8b2a, &(0x7f0000000040))
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$IP_VS_SO_SET_DELDEST(r7, 0x0, 0x488, &(0x7f0000000280)={{0x2c, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x4, 'nq\x00', 0x12, 0xffffff01, 0x65}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x4e21, 0x2000, 0x0, 0x7ff, 0x7f}}, 0x44)

1.51851167s ago: executing program 7 (id=955):
socket$alg(0x26, 0x5, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.518298615s ago: executing program 0 (id=956):
r0 = syz_open_dev$vim2m(&(0x7f00000006c0), 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x33, 0x3, 0x1, "bc3e098e0000f4ba89591da86b97000000002b00030400", 0x32525942})

1.517877774s ago: executing program 0 (id=957):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x20000000, 0x20000000, 0x3, 0x7, 0x0, 0x40}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538) (async)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x10) (async, rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000010850024ca83d70361c3e8000022000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010700000000000000000008000000b70300000000000085000000720000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000023c0)={'veth1_to_batadv\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002400)={0x30, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_FEATURES_WANTED={0x10, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}]}]}, 0x30}}, 0x0) (async)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x0, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) (async)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=<r8=>0x0) (async)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r8], 0x1c}}, 0x0) (async)
write$nci(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="61050616050156f8b10d855d0cd6ae668a570b2657b8ca"], 0x17) (async)
r11 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
r12 = memfd_create(&(0x7f0000000300)='-B\xd5N\b\x84\xa2m\x00\v\x18\xfb\x91hMy\xdb\xd1\xa7\xb1S\xf1:)\x00\xda\xf2\xb6\x16\xad\xed\x84\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9c:\x10d\xee\xa9\xcb\x06k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\xcc\x86\xfe2E-\x16 \xc8\x95\xc1\xe0aM\x9b\x9f\xf5\xab~\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\xfb\xbc\xea\xe7\x99\xdcrE\xba\xb2\xf4\xd0\x9b\xdaH\x8d\xb6\x01\xc8\xb6\xbd', 0x4) (async)
r13 = dup(r11)
copy_file_range(r12, 0x0, r13, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0) (async)
r14 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000340), 0x101, 0x0)
pwritev(r15, &(0x7f0000001300)=[{&(0x7f0000001040)='4', 0x1}], 0x1, 0x0, 0x0) (async)
ioctl$KVM_CAP_DISABLE_QUIRKS(r14, 0x4068aea3, &(0x7f00000001c0)={0x74, 0x0, 0x12}) (async)
r16 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netstat\x00')
pread64(r16, &(0x7f0000004180)=""/4096, 0x1000, 0x18)

1.449060201s ago: executing program 0 (id=958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async)
r2 = socket(0x1000000000000010, 0x80802, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36b26fb0b71d0e6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a4def23d410f6296b32a334388107200759cda9036b4e369a9e152ddcc7f05a5f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967deabe802f5ab3e89bd6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837074e098ee207d2f73902fbcfcf49822775985bf32d715f5888b24efa000000000000ffffffdf000000000000000000000089a7b9b00000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9deab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cf796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f91a31cf41ab11f12fb1e0a494034127de7c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5dff5adbdee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d337c56abf1128744bab6677fcb78e313841ec309baed0495f06d058a75fa4c81e5c9f42d9383e41d277b10392a912ffaf6f658f3fadd16286744f839c3f128f8f92d0992239eafce5c1b3f97a297c9e49a0c3510ef74080e6d1e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b6e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda154910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bc6cf8809c3a0d46ff7f008000000000ad1e1f493354b2822b98371d000000167d78e65b90eba0768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4c51b3fa00675cd1b66c5fd9c26a54d43fa050645bd9109b7e7131421c0f39113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a84a4e3344b155cc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f931ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e53d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a702a86c814459f3cdaaf99000000000000000000bfb32c826563c518d0ad23bc83ba3f3757210a057eff7615c868bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd23ab5268f1b3d08ebb8ce498cbaaf5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4acff8f6abe7dbad64dfa44966945d93c33b038ce0d890f851811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783058e56c70afe8016b3dd9dc7785b36e609f173cc6b893ecd138289709839747837d6a6283b3452c57a5d44cacd363589845637071320921d22c1663964eddec902fc7cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c898b7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9adfe6dca9c42c4d719347f39ef006c2df747ee6adb7cd04faf05c36de72354c64ebaf28a3de18607ebc4b70f50f71dae565749568a23319232dc213342fb472e98c9a412199ce7976bee5eaf40e60cb3fbe8b92dae5008e92d17d05ce74ffffe74ae71d5b8bd43a4e0bf0390335aa489689f5e3a4ac5adca96caab658b43cd499d95d3876c220d147ad1d0e626621d88f1370982f663793cac52ea0d14e595ff1f56427a0a813bb3b84d31d021eeea8faeff25bb66f5940d08a5509a66fc43962bcb2f7415bc38e355e80ec935aa6fe2d74bd475d89449fb46320fee40faff2fd005549fe6a042bd95decfde5e166971935f4cfd9c9e5bfd2d803644f4e5b7e6dc1a7a35df7134e2fad79269bf24bea4eb0213068e3054d9e4a8d1a9eb032cb390e2016d0ce10549728cb4732dc5adab16fa19ac70780b29e079be27c95d3dd2bd91a584c46d84d430fc6ea31ce0ba62fa27be9f6bc435203da7c3a5d68bf4dd4f81cbfaa1c87a15b9272853c9837db930952dca667194b71815a9eb49b495360dcdf31e0e560857d0541a916d6b5469ac1b36babc5a91e1d58925f20d9d5f8a0da3c30711b0d101cabceffbe072be69613ea0003c6e9bb5cd2413c8ddc17cfa319cf7aaeed0ffb07a08f8fb439f709dfe0732fe42192819870bdd87d5f612ade03540a28be446095269d9ea5a60bba1f2462f9921f2a731dbcf1d03964ea1e4f79514914d37877f57617b60fa2b58aa694fcb023024653c4b73efb12a57ffc6f8943262b77be933051e12bd4d768a422ea652d45b04a9c43b5c97fc3edea7002d51a0a74889334ee"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x29, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_KEY(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x24, r5, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008800}, 0x40000)
ioperm(0x0, 0x8, 0x400000000000008) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
ioctl$CDROM_LAST_WRITTEN(0xffffffffffffffff, 0x5395, &(0x7f00000001c0))
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r7=>r0, {0xd}}, './file0\x00'})
mount(&(0x7f0000000080)=@md0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='smb3\x00', 0x208001, 0x0) (async)
ioctl$SG_SET_RESERVED_SIZE(r7, 0x2275, &(0x7f0000000180)=0x3)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000000)=r3, 0x4) (async)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x18, 0x68, 0x5fb9a818fb7378e9}, 0x18}}, 0x40) (async)
r8 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x507983, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r8, 0xc02c5638, &(0x7f0000000100)={0x8, 0x4, 0x8000008}) (async)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r8, 0x6, 0x1d, &(0x7f0000000300)={0x5, 0x10001, 0x5, 0x200000, 0x10001}, 0x14) (async)
write$tun(r8, &(0x7f00000006c0)={@val={0x0, 0x9}, @void, @arp=@ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x3, @link_local, @ipv4={'\x00', '\xff\xff', @local}, @empty, @dev={0xfe, 0x80, '\x00', 0x21}}}, 0x38)

1.448842905s ago: executing program 0 (id=959):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x800001, &(0x7f0000000100)=ANY=[@ANYRES8=0x0, @ANYRES16])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000005380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9a7e5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c64e2645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fa421a39943513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b70fa8eae6fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x7, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x80000000000, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, r1, r2, 0x0, 0x80000}}}, 0x0, 0x0, 0x0, 0x0})
symlink(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1b, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10010, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = open(0x0, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
unshare(0x8000400)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
poll(&(0x7f0000000200), 0x0, 0x1)
finit_module(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES64=r5, @ANYBLOB="1e636fd0a19f1beb79685ba0e8f66a5fcbf50fd2d46e061c1db42518952e5a20", @ANYBLOB, @ANYBLOB="c3ee39a864b6c772dd754ca77fbc86e8b7a5e7ed703f06f09e6a5505c1f63b79153f5c1fa677425f8becfc8b7c829ddf47fcd2c756d653873059a0eb2d126767ed86b69b6e8708afbf730555a7886ab1aaa21fea9305ed4966764397feacff72c35492153b8b73a972e6160286dba3b92dcf952c983bb9a9221048f5454e2e871f54b34220e94f559022582e3d5e68eec1d5e9cbb9f3307443a147d393e84e99f4cc2524cfa13540bbeaec32fde056caf6c7b032b3794e0957", @ANYBLOB='\x00'/16, @ANYRES64=r2], 0x48)
signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r7 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r7, 0x4161, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x189841, 0x0)

1.379341336s ago: executing program 7 (id=960):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000040)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32=r0], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x6)

1.378944714s ago: executing program 7 (id=961):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r0, 0x5, 0x0, 0x0, @void, @value}, 0x10)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000040), &(0x7f0000000180)=r0}, 0x20)
clock_adjtime(0x7, &(0x7f0000000200)={0x6, 0x6, 0x3101, 0xffffffffffff5f20, 0x6, 0x10, 0x10000, 0xf83, 0x8000000000, 0x8, 0x6, 0xffffffffffffffe0, 0x5, 0x14, 0xfffffffffffffffe, 0x3, 0x3, 0x7f, 0x2, 0x46, 0x5, 0x966, 0x7, 0x5, 0x3, 0x10001})
r2 = syz_open_dev$usbmon(&(0x7f0000000480), 0x0, 0x54001)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000600)={&(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000540)=""/137, 0x89})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
openat$uinput(0xffffffffffffff9c, &(0x7f00000003c0), 0x802, 0x0)
sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r5, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)
r6 = syz_open_dev$video(&(0x7f00000000c0), 0x7, 0x80040)
ioctl$VIDIOC_CROPCAP(r6, 0xc02c563a, &(0x7f0000000800)={0x9, {}, {0x0, 0x0, 0x2}, {0xfffffffc}})
sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="02000000", @ANYRES16=r5, @ANYBLOB="080029bd7000ffdbdf2502000000100004000200000004000000000000000500060000000000080002000002000004000400050006000a00000008000300000400000500050002000000"], 0x50}}, 0x40)

649.605041ms ago: executing program 6 (id=962):
r0 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x40502)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={<r1=>0x0, 0x1})
close(0x3)
r2 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r2, 0xc00864bf, &(0x7f0000000140))
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc03064ca, &(0x7f00000000c0)={&(0x7f0000000040)=[r1, r1], 0x0, 0xa00000000000, 0x2, 0x6})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r0, 0xc01864cd, &(0x7f0000000280)={&(0x7f0000000140)=[r1], 0x0, 0x1})
lsm_list_modules(&(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000000)=0x7b, 0x0)

579.120332ms ago: executing program 0 (id=963):
r0 = inotify_init()
readv(r0, &(0x7f0000000440)=[{&(0x7f0000000280)=""/174, 0xae}], 0x1)
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
creat(&(0x7f0000000040)='./file0/file0\x00', 0x24)

577.16466ms ago: executing program 6 (id=964):
r0 = socket(0x23, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0xb, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r3, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x10000, 0x0, 0x0, 0x0, 0x8001], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000008c0)=ANY=[@ANYBLOB="1c0000f5000000000000000000e1ff00000002"], 0x73)

409.608245ms ago: executing program 7 (id=965):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, <r1=>0x0}, &(0x7f00000002c0)=0xc)
lchown(&(0x7f0000000000)='./file0\x00', 0xee00, r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000f00)=ANY=[@ANYBLOB="8500000008000000350000000000000085000000050000009500000000000000fed023000000c71adb30be7d75fa1f32f08a23ce3220b0cc9505d72768b8242dd90d17e4c52505756ca2b009546a0900000000000000d3df2bd87184446d165ae3939bbca322a415a98c8801000000000000800859362ed862b3c47f82000000adfd2f16af3a00000000000000000000009a317aa34f0c50f99eedac26048ab915e1be5aa845be00de14683ee4e859d65564a9c79d20e5a011e966388cd0bb39f45d6c508b8a0f7f2d48be0e2a8137c6741775428abf2ddfd2a473f5b271701e22f8cb42198906e1107fa780c435083cac323838727afbfb995f99b82df3b363a9cf6ba87fdfbf5a3dd0dde49b4193520e5e946687634c04000000000000bfbcd911eba0dee5e5ce6434f86fe82ee02f0e8e3173a97d85e232e584ace13387693614f3a74dc418e58f3e98933b2c93fae25ec2dd190231e2531e1ffeff33676a4383a918cba3ad8318ea29f164563a42cdb596f255a251add2d2ae2fac0a0e7421e4bf07fc884be5721bdffe58c6a4b57014ce976ce8b9cddfa50175c53253d7659f0e88913d4fa7f309eb40337fada4363c0698510730725e23bdad60ceaeecfeeccc397565f204b82d000000007a1b4abeadf350c21027d314237a9d448b82827ff3f29cc9b46c8fcfbb30d1fc38311f0918707c252b596cdbf4e77836adc1f59f9d1280333d135fdcdcee8eb817388666e02ff1b148b6bc3c283e71c0ad9c683c6bb6fea2d2d54af3ad488f0cc2e54a70c19ceac518adbe917652c34019d7478c716ab23d4a863b4dcd08d89f6cec674e9fd379d71e06357d207984e885ace8a0dbaffef403aff01d5f2f0e644b61cd8bd72a59f2d7cf67815aeb8761412d68c40dbed08b7eeda96b3856a519a71b83c19b2e8f88d92b66abec165663819a87e7cd8c082cb011051789c283eecfe08f0799f6c7023353b6d3af7177d6b5420b1784b53238b39c0db1da864e593d45fd297e4d34e749bc737e0bcf36fd955a40124c00d40c3f21d26e6e276152412b4ef3f52dc416bb2d7463a93ee6c0b20c5749a44677a3c3a7aa9a47c7cd7bb52fbb2c8d63166f4ad1038f33258736b2224a66726f1fd4dce0eb6043a55fbdd341baba95cc5838a860068e0f3e73d992403455b03b25bd5414628d7325a6b25986666b3368210686dab3a6be8b8d4bd9347c83cb693aebab072fe479705b0c6c9bb9728d131f8320b966898de1a16407692b57b6f7333eac0d2ed0a7a4457d9c70089fcf9aa553929a65777f3bbf6d0bdc6a11371a138c6d4b0fefc655716e4486f5c7a88e80b2fb0efb579333bef98ded75abfb982b1fb92f003a6aefb8bf25eacb848d8ed1c1162d000000000000000000000000e87dffd60f123527781805434d210bb72ac2c097c45b27dde4980bc85b43614d266a9d403c320f80646c7df8bdd1cf3800"/1071], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/148, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff79, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x16)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0x83, 0x0, &(0x7f0000000e40)="04d31fcd275bfc58188e699fa7c9aa904991771e83b702f3717cf38ed0e92e83ae490758991fa1174a75fa8c45db732026d3de611ffbd09b683e2f08812d695dd9b87f08711c02bb5d2cbac05022bee8aee5339fb6eba21e534e43b9960f470bf9c075368c6a7ee0b6ef641feb6967490ae07547819adcf47330679551ae2bd7009b31", 0x0, 0x947, 0x0, 0x1b, 0x4b, &(0x7f0000000000), &(0x7f0000000e00)="2fda8e7aa8d9cecae13bcbb35230d1cf1f1b23e33fcbd1aa1bea454b04650cecef80daa9a0a349a8e46d661af6e7ee8cdb5e97e738fe54"}, 0x50)
r3 = creat(&(0x7f0000000240)='./file0\x00', 0x150)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000040)={0x5000, 0x0, 0x1})

259.597293ms ago: executing program 7 (id=966):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1a00fe00000000bfa100007b0a000007010000f8ff6fffb702000008000000b70300000000000085000000c700000095"], &(0x7f0000000040)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

259.236398ms ago: executing program 7 (id=967):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x1000000, &(0x7f0000000600)={[{@mode={'mode', 0x3d, 0x10000}}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0x100801700)
syz_open_dev$video(&(0x7f0000000000), 0x7fff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet6(0xa, 0x4, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r6, 0x40044160, 0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000080)=[{0x9, 0xd, 0x0, 0x7fffffff}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r7, r7, 0x0, 0x40008)
r8 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e60, 0x0, @loopback}, 0x1a)
listen(r8, 0xa)
r9 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

0s ago: executing program 6 (id=968):
socket$alg(0x26, 0x5, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

over after parsing attributes in process `syz.5.513'.
[   82.944731][ T7971] netlink: 24 bytes leftover after parsing attributes in process `syz.5.513'.
[   83.686159][ T8016] openvswitch: netlink: nsh attr 11881 is out of range max 3
[   83.695007][ T8016] openvswitch: netlink: nsh attr 11881 is out of range max 3
[   83.764534][ T8022] Mount JFS Failure: -22
[   83.765991][ T8022] jfs_mount failed w/return code = -22
[   84.417402][ T8053] netlink: 24 bytes leftover after parsing attributes in process `syz.1.536'.
[   84.776362][ T8076] mmap: syz.1.543 (8076) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   84.896480][    T9] IPVS: starting estimator thread 0...
[   84.979596][ T8081] IPVS: using max 35 ests per chain, 84000 per kthread
[   85.176213][ T8094] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   85.179947][ T8093] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   85.188841][ T8093] kvm: pic: level sensitive irq not supported
[   85.189284][ T8093] picdev_read: 7 callbacks suppressed
[   85.189293][ T8093] kvm: pic: non byte read
[   85.387383][ T8100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.548'.
[   85.452741][ T8103] sctp: [Deprecated]: syz.4.549 (pid 8103) Use of struct sctp_assoc_value in delayed_ack socket option.
[   85.452741][ T8103] Use struct sctp_sack_info instead
[   85.661181][ T8110] tmpfs: Unknown parameter 'usrquota€'
[   85.718949][ T8114] netlink: 64 bytes leftover after parsing attributes in process `syz.1.553'.
[   85.773678][ T8116] netlink: 'syz.5.552': attribute type 1 has an invalid length.
[   85.776531][ T8116] netlink: 9116 bytes leftover after parsing attributes in process `syz.5.552'.
[   85.780567][ T8116] netlink: 'syz.5.552': attribute type 2 has an invalid length.
[   85.783239][ T8116] netlink: 141 bytes leftover after parsing attributes in process `syz.5.552'.
[   85.787621][ T8116] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.552'.
[   85.824219][ T8123] sp0: Synchronizing with TNC
[   86.672403][ T8149] /dev/nullb0: Can't open blockdev
[   86.674311][ T8149] /dev/nullb0: Can't open blockdev
[   86.676903][ T8149] /dev/nullb0: Can't open blockdev
[   86.678504][ T8149] /dev/nullb0: Can't open blockdev
[   86.681090][ T8149] /dev/nullb0: Can't open blockdev
[   86.682743][ T8149] /dev/nullb0: Can't open blockdev
[   86.684330][ T8149] /dev/nullb0: Can't open blockdev
[   86.685926][ T8149] /dev/nullb0: Can't open blockdev
[   86.687512][ T8149] /dev/nullb0: Can't open blockdev
[   86.689116][ T8149] /dev/nullb0: Can't open blockdev
[   86.691272][ T8149] /dev/nullb0: Can't open blockdev
[   86.692869][ T8149] /dev/nullb0: Can't open blockdev
[   86.694445][ T8149] /dev/nullb0: Can't open blockdev
[   86.696194][ T8149] /dev/nullb0: Can't open blockdev
[   86.698101][ T8149] /dev/nullb0: Can't open blockdev
[   86.701610][ T8149] /dev/nullb0: Can't open blockdev
[   86.703266][ T8149] /dev/nullb0: Can't open blockdev
[   86.704871][ T8149] /dev/nullb0: Can't open blockdev
[   86.710268][ T8149] /dev/nullb0: Can't open blockdev
[   86.711961][ T8149] /dev/nullb0: Can't open blockdev
[   86.713493][ T8149] /dev/nullb0: Can't open blockdev
[   86.715559][ T8149] /dev/nullb0: Can't open blockdev
[   86.717204][ T8149] /dev/nullb0: Can't open blockdev
[   86.744114][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.746241][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.748616][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.751935][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.753670][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.755471][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.762448][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.764331][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.766302][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.769430][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.771494][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.773248][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.775806][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.777906][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.779877][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.782118][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.783448][ T8158] dlm: no locking on control device
[   86.784148][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.788034][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.791134][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.792898][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.794869][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.797763][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.800391][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.802068][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.804334][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.806244][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.807894][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.810501][ T8149] exFAT-fs (nullb0): invalid boot record signature
[   86.812247][ T8149] exFAT-fs (nullb0): failed to read boot sector
[   86.813913][ T8149] exFAT-fs (nullb0): failed to recognize exfat type
[   86.839738][ T8160] Cannot find add_set index 0 as target
[   87.049549][   T64] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   87.211958][   T64] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   87.214261][   T64] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   87.216814][   T64] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   87.219122][   T64] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.223368][   T64] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   87.226130][   T64] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   87.228761][   T64] usb 6-1: Product: syz
[   87.229959][   T64] usb 6-1: Manufacturer: syz
[   87.235844][   T64] cdc_wdm 6-1:1.0: skipping garbage
[   87.237244][   T64] cdc_wdm 6-1:1.0: skipping garbage
[   87.241928][   T64] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   87.243512][   T64] cdc_wdm 6-1:1.0: Unknown control protocol
[   87.441799][   T64] usb 6-1: USB disconnect, device number 9
[   87.757141][   T39] kauditd_printk_skb: 46845 callbacks suppressed
[   87.757153][   T39] audit: type=1400 audit(1730182933.805:47461): avc:  denied  { nlmsg_write } for  pid=8192 comm="syz.0.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   87.816253][   T39] audit: type=1400 audit(1730182933.865:47462): avc:  denied  { execute } for  pid=8192 comm="syz.0.572" path="/dev/adsp1" dev="devtmpfs" ino=1319 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[   88.517640][   T39] audit: type=1400 audit(1730182934.565:47463): avc:  denied  { read } for  pid=8234 comm="syz.4.583" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   88.529617][   T39] audit: type=1400 audit(1730182934.565:47464): avc:  denied  { open } for  pid=8234 comm="syz.4.583" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   88.536592][   T39] audit: type=1400 audit(1730182934.565:47465): avc:  denied  { ioctl } for  pid=8234 comm="syz.4.583" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.312413][ T8249] xt_nat: multiple ranges no longer supported
[   89.324061][ T8240] __nla_validate_parse: 2 callbacks suppressed
[   89.324073][ T8240] netlink: 1 bytes leftover after parsing attributes in process `syz.0.585'.
[   89.361541][  T100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   89.364924][  T100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.399089][   T39] audit: type=1400 audit(1730182935.445:47466): avc:  denied  { execute } for  pid=8255 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   89.406315][   T39] audit: type=1400 audit(1730182935.465:47467): avc:  denied  { execute_no_trans } for  pid=8255 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   89.452637][  T100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   89.455425][  T100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.515913][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.532406][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.537691][ T5953] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.540965][  T100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   89.544155][  T100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.544191][ T5953] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.550710][ T5953] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   89.552817][ T5953] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   89.558694][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.562202][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.564441][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.567666][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.573014][ T5947] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   89.575647][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   89.611686][  T100] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   89.615358][  T100] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.672235][ T8256] chnl_net:caif_netlink_parms(): no params data found
[   89.737504][  T100] bridge_slave_1: left allmulticast mode
[   89.738982][  T100] bridge_slave_1: left promiscuous mode
[   89.741934][  T100] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.748314][  T100] bridge_slave_0: left allmulticast mode
[   89.750099][  T100] bridge_slave_0: left promiscuous mode
[   89.751887][  T100] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.042965][  T100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   90.047585][  T100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   90.052382][  T100] bond0 (unregistering): Released all slaves
[   90.084608][ T8272] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.593'.
[   90.188483][ T8279] fuse: Bad value for 'fd'
[   90.211325][ T8256] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.214313][ T8256] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.216418][ T8256] bridge_slave_0: entered allmulticast mode
[   90.218457][ T8256] bridge_slave_0: entered promiscuous mode
[   90.227575][ T8279] ipvlan2: entered promiscuous mode
[   90.248258][ T8256] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.253358][ T8256] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.255682][ T8256] bridge_slave_1: entered allmulticast mode
[   90.258171][ T8256] bridge_slave_1: entered promiscuous mode
[   90.279343][ T8256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.297818][ T8256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.414166][ T8256] team0: Port device team_slave_0 added
[   90.417199][ T8256] team0: Port device team_slave_1 added
[   90.502624][ T8256] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.504450][ T8256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.513664][ T8256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.518269][ T8256] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.520626][ T8256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.527570][ T8256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.555563][ T8321] netlink: 'syz.4.603': attribute type 2 has an invalid length.
[   90.563495][ T8321] netlink: 'syz.4.603': attribute type 2 has an invalid length.
[   90.572213][ T8256] hsr_slave_0: entered promiscuous mode
[   90.577212][ T8256] hsr_slave_1: entered promiscuous mode
[   90.579255][ T8256] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.582463][ T8256] Cannot create hsr debugfs directory
[   90.585555][ T8321] netlink: 'syz.4.603': attribute type 2 has an invalid length.
[   90.609877][ T8317] netlink: 48 bytes leftover after parsing attributes in process `syz.5.602'.
[   90.613034][ T8321] netlink: 'syz.4.603': attribute type 2 has an invalid length.
[   90.617461][ T8321] netlink: 'syz.4.603': attribute type 2 has an invalid length.
[   90.626124][  T100] hsr_slave_0: left promiscuous mode
[   90.628092][  T100] hsr_slave_1: left promiscuous mode
[   90.630242][  T100] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.632254][  T100] batman_adv: batadv0: Removing interface: batadv_slave_0
[   90.636399][  T100] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.638357][  T100] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.662318][  T100] veth1_macvtap: left promiscuous mode
[   90.663829][  T100] veth0_macvtap: left promiscuous mode
[   90.665336][  T100] veth1_vlan: left promiscuous mode
[   90.666725][  T100] veth0_vlan: left promiscuous mode
[   90.910628][ T8324] No control pipe specified
[   90.916580][   T39] audit: type=1400 audit(1730182936.965:47468): avc:  denied  { accept } for  pid=8323 comm="syz.5.604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   91.387925][  T100] team0 (unregistering): Port device team_slave_1 removed
[   91.466455][  T100] team0 (unregistering): Port device team_slave_0 removed
[   91.619665][ T5947] Bluetooth: hci3: command tx timeout
[   91.864416][   T39] audit: type=1400 audit(1730182937.915:47469): avc:  denied  { setattr } for  pid=8332 comm="syz.5.606" path="/dev/net/tun" dev="devtmpfs" ino=720 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[   92.097467][ T8321] netlink: 'syz.4.603': attribute type 2 has an invalid length.
[   92.129778][   T39] audit: type=1400 audit(1730182938.175:47470): avc:  denied  { accept } for  pid=8335 comm="syz.4.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   92.152603][ T8342] netlink: 'syz.5.608': attribute type 9 has an invalid length.
[   92.156020][ T8342] netlink: 134660 bytes leftover after parsing attributes in process `syz.5.608'.
[   92.242626][ T8356] netlink: 'syz.4.611': attribute type 10 has an invalid length.
[   92.244994][ T8356] team0: left allmulticast mode
[   92.246388][ T8356] team0: left promiscuous mode
[   92.248121][ T8356] bridge0: port 1(team0) entered disabled state
[   92.254386][ T8356] 8021q: adding VLAN 0 to HW filter on device team0
[   92.257058][ T8356] bond0: (slave team0): Enslaving as an active interface with an up link
[   92.428865][ T8371] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[   92.440064][ T8371] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0
[   92.806497][ T8256] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.810864][ T8256] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.817347][ T8256] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.820438][ T8256] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.889605][ T8256] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.896882][ T8256] 8021q: adding VLAN 0 to HW filter on device team0
[   92.904157][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.906045][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.912654][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.914580][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.015746][ T8256] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.035419][ T8256] veth0_vlan: entered promiscuous mode
[   93.048392][ T8256] veth1_vlan: entered promiscuous mode
[   93.062474][ T8256] veth0_macvtap: entered promiscuous mode
[   93.065952][ T8256] veth1_macvtap: entered promiscuous mode
[   93.074123][ T8256] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.079215][ T8256] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.084454][ T8256] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.086793][ T8256] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.089086][ T8256] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.092257][ T8256] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.127628][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.131466][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.141393][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.143997][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.503982][ T8416] netlink: 40 bytes leftover after parsing attributes in process `syz.0.616'.
[   93.941618][   T39] audit: type=1400 audit(1730182939.995:47471): avc:  denied  { append } for  pid=8427 comm="syz.0.618" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   93.948432][ T8429] sg_write: process 360 (syz.0.618) changed security contexts after opening file descriptor, this is not allowed.
[   93.952046][ T8429] program syz.0.618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.350077][   T39] audit: type=1400 audit(1730182940.395:47472): avc:  denied  { setopt } for  pid=8430 comm="syz.0.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   94.501326][   T39] audit: type=1400 audit(1730182940.555:47473): avc:  denied  { bind } for  pid=8445 comm="syz.4.622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   94.503219][ T8446] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   94.541903][   T39] audit: type=1400 audit(1730182940.595:47474): avc:  denied  { write } for  pid=8447 comm="syz.4.623" name="softnet_stat" dev="proc" ino=4026533783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   94.567454][   T39] audit: type=1400 audit(1730182940.615:47475): avc:  denied  { accept } for  pid=8449 comm="syz.4.624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   94.568185][ T8450] tmpfs: Unknown parameter 'tmpfs'
[   94.768621][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x100000000
[   94.772264][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   94.775104][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   94.787627][ T8457] kernel profiling enabled (shift: 17)
[   94.792101][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4000
[   94.793289][ T8457] bridge4: entered promiscuous mode
[   94.795898][ T8457] bridge4: entered allmulticast mode
[   94.807973][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   94.831133][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4000
[   94.847687][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   94.872499][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4000
[   94.889032][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   94.912733][ T8455] kvm: kvm [8454]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4000
[   95.319755][   T39] audit: type=1400 audit(1730182941.375:47476): avc:  denied  { listen } for  pid=8458 comm="syz.0.627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   95.330076][   T39] audit: type=1400 audit(1730182941.375:47477): avc:  denied  { accept } for  pid=8458 comm="syz.0.627" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   95.330221][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.393479][ T8463] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[   95.393505][ T8465] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[   95.398910][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   95.399102][ T8465] overlayfs: overlapping lowerdir path
[   95.403467][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   95.405929][ T5953] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   95.408593][ T5953] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   95.410828][ T8463] overlayfs: overlapping lowerdir path
[   95.412608][ T5953] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   95.414964][ T5953] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   95.465901][ T8463] netlink: 'syz.0.628': attribute type 11 has an invalid length.
[   95.514284][   T39] audit: type=1400 audit(1730182941.565:47478): avc:  denied  { module_request } for  pid=8464 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   95.527232][ T8464] chnl_net:caif_netlink_parms(): no params data found
[   95.569309][ T8476] wireguard0: entered promiscuous mode
[   95.571205][ T8476] wireguard0: entered allmulticast mode
[   95.607496][ T8481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.630'.
[   95.624125][ T8464] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.626096][ T8464] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.628086][ T8464] bridge_slave_0: entered allmulticast mode
[   95.630711][ T8464] bridge_slave_0: entered promiscuous mode
[   95.634097][ T8464] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.636074][ T8464] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.638040][ T8464] bridge_slave_1: entered allmulticast mode
[   95.642867][ T8464] bridge_slave_1: entered promiscuous mode
[   95.683162][ T8464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.688666][ T8481] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8481 comm=syz.0.630
[   95.694070][ T8464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.738178][ T8464] team0: Port device team_slave_0 added
[   95.742295][ T8464] team0: Port device team_slave_1 added
[   95.743971][ T8486] netlink: 'syz.4.632': attribute type 21 has an invalid length.
[   95.764321][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.766297][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.772386][   T39] audit: type=1326 audit(1730182941.825:47479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8475 comm="syz.0.630" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f423797e719 code=0x0
[   95.773500][ T8464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.782490][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.784377][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.792996][ T8464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.817638][ T8464] hsr_slave_0: entered promiscuous mode
[   95.819591][ T8464] hsr_slave_1: entered promiscuous mode
[   95.866194][ T8489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.633'.
[   96.055044][ T8496] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   96.057467][ T8496] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   96.060609][ T8496] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[   96.164325][   T39] audit: type=1400 audit(1730182942.215:47480): avc:  denied  { ioctl } for  pid=8493 comm="syz.0.635" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0x662c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   96.543581][ T8499] Error parsing options; rc = [-22]
[   96.809742][   T30] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[   96.920969][ T8503] tmpfs: Unknown parameter 'mpol'
[   96.949750][   T30] usb 9-1: device descriptor read/64, error -71
[   97.009719][ T8503] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   97.014993][ T8503] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   97.067243][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.131856][ T8508] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8508 comm=syz.0.639
[   97.149093][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.153626][ T8508] netlink: 24 bytes leftover after parsing attributes in process `syz.0.639'.
[   97.201795][   T30] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[   97.254248][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.329718][   T30] usb 9-1: device descriptor read/64, error -71
[   97.373499][   T11] bridge_slave_1: left allmulticast mode
[   97.375008][   T11] bridge_slave_1: left promiscuous mode
[   97.377248][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.382583][   T11] bridge_slave_0: left allmulticast mode
[   97.384265][   T11] bridge_slave_0: left promiscuous mode
[   97.385824][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.445283][   T30] usb usb9-port1: attempt power cycle
[   97.461616][ T5953] Bluetooth: hci3: command tx timeout
[   97.471156][ T8521] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   97.679053][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   97.684048][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.688133][   T11] bond0 (unregistering): Released all slaves
[   97.781001][   T30] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[   97.800240][   T30] usb 9-1: device descriptor read/8, error -71
[   97.969258][ T8532] loop0: detected capacity change from 0 to 16384
[   98.025790][   T11] hsr_slave_0: left promiscuous mode
[   98.027673][   T11] hsr_slave_1: left promiscuous mode
[   98.033146][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.035199][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.040503][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.042455][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.059798][   T30] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[   98.074539][   T11] veth1_macvtap: left promiscuous mode
[   98.076125][   T11] veth0_macvtap: left promiscuous mode
[   98.077611][   T11] veth1_vlan: left promiscuous mode
[   98.080226][   T11] veth0_vlan: left promiscuous mode
[   98.080268][   T30] usb 9-1: device descriptor read/8, error -71
[   98.235723][   T30] usb usb9-port1: unable to enumerate USB device
[   98.245273][ T8542] netlink: 5312 bytes leftover after parsing attributes in process `syz.0.647'.
[   98.247685][ T8542] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   98.251955][ T8542] tmpfs: Unknown parameter ''
[   98.263604][ T8543] 9p: Unknown access argument 00000000000000000000ÿÿÿÿÿÿÿÿ00000000000000000000005: -22
[   98.814524][   T11] team0 (unregistering): Port device team_slave_1 removed
[   98.890503][   T11] team0 (unregistering): Port device team_slave_0 removed
[   99.534368][   T39] kauditd_printk_skb: 3 callbacks suppressed
[   99.534378][   T39] audit: type=1400 audit(1730182945.585:47484): avc:  denied  { setattr } for  pid=8550 comm="syz.0.649" name="HCI" dev="sockfs" ino=24773 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   99.534629][ T8551] netlink: 'syz.0.649': attribute type 13 has an invalid length.
[   99.542573][ T5953] Bluetooth: hci3: command tx timeout
[   99.544433][ T8551] macvtap0: entered allmulticast mode
[   99.547773][ T8551] macvtap0: refused to change device tx_queue_len
[   99.648872][ T8464] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   99.685762][ T8464] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   99.714204][ T8464] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   99.726305][ T8567] @: renamed from vlan0
[   99.742520][ T8464] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   99.778211][ T8464] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.786783][ T8464] 8021q: adding VLAN 0 to HW filter on device team0
[   99.790596][  T100] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.792515][  T100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.797247][  T100] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.799181][  T100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.886179][ T8464] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.902027][ T8464] veth0_vlan: entered promiscuous mode
[   99.905923][ T8464] veth1_vlan: entered promiscuous mode
[   99.916500][ T8464] veth0_macvtap: entered promiscuous mode
[   99.919838][ T8464] veth1_macvtap: entered promiscuous mode
[   99.926194][ T8464] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.929908][ T8464] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.935072][ T8464] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.937373][ T8464] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.941826][ T8464] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.944989][ T8464] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.984978][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.987077][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.003381][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.005582][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.072476][ T8591] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  100.106974][ T8593] nbd: illegal input index 67108864
[  100.512711][ T8606] random: crng reseeded on system resumption
[  100.520506][   T39] audit: type=1400 audit(1730182946.565:47485): avc:  denied  { append } for  pid=8605 comm="syz.4.663" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  100.654042][   T39] audit: type=1400 audit(1730182946.705:47486): avc:  denied  { ioctl } for  pid=8605 comm="syz.4.663" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3302 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  100.718321][ T8613] could not allocate digest TFM handle sha512-neon
[  100.767743][   T39] audit: type=1400 audit(1730182946.815:47487): avc:  denied  { map } for  pid=8605 comm="syz.4.663" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  100.769428][ T8613] could not allocate digest TFM handle sha1-neon
[  100.774089][   T39] audit: type=1400 audit(1730182946.815:47488): avc:  denied  { execute } for  pid=8605 comm="syz.4.663" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  101.064945][   T39] audit: type=1804 audit(1730182947.115:47489): pid=8628 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.668" name="/" dev="pidfs" ino=8927 res=1 errno=0
[  101.094708][ T8631] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.669'.
[  101.117857][ T8633] netlink: 12 bytes leftover after parsing attributes in process `syz.0.670'.
[  102.376041][   T75] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.504198][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  102.508345][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  102.512506][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  102.517488][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  102.520054][ T5947] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  102.522971][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  102.595274][ T8635] chnl_net:caif_netlink_parms(): no params data found
[  102.658953][ T8635] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.661439][ T8635] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.663341][ T8635] bridge_slave_0: entered allmulticast mode
[  102.665483][ T8635] bridge_slave_0: entered promiscuous mode
[  102.668596][ T8635] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.670984][ T8635] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.672975][ T8635] bridge_slave_1: entered allmulticast mode
[  102.674987][ T8635] bridge_slave_1: entered promiscuous mode
[  102.695363][ T8635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.698972][ T8635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.722356][ T8635] team0: Port device team_slave_0 added
[  102.726905][ T8635] team0: Port device team_slave_1 added
[  102.748901][ T8635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.751343][ T8635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.758090][ T8635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.762709][ T8635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.764608][ T8635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.771548][ T8635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.795533][ T8635] hsr_slave_0: entered promiscuous mode
[  102.797525][ T8635] hsr_slave_1: entered promiscuous mode
[  102.799306][ T8635] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.801395][ T8635] Cannot create hsr debugfs directory
[  103.512979][ T8606] orangefs_mount: mount request failed with -4
[  103.606962][ T8644] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  103.636954][   T39] audit: type=1400 audit(1730182949.685:47490): avc:  denied  { sqpoll } for  pid=8645 comm="syz.4.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  104.063880][   T75] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.144654][   T75] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.221017][   T75] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.301456][ T8663] overlayfs: missing 'lowerdir'
[  104.334463][   T75] bridge_slave_1: left allmulticast mode
[  104.336148][   T75] bridge_slave_1: left promiscuous mode
[  104.337724][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.343100][   T75] bridge_slave_0: left allmulticast mode
[  104.344562][   T75] bridge_slave_0: left promiscuous mode
[  104.346070][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.579866][ T5953] Bluetooth: hci3: command tx timeout
[  104.619561][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.624773][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.629301][   T75] bond0 (unregistering): Released all slaves
[  104.950367][   T75] hsr_slave_0: left promiscuous mode
[  104.952483][   T75] hsr_slave_1: left promiscuous mode
[  104.954301][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.956328][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.958608][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.963026][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.991791][   T75] veth1_macvtap: left promiscuous mode
[  104.993311][   T75] veth0_macvtap: left promiscuous mode
[  104.995884][   T75] veth1_vlan: left promiscuous mode
[  104.997344][   T75] veth0_vlan: left promiscuous mode
[  105.103361][   T39] audit: type=1400 audit(1730182951.155:47491): avc:  denied  { ioctl } for  pid=8683 comm="syz.0.678" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  105.107766][ T8684] ata1.00: invalid cdb length 6
[  105.722936][   T75] team0 (unregistering): Port device team_slave_1 removed
[  105.818529][   T75] team0 (unregistering): Port device team_slave_0 removed
[  106.091307][ T8693] binder: BINDER_SET_CONTEXT_MGR already set
[  106.093793][ T8693] binder: 8691:8693 ioctl 4018620d 20000100 returned -16
[  106.405537][ T8635] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  106.411513][ T8635] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  106.416408][ T8635] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  106.420333][ T8635] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  106.464579][ T8635] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.481681][ T8635] 8021q: adding VLAN 0 to HW filter on device team0
[  106.487701][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.489623][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.512281][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.514189][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.593628][ T8635] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.608262][ T8635] veth0_vlan: entered promiscuous mode
[  106.614059][ T8635] veth1_vlan: entered promiscuous mode
[  106.630548][ T8635] veth0_macvtap: entered promiscuous mode
[  106.633534][ T8635] veth1_macvtap: entered promiscuous mode
[  106.639376][ T8635] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.647123][ T8635] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.651051][ T8635] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.653454][ T8635] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.655762][ T8635] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.658026][ T8635] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.670382][ T5953] Bluetooth: hci3: command tx timeout
[  106.709637][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.711813][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.747593][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.750187][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.604871][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.608743][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.613046][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.616536][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.619984][ T5947] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  107.623670][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.743082][ T8735] chnl_net:caif_netlink_parms(): no params data found
[  107.844212][ T8735] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.846513][ T8735] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.848649][ T8735] bridge_slave_0: entered allmulticast mode
[  107.851061][ T8735] bridge_slave_0: entered promiscuous mode
[  107.855274][ T8735] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.857284][ T8735] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.859225][ T8735] bridge_slave_1: entered allmulticast mode
[  107.861859][ T8735] bridge_slave_1: entered promiscuous mode
[  107.907587][ T8735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.911570][ T8735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.939259][ T8735] team0: Port device team_slave_0 added
[  107.960050][ T8735] team0: Port device team_slave_1 added
[  107.986705][ T8735] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.988616][ T8735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.996998][ T8735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.006650][ T8735] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.008771][ T8735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.016161][ T8735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.050892][ T8735] hsr_slave_0: entered promiscuous mode
[  108.052920][ T8735] hsr_slave_1: entered promiscuous mode
[  108.413707][   T11] bond0 (unregistering): Released all slaves
[  108.472473][   T11] tipc: Left network mode
[  108.486162][ T8735] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  108.514338][ T8735] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  108.517712][ T8735] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  108.522872][ T8735] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  108.569398][ T8735] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.630863][ T8735] 8021q: adding VLAN 0 to HW filter on device team0
[  108.641428][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.643274][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.646525][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.648715][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.658173][ T8754] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=6435 sclass=netlink_xfrm_socket pid=8754 comm=syz.0.686
[  108.668782][ T8735] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  108.672433][ T8735] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  108.700500][   T11] hsr_slave_0: left promiscuous mode
[  108.702337][   T11] hsr_slave_1: left promiscuous mode
[  108.808933][ T8767] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  109.316446][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  109.334893][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  109.353690][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  109.365112][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  109.368497][ T5947] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  109.374528][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  109.699682][ T5953] Bluetooth: hci0: command tx timeout
[  110.039980][ T8762] »»»»»»¾ðj�
Áe: renamed from lo
[  110.081715][ T8777] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8777 comm=syz.0.688
[  110.088751][ T8777] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8777 comm=syz.0.688
[  110.122030][ T8735] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.147757][ T8770] chnl_net:caif_netlink_parms(): no params data found
[  110.249129][ T8770] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.253555][ T8770] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.255451][ T8770] bridge_slave_0: entered allmulticast mode
[  110.257426][ T8770] bridge_slave_0: entered promiscuous mode
[  110.261399][ T8770] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.263447][ T8770] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.265774][ T8770] bridge_slave_1: entered allmulticast mode
[  110.268141][ T8770] bridge_slave_1: entered promiscuous mode
[  110.297399][ T8770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.302341][ T8770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.330696][ T8770] team0: Port device team_slave_0 added
[  110.344181][ T8770] team0: Port device team_slave_1 added
[  110.375333][ T8735] veth0_vlan: entered promiscuous mode
[  110.387815][ T8770] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.390308][ T8770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.397980][ T8770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.401750][ T8770] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.403510][ T8770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.411161][ T8770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.453459][ T8770] hsr_slave_0: entered promiscuous mode
[  110.455940][ T8770] hsr_slave_1: entered promiscuous mode
[  110.457741][ T8770] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.460088][ T8770] Cannot create hsr debugfs directory
[  110.460345][   T39] audit: type=1400 audit(1730182956.515:47492): avc:  denied  { write } for  pid=5343 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.462280][ T8735] veth1_vlan: entered promiscuous mode
[  110.466927][   T39] audit: type=1400 audit(1730182956.515:47493): avc:  denied  { remove_name } for  pid=5343 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.475843][   T39] audit: type=1400 audit(1730182956.515:47494): avc:  denied  { add_name } for  pid=5343 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.509778][   T11] IPVS: stop unused estimator thread 0...
[  110.545039][ T8735] veth0_macvtap: entered promiscuous mode
[  110.548843][ T8735] veth1_macvtap: entered promiscuous mode
[  110.580468][ T8770] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.604215][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.606911][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.610132][ T8735] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.616020][ T8735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.618688][ T8735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.623046][ T8735] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.637693][ T8770] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.645293][ T8735] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.647565][ T8735] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.650434][ T8735] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.652721][ T8735] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.684855][  T100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.686904][  T100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.716056][ T8770] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.721089][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.723397][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.798420][ T8818] netlink: 'syz.6.690': attribute type 9 has an invalid length.
[  110.801670][ T8818] netlink: 134660 bytes leftover after parsing attributes in process `syz.6.690'.
[  110.805923][ T8770] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.829387][   T39] audit: type=1400 audit(1730182956.875:47495): avc:  denied  { sys_chroot } for  pid=8822 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  110.835474][   T39] audit: type=1400 audit(1730182956.875:47496): avc:  denied  { setgid } for  pid=8822 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  110.879642][   T11] bridge_slave_1: left allmulticast mode
[  110.881527][   T11] bridge_slave_1: left promiscuous mode
[  110.883206][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.886947][   T11] bridge_slave_0: left allmulticast mode
[  110.888732][   T11] bridge_slave_0: left promiscuous mode
[  110.893331][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.139214][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  111.143872][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.147296][   T11] bond0 (unregistering): Released all slaves
[  111.168250][ T8835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.692'.
[  111.182892][   T39] audit: type=1400 audit(1730182957.235:47497): avc:  denied  { map } for  pid=8832 comm="syz.0.692" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  111.188656][ T8770] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  111.189904][   T39] audit: type=1400 audit(1730182957.235:47498): avc:  denied  { call } for  pid=8832 comm="syz.0.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  111.201055][ T8770] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  111.209110][ T8770] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  111.221747][ T8770] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  111.289157][ T8770] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.296717][ T8770] 8021q: adding VLAN 0 to HW filter on device team0
[  111.302513][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.304397][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.311071][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.312977][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.423161][   T11] hsr_slave_0: left promiscuous mode
[  111.424947][   T11] hsr_slave_1: left promiscuous mode
[  111.426803][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.428754][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.431830][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.433733][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.457028][   T11] veth1_macvtap: left promiscuous mode
[  111.458535][   T11] veth0_macvtap: left promiscuous mode
[  111.459758][ T5953] Bluetooth: hci3: command tx timeout
[  111.460263][   T11] veth1_vlan: left promiscuous mode
[  111.462915][   T11] veth0_vlan: left promiscuous mode
[  111.627321][ T8854] program syz.0.694 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.694776][   T39] audit: type=1400 audit(1730182957.745:47499): avc:  denied  { create } for  pid=8856 comm="syz.6.695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  111.701949][   T39] audit: type=1400 audit(1730182957.755:47500): avc:  denied  { write } for  pid=8856 comm="syz.6.695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  111.779680][ T5953] Bluetooth: hci0: command tx timeout
[  111.830768][   T39] audit: type=1400 audit(1730182957.885:47501): avc:  denied  { map } for  pid=8863 comm="syz.6.698" path="/dev/video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  112.204936][   T11] team0 (unregistering): Port device team_slave_1 removed
[  112.291671][   T11] team0 (unregistering): Port device team_slave_0 removed
[  112.350169][ T1103] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  112.352243][ T1103] ata1: failed to read log page 10h (errno=-5)
[  112.354067][ T1103] ata1.00: exception Emask 0x1 SAct 0x800 SErr 0x0 action 0x0
[  112.356352][ T1103] ata1.00: irq_stat 0x40000000
[  112.357770][ T1103] ata1.00: failed command: WRITE FPDMA QUEUED
[  112.359868][ T1103] ata1.00: cmd 61/08:58:22:56:08/00:00:00:00:00/40 tag 11 ncq dma 4096 out
[  112.359868][ T1103]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  112.364862][ T1103] ata1.00: status: { DRDY }
[  112.380105][ T1103] ata1.00: configured for UDMA/100
[  112.381800][ T1103] ata1: EH complete
[  112.930869][ T8770] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.965634][ T8770] veth0_vlan: entered promiscuous mode
[  112.980417][ T8770] veth1_vlan: entered promiscuous mode
[  113.028614][ T8770] veth0_macvtap: entered promiscuous mode
[  113.033426][ T8770] veth1_macvtap: entered promiscuous mode
[  113.039867][ T8770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.042461][ T8770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.045837][ T8770] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.053348][ T8770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.056610][ T8770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.060317][ T8770] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.064487][ T8770] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.066726][ T8770] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.069400][ T8770] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.073218][ T8770] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.122463][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.124951][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.147750][ T8891] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  113.151978][  T100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.154183][  T100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.212836][ T8902] trusted_key: encrypted_key: key trusted:syz not found
[  113.260540][ T8906] gadgetfs: Unknown parameter '/dev/nullb0'
[  113.859722][ T5953] Bluetooth: hci0: command tx timeout
[  114.087106][   T75] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.691531][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  114.695123][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  114.698780][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  114.702653][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  114.705074][ T5947] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  114.707237][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  114.760059][ T8931] loop0: detected capacity change from 0 to 6
[  114.763087][ T8931] Dev loop0: unable to read RDB block 6
[  114.764575][ T8931]  loop0: unable to read partition table
[  114.766079][ T8931] loop0: partition table beyond EOD, truncated
[  114.767667][ T8931] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  114.767667][ T8931] 
) failed (rc=-5)
[  114.796619][ T8928] chnl_net:caif_netlink_parms(): no params data found
[  114.830693][ T8931] loop0: detected capacity change from 6 to 0
[  114.882910][ T8940] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20001 - 0
[  114.885175][ T8940] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20001 - 0
[  114.888044][ T8940] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20001 - 0
[  114.891320][ T8940] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20001 - 0
[  114.896821][ T8928] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.898633][ T8928] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.907060][ T8928] bridge_slave_0: entered allmulticast mode
[  114.909125][ T8928] bridge_slave_0: entered promiscuous mode
[  114.912746][ T8928] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.914766][ T8928] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.921149][ T8928] bridge_slave_1: entered allmulticast mode
[  114.923130][ T8928] bridge_slave_1: entered promiscuous mode
[  115.050075][ T8949] dlm: Unknown command passed to DLM device : 0
[  115.050075][ T8949] 
[  115.052481][ T8949] dlm: Unknown command passed to DLM device : 0
[  115.052481][ T8949] 
[  115.054745][ T8949] dlm: Unknown command passed to DLM device : 0
[  115.054745][ T8949] 
[  115.055427][   T75] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.071855][ T8928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.080709][ T8928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.113340][ T8928] team0: Port device team_slave_0 added
[  115.116777][ T8928] team0: Port device team_slave_1 added
[  115.118793][ T8953] netlink: 'syz.0.716': attribute type 4 has an invalid length.
[  115.147723][ T8928] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.149631][ T8928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.156019][ T8928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.160955][ T8928] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.162704][ T8928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.169250][ T8928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.217517][ T8928] hsr_slave_0: entered promiscuous mode
[  115.219441][ T8928] hsr_slave_1: entered promiscuous mode
[  115.221674][ T8928] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  115.224086][ T8928] Cannot create hsr debugfs directory
[  115.244805][ T8963] ebtables: ebtables: counters copy to user failed while replacing table
[  115.281390][ T8967] netlink: 'syz.0.720': attribute type 10 has an invalid length.
[  115.284058][ T8967] bond0: (slave bond_slave_0): Releasing backup interface
[  115.489647][ T6009] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  115.653424][ T6009] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.656339][ T6009] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.658824][ T6009] usb 11-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00
[  115.661250][ T6009] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.664829][ T6009] usb 11-1: config 0 descriptor??
[  115.775804][   T75] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.844533][   T75] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.939704][ T5947] Bluetooth: hci0: command tx timeout
[  115.952719][   T75] bridge_slave_1: left allmulticast mode
[  115.954289][   T75] bridge_slave_1: left promiscuous mode
[  115.955801][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.963779][   T75] bridge_slave_0: left allmulticast mode
[  115.965921][   T75] bridge_slave_0: left promiscuous mode
[  115.967804][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.239050][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  116.243365][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  116.246940][   T75] bond0 (unregistering): Released all slaves
[  116.279185][ T6009] usbhid 11-1:0.0: can't add hid device: -71
[  116.281627][ T6009] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  116.286300][ T6009] usb 11-1: USB disconnect, device number 2
[  116.498478][ T9004] Bluetooth: MGMT ver 1.23
[  116.527048][   T75] hsr_slave_0: left promiscuous mode
[  116.529014][   T75] hsr_slave_1: left promiscuous mode
[  116.533792][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.535714][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.537901][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.540292][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.562964][   T75] veth1_macvtap: left promiscuous mode
[  116.564506][   T75] veth0_macvtap: left promiscuous mode
[  116.565956][   T75] veth1_vlan: left promiscuous mode
[  116.567327][   T75] veth0_vlan: left promiscuous mode
[  116.742202][ T5947] Bluetooth: hci3: command tx timeout
[  117.210777][   T75] team0 (unregistering): Port device team_slave_1 removed
[  117.286577][   T75] team0 (unregistering): Port device team_slave_0 removed
[  117.970022][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  117.970037][   T39] audit: type=1400 audit(1730182964.015:47512): avc:  denied  { read } for  pid=9021 comm="syz.0.729" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  117.977185][   T39] audit: type=1400 audit(1730182964.015:47513): avc:  denied  { open } for  pid=9021 comm="syz.0.729" path="/181/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  117.985986][ T9032] block device autoloading is deprecated and will be removed.
[  117.989720][   T39] audit: type=1400 audit(1730182964.045:47514): avc:  denied  { ioctl } for  pid=9021 comm="syz.0.729" path="/181/file0/file0" dev="fuse" ino=0 ioctlcmd=0x125d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  118.006897][ T8928] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  118.026366][ T8928] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  118.031031][ T8928] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  118.034503][ T8928] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  118.072940][ T8928] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.083177][ T8928] 8021q: adding VLAN 0 to HW filter on device team0
[  118.096146][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.098093][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.122115][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.124602][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.235159][ T8928] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.249627][    T9] usb 11-1: new full-speed USB device number 3 using dummy_hcd
[  118.251911][ T8928] veth0_vlan: entered promiscuous mode
[  118.256293][ T8928] veth1_vlan: entered promiscuous mode
[  118.279380][ T8928] veth0_macvtap: entered promiscuous mode
[  118.284841][ T8928] veth1_macvtap: entered promiscuous mode
[  118.293691][ T9052] netlink: 28 bytes leftover after parsing attributes in process `syz.0.732'.
[  118.302769][ T8928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.305820][ T8928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.309032][ T8928] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.314001][ T8928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.316784][ T8928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.320259][ T8928] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.324561][ T8928] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.326898][ T8928] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.329149][ T8928] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.332371][ T8928] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.370073][ T1220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.372130][ T1220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.386424][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.388495][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.399196][   T39] audit: type=1400 audit(1730182964.445:47515): avc:  denied  { mounton } for  pid=8928 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  118.411195][    T9] usb 11-1: config 168 descriptor has 1 excess byte, ignoring
[  118.413362][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  118.416259][    T9] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.419456][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  118.422619][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  118.426332][    T9] usb 11-1: config 168 descriptor has 1 excess byte, ignoring
[  118.428271][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  118.439984][    T9] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.443627][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  118.446664][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  118.455956][    T9] usb 11-1: config 168 descriptor has 1 excess byte, ignoring
[  118.458203][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  118.461141][    T9] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.464266][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  118.467245][    T9] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  118.472500][    T9] usb 11-1: string descriptor 0 read error: -22
[  118.474124][    T9] usb 11-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  118.476420][    T9] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.483865][    T9] adutux 11-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  118.694548][ T9035] netlink: 'syz.6.730': attribute type 12 has an invalid length.
[  118.696578][ T9035] netlink: 197276 bytes leftover after parsing attributes in process `syz.6.730'.
[  118.727253][ T9035] syz.6.730: attempt to access beyond end of device
[  118.727253][ T9035] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  118.730627][ T9035] efs: cannot read volume header
[  118.741595][   T58] usb 11-1: USB disconnect, device number 3
[  119.370928][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  119.374245][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  119.376931][ T5953] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  119.381716][ T5953] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  119.384224][ T5953] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  119.386106][ T5953] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  119.451608][ T9066] chnl_net:caif_netlink_parms(): no params data found
[  119.506411][ T9066] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.508269][ T9066] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.510382][ T9066] bridge_slave_0: entered allmulticast mode
[  119.512312][ T9066] bridge_slave_0: entered promiscuous mode
[  119.516365][ T9066] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.518256][ T9066] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.521162][ T9066] bridge_slave_1: entered allmulticast mode
[  119.523116][ T9066] bridge_slave_1: entered promiscuous mode
[  119.549055][ T9066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  119.553754][ T9066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.575013][ T9066] team0: Port device team_slave_0 added
[  119.577789][ T9066] team0: Port device team_slave_1 added
[  119.596123][ T9066] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.598129][ T9066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.604736][ T9066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.608173][ T9066] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.610401][ T9066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.616740][ T9066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.638950][ T9066] hsr_slave_0: entered promiscuous mode
[  119.640910][ T9066] hsr_slave_1: entered promiscuous mode
[  119.642649][ T9066] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  119.644511][ T9066] Cannot create hsr debugfs directory
[  119.719861][ T9066] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  119.723673][ T9066] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  119.727061][ T9066] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  119.730926][ T9066] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  119.741135][ T9066] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.742951][ T9066] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.744844][ T9066] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.746650][ T9066] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.767783][ T9066] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.775346][ T1220] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.778471][ T1220] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.791350][ T9066] 8021q: adding VLAN 0 to HW filter on device team0
[  119.800857][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.802680][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.805051][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.806913][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.809399][ T9077] netlink: 48 bytes leftover after parsing attributes in process `syz.0.735'.
[  119.888696][ T9066] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.982965][ T9066] veth0_vlan: entered promiscuous mode
[  119.986956][ T9066] veth1_vlan: entered promiscuous mode
[  119.998107][ T9066] veth0_macvtap: entered promiscuous mode
[  120.002509][ T9066] veth1_macvtap: entered promiscuous mode
[  120.008401][ T9066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.011483][ T9066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.013881][ T9066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.016458][ T9066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.021071][ T9066] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.027192][ T9066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.031172][ T9066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.033693][ T9066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.036357][ T9066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.040235][ T9066] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.043875][ T9066] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.046248][ T9066] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.048539][ T9066] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.051289][ T9066] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.086885][ T1220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.088961][ T1220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.100099][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.102132][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.144541][ T9113] dvmrp8: entered allmulticast mode
[  120.148209][ T9113] dvmrp8: left allmulticast mode
[  120.217057][   T39] audit: type=1400 audit(1730182966.265:47516): avc:  denied  { ioctl } for  pid=9110 comm="syz.7.734" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  121.021976][   T39] audit: type=1326 audit(1730182967.075:47517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9123 comm="syz.0.742" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423797e719 code=0x7ffc0000
[  121.028221][ T9124] No such timeout policy "syz0"
[  121.037831][   T39] audit: type=1326 audit(1730182967.075:47518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9123 comm="syz.0.742" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423797e719 code=0x7ffc0000
[  121.043955][ T9126] audit: audit_backlog=65 > audit_backlog_limit=64
[  121.044746][   T39] audit: type=1326 audit(1730182967.075:47519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9123 comm="syz.0.742" exe="/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f423797e719 code=0x7ffc0000
[  121.045602][ T9126] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  121.076800][ T9126] netlink: 8 bytes leftover after parsing attributes in process `syz.6.741'.
[  121.362777][   T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.459667][ T5947] Bluetooth: hci3: command tx timeout
[  122.037360][ T9196] syz.6.749 (9196): attempted to duplicate a private mapping with mremap.  This is not supported.
[  122.076952][ T9200] netlink: 'syz.6.750': attribute type 10 has an invalid length.
[  122.085835][ T9200] 8021q: adding VLAN 0 to HW filter on device team0
[  122.088470][ T9200] bond0: (slave team0): Enslaving as an active interface with an up link
[  122.091123][ T9200] netlink: 'syz.6.750': attribute type 10 has an invalid length.
[  122.094253][ T9200] bond0: (slave team0): Releasing backup interface
[  122.101794][ T5953] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  122.104562][ T5953] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  122.104632][ T9200] bridge0: port 3(team0) entered blocking state
[  122.107799][ T5953] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  122.108189][ T9200] bridge0: port 3(team0) entered disabled state
[  122.112946][ T9200] team0: entered allmulticast mode
[  122.114370][ T9200] team_slave_0: entered allmulticast mode
[  122.114861][ T5953] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  122.115826][ T9200] team_slave_1: entered allmulticast mode
[  122.118442][ T5953] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  122.120093][ T9200] team0: entered promiscuous mode
[  122.122981][ T9200] team_slave_0: entered promiscuous mode
[  122.123914][ T5953] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  122.126706][ T9200] team_slave_1: entered promiscuous mode
[  122.128803][ T9195] netlink: 16 bytes leftover after parsing attributes in process `syz.0.748'.
[  122.249963][ T9201] chnl_net:caif_netlink_parms(): no params data found
[  122.323468][ T9201] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.325389][ T9201] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.327464][ T9201] bridge_slave_0: entered allmulticast mode
[  122.330708][ T9201] bridge_slave_0: entered promiscuous mode
[  122.333610][ T9201] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.335446][ T9201] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.337539][ T9201] bridge_slave_1: entered allmulticast mode
[  122.340374][ T9201] bridge_slave_1: entered promiscuous mode
[  122.370675][ T9201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  122.375380][ T9201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  122.414930][ T9201] team0: Port device team_slave_0 added
[  122.422262][ T9201] team0: Port device team_slave_1 added
[  122.450777][ T9201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  122.453059][ T9201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.463325][ T9201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  122.468615][ T9201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.473148][ T9201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.482045][ T9201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.551584][ T9244] binder_alloc: binder_alloc_mmap_handler: 9243 20ffd000-20ffe000 already mapped failed -16
[  122.554382][ T9201] hsr_slave_0: entered promiscuous mode
[  122.555223][ T9249] binder_alloc: 9243: binder_alloc_buf, no vma
[  122.562063][ T9201] hsr_slave_1: entered promiscuous mode
[  122.564086][ T9201] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  122.565952][ T9201] Cannot create hsr debugfs directory
[  122.688169][ T9265] netlink: 'syz.0.765': attribute type 8 has an invalid length.
[  122.753538][   T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.885578][   T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.887389][ T9284] binder_alloc: binder_alloc_mmap_handler: 9276 20ffd000-21000000 already mapped failed -16
[  122.891669][ T9277] binder_alloc: 9276: binder_alloc_buf, no vma
[  122.993462][   T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.242554][   T45] bridge_slave_1: left allmulticast mode
[  123.244249][   T45] bridge_slave_1: left promiscuous mode
[  123.246854][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.256836][   T45] bridge_slave_0: left allmulticast mode
[  123.258721][   T45] bridge_slave_0: left promiscuous mode
[  123.265884][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.304877][ T9297] netlink: 256 bytes leftover after parsing attributes in process `syz.6.772'.
[  123.396206][   T39] kauditd_printk_skb: 74 callbacks suppressed
[  123.396217][   T39] audit: type=1400 audit(1730182969.445:47593): avc:  denied  { map } for  pid=9302 comm="syz.6.774" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  123.403391][   T39] audit: type=1400 audit(1730182969.445:47594): avc:  denied  { execute } for  pid=9302 comm="syz.6.774" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  123.408981][   T39] audit: type=1326 audit(1730182969.455:47595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.6.774" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c36f7e719 code=0x0
[  123.541483][ T5953] Bluetooth: hci3: command tx timeout
[  123.573712][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  123.578483][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  123.583063][   T45] bond0 (unregistering): Released all slaves
[  124.023482][   T45] hsr_slave_0: left promiscuous mode
[  124.025301][   T45] hsr_slave_1: left promiscuous mode
[  124.027336][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.029251][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.037489][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.039334][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.071918][   T45] veth1_macvtap: left promiscuous mode
[  124.073341][   T45] veth0_macvtap: left promiscuous mode
[  124.074721][   T45] veth1_vlan: left promiscuous mode
[  124.076049][   T45] veth0_vlan: left promiscuous mode
[  124.191136][ T5953] Bluetooth: hci4: command tx timeout
[  124.222185][   T39] audit: type=1400 audit(1730182970.275:47596): avc:  denied  { listen } for  pid=9340 comm="syz.0.780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  124.256426][ T9345] fuse: Bad value for 'rootmode'
[  124.362187][   T39] audit: type=1400 audit(1730182970.415:47597): avc:  denied  { write } for  pid=9350 comm="syz.0.784" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  124.847568][   T45] team0 (unregistering): Port device team_slave_1 removed
[  124.930264][   T45] team0 (unregistering): Port device team_slave_0 removed
[  125.498692][ T9358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.784'.
[  125.501160][ T9358] bridge_slave_1: left allmulticast mode
[  125.502613][ T9358] bridge_slave_1: left promiscuous mode
[  125.504091][ T9358] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.514698][ T9358] bridge_slave_0: left allmulticast mode
[  125.516319][ T9358] bridge_slave_0: left promiscuous mode
[  125.517795][ T9358] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.619964][ T5953] Bluetooth: hci3: command tx timeout
[  125.649694][ T9201] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  125.653925][ T9201] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  125.656901][ T9201] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  125.662138][ T9201] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  125.700788][ T9201] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.708819][ T9201] 8021q: adding VLAN 0 to HW filter on device team0
[  125.718116][  T100] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.720023][  T100] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.724501][  T100] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.726302][  T100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.873517][ T9201] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.895565][ T9201] veth0_vlan: entered promiscuous mode
[  125.900028][ T9201] veth1_vlan: entered promiscuous mode
[  125.912129][ T9201] veth0_macvtap: entered promiscuous mode
[  125.917637][ T9201] veth1_macvtap: entered promiscuous mode
[  125.925619][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.928448][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.929215][   T39] audit: type=1400 audit(1730182971.975:47598): avc:  denied  { read } for  pid=9394 comm="syz.0.788" dev="sockfs" ino=32474 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  125.931150][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.939313][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.944058][ T9201] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.950161][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.952842][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.955290][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.957924][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.963503][ T9201] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.971214][ T9201] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.974024][ T9201] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.976653][ T9201] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.979745][ T9201] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.017327][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.019792][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.035917][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.037893][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.646280][ T9417] unknown channel width for channel at 909000KHz?
[  126.656312][ T9417] mac80211_hwsim hwsim23 wlan0: entered promiscuous mode
[  126.658556][   T39] audit: type=1400 audit(1730182972.705:47599): avc:  denied  { associate } for  pid=9415 comm="syz.7.790" name="blkio.bfq.io_serviced" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  126.660046][ T9417] macsec1: entered promiscuous mode
[  126.670111][   T39] audit: type=1400 audit(1730182972.715:47600): avc:  denied  { append } for  pid=9415 comm="syz.7.790" path="/3/file0/blkio.bfq.io_serviced" dev="9p" ino=36449062 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  126.678622][ T9417] mac80211_hwsim hwsim23 wlan0: left promiscuous mode
[  126.681647][   T39] audit: type=1400 audit(1730182972.735:47601): avc:  denied  { map } for  pid=9415 comm="syz.7.790" path="/3/file0/blkio.bfq.io_serviced" dev="9p" ino=36449062 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  126.688669][   T39] audit: type=1400 audit(1730182972.735:47602): avc:  denied  { ioctl } for  pid=9415 comm="syz.7.790" path="/3/file0/blkio.bfq.io_serviced" dev="9p" ino=36449062 ioctlcmd=0x5828 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  126.770398][ T9422] netlink: 4 bytes leftover after parsing attributes in process `syz.0.793'.
[  127.218016][ T9463] tipc: Started in network mode
[  127.219309][ T9463] tipc: Node identity 3, cluster identity 4711
[  127.223783][ T9461] netlink: 36 bytes leftover after parsing attributes in process `syz.6.803'.
[  127.229634][ T9463] tipc: Node number set to 3
[  127.244421][ T9461] netlink: 48 bytes leftover after parsing attributes in process `syz.6.803'.
[  127.313289][ T9467] netlink: 8 bytes leftover after parsing attributes in process `syz.6.805'.
[  127.321439][ T9467] netlink: 'syz.6.805': attribute type 1 has an invalid length.
[  127.335602][ T9467] 8021q: adding VLAN 0 to HW filter on device bond2
[  127.340109][ T9467] bond1: (slave bond2): making interface the new active one
[  127.342215][ T9467] bond1: (slave bond2): Enslaving as an active interface with an up link
[  127.346231][ T9467] netlink: 28 bytes leftover after parsing attributes in process `syz.6.805'.
[  127.356167][ T9467] 8021q: adding VLAN 0 to HW filter on device bond1
[  127.699778][ T5953] Bluetooth: hci3: command tx timeout
[  128.281283][ T9516] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6)
[  128.552098][   T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.372941][ T5300] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  129.380151][ T5300] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  129.383609][ T5300] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  129.387192][ T9551] xt_CT: You must specify a L4 protocol and not use inversions on it
[  129.387356][ T5300] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  129.394531][ T5300] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  129.397407][ T5300] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  129.491180][ T9547] chnl_net:caif_netlink_parms(): no params data found
[  130.349617][ T5947] Bluetooth: hci3: command 0x0405 tx timeout
[  130.351335][ T9547] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.353263][ T9547] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.355246][ T9547] bridge_slave_0: entered allmulticast mode
[  130.357470][ T9547] bridge_slave_0: entered promiscuous mode
[  130.361397][ T9547] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.363270][ T9547] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.365193][ T9547] bridge_slave_1: entered allmulticast mode
[  130.367257][ T9547] bridge_slave_1: entered promiscuous mode
[  130.446660][ T9547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.456370][ T9547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.480560][ T9547] team0: Port device team_slave_0 added
[  130.486233][ T9547] team0: Port device team_slave_1 added
[  130.527152][ T9547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.529023][ T9547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.536205][ T9547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.539866][ T9547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.542124][ T9547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.549310][ T9547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.551675][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  130.551685][   T39] audit: type=1400 audit(1730182976.605:47609): avc:  denied  { accept } for  pid=9590 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  130.551805][ T9592] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  130.591736][ T9547] hsr_slave_0: entered promiscuous mode
[  130.595977][ T9547] hsr_slave_1: entered promiscuous mode
[  130.601801][ T9547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.603842][ T9547] Cannot create hsr debugfs directory
[  130.664879][ T9602] all: renamed from lo (while UP)
[  130.729954][ T9617] hfs: can't find a HFS filesystem on dev nullb0
[  130.754958][ T9623] usb usb7: usbfs: interface 0 claimed by hub while 'syz.0.849' resets device
[  130.763123][ T9624] syzkaller1: entered promiscuous mode
[  130.764635][ T9624] syzkaller1: entered allmulticast mode
[  130.873471][   T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.026929][   T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.172590][   T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.280161][   T45] bridge_slave_1: left allmulticast mode
[  131.281705][   T45] bridge_slave_1: left promiscuous mode
[  131.284494][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.291525][   T45] bridge_slave_0: left allmulticast mode
[  131.292968][   T45] bridge_slave_0: left promiscuous mode
[  131.294496][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.460003][ T5953] Bluetooth: hci4: command tx timeout
[  131.553325][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.557240][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.561162][   T45] bond0 (unregistering): Released all slaves
[  131.868163][ T9667] netlink: 24 bytes leftover after parsing attributes in process `syz.7.856'.
[  131.890933][ T9667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.906586][ T9667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.959346][   T45] hsr_slave_0: left promiscuous mode
[  131.964225][   T45] hsr_slave_1: left promiscuous mode
[  131.966319][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  131.968413][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.972474][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.973584][ T9680] loop3: detected capacity change from 0 to 7
[  131.974574][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.978628][ T9680] Dev loop3: unable to read RDB block 7
[  131.983723][ T9680]  loop3: unable to read partition table
[  131.985658][ T9680] loop3: partition table beyond EOD, truncated
[  131.987354][ T9680] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  132.019221][   T45] veth1_macvtap: left promiscuous mode
[  132.021073][   T45] veth0_macvtap: left promiscuous mode
[  132.022758][   T45] veth1_vlan: left promiscuous mode
[  132.024182][   T45] veth0_vlan: left promiscuous mode
[  132.133961][ T6009] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  132.289700][ T6009] usb 12-1: Using ep0 maxpacket: 8
[  132.297201][ T6009] usb 12-1: config index 0 descriptor too short (expected 5924, got 36)
[  132.299428][ T6009] usb 12-1: config 250 has an invalid interface number: 228 but max is -1
[  132.301965][ T6009] usb 12-1: config 250 has 1 interface, different from the descriptor's value: 0
[  132.304255][ T6009] usb 12-1: config 250 has no interface number 0
[  132.305854][ T6009] usb 12-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  132.308862][ T6009] usb 12-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  132.311523][ T6009] usb 12-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  132.314140][ T6009] usb 12-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  132.316877][ T6009] usb 12-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  132.320898][ T6009] usb 12-1: config 250 interface 228 has no altsetting 0
[  132.323870][ T6009] usb 12-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  132.326280][ T6009] usb 12-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  132.328428][ T6009] usb 12-1: Product: syz
[  132.329858][ T6009] usb 12-1: SerialNumber: syz
[  132.340861][ T6009] hub 12-1:250.228: bad descriptor, ignoring hub
[  132.342465][ T6009] hub 12-1:250.228: probe with driver hub failed with error -5
[  132.504763][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  132.506584][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  132.553747][ T6009] usblp 12-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  132.583701][ T6009] usb 12-1: USB disconnect, device number 2
[  132.593518][ T6009] usblp0: removed
[  132.760310][ T9668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.766071][ T9668] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.777848][   T45] team0 (unregistering): Port device team_slave_1 removed
[  132.861671][   T45] team0 (unregistering): Port device team_slave_0 removed
[  132.920729][   T39] audit: type=1400 audit(1730182978.965:47610): avc:  denied  { append } for  pid=9687 comm="syz.6.861" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  133.545471][ T9693] syzkaller1: entered promiscuous mode
[  133.546910][ T9693] syzkaller1: entered allmulticast mode
[  133.550740][ T5953] Bluetooth: hci4: command tx timeout
[  133.587690][ T9701] netlink: 12 bytes leftover after parsing attributes in process `syz.7.865'.
[  133.603218][ T9701] hfs: can't find a HFS filesystem on dev nullb0
[  133.651659][ T9547] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  133.654665][ T9547] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  133.657623][ T9547] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  133.693408][ T9712] netlink: 16 bytes leftover after parsing attributes in process `syz.6.867'.
[  133.748005][ T9547] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  133.812140][ T9730] SELinux:  policydb magic number 0xff8c does not match expected magic number 0xf97cff8c
[  133.814434][   T39] audit: type=1400 audit(1730182979.865:47611): avc:  denied  { load_policy } for  pid=9726 comm="syz.6.870" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  133.822313][ T9730] SELinux: failed to load policy
[  133.841996][ T9547] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.861500][ T9547] 8021q: adding VLAN 0 to HW filter on device team0
[  133.867340][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.869374][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.880345][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.882250][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.894903][ T9547] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  133.897791][ T9547] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  133.918940][   T39] audit: type=1400 audit(1730182979.965:47612): avc:  denied  { getopt } for  pid=9735 comm="syz.7.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  133.992067][ T9547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.009876][ T9547] veth0_vlan: entered promiscuous mode
[  134.016330][ T9547] veth1_vlan: entered promiscuous mode
[  134.030778][ T9547] veth0_macvtap: entered promiscuous mode
[  134.034261][ T9547] veth1_macvtap: entered promiscuous mode
[  134.041678][ T9547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.044619][ T9547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.047187][ T9547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.050998][ T9547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.054157][ T9547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  134.058721][ T9547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.062230][ T9547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.064669][ T9547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.067752][ T9547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.073027][ T9547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  134.076852][ T9547] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.079087][ T9547] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.087547][ T9547] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.089758][ T9547] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.152840][   T25] libceph: connect (1)[c::]:6789 error -101
[  134.154740][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  134.158921][   T25] libceph: connect (1)[c::]:6789 error -101
[  134.161910][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  134.164775][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.166805][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.181451][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.183604][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.402622][   T39] audit: type=1400 audit(1730182980.455:47613): avc:  denied  { setopt } for  pid=9779 comm="syz.7.883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  134.404149][ T9782] netlink: 8 bytes leftover after parsing attributes in process `syz.7.883'.
[  134.432699][   T25] libceph: connect (1)[c::]:6789 error -101
[  134.434301][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  134.438731][   T39] audit: type=1400 audit(1730182980.485:47614): avc:  denied  { read } for  pid=9783 comm="syz.7.884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  134.469879][   T39] audit: type=1400 audit(1730182980.525:47615): avc:  denied  { getopt } for  pid=9785 comm="syz.7.885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  134.929576][ T9768] ceph: No mds server is up or the cluster is laggy
[  134.947055][   T25] libceph: connect (1)[c::]:6789 error -101
[  134.949396][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  135.032388][   T39] audit: type=1326 audit(1730182981.085:47616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9797 comm="syz.6.890" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c36f7e719 code=0x0
[  135.091902][ T9800] netlink: 36 bytes leftover after parsing attributes in process `syz.0.891'.
[  135.978444][   T39] audit: type=1400 audit(1730182982.025:47617): avc:  denied  { ioctl } for  pid=9823 comm="syz.6.897" path="/dev/uhid" dev="devtmpfs" ino=1296 ioctlcmd=0x9413 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  136.036980][ T9833] input: syz0 as /devices/virtual/input/input14
[  136.078120][ T9834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.899'.
[  136.080905][ T9834] netlink: 'syz.0.899': attribute type 7 has an invalid length.
[  136.085371][ T9834] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  136.087627][ T9834] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  136.089873][ T9834] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  136.092008][ T9834] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  136.096377][ T9834] vxlan0: entered promiscuous mode
[  136.152261][ T9836] GUP no longer grows the stack in syz.6.900 (9836): 20004000-20008000 (20002000)
[  136.155063][ T9836] CPU: 1 UID: 0 PID: 9836 Comm: syz.6.900 Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  136.157875][ T9836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.161011][ T9836] Call Trace:
[  136.162205][ T9836]  <TASK>
[  136.163149][ T9836]  dump_stack_lvl+0x16c/0x1f0
[  136.164393][ T9836]  gup_vma_lookup+0x1d2/0x220
[  136.165604][ T9836]  __get_user_pages+0x236/0x3b50
[  136.166848][ T9836]  ? find_held_lock+0x2d/0x110
[  136.168176][ T9836]  ? mtree_load+0x30a/0xa40
[  136.169363][ T9836]  ? __pfx_lock_release+0x10/0x10
[  136.170633][ T9836]  ? trace_lock_acquire+0x14a/0x1d0
[  136.171968][ T9836]  ? __pfx___get_user_pages+0x10/0x10
[  136.173352][ T9836]  get_user_pages_remote+0x25e/0xb30
[  136.174706][ T9836]  ? __pfx_get_user_pages_remote+0x10/0x10
[  136.176250][ T9836]  __access_remote_vm+0x235/0x7b0
[  136.177568][ T9836]  ? __pfx___access_remote_vm+0x10/0x10
[  136.179024][ T9836]  ? lock_acquire+0x2f/0xb0
[  136.180200][ T9836]  ? proc_pid_cmdline_read+0x25c/0x900
[  136.181901][ T9836]  proc_pid_cmdline_read+0x4f5/0x900
[  136.183474][ T9836]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  136.184970][ T9836]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  136.186424][ T9836]  vfs_readv+0x6bf/0x890
[  136.187500][ T9836]  ? futex_wait+0x121/0x380
[  136.188664][ T9836]  ? __pfx_vfs_readv+0x10/0x10
[  136.189871][ T9836]  ? find_held_lock+0x2d/0x110
[  136.191076][ T9836]  ? __pfx_lock_release+0x10/0x10
[  136.192352][ T9836]  ? trace_lock_acquire+0x14a/0x1d0
[  136.193670][ T9836]  ? __fget_files+0x244/0x3f0
[  136.194875][ T9836]  ? __x64_sys_preadv+0x22d/0x310
[  136.196188][ T9836]  __x64_sys_preadv+0x22d/0x310
[  136.197408][ T9836]  ? __pfx___x64_sys_preadv+0x10/0x10
[  136.198938][ T9836]  do_syscall_64+0xcd/0x250
[  136.200499][ T9836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.202123][ T9836] RIP: 0033:0x7f3c36f7e719
[  136.203697][ T9836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.208896][ T9836] RSP: 002b:00007f3c37cbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  136.211083][ T9836] RAX: ffffffffffffffda RBX: 00007f3c37136130 RCX: 00007f3c36f7e719
[  136.213157][ T9836] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000007
[  136.215377][ T9836] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  136.217432][ T9836] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  136.219445][ T9836] R13: 0000000000000000 R14: 00007f3c37136130 R15: 00007ffe02d56c68
[  136.221507][ T9836]  </TASK>
[  136.336888][   T39] audit: type=1400 audit(1730182982.385:47618): avc:  denied  { execute } for  pid=9838 comm="syz.7.901" path="/dev/bsg/cpuacct.usage_all" dev="devtmpfs" ino=2889 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1
[  136.648460][   T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.649813][ T5984] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  136.819968][ T5984] usb 12-1: Using ep0 maxpacket: 8
[  136.826980][ T5984] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  136.829682][ T5984] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.831832][ T5984] usb 12-1: Product: syz
[  136.833002][ T5984] usb 12-1: Manufacturer: syz
[  136.834309][ T5984] usb 12-1: SerialNumber: syz
[  137.040084][ T5984] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  137.240314][   T39] audit: type=1400 audit(1730182983.295:47619): avc:  denied  { read write } for  pid=9842 comm="syz.7.903" name="lp0" dev="devtmpfs" ino=2892 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  137.246324][   T39] audit: type=1400 audit(1730182983.295:47620): avc:  denied  { open } for  pid=9842 comm="syz.7.903" path="/dev/usb/lp0" dev="devtmpfs" ino=2892 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  137.253812][ T6014] usb 12-1: USB disconnect, device number 4
[  137.257020][ T6014] usblp0: removed
[  137.564935][ T5947] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  137.568068][ T5947] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  137.571565][ T5947] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  137.574529][ T5947] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  137.578286][ T5947] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  137.581591][ T5947] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  137.753308][ T9852] chnl_net:caif_netlink_parms(): no params data found
[  137.816216][ T9852] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.818517][ T9852] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.820724][ T9852] bridge_slave_0: entered allmulticast mode
[  137.823504][ T9852] bridge_slave_0: entered promiscuous mode
[  137.827958][ T9852] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.830560][ T9852] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.832788][ T9852] bridge_slave_1: entered allmulticast mode
[  137.834751][ T9852] bridge_slave_1: entered promiscuous mode
[  137.865682][ T9852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.869284][ T9852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.891982][ T9852] team0: Port device team_slave_0 added
[  137.895775][ T9852] team0: Port device team_slave_1 added
[  137.929912][ T9852] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.931885][ T9852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.932748][   T39] audit: type=1400 audit(1730182983.985:47621): avc:  denied  { mount } for  pid=9865 comm="syz.7.909" name="/" dev="hugetlbfs" ino=39346 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  137.939205][ T9852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.942612][ T9852] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.951747][ T9852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.958220][ T9852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.993042][ T9852] hsr_slave_0: entered promiscuous mode
[  137.995156][ T9852] hsr_slave_1: entered promiscuous mode
[  137.997034][ T9852] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.998887][ T9852] Cannot create hsr debugfs directory
[  138.009762][ T5983] usb 11-1: new low-speed USB device number 4 using dummy_hcd
[  138.211886][ T5983] usb 11-1: unable to get BOS descriptor or descriptor too short
[  138.215676][ T5983] usb 11-1: config 1 has an invalid interface number: 222 but max is 0
[  138.217893][ T5983] usb 11-1: config 1 has no interface number 0
[  138.220437][ T5983] usb 11-1: config 1 interface 222 altsetting 7 endpoint 0xD has invalid maxpacket 1024, setting to 8
[  138.223473][ T5983] usb 11-1: config 1 interface 222 has no altsetting 0
[  138.233001][ T5983] usb 11-1: string descriptor 0 read error: -22
[  138.235041][ T5983] usb 11-1: New USB device found, idVendor=19d2, idProduct=1057, bcdDevice= 9.6c
[  138.237770][ T5983] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.245077][ T9858] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  138.251161][ T5983] option 11-1:1.222: GSM modem (1-port) converter detected
[  138.365270][   T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.449757][ T5983] usb 11-1: USB disconnect, device number 4
[  138.454184][ T5983] option 11-1:1.222: device disconnected
[  138.457074][   T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.521868][   T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.629840][   T45] bridge_slave_1: left allmulticast mode
[  138.631280][   T45] bridge_slave_1: left promiscuous mode
[  138.632740][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.635550][   T45] bridge_slave_0: left allmulticast mode
[  138.636961][   T45] bridge_slave_0: left promiscuous mode
[  138.638392][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.659036][   T39] audit: type=1400 audit(1730182984.705:47622): avc:  denied  { unmount } for  pid=9066 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  138.884389][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.888687][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.892314][   T45] bond0 (unregistering): Released all slaves
[  139.162008][   T45] hsr_slave_0: left promiscuous mode
[  139.163927][   T45] hsr_slave_1: left promiscuous mode
[  139.165799][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.167785][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.170797][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.172667][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.198628][   T45] veth1_macvtap: left promiscuous mode
[  139.200481][   T45] veth0_macvtap: left promiscuous mode
[  139.202111][   T45] veth1_vlan: left promiscuous mode
[  139.203634][   T45] veth0_vlan: left promiscuous mode
[  139.249606][ T1327] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  139.399608][ T1327] usb 11-1: Using ep0 maxpacket: 32
[  139.404193][ T1327] usb 11-1: config 1 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 59327, setting to 1024
[  139.409336][ T1327] usb 11-1: config 1 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  139.412916][ T1327] usb 11-1: config 1 interface 0 has no altsetting 0
[  139.416953][ T1327] usb 11-1: New USB device found, idVendor=05a4, idProduct=2000, bcdDevice= 0.40
[  139.419447][ T1327] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.421509][ T1327] usb 11-1: Product: ᫎ㖞颾�ာ즖
[  139.423012][ T1327] usb 11-1: Manufacturer: á°‰
[  139.424338][ T1327] usb 11-1: SerialNumber: syz
[  139.432747][ T9877] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  139.629797][ T5953] Bluetooth: hci4: command tx timeout
[  139.674912][ T1327] usbhid 11-1:1.0: can't add hid device: -71
[  139.676537][ T1327] usbhid 11-1:1.0: probe with driver usbhid failed with error -71
[  139.685893][ T1327] usb 11-1: USB disconnect, device number 5
[  139.969689][   T45] team0 (unregistering): Port device team_slave_1 removed
[  140.051681][   T45] team0 (unregistering): Port device team_slave_0 removed
[  140.614230][   T39] audit: type=1400 audit(1730182986.655:47623): avc:  denied  { ioctl } for  pid=9903 comm="syz.6.918" path="/dev/usbmon9" dev="devtmpfs" ino=765 ioctlcmd=0x920a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  140.927088][ T9852] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  140.932054][ T9852] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  140.936019][ T9852] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  140.940456][ T9852] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  141.028546][ T9852] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.037910][ T9852] 8021q: adding VLAN 0 to HW filter on device team0
[  141.043591][   T70] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.045570][   T70] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.051450][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.053469][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.214029][ T9852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.232117][ T9852] veth0_vlan: entered promiscuous mode
[  141.236411][ T9852] veth1_vlan: entered promiscuous mode
[  141.248902][ T9852] veth0_macvtap: entered promiscuous mode
[  141.257758][ T9852] veth1_macvtap: entered promiscuous mode
[  141.264430][ T9852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.267213][ T9852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.270546][ T9852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.273570][ T9852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.278633][ T9852] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.285155][ T9852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.287999][ T9852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.291348][ T9852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.293996][ T9852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.298106][ T9852] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.303115][ T9852] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.305854][ T9852] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.308365][ T9852] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.311147][ T9852] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.426877][ T9937] program syz.6.920 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.438703][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.443370][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.454547][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.457024][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.661526][ T9956] netlink: 12 bytes leftover after parsing attributes in process `syz.0.928'.
[  141.668502][ T9956] 8021q: adding VLAN 0 to HW filter on device bond2
[  141.676311][ T9956] 8021q: adding VLAN 0 to HW filter on device bond2
[  141.678126][ T9956] bond2: (slave vcan1): The slave device specified does not support setting the MAC address
[  141.682219][ T9956] bond2: (slave vcan1): Error -95 calling set_mac_address
[  141.697478][   T39] audit: type=1400 audit(1730182987.745:47624): avc:  denied  { setattr } for  pid=9950 comm="syz.6.926" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  142.312819][ T5947] Bluetooth: hci3: unexpected event for opcode 0x043d
[  142.662322][   T39] audit: type=1400 audit(1730182988.715:47625): avc:  denied  { ioctl } for  pid=9980 comm="syz.7.936" path="socket:[39428]" dev="sockfs" ino=39428 ioctlcmd=0x9422 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  142.662584][ T9981] nbd: couldn't find device at index 51456
[  143.407856][   T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.859890][ T5953] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  144.449849][ T5947] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  144.453996][ T5947] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  144.457761][ T5947] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  144.458417][T10042] xt_hashlimit: size too large, truncated to 1048576
[  144.466031][T10042] xt_hashlimit: max too large, truncated to 1048576
[  144.471797][ T5947] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  144.474199][ T5947] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  144.476483][ T5947] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  144.570193][T10056] netlink: 68 bytes leftover after parsing attributes in process `syz.7.960'.
[  144.639258][T10032] chnl_net:caif_netlink_parms(): no params data found
[  144.809969][T10032] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.811841][T10032] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.813690][T10032] bridge_slave_0: entered allmulticast mode
[  144.816045][T10032] bridge_slave_0: entered promiscuous mode
[  144.818624][T10032] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.821275][T10032] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.823112][T10032] bridge_slave_1: entered allmulticast mode
[  144.825059][T10032] bridge_slave_1: entered promiscuous mode
[  144.853210][T10032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.857989][T10032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.894374][T10032] team0: Port device team_slave_0 added
[  144.898896][T10032] team0: Port device team_slave_1 added
[  144.930771][T10032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.933569][T10032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.943491][T10032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.950876][T10032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.953411][T10032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.963367][T10032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.022587][T10032] hsr_slave_0: entered promiscuous mode
[  145.024696][T10032] hsr_slave_1: entered promiscuous mode
[  145.027916][T10032] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.030767][T10032] Cannot create hsr debugfs directory
[  145.135183][   T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.197938][   T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.261084][   T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.415110][   T39] audit: type=1400 audit(1730182991.465:47626): avc:  denied  { write } for  pid=10071 comm="syz.6.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  145.426110][   T45] bridge_slave_1: left allmulticast mode
[  145.427657][   T45] bridge_slave_1: left promiscuous mode
[  145.429836][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.433415][   T45] bridge_slave_0: left allmulticast mode
[  145.434822][   T45] bridge_slave_0: left promiscuous mode
[  145.436417][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.719833][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.726909][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.734787][   T45] bond0 (unregistering): Released all slaves
[  146.004608][T10099] BUG: Bad page state in process syz.6.968  pfn:35158
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  146.006884][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888035159e00 pfn:0x35158
[  146.010772][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  146.014285][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  146.016719][T10099] raw: ffff888035159e00 0000000000000001 00000000ffffffff 0000000000000000
[  146.018926][T10099] page dumped because: page_pool leak
[  146.020450][T10099] page_owner tracks the page as allocated
[  146.022424][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988432360, free_ts 144457061520
[  146.027062][T10099]  post_alloc_hook+0x2d1/0x350
[  146.028554][T10099]  get_page_from_freelist+0x101e/0x3070
[  146.030507][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  146.032165][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  146.033892][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  146.035512][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  146.036932][T10099]  page_pool_alloc_pages+0x1a/0x60
[  146.038252][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  146.039981][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.041607][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.043332][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.044644][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.046103][T10099]  do_syscall_64+0xcd/0x250
[  146.047487][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.049095][T10099] page last free pid 10040 tgid 10040 stack trace:
[  146.050958][T10099]  free_unref_page+0x5f4/0xdc0
[  146.052260][T10099]  __put_partials+0x14c/0x170
[  146.053559][T10099]  qlist_free_all+0x4e/0x120
[  146.054828][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  146.056691][T10099]  __kasan_slab_alloc+0x69/0x90
[  146.058137][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  146.059876][T10099]  mas_alloc_nodes+0x176/0x860
[  146.061223][T10099]  mas_node_count_gfp+0x105/0x130
[  146.062587][T10099]  mas_preallocate+0x53b/0xcd0
[  146.063903][T10099]  commit_merge+0x61d/0xec0
[  146.065148][T10099]  vma_expand+0x3ee/0x990
[  146.066300][T10099]  vma_merge_new_range+0x37d/0xd20
[  146.067721][T10099]  mmap_region+0x499/0x2a50
[  146.068984][T10099]  do_mmap+0xc00/0xfc0
[  146.070382][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  146.071824][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  146.073283][T10099] Modules linked in:
[  146.074422][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  146.077309][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.080195][T10099] Call Trace:
[  146.081033][T10099]  <TASK>
[  146.081793][T10099]  dump_stack_lvl+0x16c/0x1f0
[  146.083028][T10099]  bad_page+0xb3/0x1f0
[  146.084170][T10099]  ? __pfx_bad_page+0x10/0x10
[  146.085465][T10099]  ? page_bad_reason+0x9d/0x1e0
[  146.086787][T10099]  free_unref_page+0x657/0xdc0
[  146.088052][T10099]  ? rcu_is_watching+0x12/0xc0
[  146.089261][T10099]  ? __phys_addr+0xc6/0x150
[  146.090454][T10099]  skb_free_head+0xa0/0x1d0
[  146.091644][T10099]  skb_release_data+0x560/0x730
[  146.092898][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  146.094198][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  146.095945][T10099]  ? kernel_text_address+0x8d/0x100
[  146.097221][T10099]  ? hlock_class+0x4e/0x130
[  146.098365][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  146.099788][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  146.101591][T10099]  ? hlock_class+0x4e/0x130
[  146.102812][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  146.104971][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  146.106429][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  146.108112][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  146.109996][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  146.111306][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.112904][T10099]  ? lock_acquire+0x2f/0xb0
[  146.114036][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.115852][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  146.117665][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  146.119357][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  146.120683][T10099]  ? __build_skb_around+0x278/0x3b0
[  146.121988][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  146.123346][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  146.124913][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  146.126579][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  146.128019][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.129380][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  146.130880][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.132352][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  146.133820][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  146.135315][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  146.136655][T10099]  ? 0xffffffffa0009640
[  146.137720][T10099]  ? 0xffffffffa0009640
[  146.138803][T10099]  ? 0xffffffffa0009640
[  146.139927][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.141670][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.143039][T10099]  ? lock_acquire+0x2f/0xb0
[  146.144200][T10099]  ? __fget_files+0x40/0x3f0
[  146.145382][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.146886][T10099]  ? fput+0x30/0x390
[  146.148008][T10099]  ? __bpf_prog_get+0xa0/0x290
[  146.149217][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.150685][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.151789][T10099]  ? __pfx_futex_wake+0x10/0x10
[  146.153034][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  146.154247][T10099]  ? __schedule+0xe5d/0x5730
[  146.155430][T10099]  ? __fget_files+0x23a/0x3f0
[  146.156583][T10099]  ? do_futex+0x123/0x350
[  146.157684][T10099]  ? __pfx_do_futex+0x10/0x10
[  146.158909][T10099]  ? xfd_validate_state+0x5d/0x180
[  146.160213][T10099]  ? rcu_is_watching+0x12/0xc0
[  146.161443][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.162584][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.163916][T10099]  do_syscall_64+0xcd/0x250
[  146.165081][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.166515][T10099] RIP: 0033:0x7f3c36f7e719
[  146.167628][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.172370][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.174482][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  146.176851][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  146.178845][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  146.180884][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.182895][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  146.184899][T10099]  </TASK>
[  146.185946][T10099] Disabling lock debugging due to kernel taint
[  146.187515][T10099] BUG: Bad page state in process syz.6.968  pfn:2aaad
[  146.189245][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x2aaad
[  146.191598][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  146.193483][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  146.195868][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  146.198042][T10099] page dumped because: page_pool leak
[  146.199614][T10099] page_owner tracks the page as allocated
[  146.201125][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988428068, free_ts 144457066734
[  146.205382][T10099]  post_alloc_hook+0x2d1/0x350
[  146.206559][T10099]  get_page_from_freelist+0x101e/0x3070
[  146.207919][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  146.209538][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  146.210957][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  146.212507][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  146.213856][T10099]  page_pool_alloc_pages+0x1a/0x60
[  146.215186][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  146.217161][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.218619][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.220316][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.221434][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.222750][T10099]  do_syscall_64+0xcd/0x250
[  146.224086][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.225889][T10099] page last free pid 10040 tgid 10040 stack trace:
[  146.227685][T10099]  free_unref_page+0x5f4/0xdc0
[  146.228916][T10099]  __put_partials+0x14c/0x170
[  146.230173][T10099]  qlist_free_all+0x4e/0x120
[  146.231359][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  146.232792][T10099]  __kasan_slab_alloc+0x69/0x90
[  146.234034][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  146.235442][T10099]  mas_alloc_nodes+0x176/0x860
[  146.236777][T10099]  mas_node_count_gfp+0x105/0x130
[  146.238141][T10099]  mas_preallocate+0x53b/0xcd0
[  146.239542][T10099]  commit_merge+0x61d/0xec0
[  146.240850][T10099]  vma_expand+0x3ee/0x990
[  146.242087][T10099]  vma_merge_new_range+0x37d/0xd20
[  146.243563][T10099]  mmap_region+0x499/0x2a50
[  146.244782][T10099]  do_mmap+0xc00/0xfc0
[  146.245798][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  146.246987][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  146.248196][T10099] Modules linked in:
[  146.249188][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  146.252230][T10099] Tainted: [B]=BAD_PAGE
[  146.253286][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.255968][T10099] Call Trace:
[  146.256812][T10099]  <TASK>
[  146.257560][T10099]  dump_stack_lvl+0x16c/0x1f0
[  146.258738][T10099]  bad_page+0xb3/0x1f0
[  146.259785][T10099]  ? __pfx_bad_page+0x10/0x10
[  146.260990][T10099]  ? page_bad_reason+0x9d/0x1e0
[  146.262226][T10099]  free_unref_page+0x657/0xdc0
[  146.263440][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  146.264919][T10099]  ? __phys_addr+0xc6/0x150
[  146.266026][T10099]  skb_free_head+0xa0/0x1d0
[  146.267138][T10099]  skb_release_data+0x560/0x730
[  146.268325][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  146.269561][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  146.271231][T10099]  ? kernel_text_address+0x8d/0x100
[  146.272557][T10099]  ? hlock_class+0x4e/0x130
[  146.273729][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  146.274980][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  146.276754][T10099]  ? hlock_class+0x4e/0x130
[  146.277864][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  146.279040][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  146.280321][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  146.281802][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  146.283407][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  146.284682][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.286233][T10099]  ? lock_acquire+0x2f/0xb0
[  146.287372][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.288907][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  146.290421][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  146.292075][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  146.293353][T10099]  ? __build_skb_around+0x278/0x3b0
[  146.294642][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  146.295951][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  146.297508][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  146.299121][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  146.300564][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.301890][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  146.303386][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.304851][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  146.306315][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  146.307777][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  146.309244][T10099]  ? 0xffffffffa0009640
[  146.310320][T10099]  ? 0xffffffffa0009640
[  146.311360][T10099]  ? 0xffffffffa0009640
[  146.312367][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.313810][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.315164][T10099]  ? lock_acquire+0x2f/0xb0
[  146.316287][T10099]  ? __fget_files+0x40/0x3f0
[  146.317442][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.318903][T10099]  ? fput+0x30/0x390
[  146.319904][T10099]  ? __bpf_prog_get+0xa0/0x290
[  146.321129][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.322590][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.323698][T10099]  ? __pfx_futex_wake+0x10/0x10
[  146.324932][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  146.326114][T10099]  ? __schedule+0xe5d/0x5730
[  146.327261][T10099]  ? __fget_files+0x23a/0x3f0
[  146.328427][T10099]  ? do_futex+0x123/0x350
[  146.329494][T10099]  ? __pfx_do_futex+0x10/0x10
[  146.330649][T10099]  ? xfd_validate_state+0x5d/0x180
[  146.331932][T10099]  ? rcu_is_watching+0x12/0xc0
[  146.333137][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.334264][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.335597][T10099]  do_syscall_64+0xcd/0x250
[  146.336747][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.338229][T10099] RIP: 0033:0x7f3c36f7e719
[  146.339347][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.344098][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.346173][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  146.348143][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  146.350110][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  146.352065][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.354007][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  146.355962][T10099]  </TASK>
[  146.356846][T10099] BUG: Bad page state in process syz.6.968  pfn:2aaac
[  146.358551][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802aaade00 pfn:0x2aaac
[  146.361085][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  146.362855][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  146.364996][T10099] raw: ffff88802aaade00 0000000000000001 00000000ffffffff 0000000000000000
[  146.367131][T10099] page dumped because: page_pool leak
[  146.368484][T10099] page_owner tracks the page as allocated
[  146.369925][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988423782, free_ts 144457066734
[  146.374033][T10099]  post_alloc_hook+0x2d1/0x350
[  146.375231][T10099]  get_page_from_freelist+0x101e/0x3070
[  146.376627][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  146.377929][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  146.379302][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  146.380808][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  146.382099][T10099]  page_pool_alloc_pages+0x1a/0x60
[  146.383366][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  146.384914][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.386221][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.387583][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.388680][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.389853][T10099]  do_syscall_64+0xcd/0x250
[  146.390991][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.392481][T10099] page last free pid 10040 tgid 10040 stack trace:
[  146.394086][T10099]  free_unref_page+0x5f4/0xdc0
[  146.395291][T10099]  __put_partials+0x14c/0x170
[  146.396464][T10099]  qlist_free_all+0x4e/0x120
[  146.397611][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  146.398947][T10099]  __kasan_slab_alloc+0x69/0x90
[  146.400207][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  146.401545][T10099]  mas_alloc_nodes+0x176/0x860
[  146.402741][T10099]  mas_node_count_gfp+0x105/0x130
[  146.404001][T10099]  mas_preallocate+0x53b/0xcd0
[  146.405198][T10099]  commit_merge+0x61d/0xec0
[  146.406346][T10099]  vma_expand+0x3ee/0x990
[  146.407440][T10099]  vma_merge_new_range+0x37d/0xd20
[  146.408710][T10099]  mmap_region+0x499/0x2a50
[  146.409879][T10099]  do_mmap+0xc00/0xfc0
[  146.410900][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  146.412062][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  146.413281][T10099] Modules linked in:
[  146.414277][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  146.417283][T10099] Tainted: [B]=BAD_PAGE
[  146.418325][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.420943][T10099] Call Trace:
[  146.421790][T10099]  <TASK>
[  146.422521][T10099]  dump_stack_lvl+0x16c/0x1f0
[  146.423692][T10099]  bad_page+0xb3/0x1f0
[  146.424729][T10099]  ? __pfx_bad_page+0x10/0x10
[  146.425911][T10099]  ? page_bad_reason+0x9d/0x1e0
[  146.427284][T10099]  free_unref_page+0x657/0xdc0
[  146.428489][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  146.429997][T10099]  ? __phys_addr+0xc6/0x150
[  146.431163][T10099]  skb_free_head+0xa0/0x1d0
[  146.432323][T10099]  skb_release_data+0x560/0x730
[  146.433535][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  146.434819][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  146.436495][T10099]  ? kernel_text_address+0x8d/0x100
[  146.437787][T10099]  ? hlock_class+0x4e/0x130
[  146.438913][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  146.440183][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  146.441904][T10099]  ? hlock_class+0x4e/0x130
[  146.443031][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  146.444252][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  146.445528][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  146.447022][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  146.448671][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  146.449988][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.451588][T10099]  ? lock_acquire+0x2f/0xb0
[  146.452738][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.454340][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  146.455908][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  146.457570][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  146.458867][T10099]  ? __build_skb_around+0x278/0x3b0
[  146.460193][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  146.461532][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  146.463096][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  146.464735][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  146.466140][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.467485][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  146.468933][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.470413][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  146.471880][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  146.473319][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  146.474626][T10099]  ? 0xffffffffa0009640
[  146.475694][T10099]  ? 0xffffffffa0009640
[  146.476781][T10099]  ? 0xffffffffa0009640
[  146.477846][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.479348][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.480707][T10099]  ? lock_acquire+0x2f/0xb0
[  146.481943][T10099]  ? __fget_files+0x40/0x3f0
[  146.483113][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.484589][T10099]  ? fput+0x30/0x390
[  146.485595][T10099]  ? __bpf_prog_get+0xa0/0x290
[  146.486804][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.488265][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.489368][T10099]  ? __pfx_futex_wake+0x10/0x10
[  146.490623][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  146.491869][T10099]  ? __schedule+0xe5d/0x5730
[  146.493052][T10099]  ? __fget_files+0x23a/0x3f0
[  146.494247][T10099]  ? do_futex+0x123/0x350
[  146.495335][T10099]  ? __pfx_do_futex+0x10/0x10
[  146.496550][T10099]  ? xfd_validate_state+0x5d/0x180
[  146.497818][T10099]  ? rcu_is_watching+0x12/0xc0
[  146.499027][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.499717][ T5953] Bluetooth: hci4: command tx timeout
[  146.500164][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.502885][T10099]  do_syscall_64+0xcd/0x250
[  146.504058][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.505542][T10099] RIP: 0033:0x7f3c36f7e719
[  146.506653][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.511595][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.513698][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  146.515707][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  146.517666][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  146.519657][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.521661][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  146.523644][T10099]  </TASK>
[  146.524533][T10099] BUG: Bad page state in process syz.6.968  pfn:296df
[  146.526233][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x296df
[  146.528448][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  146.530254][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  146.532432][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  146.534586][T10099] page dumped because: page_pool leak
[  146.535957][T10099] page_owner tracks the page as allocated
[  146.537397][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988419509, free_ts 144457087064
[  146.541618][T10099]  post_alloc_hook+0x2d1/0x350
[  146.542841][T10099]  get_page_from_freelist+0x101e/0x3070
[  146.544249][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  146.545593][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  146.546985][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  146.548498][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  146.549873][T10099]  page_pool_alloc_pages+0x1a/0x60
[  146.551172][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  146.552732][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.554072][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.555428][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.556512][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.557658][T10099]  do_syscall_64+0xcd/0x250
[  146.558965][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.560519][T10099] page last free pid 10040 tgid 10040 stack trace:
[  146.562130][T10099]  free_unref_page+0x5f4/0xdc0
[  146.563357][T10099]  __put_partials+0x14c/0x170
[  146.564566][T10099]  qlist_free_all+0x4e/0x120
[  146.565729][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  146.567074][T10099]  __kasan_slab_alloc+0x69/0x90
[  146.568308][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  146.569705][T10099]  mas_alloc_nodes+0x176/0x860
[  146.570940][T10099]  mas_node_count_gfp+0x105/0x130
[  146.572243][T10099]  mas_preallocate+0x53b/0xcd0
[  146.573456][T10099]  commit_merge+0x61d/0xec0
[  146.574599][T10099]  vma_expand+0x3ee/0x990
[  146.576042][T10099]  vma_merge_new_range+0x37d/0xd20
[  146.577438][T10099]  mmap_region+0x499/0x2a50
[  146.578629][T10099]  do_mmap+0xc00/0xfc0
[  146.579748][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  146.580943][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  146.582157][T10099] Modules linked in:
[  146.583161][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  146.586198][T10099] Tainted: [B]=BAD_PAGE
[  146.587262][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.590077][T10099] Call Trace:
[  146.590929][T10099]  <TASK>
[  146.591693][T10099]  dump_stack_lvl+0x16c/0x1f0
[  146.592875][T10099]  bad_page+0xb3/0x1f0
[  146.593908][T10099]  ? __pfx_bad_page+0x10/0x10
[  146.595079][T10099]  ? page_bad_reason+0x9d/0x1e0
[  146.596300][T10099]  free_unref_page+0x657/0xdc0
[  146.597528][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  146.599013][T10099]  ? __phys_addr+0xc6/0x150
[  146.600183][T10099]  skb_free_head+0xa0/0x1d0
[  146.601325][T10099]  skb_release_data+0x560/0x730
[  146.602525][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  146.603769][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  146.605421][T10099]  ? kernel_text_address+0x8d/0x100
[  146.606708][T10099]  ? hlock_class+0x4e/0x130
[  146.607834][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  146.609078][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  146.610840][T10099]  ? hlock_class+0x4e/0x130
[  146.611986][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  146.613218][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  146.614518][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  146.616019][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  146.617615][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  146.618907][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.620480][T10099]  ? lock_acquire+0x2f/0xb0
[  146.621607][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.623174][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  146.624701][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  146.626333][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  146.627648][T10099]  ? __build_skb_around+0x278/0x3b0
[  146.628962][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  146.630313][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  146.631868][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  146.633503][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  146.634853][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.636166][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  146.637626][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.639130][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  146.640622][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  146.642085][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  146.643432][T10099]  ? 0xffffffffa0009640
[  146.644489][T10099]  ? 0xffffffffa0009640
[  146.645542][T10099]  ? 0xffffffffa0009640
[  146.646597][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.648092][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.649456][T10099]  ? lock_acquire+0x2f/0xb0
[  146.650612][T10099]  ? __fget_files+0x40/0x3f0
[  146.651786][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.653266][T10099]  ? fput+0x30/0x390
[  146.654266][T10099]  ? __bpf_prog_get+0xa0/0x290
[  146.655501][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.656969][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.658062][T10099]  ? __pfx_futex_wake+0x10/0x10
[  146.659288][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  146.660568][T10099]  ? __schedule+0xe5d/0x5730
[  146.661747][T10099]  ? __fget_files+0x23a/0x3f0
[  146.662936][T10099]  ? do_futex+0x123/0x350
[  146.664035][T10099]  ? __pfx_do_futex+0x10/0x10
[  146.665237][T10099]  ? xfd_validate_state+0x5d/0x180
[  146.666539][T10099]  ? rcu_is_watching+0x12/0xc0
[  146.667765][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.668894][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.670208][T10099]  do_syscall_64+0xcd/0x250
[  146.671382][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.672858][T10099] RIP: 0033:0x7f3c36f7e719
[  146.673980][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.678798][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.680938][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  146.682945][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  146.684929][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  146.686927][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.688926][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  146.690909][T10099]  </TASK>
[  146.691798][T10099] BUG: Bad page state in process syz.6.968  pfn:296de
[  146.693490][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880296dfe00 pfn:0x296de
[  146.695994][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  146.697940][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  146.700294][T10099] raw: ffff8880296dfe00 0000000000000001 00000000ffffffff 0000000000000000
[  146.702433][T10099] page dumped because: page_pool leak
[  146.703786][T10099] page_owner tracks the page as allocated
[  146.705208][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988414879, free_ts 144457087064
[  146.709538][T10099]  post_alloc_hook+0x2d1/0x350
[  146.710758][T10099]  get_page_from_freelist+0x101e/0x3070
[  146.712166][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  146.713494][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  146.714906][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  146.716405][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  146.717720][T10099]  page_pool_alloc_pages+0x1a/0x60
[  146.719002][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  146.720580][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.721930][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.723319][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.724417][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.725524][T10099]  do_syscall_64+0xcd/0x250
[  146.726674][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.728177][T10099] page last free pid 10040 tgid 10040 stack trace:
[  146.729861][T10099]  free_unref_page+0x5f4/0xdc0
[  146.731067][T10099]  __put_partials+0x14c/0x170
[  146.732239][T10099]  qlist_free_all+0x4e/0x120
[  146.733375][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  146.734736][T10099]  __kasan_slab_alloc+0x69/0x90
[  146.735963][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  146.737353][T10099]  mas_alloc_nodes+0x176/0x860
[  146.738607][T10099]  mas_node_count_gfp+0x105/0x130
[  146.739932][T10099]  mas_preallocate+0x53b/0xcd0
[  146.741150][T10099]  commit_merge+0x61d/0xec0
[  146.742280][T10099]  vma_expand+0x3ee/0x990
[  146.743389][T10099]  vma_merge_new_range+0x37d/0xd20
[  146.744667][T10099]  mmap_region+0x499/0x2a50
[  146.745805][T10099]  do_mmap+0xc00/0xfc0
[  146.746824][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  146.748003][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  146.749193][T10099] Modules linked in:
[  146.750244][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  146.753219][T10099] Tainted: [B]=BAD_PAGE
[  146.754278][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.756978][T10099] Call Trace:
[  146.757829][T10099]  <TASK>
[  146.758588][T10099]  dump_stack_lvl+0x16c/0x1f0
[  146.759816][T10099]  bad_page+0xb3/0x1f0
[  146.760846][T10099]  ? __pfx_bad_page+0x10/0x10
[  146.762040][T10099]  ? page_bad_reason+0x9d/0x1e0
[  146.763279][T10099]  free_unref_page+0x657/0xdc0
[  146.764489][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  146.766004][T10099]  ? __phys_addr+0xc6/0x150
[  146.767155][T10099]  skb_free_head+0xa0/0x1d0
[  146.768315][T10099]  skb_release_data+0x560/0x730
[  146.769554][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  146.770840][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  146.772495][T10099]  ? kernel_text_address+0x8d/0x100
[  146.773819][T10099]  ? hlock_class+0x4e/0x130
[  146.774956][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  146.776227][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  146.777987][T10099]  ? hlock_class+0x4e/0x130
[  146.779295][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  146.780712][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  146.782030][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  146.783596][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  146.785252][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  146.786549][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.788142][T10099]  ? lock_acquire+0x2f/0xb0
[  146.789280][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.790855][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  146.792403][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  146.794065][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  146.795391][T10099]  ? __build_skb_around+0x278/0x3b0
[  146.796698][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  146.798039][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  146.799613][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  146.801254][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  146.802670][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.804001][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  146.805482][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.806957][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  146.808440][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  146.809912][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  146.811239][T10099]  ? 0xffffffffa0009640
[  146.812320][T10099]  ? 0xffffffffa0009640
[  146.813376][T10099]  ? 0xffffffffa0009640
[  146.814418][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.815922][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.817263][T10099]  ? lock_acquire+0x2f/0xb0
[  146.818382][T10099]  ? __fget_files+0x40/0x3f0
[  146.819528][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.820991][T10099]  ? fput+0x30/0x390
[  146.821993][T10099]  ? __bpf_prog_get+0xa0/0x290
[  146.823204][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.824659][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.825750][T10099]  ? __pfx_futex_wake+0x10/0x10
[  146.826980][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  146.828209][T10099]  ? __schedule+0xe5d/0x5730
[  146.829396][T10099]  ? __fget_files+0x23a/0x3f0
[  146.830603][T10099]  ? do_futex+0x123/0x350
[  146.831771][T10099]  ? __pfx_do_futex+0x10/0x10
[  146.832994][T10099]  ? xfd_validate_state+0x5d/0x180
[  146.834292][T10099]  ? rcu_is_watching+0x12/0xc0
[  146.835519][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.836663][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.837987][T10099]  do_syscall_64+0xcd/0x250
[  146.839144][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.840653][T10099] RIP: 0033:0x7f3c36f7e719
[  146.841776][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.846568][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.848651][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  146.850623][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  146.852599][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  146.854544][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.856533][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  146.858546][T10099]  </TASK>
[  146.859450][T10099] BUG: Bad page state in process syz.6.968  pfn:458ff
[  146.861612][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x458ff
[  146.863907][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  146.865692][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  146.867969][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  146.870310][T10099] page dumped because: page_pool leak
[  146.871684][T10099] page_owner tracks the page as allocated
[  146.873174][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988410331, free_ts 144457091194
[  146.877399][T10099]  post_alloc_hook+0x2d1/0x350
[  146.878599][T10099]  get_page_from_freelist+0x101e/0x3070
[  146.880032][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  146.881357][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  146.882735][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  146.884263][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  146.885601][T10099]  page_pool_alloc_pages+0x1a/0x60
[  146.886896][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  146.888429][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.889810][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.891153][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.892246][T10099]  __x64_sys_bpf+0x78/0xc0
[  146.893377][T10099]  do_syscall_64+0xcd/0x250
[  146.894516][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.896037][T10099] page last free pid 10040 tgid 10040 stack trace:
[  146.897653][T10099]  free_unref_page+0x5f4/0xdc0
[  146.898865][T10099]  __put_partials+0x14c/0x170
[  146.900202][T10099]  qlist_free_all+0x4e/0x120
[  146.901386][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  146.902761][T10099]  __kasan_slab_alloc+0x69/0x90
[  146.903969][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  146.905293][T10099]  mas_alloc_nodes+0x176/0x860
[  146.906485][T10099]  mas_node_count_gfp+0x105/0x130
[  146.907793][T10099]  mas_preallocate+0x53b/0xcd0
[  146.908988][T10099]  commit_merge+0x61d/0xec0
[  146.910183][T10099]  vma_expand+0x3ee/0x990
[  146.911280][T10099]  vma_merge_new_range+0x37d/0xd20
[  146.912661][T10099]  mmap_region+0x499/0x2a50
[  146.913838][T10099]  do_mmap+0xc00/0xfc0
[  146.914868][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  146.916064][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  146.917261][T10099] Modules linked in:
[  146.918266][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  146.921275][T10099] Tainted: [B]=BAD_PAGE
[  146.922299][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.924947][T10099] Call Trace:
[  146.925805][T10099]  <TASK>
[  146.926538][T10099]  dump_stack_lvl+0x16c/0x1f0
[  146.927730][T10099]  bad_page+0xb3/0x1f0
[  146.928774][T10099]  ? __pfx_bad_page+0x10/0x10
[  146.929971][T10099]  ? page_bad_reason+0x9d/0x1e0
[  146.931191][T10099]  free_unref_page+0x657/0xdc0
[  146.932358][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  146.933873][T10099]  ? __phys_addr+0xc6/0x150
[  146.935022][T10099]  skb_free_head+0xa0/0x1d0
[  146.936529][T10099]  skb_release_data+0x560/0x730
[  146.937862][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  146.939275][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  146.941007][T10099]  ? kernel_text_address+0x8d/0x100
[  146.942322][T10099]  ? hlock_class+0x4e/0x130
[  146.943491][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  146.944772][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  146.946511][T10099]  ? hlock_class+0x4e/0x130
[  146.947650][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  146.948886][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  146.950346][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  146.951873][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  146.953490][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  146.954796][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.956402][T10099]  ? lock_acquire+0x2f/0xb0
[  146.957558][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  146.959148][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  146.960840][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  146.962684][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  146.964012][T10099]  ? __build_skb_around+0x278/0x3b0
[  146.965303][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  146.966623][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  146.968207][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  146.969923][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  146.971397][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  146.972741][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  146.974184][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.975677][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  146.977228][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  146.978677][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  146.979994][T10099]  ? 0xffffffffa0009640
[  146.981034][T10099]  ? 0xffffffffa0009640
[  146.982300][T10099]  ? 0xffffffffa0009640
[  146.983365][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  146.984908][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  146.986346][T10099]  ? lock_acquire+0x2f/0xb0
[  146.987561][T10099]  ? __fget_files+0x40/0x3f0
[  146.988696][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.990236][T10099]  ? fput+0x30/0x390
[  146.991257][T10099]  ? __bpf_prog_get+0xa0/0x290
[  146.992508][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  146.993971][T10099]  __sys_bpf+0xfc6/0x49a0
[  146.995094][T10099]  ? __pfx_futex_wake+0x10/0x10
[  146.996355][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  146.997571][T10099]  ? __schedule+0xe5d/0x5730
[  146.998741][T10099]  ? __fget_files+0x23a/0x3f0
[  147.000093][T10099]  ? do_futex+0x123/0x350
[  147.001177][T10099]  ? __pfx_do_futex+0x10/0x10
[  147.002585][T10099]  ? xfd_validate_state+0x5d/0x180
[  147.004090][T10099]  ? rcu_is_watching+0x12/0xc0
[  147.005297][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.006383][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  147.007649][T10099]  do_syscall_64+0xcd/0x250
[  147.008811][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.010321][T10099] RIP: 0033:0x7f3c36f7e719
[  147.011559][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.016525][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.018603][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  147.020680][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  147.022944][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  147.024967][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.027155][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  147.029211][T10099]  </TASK>
[  147.030128][T10099] BUG: Bad page state in process syz.6.968  pfn:458fe
[  147.031823][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880458ffe00 pfn:0x458fe
[  147.034291][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  147.036091][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  147.038230][T10099] raw: ffff8880458ffe00 0000000000000001 00000000ffffffff 0000000000000000
[  147.040730][T10099] page dumped because: page_pool leak
[  147.042101][T10099] page_owner tracks the page as allocated
[  147.043538][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988406150, free_ts 144457091194
[  147.047693][T10099]  post_alloc_hook+0x2d1/0x350
[  147.048914][T10099]  get_page_from_freelist+0x101e/0x3070
[  147.050335][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  147.051671][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  147.053023][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  147.054502][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  147.056011][T10099]  page_pool_alloc_pages+0x1a/0x60
[  147.057328][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  147.058865][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.060274][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.061612][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.062705][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.063817][T10099]  do_syscall_64+0xcd/0x250
[  147.064958][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.066458][T10099] page last free pid 10040 tgid 10040 stack trace:
[  147.068127][T10099]  free_unref_page+0x5f4/0xdc0
[  147.069306][T10099]  __put_partials+0x14c/0x170
[  147.070543][T10099]  qlist_free_all+0x4e/0x120
[  147.071757][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  147.073138][T10099]  __kasan_slab_alloc+0x69/0x90
[  147.074359][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  147.075753][T10099]  mas_alloc_nodes+0x176/0x860
[  147.076968][T10099]  mas_node_count_gfp+0x105/0x130
[  147.078270][T10099]  mas_preallocate+0x53b/0xcd0
[  147.079541][T10099]  commit_merge+0x61d/0xec0
[  147.080697][T10099]  vma_expand+0x3ee/0x990
[  147.081798][T10099]  vma_merge_new_range+0x37d/0xd20
[  147.083127][T10099]  mmap_region+0x499/0x2a50
[  147.084290][T10099]  do_mmap+0xc00/0xfc0
[  147.085324][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  147.086482][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  147.087683][T10099] Modules linked in:
[  147.088672][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  147.091705][T10099] Tainted: [B]=BAD_PAGE
[  147.092760][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.095392][T10099] Call Trace:
[  147.096240][T10099]  <TASK>
[  147.096986][T10099]  dump_stack_lvl+0x16c/0x1f0
[  147.098174][T10099]  bad_page+0xb3/0x1f0
[  147.099193][T10099]  ? __pfx_bad_page+0x10/0x10
[  147.100403][T10099]  ? page_bad_reason+0x9d/0x1e0
[  147.101635][T10099]  free_unref_page+0x657/0xdc0
[  147.102822][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  147.104318][T10099]  ? __phys_addr+0xc6/0x150
[  147.105451][T10099]  skb_free_head+0xa0/0x1d0
[  147.106616][T10099]  skb_release_data+0x560/0x730
[  147.107851][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  147.109148][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  147.110857][T10099]  ? kernel_text_address+0x8d/0x100
[  147.112181][T10099]  ? hlock_class+0x4e/0x130
[  147.113346][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  147.114624][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  147.116444][T10099]  ? hlock_class+0x4e/0x130
[  147.117613][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  147.118876][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  147.120220][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  147.121751][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  147.123415][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  147.124736][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.126356][T10099]  ? lock_acquire+0x2f/0xb0
[  147.127496][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.129137][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  147.130695][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  147.132432][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  147.133729][T10099]  ? __build_skb_around+0x278/0x3b0
[  147.135078][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  147.136441][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  147.138040][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  147.139719][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  147.141469][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.142925][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.144563][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.146054][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.147612][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  147.149160][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  147.150520][T10099]  ? 0xffffffffa0009640
[  147.151581][T10099]  ? 0xffffffffa0009640
[  147.152618][T10099]  ? 0xffffffffa0009640
[  147.153662][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.155149][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.156491][T10099]  ? lock_acquire+0x2f/0xb0
[  147.157850][T10099]  ? __fget_files+0x40/0x3f0
[  147.159025][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.160518][T10099]  ? fput+0x30/0x390
[  147.161525][T10099]  ? __bpf_prog_get+0xa0/0x290
[  147.162752][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.164233][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.165419][T10099]  ? __pfx_futex_wake+0x10/0x10
[  147.166669][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  147.167894][T10099]  ? __schedule+0xe5d/0x5730
[  147.169057][T10099]  ? __fget_files+0x23a/0x3f0
[  147.170235][T10099]  ? do_futex+0x123/0x350
[  147.171364][T10099]  ? __pfx_do_futex+0x10/0x10
[  147.172510][T10099]  ? xfd_validate_state+0x5d/0x180
[  147.173797][T10099]  ? rcu_is_watching+0x12/0xc0
[  147.175033][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.176181][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  147.177501][T10099]  do_syscall_64+0xcd/0x250
[  147.178709][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.180236][T10099] RIP: 0033:0x7f3c36f7e719
[  147.181358][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.186383][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.188498][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  147.190489][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  147.192480][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  147.194461][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.196494][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  147.198478][T10099]  </TASK>
[  147.199386][T10099] BUG: Bad page state in process syz.6.968  pfn:28efd
[  147.201103][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x28efd
[  147.203645][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  147.205421][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  147.207703][T10099] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[  147.209912][T10099] page dumped because: page_pool leak
[  147.211265][T10099] page_owner tracks the page as allocated
[  147.212700][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988401555, free_ts 144457095500
[  147.216923][T10099]  post_alloc_hook+0x2d1/0x350
[  147.218137][T10099]  get_page_from_freelist+0x101e/0x3070
[  147.219664][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  147.221002][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  147.222386][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  147.224014][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  147.225449][T10099]  page_pool_alloc_pages+0x1a/0x60
[  147.226773][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  147.228585][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.230089][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.231445][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.232565][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.233705][T10099]  do_syscall_64+0xcd/0x250
[  147.234875][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.236401][T10099] page last free pid 10040 tgid 10040 stack trace:
[  147.238023][T10099]  free_unref_page+0x5f4/0xdc0
[  147.239235][T10099]  __put_partials+0x14c/0x170
[  147.240458][T10099]  qlist_free_all+0x4e/0x120
[  147.241643][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  147.243009][T10099]  __kasan_slab_alloc+0x69/0x90
[  147.244248][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  147.245604][T10099]  mas_alloc_nodes+0x176/0x860
[  147.246824][T10099]  mas_node_count_gfp+0x105/0x130
[  147.248096][T10099]  mas_preallocate+0x53b/0xcd0
[  147.249314][T10099]  commit_merge+0x61d/0xec0
[  147.250509][T10099]  vma_expand+0x3ee/0x990
[  147.251580][T10099]  vma_merge_new_range+0x37d/0xd20
[  147.252842][T10099]  mmap_region+0x499/0x2a50
[  147.253988][T10099]  do_mmap+0xc00/0xfc0
[  147.255050][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  147.256250][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  147.257451][T10099] Modules linked in:
[  147.258454][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  147.261461][T10099] Tainted: [B]=BAD_PAGE
[  147.262481][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.265154][T10099] Call Trace:
[  147.266001][T10099]  <TASK>
[  147.266753][T10099]  dump_stack_lvl+0x16c/0x1f0
[  147.267961][T10099]  bad_page+0xb3/0x1f0
[  147.269005][T10099]  ? __pfx_bad_page+0x10/0x10
[  147.270191][T10099]  ? page_bad_reason+0x9d/0x1e0
[  147.271419][T10099]  free_unref_page+0x657/0xdc0
[  147.272633][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  147.274141][T10099]  ? __phys_addr+0xc6/0x150
[  147.275305][T10099]  skb_free_head+0xa0/0x1d0
[  147.276459][T10099]  skb_release_data+0x560/0x730
[  147.277671][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  147.278935][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  147.280623][T10099]  ? kernel_text_address+0x8d/0x100
[  147.281934][T10099]  ? hlock_class+0x4e/0x130
[  147.283098][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  147.284376][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  147.286115][T10099]  ? hlock_class+0x4e/0x130
[  147.287274][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  147.288532][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  147.289831][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  147.291380][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  147.292993][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  147.294318][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.295935][T10099]  ? lock_acquire+0x2f/0xb0
[  147.297328][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.299296][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  147.300863][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  147.302550][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  147.303911][T10099]  ? __build_skb_around+0x278/0x3b0
[  147.305230][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  147.306569][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  147.308163][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  147.309838][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  147.311357][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.312875][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.314384][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.315907][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.317365][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  147.318831][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  147.320140][T10099]  ? 0xffffffffa0009640
[  147.321185][T10099]  ? 0xffffffffa0009640
[  147.322207][T10099]  ? 0xffffffffa0009640
[  147.323265][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.324871][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.326259][T10099]  ? lock_acquire+0x2f/0xb0
[  147.327455][T10099]  ? __fget_files+0x40/0x3f0
[  147.328637][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.330106][T10099]  ? fput+0x30/0x390
[  147.331110][T10099]  ? __bpf_prog_get+0xa0/0x290
[  147.332409][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.333855][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.334942][T10099]  ? __pfx_futex_wake+0x10/0x10
[  147.336187][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  147.337498][T10099]  ? __schedule+0xe5d/0x5730
[  147.338923][T10099]  ? __fget_files+0x23a/0x3f0
[  147.340178][T10099]  ? do_futex+0x123/0x350
[  147.341291][T10099]  ? __pfx_do_futex+0x10/0x10
[  147.342510][T10099]  ? xfd_validate_state+0x5d/0x180
[  147.343821][T10099]  ? rcu_is_watching+0x12/0xc0
[  147.345080][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.346230][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  147.347582][T10099]  do_syscall_64+0xcd/0x250
[  147.348750][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.350236][T10099] RIP: 0033:0x7f3c36f7e719
[  147.351376][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.356259][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.358387][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  147.360512][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  147.362519][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  147.364482][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.366476][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  147.368506][T10099]  </TASK>
[  147.369400][T10099] BUG: Bad page state in process syz.6.968  pfn:28efc
[  147.371130][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888028efde00 pfn:0x28efc
[  147.373679][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  147.375488][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  147.377616][T10099] raw: ffff888028efde00 0000000000000001 00000000ffffffff 0000000000000000
[  147.379810][T10099] page dumped because: page_pool leak
[  147.381163][T10099] page_owner tracks the page as allocated
[  147.382585][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988397299, free_ts 144457095500
[  147.386759][T10099]  post_alloc_hook+0x2d1/0x350
[  147.387993][T10099]  get_page_from_freelist+0x101e/0x3070
[  147.389374][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  147.390772][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  147.392329][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  147.393853][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  147.395217][T10099]  page_pool_alloc_pages+0x1a/0x60
[  147.396539][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  147.398097][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.399437][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.400842][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.401923][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.403059][T10099]  do_syscall_64+0xcd/0x250
[  147.404238][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.405743][T10099] page last free pid 10040 tgid 10040 stack trace:
[  147.407378][T10099]  free_unref_page+0x5f4/0xdc0
[  147.408599][T10099]  __put_partials+0x14c/0x170
[  147.409852][T10099]  qlist_free_all+0x4e/0x120
[  147.410990][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  147.412342][T10099]  __kasan_slab_alloc+0x69/0x90
[  147.413569][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  147.414932][T10099]  mas_alloc_nodes+0x176/0x860
[  147.416172][T10099]  mas_node_count_gfp+0x105/0x130
[  147.417456][T10099]  mas_preallocate+0x53b/0xcd0
[  147.418674][T10099]  commit_merge+0x61d/0xec0
[  147.419875][T10099]  vma_expand+0x3ee/0x990
[  147.420984][T10099]  vma_merge_new_range+0x37d/0xd20
[  147.422284][T10099]  mmap_region+0x499/0x2a50
[  147.423441][T10099]  do_mmap+0xc00/0xfc0
[  147.424452][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  147.425616][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  147.426821][T10099] Modules linked in:
[  147.427817][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  147.430798][T10099] Tainted: [B]=BAD_PAGE
[  147.431854][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.434478][T10099] Call Trace:
[  147.435432][T10099]  <TASK>
[  147.436296][T10099]  dump_stack_lvl+0x16c/0x1f0
[  147.437570][T10099]  bad_page+0xb3/0x1f0
[  147.438610][T10099]  ? __pfx_bad_page+0x10/0x10
[  147.440078][T10099]  ? page_bad_reason+0x9d/0x1e0
[  147.441964][T10099]  free_unref_page+0x657/0xdc0
[  147.443442][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  147.445130][T10099]  ? __phys_addr+0xc6/0x150
[  147.446299][T10099]  skb_free_head+0xa0/0x1d0
[  147.447487][T10099]  skb_release_data+0x560/0x730
[  147.448725][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  147.450021][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  147.451709][T10099]  ? kernel_text_address+0x8d/0x100
[  147.453021][T10099]  ? hlock_class+0x4e/0x130
[  147.454188][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  147.455477][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  147.457269][T10099]  ? hlock_class+0x4e/0x130
[  147.458846][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  147.460364][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  147.461686][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  147.463251][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  147.464903][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  147.466253][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.467943][T10099]  ? lock_acquire+0x2f/0xb0
[  147.469097][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.470706][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  147.472295][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  147.473970][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  147.475343][T10099]  ? __build_skb_around+0x278/0x3b0
[  147.476675][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  147.478066][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  147.479799][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  147.481647][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  147.483089][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.484562][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.486056][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.487545][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.489021][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  147.490448][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  147.491862][T10099]  ? 0xffffffffa0009640
[  147.492868][T10099]  ? 0xffffffffa0009640
[  147.493918][T10099]  ? 0xffffffffa0009640
[  147.494970][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.496563][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.498206][T10099]  ? lock_acquire+0x2f/0xb0
[  147.499377][T10099]  ? __fget_files+0x40/0x3f0
[  147.500583][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.502158][T10099]  ? fput+0x30/0x390
[  147.503159][T10099]  ? __bpf_prog_get+0xa0/0x290
[  147.504398][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.505868][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.506965][T10099]  ? __pfx_futex_wake+0x10/0x10
[  147.508222][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  147.509456][T10099]  ? __schedule+0xe5d/0x5730
[  147.510635][T10099]  ? __fget_files+0x23a/0x3f0
[  147.511817][T10099]  ? do_futex+0x123/0x350
[  147.512886][T10099]  ? __pfx_do_futex+0x10/0x10
[  147.514017][T10099]  ? xfd_validate_state+0x5d/0x180
[  147.515287][T10099]  ? rcu_is_watching+0x12/0xc0
[  147.516496][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.517623][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  147.518918][T10099]  do_syscall_64+0xcd/0x250
[  147.520040][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.521540][T10099] RIP: 0033:0x7f3c36f7e719
[  147.522677][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.527680][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.529775][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  147.531764][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  147.533743][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  147.535746][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.537698][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  147.539711][T10099]  </TASK>
[  147.540653][T10099] BUG: Bad page state in process syz.6.968  pfn:24d95
[  147.542342][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x24d95
[  147.544524][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  147.546324][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  147.548501][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  147.550693][T10099] page dumped because: page_pool leak
[  147.552026][T10099] page_owner tracks the page as allocated
[  147.553463][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988393143, free_ts 144457099224
[  147.557715][T10099]  post_alloc_hook+0x2d1/0x350
[  147.558937][T10099]  get_page_from_freelist+0x101e/0x3070
[  147.560389][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  147.561741][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  147.563166][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  147.564684][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  147.566014][T10099]  page_pool_alloc_pages+0x1a/0x60
[  147.567276][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  147.568816][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.570180][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.571536][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.572625][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.573737][T10099]  do_syscall_64+0xcd/0x250
[  147.574899][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.576427][T10099] page last free pid 10040 tgid 10040 stack trace:
[  147.578043][T10099]  free_unref_page+0x5f4/0xdc0
[  147.579266][T10099]  __put_partials+0x14c/0x170
[  147.580500][T10099]  qlist_free_all+0x4e/0x120
[  147.581647][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  147.582972][T10099]  __kasan_slab_alloc+0x69/0x90
[  147.584200][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  147.585562][T10099]  mas_alloc_nodes+0x176/0x860
[  147.586751][T10099]  mas_node_count_gfp+0x105/0x130
[  147.588016][T10099]  mas_preallocate+0x53b/0xcd0
[  147.589210][T10099]  commit_merge+0x61d/0xec0
[  147.590413][T10099]  vma_expand+0x3ee/0x990
[  147.591503][T10099]  vma_merge_new_range+0x37d/0xd20
[  147.592788][T10099]  mmap_region+0x499/0x2a50
[  147.593950][T10099]  do_mmap+0xc00/0xfc0
[  147.594979][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  147.596155][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  147.597368][T10099] Modules linked in:
[  147.598374][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  147.601309][T10099] Tainted: [B]=BAD_PAGE
[  147.602329][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.604975][T10099] Call Trace:
[  147.605814][T10099]  <TASK>
[  147.606568][T10099]  dump_stack_lvl+0x16c/0x1f0
[  147.607771][T10099]  bad_page+0xb3/0x1f0
[  147.608797][T10099]  ? __pfx_bad_page+0x10/0x10
[  147.609998][T10099]  ? page_bad_reason+0x9d/0x1e0
[  147.611248][T10099]  free_unref_page+0x657/0xdc0
[  147.612444][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  147.613950][T10099]  ? __phys_addr+0xc6/0x150
[  147.615102][T10099]  skb_free_head+0xa0/0x1d0
[  147.616379][T10099]  skb_release_data+0x560/0x730
[  147.617636][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  147.618898][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  147.620713][T10099]  ? kernel_text_address+0x8d/0x100
[  147.622028][T10099]  ? hlock_class+0x4e/0x130
[  147.623155][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  147.624447][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  147.626217][T10099]  ? hlock_class+0x4e/0x130
[  147.627489][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  147.628746][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  147.630062][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  147.631552][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  147.633154][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  147.634465][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.636091][T10099]  ? lock_acquire+0x2f/0xb0
[  147.637251][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.638807][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  147.640385][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  147.642030][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  147.643326][T10099]  ? __build_skb_around+0x278/0x3b0
[  147.644642][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  147.645991][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  147.647581][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  147.649245][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  147.650650][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.652011][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.653500][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.654995][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.656487][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  147.657958][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  147.659319][T10099]  ? 0xffffffffa0009640
[  147.660402][T10099]  ? 0xffffffffa0009640
[  147.661479][T10099]  ? 0xffffffffa0009640
[  147.662544][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.664051][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.665428][T10099]  ? lock_acquire+0x2f/0xb0
[  147.666587][T10099]  ? __fget_files+0x40/0x3f0
[  147.667781][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.669250][T10099]  ? fput+0x30/0x390
[  147.670258][T10099]  ? __bpf_prog_get+0xa0/0x290
[  147.671496][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.672972][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.674082][T10099]  ? __pfx_futex_wake+0x10/0x10
[  147.675352][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  147.676570][T10099]  ? __schedule+0xe5d/0x5730
[  147.677746][T10099]  ? __fget_files+0x23a/0x3f0
[  147.678959][T10099]  ? do_futex+0x123/0x350
[  147.680062][T10099]  ? __pfx_do_futex+0x10/0x10
[  147.681266][T10099]  ? xfd_validate_state+0x5d/0x180
[  147.682570][T10099]  ? rcu_is_watching+0x12/0xc0
[  147.683801][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.684949][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  147.686251][T10099]  do_syscall_64+0xcd/0x250
[  147.687420][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.688910][T10099] RIP: 0033:0x7f3c36f7e719
[  147.690039][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.694861][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.696980][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  147.698952][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  147.700934][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  147.702945][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.704934][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  147.706898][T10099]  </TASK>
[  147.707773][T10099] BUG: Bad page state in process syz.6.968  pfn:24d94
[  147.709423][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888024d95e00 pfn:0x24d94
[  147.711959][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  147.713736][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  147.715903][T10099] raw: ffff888024d95e00 0000000000000001 00000000ffffffff 0000000000000000
[  147.718030][T10099] page dumped because: page_pool leak
[  147.719378][T10099] page_owner tracks the page as allocated
[  147.720870][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988388635, free_ts 144457099224
[  147.725071][T10099]  post_alloc_hook+0x2d1/0x350
[  147.726271][T10099]  get_page_from_freelist+0x101e/0x3070
[  147.727660][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  147.728977][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  147.730418][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  147.731931][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  147.733245][T10099]  page_pool_alloc_pages+0x1a/0x60
[  147.734534][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  147.736090][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.737450][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.738828][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.739974][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.741121][T10099]  do_syscall_64+0xcd/0x250
[  147.742295][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.743802][T10099] page last free pid 10040 tgid 10040 stack trace:
[  147.745443][T10099]  free_unref_page+0x5f4/0xdc0
[  147.746656][T10099]  __put_partials+0x14c/0x170
[  147.747874][T10099]  qlist_free_all+0x4e/0x120
[  147.749060][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  147.750478][T10099]  __kasan_slab_alloc+0x69/0x90
[  147.751700][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  147.753055][T10099]  mas_alloc_nodes+0x176/0x860
[  147.754258][T10099]  mas_node_count_gfp+0x105/0x130
[  147.755543][T10099]  mas_preallocate+0x53b/0xcd0
[  147.756757][T10099]  commit_merge+0x61d/0xec0
[  147.757915][T10099]  vma_expand+0x3ee/0x990
[  147.759006][T10099]  vma_merge_new_range+0x37d/0xd20
[  147.760353][T10099]  mmap_region+0x499/0x2a50
[  147.761508][T10099]  do_mmap+0xc00/0xfc0
[  147.762540][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  147.763728][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  147.764939][T10099] Modules linked in:
[  147.765917][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  147.768909][T10099] Tainted: [B]=BAD_PAGE
[  147.769950][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.772581][T10099] Call Trace:
[  147.773427][T10099]  <TASK>
[  147.774180][T10099]  dump_stack_lvl+0x16c/0x1f0
[  147.775406][T10099]  bad_page+0xb3/0x1f0
[  147.776433][T10099]  ? __pfx_bad_page+0x10/0x10
[  147.777625][T10099]  ? page_bad_reason+0x9d/0x1e0
[  147.778854][T10099]  free_unref_page+0x657/0xdc0
[  147.780074][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  147.781577][T10099]  ? __phys_addr+0xc6/0x150
[  147.782710][T10099]  skb_free_head+0xa0/0x1d0
[  147.783854][T10099]  skb_release_data+0x560/0x730
[  147.785075][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  147.786339][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  147.788011][T10099]  ? kernel_text_address+0x8d/0x100
[  147.789322][T10099]  ? hlock_class+0x4e/0x130
[  147.790482][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  147.791759][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  147.793509][T10099]  ? hlock_class+0x4e/0x130
[  147.794670][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  147.795913][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  147.797200][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  147.798716][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  147.800362][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  147.801843][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.803484][T10099]  ? lock_acquire+0x2f/0xb0
[  147.804634][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.806243][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  147.807965][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  147.809652][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  147.810970][T10099]  ? __build_skb_around+0x278/0x3b0
[  147.812293][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  147.813642][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  147.815244][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  147.817089][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  147.818528][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.819980][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.821626][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.823265][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.824860][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  147.826451][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  147.827839][T10099]  ? 0xffffffffa0009640
[  147.828905][T10099]  ? 0xffffffffa0009640
[  147.829972][T10099]  ? 0xffffffffa0009640
[  147.831044][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.832528][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.833892][T10099]  ? lock_acquire+0x2f/0xb0
[  147.835081][T10099]  ? __fget_files+0x40/0x3f0
[  147.836275][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.837814][T10099]  ? fput+0x30/0x390
[  147.838990][T10099]  ? __bpf_prog_get+0xa0/0x290
[  147.840356][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.841851][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.842960][T10099]  ? __pfx_futex_wake+0x10/0x10
[  147.844419][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  147.845738][T10099]  ? __schedule+0xe5d/0x5730
[  147.846912][T10099]  ? __fget_files+0x23a/0x3f0
[  147.848121][T10099]  ? do_futex+0x123/0x350
[  147.849223][T10099]  ? __pfx_do_futex+0x10/0x10
[  147.850439][T10099]  ? xfd_validate_state+0x5d/0x180
[  147.851735][T10099]  ? rcu_is_watching+0x12/0xc0
[  147.852971][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.854107][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  147.855544][T10099]  do_syscall_64+0xcd/0x250
[  147.856873][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.858569][T10099] RIP: 0033:0x7f3c36f7e719
[  147.859788][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.865262][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.867365][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  147.869335][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  147.871333][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  147.873341][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.875467][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  147.877472][T10099]  </TASK>
[  147.878381][T10099] BUG: Bad page state in process syz.6.968  pfn:28f83
[  147.880705][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x28f83
[  147.883180][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  147.885079][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  147.887229][T10099] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[  147.889523][T10099] page dumped because: page_pool leak
[  147.890912][T10099] page_owner tracks the page as allocated
[  147.892348][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988383893, free_ts 144457104002
[  147.896600][T10099]  post_alloc_hook+0x2d1/0x350
[  147.897847][T10099]  get_page_from_freelist+0x101e/0x3070
[  147.899720][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  147.901297][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  147.902832][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  147.904338][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  147.905684][T10099]  page_pool_alloc_pages+0x1a/0x60
[  147.906983][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  147.908660][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.910073][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  147.911453][T10099]  __sys_bpf+0xfc6/0x49a0
[  147.912549][T10099]  __x64_sys_bpf+0x78/0xc0
[  147.913748][T10099]  do_syscall_64+0xcd/0x250
[  147.914896][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.916427][T10099] page last free pid 10040 tgid 10040 stack trace:
[  147.918009][T10099]  free_unref_page+0x5f4/0xdc0
[  147.919193][T10099]  __put_partials+0x14c/0x170
[  147.920447][T10099]  qlist_free_all+0x4e/0x120
[  147.921632][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  147.923015][T10099]  __kasan_slab_alloc+0x69/0x90
[  147.924260][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  147.925634][T10099]  mas_alloc_nodes+0x176/0x860
[  147.926835][T10099]  mas_node_count_gfp+0x105/0x130
[  147.928099][T10099]  mas_preallocate+0x53b/0xcd0
[  147.929339][T10099]  commit_merge+0x61d/0xec0
[  147.930549][T10099]  vma_expand+0x3ee/0x990
[  147.931685][T10099]  vma_merge_new_range+0x37d/0xd20
[  147.932949][T10099]  mmap_region+0x499/0x2a50
[  147.934165][T10099]  do_mmap+0xc00/0xfc0
[  147.935226][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  147.936506][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  147.937720][T10099] Modules linked in:
[  147.938798][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  147.942381][T10099] Tainted: [B]=BAD_PAGE
[  147.943572][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.946709][T10099] Call Trace:
[  147.947578][T10099]  <TASK>
[  147.948331][T10099]  dump_stack_lvl+0x16c/0x1f0
[  147.949516][T10099]  bad_page+0xb3/0x1f0
[  147.950542][T10099]  ? __pfx_bad_page+0x10/0x10
[  147.951734][T10099]  ? page_bad_reason+0x9d/0x1e0
[  147.952950][T10099]  free_unref_page+0x657/0xdc0
[  147.954161][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  147.955674][T10099]  ? __phys_addr+0xc6/0x150
[  147.956845][T10099]  skb_free_head+0xa0/0x1d0
[  147.957983][T10099]  skb_release_data+0x560/0x730
[  147.959192][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  147.960550][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  147.962519][T10099]  ? kernel_text_address+0x8d/0x100
[  147.963869][T10099]  ? hlock_class+0x4e/0x130
[  147.965052][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  147.966459][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  147.968252][T10099]  ? hlock_class+0x4e/0x130
[  147.969437][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  147.970744][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  147.972077][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  147.973601][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  147.975244][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  147.976537][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.978168][T10099]  ? lock_acquire+0x2f/0xb0
[  147.979324][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  147.980884][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  147.982405][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  147.984067][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  147.985962][T10099]  ? __build_skb_around+0x278/0x3b0
[  147.987275][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  147.988640][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  147.990278][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  147.991941][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  147.993339][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  147.994692][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.996211][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  147.997712][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.999567][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.001155][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  148.002524][T10099]  ? 0xffffffffa0009640
[  148.003711][T10099]  ? 0xffffffffa0009640
[  148.004772][T10099]  ? 0xffffffffa0009640
[  148.005869][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.007544][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.008974][T10099]  ? lock_acquire+0x2f/0xb0
[  148.010170][T10099]  ? __fget_files+0x40/0x3f0
[  148.011344][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.012874][T10099]  ? fput+0x30/0x390
[  148.013884][T10099]  ? __bpf_prog_get+0xa0/0x290
[  148.015120][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.016574][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.017686][T10099]  ? __pfx_futex_wake+0x10/0x10
[  148.018920][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  148.020163][T10099]  ? __schedule+0xe5d/0x5730
[  148.021426][T10099]  ? __fget_files+0x23a/0x3f0
[  148.022641][T10099]  ? do_futex+0x123/0x350
[  148.023774][T10099]  ? __pfx_do_futex+0x10/0x10
[  148.025005][T10099]  ? xfd_validate_state+0x5d/0x180
[  148.026490][T10099]  ? rcu_is_watching+0x12/0xc0
[  148.027728][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.028861][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.030149][T10099]  do_syscall_64+0xcd/0x250
[  148.031296][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.032808][T10099] RIP: 0033:0x7f3c36f7e719
[  148.033939][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.038749][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.040859][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  148.042838][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  148.044822][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  148.046876][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.048857][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  148.050850][T10099]  </TASK>
[  148.051750][T10099] BUG: Bad page state in process syz.6.968  pfn:28f82
[  148.053439][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888028f83e00 pfn:0x28f82
[  148.055939][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  148.057864][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  148.060231][T10099] raw: ffff888028f83e00 0000000000000001 00000000ffffffff 0000000000000000
[  148.062419][T10099] page dumped because: page_pool leak
[  148.063863][T10099] page_owner tracks the page as allocated
[  148.065305][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988379589, free_ts 144457104002
[  148.069659][T10099]  post_alloc_hook+0x2d1/0x350
[  148.070906][T10099]  get_page_from_freelist+0x101e/0x3070
[  148.072303][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  148.073620][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  148.075039][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  148.076526][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  148.077871][T10099]  page_pool_alloc_pages+0x1a/0x60
[  148.079459][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  148.081240][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.082646][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.084026][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.085115][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.086337][T10099]  do_syscall_64+0xcd/0x250
[  148.087526][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.089023][T10099] page last free pid 10040 tgid 10040 stack trace:
[  148.090673][T10099]  free_unref_page+0x5f4/0xdc0
[  148.091925][T10099]  __put_partials+0x14c/0x170
[  148.093142][T10099]  qlist_free_all+0x4e/0x120
[  148.094328][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  148.095750][T10099]  __kasan_slab_alloc+0x69/0x90
[  148.096982][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  148.098378][T10099]  mas_alloc_nodes+0x176/0x860
[  148.099672][T10099]  mas_node_count_gfp+0x105/0x130
[  148.100947][T10099]  mas_preallocate+0x53b/0xcd0
[  148.102168][T10099]  commit_merge+0x61d/0xec0
[  148.103352][T10099]  vma_expand+0x3ee/0x990
[  148.104451][T10099]  vma_merge_new_range+0x37d/0xd20
[  148.105773][T10099]  mmap_region+0x499/0x2a50
[  148.106950][T10099]  do_mmap+0xc00/0xfc0
[  148.107999][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  148.109167][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  148.110398][T10099] Modules linked in:
[  148.111416][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  148.114515][T10099] Tainted: [B]=BAD_PAGE
[  148.115850][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.118827][T10099] Call Trace:
[  148.119742][T10099]  <TASK>
[  148.120544][T10099]  dump_stack_lvl+0x16c/0x1f0
[  148.121772][T10099]  bad_page+0xb3/0x1f0
[  148.123419][T10099]  ? __pfx_bad_page+0x10/0x10
[  148.124654][T10099]  ? page_bad_reason+0x9d/0x1e0
[  148.125944][T10099]  free_unref_page+0x657/0xdc0
[  148.127136][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  148.128732][T10099]  ? __phys_addr+0xc6/0x150
[  148.129875][T10099]  skb_free_head+0xa0/0x1d0
[  148.131024][T10099]  skb_release_data+0x560/0x730
[  148.132357][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  148.133690][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  148.135601][T10099]  ? kernel_text_address+0x8d/0x100
[  148.136974][T10099]  ? hlock_class+0x4e/0x130
[  148.138134][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  148.139388][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  148.141107][T10099]  ? hlock_class+0x4e/0x130
[  148.142404][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  148.143668][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  148.144980][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  148.146466][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  148.148079][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  148.149355][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.150936][T10099]  ? lock_acquire+0x2f/0xb0
[  148.152047][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.153548][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  148.155095][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  148.156706][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  148.158007][T10099]  ? __build_skb_around+0x278/0x3b0
[  148.159306][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  148.160611][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  148.162168][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  148.163842][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  148.165251][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.166560][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  148.167993][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.169489][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  148.170959][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.172439][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  148.173755][T10099]  ? 0xffffffffa0009640
[  148.174779][T10099]  ? 0xffffffffa0009640
[  148.175813][T10099]  ? 0xffffffffa0009640
[  148.176863][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.178372][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.179739][T10099]  ? lock_acquire+0x2f/0xb0
[  148.180892][T10099]  ? __fget_files+0x40/0x3f0
[  148.182254][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.184057][T10099]  ? fput+0x30/0x390
[  148.185606][T10099]  ? __bpf_prog_get+0xa0/0x290
[  148.187132][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.188966][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.190110][T10099]  ? __pfx_futex_wake+0x10/0x10
[  148.191331][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  148.192509][T10099]  ? __schedule+0xe5d/0x5730
[  148.193686][T10099]  ? __fget_files+0x23a/0x3f0
[  148.194868][T10099]  ? do_futex+0x123/0x350
[  148.195981][T10099]  ? __pfx_do_futex+0x10/0x10
[  148.197167][T10099]  ? xfd_validate_state+0x5d/0x180
[  148.198460][T10099]  ? rcu_is_watching+0x12/0xc0
[  148.199671][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.200777][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.202044][T10099]  do_syscall_64+0xcd/0x250
[  148.203365][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.205061][T10099] RIP: 0033:0x7f3c36f7e719
[  148.206340][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.210968][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.212998][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  148.214943][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  148.217119][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  148.219441][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.221478][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  148.223630][T10099]  </TASK>
[  148.224550][T10099] BUG: Bad page state in process syz.6.968  pfn:24c23
[  148.226277][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x24c23
[  148.228506][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  148.230487][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  148.232826][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  148.235086][T10099] page dumped because: page_pool leak
[  148.236414][T10099] page_owner tracks the page as allocated
[  148.237800][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988375193, free_ts 144457131613
[  148.241938][T10099]  post_alloc_hook+0x2d1/0x350
[  148.243123][T10099]  get_page_from_freelist+0x101e/0x3070
[  148.244503][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  148.245813][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  148.247188][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  148.248677][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  148.250073][T10099]  page_pool_alloc_pages+0x1a/0x60
[  148.251405][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  148.253081][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.254462][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.256002][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.257215][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.258563][T10099]  do_syscall_64+0xcd/0x250
[  148.260051][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.261692][T10099] page last free pid 10040 tgid 10040 stack trace:
[  148.263731][T10099]  free_unref_page+0x5f4/0xdc0
[  148.264924][T10099]  __put_partials+0x14c/0x170
[  148.266147][T10099]  qlist_free_all+0x4e/0x120
[  148.267401][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  148.268804][T10099]  __kasan_slab_alloc+0x69/0x90
[  148.270188][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  148.271650][T10099]  mas_alloc_nodes+0x176/0x860
[  148.272901][T10099]  mas_node_count_gfp+0x105/0x130
[  148.274198][T10099]  mas_preallocate+0x53b/0xcd0
[  148.275738][T10099]  commit_merge+0x61d/0xec0
[  148.276979][T10099]  vma_expand+0x3ee/0x990
[  148.278082][T10099]  vma_merge_new_range+0x37d/0xd20
[  148.280157][T10099]  mmap_region+0x499/0x2a50
[  148.281327][T10099]  do_mmap+0xc00/0xfc0
[  148.282373][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  148.283574][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  148.284780][T10099] Modules linked in:
[  148.285812][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  148.288928][T10099] Tainted: [B]=BAD_PAGE
[  148.289979][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.292734][T10099] Call Trace:
[  148.293603][T10099]  <TASK>
[  148.294374][T10099]  dump_stack_lvl+0x16c/0x1f0
[  148.295727][T10099]  bad_page+0xb3/0x1f0
[  148.296881][T10099]  ? __pfx_bad_page+0x10/0x10
[  148.298196][T10099]  ? page_bad_reason+0x9d/0x1e0
[  148.299826][T10099]  free_unref_page+0x657/0xdc0
[  148.301538][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  148.303285][T10099]  ? __phys_addr+0xc6/0x150
[  148.304698][T10099]  skb_free_head+0xa0/0x1d0
[  148.305902][T10099]  skb_release_data+0x560/0x730
[  148.307203][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  148.308557][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  148.310358][T10099]  ? kernel_text_address+0x8d/0x100
[  148.311688][T10099]  ? hlock_class+0x4e/0x130
[  148.312961][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  148.314316][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  148.316115][T10099]  ? hlock_class+0x4e/0x130
[  148.317273][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  148.318572][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  148.319910][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  148.321474][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  148.323294][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  148.324654][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.326354][T10099]  ? lock_acquire+0x2f/0xb0
[  148.327530][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.329161][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  148.330722][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  148.332390][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  148.333707][T10099]  ? __build_skb_around+0x278/0x3b0
[  148.335084][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  148.336812][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  148.338463][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  148.340651][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  148.342350][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.343903][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  148.345484][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.347007][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  148.348520][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.350090][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  148.351403][T10099]  ? 0xffffffffa0009640
[  148.352459][T10099]  ? 0xffffffffa0009640
[  148.353531][T10099]  ? 0xffffffffa0009640
[  148.354590][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.356629][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.358301][T10099]  ? lock_acquire+0x2f/0xb0
[  148.359834][T10099]  ? __fget_files+0x40/0x3f0
[  148.361094][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.362760][T10099]  ? fput+0x30/0x390
[  148.363796][T10099]  ? __bpf_prog_get+0xa0/0x290
[  148.365072][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.366718][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.367822][T10099]  ? __pfx_futex_wake+0x10/0x10
[  148.369060][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  148.370286][T10099]  ? __schedule+0xe5d/0x5730
[  148.371494][T10099]  ? __fget_files+0x23a/0x3f0
[  148.372714][T10099]  ? do_futex+0x123/0x350
[  148.373817][T10099]  ? __pfx_do_futex+0x10/0x10
[  148.375065][T10099]  ? xfd_validate_state+0x5d/0x180
[  148.376384][T10099]  ? rcu_is_watching+0x12/0xc0
[  148.377625][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.378755][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.380097][T10099]  do_syscall_64+0xcd/0x250
[  148.381275][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.382767][T10099] RIP: 0033:0x7f3c36f7e719
[  148.383936][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.388690][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.390864][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  148.392946][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  148.395047][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  148.397573][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.399767][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  148.401786][T10099]  </TASK>
[  148.402692][T10099] BUG: Bad page state in process syz.6.968  pfn:24c22
[  148.404494][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888024c23e00 pfn:0x24c22
[  148.407004][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  148.408961][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  148.411112][T10099] raw: ffff888024c23e00 0000000000000001 00000000ffffffff 0000000000000000
[  148.413199][T10099] page dumped because: page_pool leak
[  148.414542][T10099] page_owner tracks the page as allocated
[  148.416011][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988370385, free_ts 144457131613
[  148.420234][T10099]  post_alloc_hook+0x2d1/0x350
[  148.421451][T10099]  get_page_from_freelist+0x101e/0x3070
[  148.422852][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  148.424151][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  148.425534][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  148.426984][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  148.428299][T10099]  page_pool_alloc_pages+0x1a/0x60
[  148.429624][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  148.431186][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.432561][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.433955][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.435103][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.436296][T10099]  do_syscall_64+0xcd/0x250
[  148.437473][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.439139][T10099] page last free pid 10040 tgid 10040 stack trace:
[  148.441649][T10099]  free_unref_page+0x5f4/0xdc0
[  148.443080][T10099]  __put_partials+0x14c/0x170
[  148.444359][T10099]  qlist_free_all+0x4e/0x120
[  148.445519][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  148.447025][T10099]  __kasan_slab_alloc+0x69/0x90
[  148.448368][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  148.449813][T10099]  mas_alloc_nodes+0x176/0x860
[  148.451027][T10099]  mas_node_count_gfp+0x105/0x130
[  148.452295][T10099]  mas_preallocate+0x53b/0xcd0
[  148.453481][T10099]  commit_merge+0x61d/0xec0
[  148.454634][T10099]  vma_expand+0x3ee/0x990
[  148.455752][T10099]  vma_merge_new_range+0x37d/0xd20
[  148.457035][T10099]  mmap_region+0x499/0x2a50
[  148.458184][T10099]  do_mmap+0xc00/0xfc0
[  148.459216][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  148.460493][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  148.461709][T10099] Modules linked in:
[  148.462693][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  148.465684][T10099] Tainted: [B]=BAD_PAGE
[  148.466718][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.469371][T10099] Call Trace:
[  148.470221][T10099]  <TASK>
[  148.470956][T10099]  dump_stack_lvl+0x16c/0x1f0
[  148.472161][T10099]  bad_page+0xb3/0x1f0
[  148.473195][T10099]  ? __pfx_bad_page+0x10/0x10
[  148.474351][T10099]  ? page_bad_reason+0x9d/0x1e0
[  148.475597][T10099]  free_unref_page+0x657/0xdc0
[  148.476797][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  148.478293][T10099]  ? __phys_addr+0xc6/0x150
[  148.479574][T10099]  skb_free_head+0xa0/0x1d0
[  148.480722][T10099]  skb_release_data+0x560/0x730
[  148.481939][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  148.483201][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  148.484883][T10099]  ? kernel_text_address+0x8d/0x100
[  148.486197][T10099]  ? hlock_class+0x4e/0x130
[  148.487349][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  148.488631][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  148.490390][T10099]  ? hlock_class+0x4e/0x130
[  148.491538][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  148.492808][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  148.494106][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  148.495646][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  148.497424][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  148.498730][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.500639][T10099]  ? lock_acquire+0x2f/0xb0
[  148.501891][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.503535][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  148.505088][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  148.506733][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  148.508046][T10099]  ? __build_skb_around+0x278/0x3b0
[  148.509353][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  148.510689][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  148.512251][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  148.514040][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  148.515512][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.516985][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  148.518471][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.520195][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  148.521709][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.523181][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  148.524531][T10099]  ? 0xffffffffa0009640
[  148.525583][T10099]  ? 0xffffffffa0009640
[  148.526630][T10099]  ? 0xffffffffa0009640
[  148.527711][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.529221][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.530561][T10099]  ? lock_acquire+0x2f/0xb0
[  148.531808][T10099]  ? __fget_files+0x40/0x3f0
[  148.532997][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.534480][T10099]  ? fput+0x30/0x390
[  148.535675][T10099]  ? __bpf_prog_get+0xa0/0x290
[  148.537091][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.538730][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.540017][T10099]  ? __pfx_futex_wake+0x10/0x10
[  148.541368][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  148.542643][T10099]  ? __schedule+0xe5d/0x5730
[  148.543838][T10099]  ? __fget_files+0x23a/0x3f0
[  148.545035][T10099]  ? do_futex+0x123/0x350
[  148.546218][T10099]  ? __pfx_do_futex+0x10/0x10
[  148.547431][T10099]  ? xfd_validate_state+0x5d/0x180
[  148.548708][T10099]  ? rcu_is_watching+0x12/0xc0
[  148.549934][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.551049][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.552380][T10099]  do_syscall_64+0xcd/0x250
[  148.553541][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.555056][T10099] RIP: 0033:0x7f3c36f7e719
[  148.556190][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.561177][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.563243][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  148.565240][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  148.567217][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  148.569169][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.571146][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  148.573252][T10099]  </TASK>
[  148.574162][T10099] BUG: Bad page state in process syz.6.968  pfn:267e9
[  148.575902][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x267e9
[  148.578495][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  148.579564][ T5953] Bluetooth: hci4: command tx timeout
[  148.580479][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  148.584025][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  148.586172][T10099] page dumped because: page_pool leak
[  148.587522][T10099] page_owner tracks the page as allocated
[  148.588919][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988365954, free_ts 144457136573
[  148.593167][T10099]  post_alloc_hook+0x2d1/0x350
[  148.594393][T10099]  get_page_from_freelist+0x101e/0x3070
[  148.595818][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  148.597159][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  148.598560][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  148.600114][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  148.601449][T10099]  page_pool_alloc_pages+0x1a/0x60
[  148.602745][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  148.604281][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.605618][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.607068][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.608178][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.609310][T10099]  do_syscall_64+0xcd/0x250
[  148.610544][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.612032][T10099] page last free pid 10040 tgid 10040 stack trace:
[  148.613643][T10099]  free_unref_page+0x5f4/0xdc0
[  148.614858][T10099]  __put_partials+0x14c/0x170
[  148.616064][T10099]  qlist_free_all+0x4e/0x120
[  148.617226][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  148.618719][T10099]  __kasan_slab_alloc+0x69/0x90
[  148.620058][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  148.621515][T10099]  mas_alloc_nodes+0x176/0x860
[  148.622764][T10099]  mas_node_count_gfp+0x105/0x130
[  148.624187][T10099]  mas_preallocate+0x53b/0xcd0
[  148.625445][T10099]  commit_merge+0x61d/0xec0
[  148.626632][T10099]  vma_expand+0x3ee/0x990
[  148.627758][T10099]  vma_merge_new_range+0x37d/0xd20
[  148.629044][T10099]  mmap_region+0x499/0x2a50
[  148.630265][T10099]  do_mmap+0xc00/0xfc0
[  148.631354][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  148.632553][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  148.633843][T10099] Modules linked in:
[  148.634845][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  148.637869][T10099] Tainted: [B]=BAD_PAGE
[  148.638918][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.641892][T10099] Call Trace:
[  148.643096][T10099]  <TASK>
[  148.643875][T10099]  dump_stack_lvl+0x16c/0x1f0
[  148.645093][T10099]  bad_page+0xb3/0x1f0
[  148.646217][T10099]  ? __pfx_bad_page+0x10/0x10
[  148.647425][T10099]  ? page_bad_reason+0x9d/0x1e0
[  148.648665][T10099]  free_unref_page+0x657/0xdc0
[  148.649874][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  148.651402][T10099]  ? __phys_addr+0xc6/0x150
[  148.652547][T10099]  skb_free_head+0xa0/0x1d0
[  148.653701][T10099]  skb_release_data+0x560/0x730
[  148.654943][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  148.656224][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  148.657916][T10099]  ? kernel_text_address+0x8d/0x100
[  148.659238][T10099]  ? hlock_class+0x4e/0x130
[  148.660421][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  148.661729][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  148.663524][T10099]  ? hlock_class+0x4e/0x130
[  148.664706][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  148.665984][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  148.667305][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  148.668796][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  148.670418][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  148.671725][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.673313][T10099]  ? lock_acquire+0x2f/0xb0
[  148.674469][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.676108][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  148.677665][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  148.679430][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  148.680771][T10099]  ? __build_skb_around+0x278/0x3b0
[  148.682125][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  148.683487][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  148.685041][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  148.686685][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  148.688099][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.689431][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  148.690919][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.692394][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  148.693844][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.695360][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  148.696695][T10099]  ? 0xffffffffa0009640
[  148.697745][T10099]  ? 0xffffffffa0009640
[  148.698795][T10099]  ? 0xffffffffa0009640
[  148.700466][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.702024][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.703683][T10099]  ? lock_acquire+0x2f/0xb0
[  148.704921][T10099]  ? __fget_files+0x40/0x3f0
[  148.706299][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.707803][T10099]  ? fput+0x30/0x390
[  148.708815][T10099]  ? __bpf_prog_get+0xa0/0x290
[  148.710027][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.711517][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.712614][T10099]  ? __pfx_futex_wake+0x10/0x10
[  148.713995][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  148.715256][T10099]  ? __schedule+0xe5d/0x5730
[  148.716435][T10099]  ? __fget_files+0x23a/0x3f0
[  148.717627][T10099]  ? do_futex+0x123/0x350
[  148.718752][T10099]  ? __pfx_do_futex+0x10/0x10
[  148.719976][T10099]  ? xfd_validate_state+0x5d/0x180
[  148.721332][T10099]  ? rcu_is_watching+0x12/0xc0
[  148.722591][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.723796][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.725151][T10099]  do_syscall_64+0xcd/0x250
[  148.726285][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.727803][T10099] RIP: 0033:0x7f3c36f7e719
[  148.728937][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.733825][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.735946][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  148.738097][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  148.740311][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  148.742528][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.744600][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  148.746585][T10099]  </TASK>
[  148.747504][T10099] BUG: Bad page state in process syz.6.968  pfn:267e8
[  148.749200][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880267e9e00 pfn:0x267e8
[  148.751726][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  148.753472][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  148.755826][T10099] raw: ffff8880267e9e00 0000000000000001 00000000ffffffff 0000000000000000
[  148.758083][T10099] page dumped because: page_pool leak
[  148.759518][T10099] page_owner tracks the page as allocated
[  148.760955][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988361632, free_ts 144457136573
[  148.765179][T10099]  post_alloc_hook+0x2d1/0x350
[  148.766370][T10099]  get_page_from_freelist+0x101e/0x3070
[  148.767761][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  148.769193][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  148.770670][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  148.772204][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  148.773536][T10099]  page_pool_alloc_pages+0x1a/0x60
[  148.774853][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  148.776412][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.777754][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.779114][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.780284][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.781427][T10099]  do_syscall_64+0xcd/0x250
[  148.782597][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.784132][T10099] page last free pid 10040 tgid 10040 stack trace:
[  148.785747][T10099]  free_unref_page+0x5f4/0xdc0
[  148.786962][T10099]  __put_partials+0x14c/0x170
[  148.788171][T10099]  qlist_free_all+0x4e/0x120
[  148.789350][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  148.790780][T10099]  __kasan_slab_alloc+0x69/0x90
[  148.792016][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  148.793395][T10099]  mas_alloc_nodes+0x176/0x860
[  148.794619][T10099]  mas_node_count_gfp+0x105/0x130
[  148.795907][T10099]  mas_preallocate+0x53b/0xcd0
[  148.797107][T10099]  commit_merge+0x61d/0xec0
[  148.798252][T10099]  vma_expand+0x3ee/0x990
[  148.799451][T10099]  vma_merge_new_range+0x37d/0xd20
[  148.800937][T10099]  mmap_region+0x499/0x2a50
[  148.802111][T10099]  do_mmap+0xc00/0xfc0
[  148.803163][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  148.804371][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  148.805592][T10099] Modules linked in:
[  148.806577][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  148.809686][T10099] Tainted: [B]=BAD_PAGE
[  148.810731][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.813384][T10099] Call Trace:
[  148.814229][T10099]  <TASK>
[  148.814979][T10099]  dump_stack_lvl+0x16c/0x1f0
[  148.816167][T10099]  bad_page+0xb3/0x1f0
[  148.817209][T10099]  ? __pfx_bad_page+0x10/0x10
[  148.818382][T10099]  ? page_bad_reason+0x9d/0x1e0
[  148.819609][T10099]  free_unref_page+0x657/0xdc0
[  148.820812][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  148.822300][T10099]  ? __phys_addr+0xc6/0x150
[  148.823447][T10099]  skb_free_head+0xa0/0x1d0
[  148.824602][T10099]  skb_release_data+0x560/0x730
[  148.825829][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  148.827088][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  148.828742][T10099]  ? kernel_text_address+0x8d/0x100
[  148.830041][T10099]  ? hlock_class+0x4e/0x130
[  148.831163][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  148.832430][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  148.834220][T10099]  ? hlock_class+0x4e/0x130
[  148.835419][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  148.836692][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  148.837972][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  148.839465][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  148.841076][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  148.842406][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.844076][T10099]  ? lock_acquire+0x2f/0xb0
[  148.845205][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  148.846773][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  148.848323][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  148.850002][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  148.851323][T10099]  ? __build_skb_around+0x278/0x3b0
[  148.852635][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  148.853976][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  148.855563][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  148.857263][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  148.858665][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.859982][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  148.861473][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.862965][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  148.864461][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.865928][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  148.867263][T10099]  ? 0xffffffffa0009640
[  148.868300][T10099]  ? 0xffffffffa0009640
[  148.869326][T10099]  ? 0xffffffffa0009640
[  148.870370][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  148.871876][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.873213][T10099]  ? lock_acquire+0x2f/0xb0
[  148.874350][T10099]  ? __fget_files+0x40/0x3f0
[  148.875517][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.876968][T10099]  ? fput+0x30/0x390
[  148.877956][T10099]  ? __bpf_prog_get+0xa0/0x290
[  148.879169][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  148.880619][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.881719][T10099]  ? __pfx_futex_wake+0x10/0x10
[  148.882948][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  148.884155][T10099]  ? __schedule+0xe5d/0x5730
[  148.885326][T10099]  ? __fget_files+0x23a/0x3f0
[  148.886501][T10099]  ? do_futex+0x123/0x350
[  148.887576][T10099]  ? __pfx_do_futex+0x10/0x10
[  148.888778][T10099]  ? xfd_validate_state+0x5d/0x180
[  148.890066][T10099]  ? rcu_is_watching+0x12/0xc0
[  148.891346][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.892476][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.893789][T10099]  do_syscall_64+0xcd/0x250
[  148.894936][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.896442][T10099] RIP: 0033:0x7f3c36f7e719
[  148.897580][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.903201][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.905568][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  148.907833][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  148.909908][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  148.912252][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.914238][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  148.916229][T10099]  </TASK>
[  148.917136][T10099] BUG: Bad page state in process syz.6.968  pfn:2a077
[  148.918804][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x2a077
[  148.921203][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  148.922984][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  148.925186][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  148.927369][T10099] page dumped because: page_pool leak
[  148.928724][T10099] page_owner tracks the page as allocated
[  148.930211][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988356473, free_ts 144457140561
[  148.934418][T10099]  post_alloc_hook+0x2d1/0x350
[  148.935652][T10099]  get_page_from_freelist+0x101e/0x3070
[  148.937073][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  148.938403][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  148.939855][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  148.941378][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  148.942869][T10099]  page_pool_alloc_pages+0x1a/0x60
[  148.944197][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  148.945996][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  148.947375][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  148.948729][T10099]  __sys_bpf+0xfc6/0x49a0
[  148.949941][T10099]  __x64_sys_bpf+0x78/0xc0
[  148.951111][T10099]  do_syscall_64+0xcd/0x250
[  148.952294][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.953787][T10099] page last free pid 10040 tgid 10040 stack trace:
[  148.955429][T10099]  free_unref_page+0x5f4/0xdc0
[  148.956626][T10099]  __put_partials+0x14c/0x170
[  148.957824][T10099]  qlist_free_all+0x4e/0x120
[  148.959002][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  148.960419][T10099]  __kasan_slab_alloc+0x69/0x90
[  148.961659][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  148.963034][T10099]  mas_alloc_nodes+0x176/0x860
[  148.964278][T10099]  mas_node_count_gfp+0x105/0x130
[  148.965568][T10099]  mas_preallocate+0x53b/0xcd0
[  148.966789][T10099]  commit_merge+0x61d/0xec0
[  148.967943][T10099]  vma_expand+0x3ee/0x990
[  148.969029][T10099]  vma_merge_new_range+0x37d/0xd20
[  148.970378][T10099]  mmap_region+0x499/0x2a50
[  148.971519][T10099]  do_mmap+0xc00/0xfc0
[  148.972547][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  148.973715][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  148.974909][T10099] Modules linked in:
[  148.975903][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  148.978905][T10099] Tainted: [B]=BAD_PAGE
[  148.980135][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.982995][T10099] Call Trace:
[  148.984094][T10099]  <TASK>
[  148.985152][T10099]  dump_stack_lvl+0x16c/0x1f0
[  148.986320][T10099]  bad_page+0xb3/0x1f0
[  148.987393][T10099]  ? __pfx_bad_page+0x10/0x10
[  148.988633][T10099]  ? page_bad_reason+0x9d/0x1e0
[  148.990018][T10099]  free_unref_page+0x657/0xdc0
[  148.991265][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  148.992852][T10099]  ? __phys_addr+0xc6/0x150
[  148.994046][T10099]  skb_free_head+0xa0/0x1d0
[  148.995244][T10099]  skb_release_data+0x560/0x730
[  148.996475][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  148.997750][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  148.999732][T10099]  ? kernel_text_address+0x8d/0x100
[  149.001230][T10099]  ? hlock_class+0x4e/0x130
[  149.002423][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  149.003732][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  149.005638][T10099]  ? hlock_class+0x4e/0x130
[  149.006780][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  149.008024][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  149.009352][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  149.010854][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  149.012459][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  149.013793][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.015430][T10099]  ? lock_acquire+0x2f/0xb0
[  149.016606][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.018194][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  149.019783][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  149.021466][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  149.022781][T10099]  ? __build_skb_around+0x278/0x3b0
[  149.024098][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  149.025458][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  149.027006][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  149.028646][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  149.030088][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.031425][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  149.032902][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.034397][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  149.035902][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  149.037376][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.038671][T10099]  ? 0xffffffffa0009640
[  149.039699][T10099]  ? 0xffffffffa0009640
[  149.040724][T10099]  ? 0xffffffffa0009640
[  149.041766][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.043260][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.044602][T10099]  ? lock_acquire+0x2f/0xb0
[  149.045758][T10099]  ? __fget_files+0x40/0x3f0
[  149.046929][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.048399][T10099]  ? fput+0x30/0x390
[  149.049398][T10099]  ? __bpf_prog_get+0xa0/0x290
[  149.050611][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.052039][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.053131][T10099]  ? __pfx_futex_wake+0x10/0x10
[  149.054372][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  149.055622][T10099]  ? __schedule+0xe5d/0x5730
[  149.056796][T10099]  ? __fget_files+0x23a/0x3f0
[  149.057950][T10099]  ? do_futex+0x123/0x350
[  149.059034][T10099]  ? __pfx_do_futex+0x10/0x10
[  149.060220][T10099]  ? xfd_validate_state+0x5d/0x180
[  149.061498][T10099]  ? rcu_is_watching+0x12/0xc0
[  149.062697][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.063816][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.065136][T10099]  do_syscall_64+0xcd/0x250
[  149.066312][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.067843][T10099] RIP: 0033:0x7f3c36f7e719
[  149.068962][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.073779][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.075882][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  149.077851][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  149.079829][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  149.081792][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.083811][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  149.085809][T10099]  </TASK>
[  149.086715][T10099] BUG: Bad page state in process syz.6.968  pfn:2a076
[  149.088443][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802a077e00 pfn:0x2a076
[  149.090947][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  149.092765][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  149.094937][T10099] raw: ffff88802a077e00 0000000000000001 00000000ffffffff 0000000000000000
[  149.097149][T10099] page dumped because: page_pool leak
[  149.098445][T10099] page_owner tracks the page as allocated
[  149.099952][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988351615, free_ts 144457140561
[  149.104150][T10099]  post_alloc_hook+0x2d1/0x350
[  149.105350][T10099]  get_page_from_freelist+0x101e/0x3070
[  149.106723][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  149.108056][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  149.109440][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  149.111002][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  149.112348][T10099]  page_pool_alloc_pages+0x1a/0x60
[  149.113670][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  149.115248][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.116630][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.118015][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.119235][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.120825][T10099]  do_syscall_64+0xcd/0x250
[  149.122146][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.123882][T10099] page last free pid 10040 tgid 10040 stack trace:
[  149.125583][T10099]  free_unref_page+0x5f4/0xdc0
[  149.126801][T10099]  __put_partials+0x14c/0x170
[  149.128005][T10099]  qlist_free_all+0x4e/0x120
[  149.129191][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  149.130622][T10099]  __kasan_slab_alloc+0x69/0x90
[  149.131851][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  149.133299][T10099]  mas_alloc_nodes+0x176/0x860
[  149.134497][T10099]  mas_node_count_gfp+0x105/0x130
[  149.135906][T10099]  mas_preallocate+0x53b/0xcd0
[  149.137211][T10099]  commit_merge+0x61d/0xec0
[  149.138382][T10099]  vma_expand+0x3ee/0x990
[  149.139564][T10099]  vma_merge_new_range+0x37d/0xd20
[  149.140872][T10099]  mmap_region+0x499/0x2a50
[  149.142028][T10099]  do_mmap+0xc00/0xfc0
[  149.143061][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  149.144230][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  149.145447][T10099] Modules linked in:
[  149.146453][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  149.149486][T10099] Tainted: [B]=BAD_PAGE
[  149.150539][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.153177][T10099] Call Trace:
[  149.154011][T10099]  <TASK>
[  149.154759][T10099]  dump_stack_lvl+0x16c/0x1f0
[  149.155974][T10099]  bad_page+0xb3/0x1f0
[  149.157013][T10099]  ? __pfx_bad_page+0x10/0x10
[  149.158189][T10099]  ? page_bad_reason+0x9d/0x1e0
[  149.159435][T10099]  free_unref_page+0x657/0xdc0
[  149.160653][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  149.162158][T10099]  ? __phys_addr+0xc6/0x150
[  149.163347][T10099]  skb_free_head+0xa0/0x1d0
[  149.164509][T10099]  skb_release_data+0x560/0x730
[  149.165757][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  149.167040][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  149.168826][T10099]  ? kernel_text_address+0x8d/0x100
[  149.170133][T10099]  ? hlock_class+0x4e/0x130
[  149.171286][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  149.172567][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  149.174370][T10099]  ? hlock_class+0x4e/0x130
[  149.175756][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  149.177196][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  149.179058][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  149.181449][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  149.183083][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  149.184425][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.186034][T10099]  ? lock_acquire+0x2f/0xb0
[  149.187196][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.188857][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  149.190425][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  149.192087][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  149.193424][T10099]  ? __build_skb_around+0x278/0x3b0
[  149.194739][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  149.196108][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  149.198168][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  149.200431][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  149.201903][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.203263][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  149.204770][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.206424][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  149.207986][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  149.209490][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.210848][T10099]  ? 0xffffffffa0009640
[  149.211922][T10099]  ? 0xffffffffa0009640
[  149.213005][T10099]  ? 0xffffffffa0009640
[  149.214074][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.215589][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.217149][T10099]  ? lock_acquire+0x2f/0xb0
[  149.218332][T10099]  ? __fget_files+0x40/0x3f0
[  149.219572][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.221095][T10099]  ? fput+0x30/0x390
[  149.222122][T10099]  ? __bpf_prog_get+0xa0/0x290
[  149.223392][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.224947][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.226077][T10099]  ? __pfx_futex_wake+0x10/0x10
[  149.227405][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  149.228665][T10099]  ? __schedule+0xe5d/0x5730
[  149.229839][T10099]  ? __fget_files+0x23a/0x3f0
[  149.231041][T10099]  ? do_futex+0x123/0x350
[  149.232248][T10099]  ? __pfx_do_futex+0x10/0x10
[  149.233451][T10099]  ? xfd_validate_state+0x5d/0x180
[  149.234743][T10099]  ? rcu_is_watching+0x12/0xc0
[  149.235988][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.237140][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.238442][T10099]  do_syscall_64+0xcd/0x250
[  149.239604][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.241570][T10099] RIP: 0033:0x7f3c36f7e719
[  149.242720][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.247575][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.249640][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  149.251623][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  149.253599][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  149.255709][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.257697][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  149.259824][T10099]  </TASK>
[  149.260807][T10099] BUG: Bad page state in process syz.6.968  pfn:4ca3d
[  149.262513][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x4ca3d
[  149.264759][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  149.266705][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  149.268983][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  149.271285][T10099] page dumped because: page_pool leak
[  149.272684][T10099] page_owner tracks the page as allocated
[  149.274142][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988347435, free_ts 144457144767
[  149.278405][T10099]  post_alloc_hook+0x2d1/0x350
[  149.279691][T10099]  get_page_from_freelist+0x101e/0x3070
[  149.281100][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  149.282432][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  149.283862][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  149.285364][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  149.286697][T10099]  page_pool_alloc_pages+0x1a/0x60
[  149.288001][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  149.289583][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.290914][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.292271][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.293373][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.294507][T10099]  do_syscall_64+0xcd/0x250
[  149.295711][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.297169][T10099] page last free pid 10040 tgid 10040 stack trace:
[  149.298767][T10099]  free_unref_page+0x5f4/0xdc0
[  149.300048][T10099]  __put_partials+0x14c/0x170
[  149.301241][T10099]  qlist_free_all+0x4e/0x120
[  149.302426][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  149.303806][T10099]  __kasan_slab_alloc+0x69/0x90
[  149.305353][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  149.306774][T10099]  mas_alloc_nodes+0x176/0x860
[  149.308001][T10099]  mas_node_count_gfp+0x105/0x130
[  149.309282][T10099]  mas_preallocate+0x53b/0xcd0
[  149.310534][T10099]  commit_merge+0x61d/0xec0
[  149.311710][T10099]  vma_expand+0x3ee/0x990
[  149.312833][T10099]  vma_merge_new_range+0x37d/0xd20
[  149.314127][T10099]  mmap_region+0x499/0x2a50
[  149.315321][T10099]  do_mmap+0xc00/0xfc0
[  149.316344][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  149.317502][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  149.318711][T10099] Modules linked in:
[  149.319776][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  149.322805][T10099] Tainted: [B]=BAD_PAGE
[  149.323855][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.326528][T10099] Call Trace:
[  149.327382][T10099]  <TASK>
[  149.328145][T10099]  dump_stack_lvl+0x16c/0x1f0
[  149.329361][T10099]  bad_page+0xb3/0x1f0
[  149.330417][T10099]  ? __pfx_bad_page+0x10/0x10
[  149.331612][T10099]  ? page_bad_reason+0x20/0x1e0
[  149.332854][T10099]  ? page_bad_reason+0x9d/0x1e0
[  149.334088][T10099]  free_unref_page+0x657/0xdc0
[  149.335320][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  149.336807][T10099]  ? __phys_addr+0xc6/0x150
[  149.337926][T10099]  skb_free_head+0xa0/0x1d0
[  149.339085][T10099]  skb_release_data+0x560/0x730
[  149.340365][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  149.341643][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  149.343322][T10099]  ? kernel_text_address+0x8d/0x100
[  149.344632][T10099]  ? hlock_class+0x4e/0x130
[  149.345781][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  149.347066][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  149.348819][T10099]  ? hlock_class+0x4e/0x130
[  149.349968][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  149.351241][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  149.352551][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  149.354068][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  149.355705][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  149.357018][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.358612][T10099]  ? lock_acquire+0x2f/0xb0
[  149.359764][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.361354][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  149.362899][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  149.364620][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  149.365933][T10099]  ? __build_skb_around+0x278/0x3b0
[  149.367400][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  149.368721][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  149.370282][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  149.371920][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  149.373324][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.374672][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  149.376185][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.377663][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  149.379171][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  149.380668][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.381983][T10099]  ? 0xffffffffa0009640
[  149.383047][T10099]  ? 0xffffffffa0009640
[  149.384095][T10099]  ? 0xffffffffa0009640
[  149.385150][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.386603][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.387914][T10099]  ? lock_acquire+0x2f/0xb0
[  149.389062][T10099]  ? __fget_files+0x40/0x3f0
[  149.390236][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.391716][T10099]  ? fput+0x30/0x390
[  149.392721][T10099]  ? __bpf_prog_get+0xa0/0x290
[  149.393934][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.395398][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.396491][T10099]  ? __pfx_futex_wake+0x10/0x10
[  149.397739][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  149.398926][T10099]  ? __schedule+0xe5d/0x5730
[  149.400086][T10099]  ? __fget_files+0x23a/0x3f0
[  149.401251][T10099]  ? do_futex+0x123/0x350
[  149.402349][T10099]  ? __pfx_do_futex+0x10/0x10
[  149.403550][T10099]  ? xfd_validate_state+0x5d/0x180
[  149.404859][T10099]  ? rcu_is_watching+0x12/0xc0
[  149.406072][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.407191][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.408477][T10099]  do_syscall_64+0xcd/0x250
[  149.409615][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.411111][T10099] RIP: 0033:0x7f3c36f7e719
[  149.412261][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.417064][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.419161][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  149.421139][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  149.423091][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  149.425065][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.427023][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  149.429015][T10099]  </TASK>
[  149.429912][T10099] BUG: Bad page state in process syz.6.968  pfn:4ca3c
[  149.431631][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804ca3de00 pfn:0x4ca3c
[  149.434161][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  149.435951][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  149.438110][T10099] raw: ffff88804ca3de00 0000000000000001 00000000ffffffff 0000000000000000
[  149.440316][T10099] page dumped because: page_pool leak
[  149.441662][T10099] page_owner tracks the page as allocated
[  149.443100][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988342689, free_ts 144457144767
[  149.447342][T10099]  post_alloc_hook+0x2d1/0x350
[  149.448553][T10099]  get_page_from_freelist+0x101e/0x3070
[  149.449992][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  149.451334][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  149.452735][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  149.454243][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  149.455603][T10099]  page_pool_alloc_pages+0x1a/0x60
[  149.456913][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  149.458461][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.459839][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.461398][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.462661][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.463924][T10099]  do_syscall_64+0xcd/0x250
[  149.465127][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.466616][T10099] page last free pid 10040 tgid 10040 stack trace:
[  149.468428][T10099]  free_unref_page+0x5f4/0xdc0
[  149.469753][T10099]  __put_partials+0x14c/0x170
[  149.470981][T10099]  qlist_free_all+0x4e/0x120
[  149.472170][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  149.473548][T10099]  __kasan_slab_alloc+0x69/0x90
[  149.474779][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  149.476189][T10099]  mas_alloc_nodes+0x176/0x860
[  149.477425][T10099]  mas_node_count_gfp+0x105/0x130
[  149.478725][T10099]  mas_preallocate+0x53b/0xcd0
[  149.479992][T10099]  commit_merge+0x61d/0xec0
[  149.481211][T10099]  vma_expand+0x3ee/0x990
[  149.482330][T10099]  vma_merge_new_range+0x37d/0xd20
[  149.483643][T10099]  mmap_region+0x499/0x2a50
[  149.484883][T10099]  do_mmap+0xc00/0xfc0
[  149.485935][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  149.487137][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  149.488358][T10099] Modules linked in:
[  149.489370][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  149.492401][T10099] Tainted: [B]=BAD_PAGE
[  149.493434][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.496108][T10099] Call Trace:
[  149.496954][T10099]  <TASK>
[  149.497692][T10099]  dump_stack_lvl+0x16c/0x1f0
[  149.498871][T10099]  bad_page+0xb3/0x1f0
[  149.499910][T10099]  ? __pfx_bad_page+0x10/0x10
[  149.501091][T10099]  ? page_bad_reason+0x9d/0x1e0
[  149.502352][T10099]  free_unref_page+0x657/0xdc0
[  149.503568][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  149.505083][T10099]  ? __phys_addr+0xc6/0x150
[  149.506244][T10099]  skb_free_head+0xa0/0x1d0
[  149.507401][T10099]  skb_release_data+0x560/0x730
[  149.508626][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  149.509879][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  149.511554][T10099]  ? kernel_text_address+0x8d/0x100
[  149.512878][T10099]  ? hlock_class+0x4e/0x130
[  149.514023][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  149.515287][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  149.517056][T10099]  ? hlock_class+0x4e/0x130
[  149.518204][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  149.519456][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  149.520764][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  149.522277][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  149.523904][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  149.525213][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.526820][T10099]  ? lock_acquire+0x2f/0xb0
[  149.527951][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.529553][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  149.531125][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  149.532798][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  149.534128][T10099]  ? __build_skb_around+0x278/0x3b0
[  149.535457][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  149.536797][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  149.538357][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  149.540026][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  149.541430][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.542758][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  149.544228][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.545688][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  149.547149][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  149.548614][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.549935][T10099]  ? 0xffffffffa0009640
[  149.551001][T10099]  ? 0xffffffffa0009640
[  149.552047][T10099]  ? 0xffffffffa0009640
[  149.553077][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.554518][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.555896][T10099]  ? lock_acquire+0x2f/0xb0
[  149.557025][T10099]  ? __fget_files+0x40/0x3f0
[  149.558184][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.559670][T10099]  ? fput+0x30/0x390
[  149.560662][T10099]  ? __bpf_prog_get+0xa0/0x290
[  149.561860][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.563320][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.564428][T10099]  ? __pfx_futex_wake+0x10/0x10
[  149.565681][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  149.566904][T10099]  ? __schedule+0xe5d/0x5730
[  149.568101][T10099]  ? __fget_files+0x23a/0x3f0
[  149.569279][T10099]  ? do_futex+0x123/0x350
[  149.570398][T10099]  ? __pfx_do_futex+0x10/0x10
[  149.571618][T10099]  ? xfd_validate_state+0x5d/0x180
[  149.572920][T10099]  ? rcu_is_watching+0x12/0xc0
[  149.574138][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.575280][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.576818][T10099]  do_syscall_64+0xcd/0x250
[  149.578017][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.579546][T10099] RIP: 0033:0x7f3c36f7e719
[  149.580685][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.585500][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.587610][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  149.589611][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  149.591572][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  149.593535][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.595669][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  149.597797][T10099]  </TASK>
[  149.598689][T10099] BUG: Bad page state in process syz.6.968  pfn:3206f
[  149.600555][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x3206f
[  149.602841][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  149.604718][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  149.606880][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  149.609050][T10099] page dumped because: page_pool leak
[  149.610463][T10099] page_owner tracks the page as allocated
[  149.611912][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988338043, free_ts 144457149560
[  149.616124][T10099]  post_alloc_hook+0x2d1/0x350
[  149.617352][T10099]  get_page_from_freelist+0x101e/0x3070
[  149.618762][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  149.620505][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  149.621924][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  149.623505][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  149.624872][T10099]  page_pool_alloc_pages+0x1a/0x60
[  149.626264][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  149.627838][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.629213][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.630614][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.631710][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.632844][T10099]  do_syscall_64+0xcd/0x250
[  149.633983][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.635523][T10099] page last free pid 10040 tgid 10040 stack trace:
[  149.637146][T10099]  free_unref_page+0x5f4/0xdc0
[  149.638355][T10099]  qlist_free_all+0x4e/0x120
[  149.639590][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  149.640946][T10099]  __kasan_slab_alloc+0x69/0x90
[  149.642190][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  149.643578][T10099]  mas_alloc_nodes+0x176/0x860
[  149.644800][T10099]  mas_node_count_gfp+0x105/0x130
[  149.646082][T10099]  mas_preallocate+0x53b/0xcd0
[  149.647307][T10099]  commit_merge+0x61d/0xec0
[  149.648466][T10099]  vma_expand+0x3ee/0x990
[  149.649596][T10099]  vma_merge_new_range+0x37d/0xd20
[  149.650892][T10099]  mmap_region+0x499/0x2a50
[  149.652034][T10099]  do_mmap+0xc00/0xfc0
[  149.653030][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  149.654209][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  149.655405][T10099]  __x64_sys_mmap+0x125/0x190
[  149.656560][T10099] Modules linked in:
[  149.657542][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  149.660500][T10099] Tainted: [B]=BAD_PAGE
[  149.661507][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.664131][T10099] Call Trace:
[  149.664992][T10099]  <TASK>
[  149.665738][T10099]  dump_stack_lvl+0x16c/0x1f0
[  149.666917][T10099]  bad_page+0xb3/0x1f0
[  149.667974][T10099]  ? __pfx_bad_page+0x10/0x10
[  149.669151][T10099]  ? page_bad_reason+0x9d/0x1e0
[  149.670389][T10099]  free_unref_page+0x657/0xdc0
[  149.671614][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  149.673145][T10099]  ? __phys_addr+0xc6/0x150
[  149.674293][T10099]  skb_free_head+0xa0/0x1d0
[  149.675531][T10099]  skb_release_data+0x560/0x730
[  149.676758][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  149.678035][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  149.679714][T10099]  ? kernel_text_address+0x8d/0x100
[  149.681013][T10099]  ? hlock_class+0x4e/0x130
[  149.682174][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  149.683406][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  149.685192][T10099]  ? hlock_class+0x4e/0x130
[  149.686341][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  149.687615][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  149.688976][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  149.690483][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  149.692162][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  149.693493][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.695165][T10099]  ? lock_acquire+0x2f/0xb0
[  149.696315][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.697931][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  149.699476][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  149.701530][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  149.702845][T10099]  ? __build_skb_around+0x278/0x3b0
[  149.704581][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  149.705991][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  149.707668][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  149.709411][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  149.710877][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.712273][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  149.713774][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.715313][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  149.716770][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  149.718253][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.719606][T10099]  ? 0xffffffffa0009640
[  149.720640][T10099]  ? 0xffffffffa0009640
[  149.721668][T10099]  ? 0xffffffffa0009640
[  149.722706][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.724315][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.725687][T10099]  ? lock_acquire+0x2f/0xb0
[  149.726847][T10099]  ? __fget_files+0x40/0x3f0
[  149.728129][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.729727][T10099]  ? fput+0x30/0x390
[  149.730749][T10099]  ? __bpf_prog_get+0xa0/0x290
[  149.732010][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.733493][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.734630][T10099]  ? __pfx_futex_wake+0x10/0x10
[  149.735865][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  149.737078][T10099]  ? __schedule+0xe5d/0x5730
[  149.738248][T10099]  ? __fget_files+0x23a/0x3f0
[  149.739599][T10099]  ? do_futex+0x123/0x350
[  149.740749][T10099]  ? __pfx_do_futex+0x10/0x10
[  149.741952][T10099]  ? xfd_validate_state+0x5d/0x180
[  149.743263][T10099]  ? rcu_is_watching+0x12/0xc0
[  149.744479][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.745627][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.746952][T10099]  do_syscall_64+0xcd/0x250
[  149.748230][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.749721][T10099] RIP: 0033:0x7f3c36f7e719
[  149.750843][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.755669][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.757743][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  149.759742][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  149.761674][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  149.763698][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.765659][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  149.767681][T10099]  </TASK>
[  149.768616][T10099] BUG: Bad page state in process syz.6.968  pfn:3206e
[  149.770305][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803206fe00 pfn:0x3206e
[  149.772831][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  149.774629][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  149.777225][T10099] raw: ffff88803206fe00 0000000000000001 00000000ffffffff 0000000000000000
[  149.779434][T10099] page dumped because: page_pool leak
[  149.781065][T10099] page_owner tracks the page as allocated
[  149.782754][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988333481, free_ts 144457149560
[  149.787099][T10099]  post_alloc_hook+0x2d1/0x350
[  149.788360][T10099]  get_page_from_freelist+0x101e/0x3070
[  149.789852][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  149.791232][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  149.792655][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  149.794167][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  149.795558][T10099]  page_pool_alloc_pages+0x1a/0x60
[  149.796892][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  149.798474][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.799896][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.801287][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.802420][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.803564][T10099]  do_syscall_64+0xcd/0x250
[  149.804732][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.806245][T10099] page last free pid 10040 tgid 10040 stack trace:
[  149.807909][T10099]  free_unref_page+0x5f4/0xdc0
[  149.809152][T10099]  qlist_free_all+0x4e/0x120
[  149.810404][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  149.811821][T10099]  __kasan_slab_alloc+0x69/0x90
[  149.813088][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  149.814502][T10099]  mas_alloc_nodes+0x176/0x860
[  149.815783][T10099]  mas_node_count_gfp+0x105/0x130
[  149.817084][T10099]  mas_preallocate+0x53b/0xcd0
[  149.818326][T10099]  commit_merge+0x61d/0xec0
[  149.819559][T10099]  vma_expand+0x3ee/0x990
[  149.820672][T10099]  vma_merge_new_range+0x37d/0xd20
[  149.821989][T10099]  mmap_region+0x499/0x2a50
[  149.823179][T10099]  do_mmap+0xc00/0xfc0
[  149.824252][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  149.825445][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  149.826697][T10099]  __x64_sys_mmap+0x125/0x190
[  149.828014][T10099] Modules linked in:
[  149.829060][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  149.832153][T10099] Tainted: [B]=BAD_PAGE
[  149.833228][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.835998][T10099] Call Trace:
[  149.836865][T10099]  <TASK>
[  149.837642][T10099]  dump_stack_lvl+0x16c/0x1f0
[  149.838869][T10099]  bad_page+0xb3/0x1f0
[  149.839924][T10099]  ? __pfx_bad_page+0x10/0x10
[  149.841106][T10099]  ? page_bad_reason+0x9d/0x1e0
[  149.842366][T10099]  free_unref_page+0x657/0xdc0
[  149.843588][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  149.845148][T10099]  ? __phys_addr+0xc6/0x150
[  149.846333][T10099]  skb_free_head+0xa0/0x1d0
[  149.847522][T10099]  skb_release_data+0x560/0x730
[  149.848777][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  149.850081][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  149.851819][T10099]  ? kernel_text_address+0x8d/0x100
[  149.853165][T10099]  ? hlock_class+0x4e/0x130
[  149.854354][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  149.855693][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  149.857527][T10099]  ? hlock_class+0x4e/0x130
[  149.858940][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  149.860251][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  149.861599][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  149.863150][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  149.864833][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  149.866182][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.867813][T10099]  ? lock_acquire+0x2f/0xb0
[  149.868993][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  149.870625][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  149.872232][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  149.873946][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  149.875309][T10099]  ? __build_skb_around+0x278/0x3b0
[  149.876669][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  149.878041][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  149.879671][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  149.881754][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  149.883266][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.884655][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  149.886180][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.887703][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  149.889225][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  149.890730][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.892124][T10099]  ? 0xffffffffa0009640
[  149.893208][T10099]  ? 0xffffffffa0009640
[  149.894299][T10099]  ? 0xffffffffa0009640
[  149.895667][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  149.897323][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.898746][T10099]  ? lock_acquire+0x2f/0xb0
[  149.899939][T10099]  ? __fget_files+0x40/0x3f0
[  149.901151][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.902684][T10099]  ? fput+0x30/0x390
[  149.903731][T10099]  ? __bpf_prog_get+0xa0/0x290
[  149.904994][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.906660][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.907888][T10099]  ? __pfx_futex_wake+0x10/0x10
[  149.909186][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  149.910444][T10099]  ? __schedule+0xe5d/0x5730
[  149.911680][T10099]  ? __fget_files+0x23a/0x3f0
[  149.912914][T10099]  ? do_futex+0x123/0x350
[  149.914062][T10099]  ? __pfx_do_futex+0x10/0x10
[  149.915339][T10099]  ? xfd_validate_state+0x5d/0x180
[  149.916674][T10099]  ? rcu_is_watching+0x12/0xc0
[  149.917933][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.919102][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.920459][T10099]  do_syscall_64+0xcd/0x250
[  149.921650][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.923190][T10099] RIP: 0033:0x7f3c36f7e719
[  149.924486][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.929429][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.931571][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  149.933611][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  149.935668][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  149.937693][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.939872][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  149.941917][T10099]  </TASK>
[  149.942862][T10099] BUG: Bad page state in process syz.6.968  pfn:31f2d
[  149.944609][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x31f2d
[  149.946856][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  149.948707][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  149.950938][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  149.953149][T10099] page dumped because: page_pool leak
[  149.954548][T10099] page_owner tracks the page as allocated
[  149.956032][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988328853, free_ts 144457173669
[  149.960414][T10099]  post_alloc_hook+0x2d1/0x350
[  149.961675][T10099]  get_page_from_freelist+0x101e/0x3070
[  149.963364][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  149.964761][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  149.966202][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  149.968068][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  149.969612][T10099]  page_pool_alloc_pages+0x1a/0x60
[  149.970999][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  149.972618][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  149.973990][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  149.975424][T10099]  __sys_bpf+0xfc6/0x49a0
[  149.976576][T10099]  __x64_sys_bpf+0x78/0xc0
[  149.977770][T10099]  do_syscall_64+0xcd/0x250
[  149.979083][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.980933][T10099] page last free pid 10040 tgid 10040 stack trace:
[  149.982726][T10099]  free_unref_page+0x5f4/0xdc0
[  149.983983][T10099]  __put_partials+0x14c/0x170
[  149.985224][T10099]  qlist_free_all+0x4e/0x120
[  149.986435][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  149.987852][T10099]  __kasan_slab_alloc+0x69/0x90
[  149.989131][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  149.990630][T10099]  mas_alloc_nodes+0x176/0x860
[  149.991907][T10099]  mas_node_count_gfp+0x105/0x130
[  149.993251][T10099]  mas_preallocate+0x53b/0xcd0
[  149.994507][T10099]  commit_merge+0x61d/0xec0
[  149.996368][T10099]  vma_expand+0x3ee/0x990
[  149.997567][T10099]  vma_merge_new_range+0x37d/0xd20
[  149.999091][T10099]  mmap_region+0x499/0x2a50
[  150.000648][T10099]  do_mmap+0xc00/0xfc0
[  150.001674][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  150.002884][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  150.004302][T10099] Modules linked in:
[  150.005379][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  150.008479][T10099] Tainted: [B]=BAD_PAGE
[  150.009565][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.012319][T10099] Call Trace:
[  150.013185][T10099]  <TASK>
[  150.013955][T10099]  dump_stack_lvl+0x16c/0x1f0
[  150.015223][T10099]  bad_page+0xb3/0x1f0
[  150.016295][T10099]  ? __pfx_bad_page+0x10/0x10
[  150.017532][T10099]  ? page_bad_reason+0x9d/0x1e0
[  150.018798][T10099]  free_unref_page+0x657/0xdc0
[  150.020046][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  150.021875][T10099]  ? __phys_addr+0xc6/0x150
[  150.023141][T10099]  skb_free_head+0xa0/0x1d0
[  150.024376][T10099]  skb_release_data+0x560/0x730
[  150.025653][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  150.026973][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  150.028693][T10099]  ? kernel_text_address+0x8d/0x100
[  150.030151][T10099]  ? hlock_class+0x4e/0x130
[  150.031386][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  150.032706][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  150.034532][T10099]  ? hlock_class+0x4e/0x130
[  150.035727][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  150.037010][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  150.038367][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  150.039938][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  150.041627][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  150.042982][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.044626][T10099]  ? lock_acquire+0x2f/0xb0
[  150.045753][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.047397][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  150.048979][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  150.050707][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  150.052060][T10099]  ? __build_skb_around+0x278/0x3b0
[  150.053404][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  150.054771][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  150.056768][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  150.058550][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  150.060020][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.061408][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  150.063062][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.064654][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  150.066230][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  150.067760][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  150.069144][T10099]  ? 0xffffffffa0009640
[  150.070229][T10099]  ? 0xffffffffa0009640
[  150.071316][T10099]  ? 0xffffffffa0009640
[  150.072398][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.073920][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.075426][T10099]  ? lock_acquire+0x2f/0xb0
[  150.076611][T10099]  ? __fget_files+0x40/0x3f0
[  150.077823][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.079365][T10099]  ? fput+0x30/0x390
[  150.080399][T10099]  ? __bpf_prog_get+0xa0/0x290
[  150.081658][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.083345][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.084793][T10099]  ? __pfx_futex_wake+0x10/0x10
[  150.086222][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  150.087543][T10099]  ? __schedule+0xe5d/0x5730
[  150.088743][T10099]  ? __fget_files+0x23a/0x3f0
[  150.089966][T10099]  ? do_futex+0x123/0x350
[  150.091084][T10099]  ? __pfx_do_futex+0x10/0x10
[  150.092335][T10099]  ? xfd_validate_state+0x5d/0x180
[  150.093755][T10099]  ? rcu_is_watching+0x12/0xc0
[  150.095092][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.096325][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.097769][T10099]  do_syscall_64+0xcd/0x250
[  150.098948][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.100494][T10099] RIP: 0033:0x7f3c36f7e719
[  150.101919][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.107324][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.109625][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  150.111656][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  150.113681][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  150.115736][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.117874][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  150.119951][T10099]  </TASK>
[  150.120998][T10099] BUG: Bad page state in process syz.6.968  pfn:31f2c
[  150.122790][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888031f2de00 pfn:0x31f2c
[  150.125898][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.127868][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  150.130186][T10099] raw: ffff888031f2de00 0000000000000001 00000000ffffffff 0000000000000000
[  150.132547][T10099] page dumped because: page_pool leak
[  150.134039][T10099] page_owner tracks the page as allocated
[  150.135614][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988324048, free_ts 144457173669
[  150.140025][T10099]  post_alloc_hook+0x2d1/0x350
[  150.141266][T10099]  get_page_from_freelist+0x101e/0x3070
[  150.142699][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  150.144087][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  150.145527][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  150.147062][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  150.148433][T10099]  page_pool_alloc_pages+0x1a/0x60
[  150.149803][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  150.151408][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.152777][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.154179][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.155323][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.156488][T10099]  do_syscall_64+0xcd/0x250
[  150.157693][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.159237][T10099] page last free pid 10040 tgid 10040 stack trace:
[  150.160950][T10099]  free_unref_page+0x5f4/0xdc0
[  150.162202][T10099]  __put_partials+0x14c/0x170
[  150.163432][T10099]  qlist_free_all+0x4e/0x120
[  150.164635][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  150.166032][T10099]  __kasan_slab_alloc+0x69/0x90
[  150.167298][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  150.168691][T10099]  mas_alloc_nodes+0x176/0x860
[  150.169975][T10099]  mas_node_count_gfp+0x105/0x130
[  150.171290][T10099]  mas_preallocate+0x53b/0xcd0
[  150.172534][T10099]  commit_merge+0x61d/0xec0
[  150.173691][T10099]  vma_expand+0x3ee/0x990
[  150.174811][T10099]  vma_merge_new_range+0x37d/0xd20
[  150.176165][T10099]  mmap_region+0x499/0x2a50
[  150.177343][T10099]  do_mmap+0xc00/0xfc0
[  150.178407][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  150.179667][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  150.180918][T10099] Modules linked in:
[  150.181935][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  150.185012][T10099] Tainted: [B]=BAD_PAGE
[  150.186071][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.188788][T10099] Call Trace:
[  150.189662][T10099]  <TASK>
[  150.190431][T10099]  dump_stack_lvl+0x16c/0x1f0
[  150.191667][T10099]  bad_page+0xb3/0x1f0
[  150.192732][T10099]  ? __pfx_bad_page+0x10/0x10
[  150.193950][T10099]  ? page_bad_reason+0x9d/0x1e0
[  150.195249][T10099]  free_unref_page+0x657/0xdc0
[  150.196505][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  150.198232][T10099]  ? __phys_addr+0xc6/0x150
[  150.199459][T10099]  skb_free_head+0xa0/0x1d0
[  150.200683][T10099]  skb_release_data+0x560/0x730
[  150.201982][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  150.203325][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  150.204934][T10099]  ? kernel_text_address+0x8d/0x100
[  150.206288][T10099]  ? hlock_class+0x4e/0x130
[  150.207496][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  150.208804][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  150.210650][T10099]  ? hlock_class+0x4e/0x130
[  150.211864][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  150.213167][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  150.214493][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  150.216072][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  150.217882][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  150.219245][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.220880][T10099]  ? lock_acquire+0x2f/0xb0
[  150.222058][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.223707][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  150.225305][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  150.227020][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  150.228386][T10099]  ? __build_skb_around+0x278/0x3b0
[  150.229731][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  150.231110][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  150.232842][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  150.234540][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  150.236008][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.237399][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  150.238913][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.240468][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  150.241998][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  150.243538][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  150.244918][T10099]  ? 0xffffffffa0009640
[  150.245992][T10099]  ? 0xffffffffa0009640
[  150.247083][T10099]  ? 0xffffffffa0009640
[  150.248159][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.249658][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.251046][T10099]  ? lock_acquire+0x2f/0xb0
[  150.252239][T10099]  ? __fget_files+0x40/0x3f0
[  150.253458][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.254973][T10099]  ? fput+0x30/0x390
[  150.256033][T10099]  ? __bpf_prog_get+0xa0/0x290
[  150.257283][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.258793][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.259926][T10099]  ? __pfx_futex_wake+0x10/0x10
[  150.261198][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  150.262429][T10099]  ? __schedule+0xe5d/0x5730
[  150.263630][T10099]  ? __fget_files+0x23a/0x3f0
[  150.264851][T10099]  ? do_futex+0x123/0x350
[  150.265967][T10099]  ? __pfx_do_futex+0x10/0x10
[  150.267192][T10099]  ? xfd_validate_state+0x5d/0x180
[  150.268521][T10099]  ? rcu_is_watching+0x12/0xc0
[  150.269753][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.270921][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.272273][T10099]  do_syscall_64+0xcd/0x250
[  150.273453][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.274993][T10099] RIP: 0033:0x7f3c36f7e719
[  150.276174][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.281109][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.283257][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  150.285308][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  150.287350][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  150.289380][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.291422][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  150.293445][T10099]  </TASK>
[  150.294357][T10099] BUG: Bad page state in process syz.6.968  pfn:3152d
[  150.296136][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x3152d
[  150.298681][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.300635][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  150.302815][T10099] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[  150.305043][T10099] page dumped because: page_pool leak
[  150.306418][T10099] page_owner tracks the page as allocated
[  150.307853][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988319333, free_ts 144457178539
[  150.312256][T10099]  post_alloc_hook+0x2d1/0x350
[  150.313506][T10099]  get_page_from_freelist+0x101e/0x3070
[  150.314928][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  150.316315][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  150.317720][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  150.319259][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  150.320677][T10099]  page_pool_alloc_pages+0x1a/0x60
[  150.321989][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  150.323578][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.324932][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.326314][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.327435][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.328585][T10099]  do_syscall_64+0xcd/0x250
[  150.329813][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.331343][T10099] page last free pid 10040 tgid 10040 stack trace:
[  150.333007][T10099]  free_unref_page+0x5f4/0xdc0
[  150.334294][T10099]  __put_partials+0x14c/0x170
[  150.335531][T10099]  qlist_free_all+0x4e/0x120
[  150.336745][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  150.338156][T10099]  __kasan_slab_alloc+0x69/0x90
[  150.339437][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  150.340883][T10099]  mas_alloc_nodes+0x176/0x860
[  150.342131][T10099]  mas_node_count_gfp+0x105/0x130
[  150.343441][T10099]  mas_preallocate+0x53b/0xcd0
[  150.344672][T10099]  commit_merge+0x61d/0xec0
[  150.345848][T10099]  vma_expand+0x3ee/0x990
[  150.346966][T10099]  vma_merge_new_range+0x37d/0xd20
[  150.348307][T10099]  mmap_region+0x499/0x2a50
[  150.349562][T10099]  do_mmap+0xc00/0xfc0
[  150.350631][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  150.351866][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  150.353128][T10099] Modules linked in:
[  150.354156][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  150.357249][T10099] Tainted: [B]=BAD_PAGE
[  150.358319][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.361065][T10099] Call Trace:
[  150.361937][T10099]  <TASK>
[  150.362710][T10099]  dump_stack_lvl+0x16c/0x1f0
[  150.363936][T10099]  bad_page+0xb3/0x1f0
[  150.365000][T10099]  ? __pfx_bad_page+0x10/0x10
[  150.366222][T10099]  ? page_bad_reason+0x9d/0x1e0
[  150.367482][T10099]  free_unref_page+0x657/0xdc0
[  150.368701][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  150.370227][T10099]  ? __phys_addr+0xc6/0x150
[  150.371417][T10099]  skb_free_head+0xa0/0x1d0
[  150.372582][T10099]  skb_release_data+0x560/0x730
[  150.373856][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  150.375161][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  150.376864][T10099]  ? kernel_text_address+0x8d/0x100
[  150.378207][T10099]  ? hlock_class+0x4e/0x130
[  150.379383][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  150.380674][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  150.382473][T10099]  ? hlock_class+0x4e/0x130
[  150.383652][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  150.384923][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  150.386264][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  150.387810][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  150.389409][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  150.390734][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.392364][T10099]  ? lock_acquire+0x2f/0xb0
[  150.393537][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.395182][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  150.396782][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  150.398501][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  150.399829][T10099]  ? __build_skb_around+0x278/0x3b0
[  150.401178][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  150.402517][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  150.404319][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  150.406024][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  150.407791][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.409249][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  150.410759][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.412294][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  150.413816][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  150.415398][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  150.416778][T10099]  ? 0xffffffffa0009640
[  150.417863][T10099]  ? 0xffffffffa0009640
[  150.418934][T10099]  ? 0xffffffffa0009640
[  150.420016][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.421565][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.423001][T10099]  ? lock_acquire+0x2f/0xb0
[  150.424189][T10099]  ? __fget_files+0x40/0x3f0
[  150.425391][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.426894][T10099]  ? fput+0x30/0x390
[  150.427946][T10099]  ? __bpf_prog_get+0xa0/0x290
[  150.429193][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.430699][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.431837][T10099]  ? __pfx_futex_wake+0x10/0x10
[  150.433103][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  150.434343][T10099]  ? __schedule+0xe5d/0x5730
[  150.435721][T10099]  ? __fget_files+0x23a/0x3f0
[  150.437111][T10099]  ? do_futex+0x123/0x350
[  150.438312][T10099]  ? __pfx_do_futex+0x10/0x10
[  150.439562][T10099]  ? xfd_validate_state+0x5d/0x180
[  150.440903][T10099]  ? rcu_is_watching+0x12/0xc0
[  150.442176][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.443373][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.444976][T10099]  do_syscall_64+0xcd/0x250
[  150.446166][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.447684][T10099] RIP: 0033:0x7f3c36f7e719
[  150.448843][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.453702][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.455853][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  150.457893][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  150.460111][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  150.462523][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.464703][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  150.466877][T10099]  </TASK>
[  150.467777][T10099] BUG: Bad page state in process syz.6.968  pfn:3152c
[  150.469500][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803152de00 pfn:0x3152c
[  150.472079][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.473933][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  150.476851][T10099] raw: ffff88803152de00 0000000000000001 00000000ffffffff 0000000000000000
[  150.479143][T10099] page dumped because: page_pool leak
[  150.480772][T10099] page_owner tracks the page as allocated
[  150.482294][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988314930, free_ts 144457178539
[  150.486569][T10099]  post_alloc_hook+0x2d1/0x350
[  150.487833][T10099]  get_page_from_freelist+0x101e/0x3070
[  150.489258][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  150.490670][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  150.492130][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  150.493644][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  150.495039][T10099]  page_pool_alloc_pages+0x1a/0x60
[  150.496373][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  150.497958][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.499339][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.500801][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.501922][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.503087][T10099]  do_syscall_64+0xcd/0x250
[  150.504272][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.505791][T10099] page last free pid 10040 tgid 10040 stack trace:
[  150.507586][T10099]  free_unref_page+0x5f4/0xdc0
[  150.508843][T10099]  __put_partials+0x14c/0x170
[  150.510147][T10099]  qlist_free_all+0x4e/0x120
[  150.511428][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  150.512836][T10099]  __kasan_slab_alloc+0x69/0x90
[  150.514085][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  150.515503][T10099]  mas_alloc_nodes+0x176/0x860
[  150.516708][T10099]  mas_node_count_gfp+0x105/0x130
[  150.517964][T10099]  mas_preallocate+0x53b/0xcd0
[  150.519186][T10099]  commit_merge+0x61d/0xec0
[  150.520396][T10099]  vma_expand+0x3ee/0x990
[  150.521491][T10099]  vma_merge_new_range+0x37d/0xd20
[  150.522768][T10099]  mmap_region+0x499/0x2a50
[  150.523927][T10099]  do_mmap+0xc00/0xfc0
[  150.524953][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  150.526142][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  150.527356][T10099] Modules linked in:
[  150.528343][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  150.531373][T10099] Tainted: [B]=BAD_PAGE
[  150.532422][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.535101][T10099] Call Trace:
[  150.535959][T10099]  <TASK>
[  150.536720][T10099]  dump_stack_lvl+0x16c/0x1f0
[  150.537937][T10099]  bad_page+0xb3/0x1f0
[  150.538966][T10099]  ? __pfx_bad_page+0x10/0x10
[  150.540140][T10099]  ? page_bad_reason+0x9d/0x1e0
[  150.541327][T10099]  free_unref_page+0x657/0xdc0
[  150.542543][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  150.544525][T10099]  ? __phys_addr+0xc6/0x150
[  150.545665][T10099]  skb_free_head+0xa0/0x1d0
[  150.546784][T10099]  skb_release_data+0x560/0x730
[  150.547937][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  150.549086][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  150.550885][T10099]  ? kernel_text_address+0x8d/0x100
[  150.552242][T10099]  ? hlock_class+0x4e/0x130
[  150.553397][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  150.554683][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  150.556473][T10099]  ? hlock_class+0x4e/0x130
[  150.557604][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  150.558837][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  150.560159][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  150.561669][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  150.563301][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  150.564592][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.566176][T10099]  ? lock_acquire+0x2f/0xb0
[  150.567336][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.568912][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  150.570501][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  150.572174][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  150.573464][T10099]  ? __build_skb_around+0x278/0x3b0
[  150.574790][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  150.576160][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  150.577733][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  150.579373][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  150.580799][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.582154][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  150.583633][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.585104][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  150.586590][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  150.588053][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  150.589366][T10099]  ? 0xffffffffa0009640
[  150.590408][T10099]  ? 0xffffffffa0009640
[  150.591489][T10099]  ? 0xffffffffa0009640
[  150.592540][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.594004][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.595382][T10099]  ? lock_acquire+0x2f/0xb0
[  150.596545][T10099]  ? __fget_files+0x40/0x3f0
[  150.597733][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.599218][T10099]  ? fput+0x30/0x390
[  150.600229][T10099]  ? __bpf_prog_get+0xa0/0x290
[  150.601446][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.602905][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.604017][T10099]  ? __pfx_futex_wake+0x10/0x10
[  150.605265][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  150.606485][T10099]  ? __schedule+0xe5d/0x5730
[  150.607658][T10099]  ? __fget_files+0x23a/0x3f0
[  150.608861][T10099]  ? do_futex+0x123/0x350
[  150.609972][T10099]  ? __pfx_do_futex+0x10/0x10
[  150.611167][T10099]  ? xfd_validate_state+0x5d/0x180
[  150.612477][T10099]  ? rcu_is_watching+0x12/0xc0
[  150.613698][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.614865][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.616305][T10099]  do_syscall_64+0xcd/0x250
[  150.617527][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.619123][T10099] RIP: 0033:0x7f3c36f7e719
[  150.620281][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.625052][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.627183][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  150.629112][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  150.631155][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  150.633135][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.635141][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  150.637263][T10099]  </TASK>
[  150.638415][T10099] BUG: Bad page state in process syz.6.968  pfn:4d7b5
[  150.640172][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x4d7b5
[  150.642710][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.644502][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  150.646678][T10099] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[  150.648830][T10099] page dumped because: page_pool leak
[  150.650356][T10099] page_owner tracks the page as allocated
[  150.651896][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988309276, free_ts 144457182739
[  150.656417][T10099]  post_alloc_hook+0x2d1/0x350
[  150.657681][T10099]  get_page_from_freelist+0x101e/0x3070
[  150.659128][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  150.659729][ T5953] Bluetooth: hci4: command tx timeout
[  150.660462][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  150.663445][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  150.664884][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  150.666173][T10099]  page_pool_alloc_pages+0x1a/0x60
[  150.667459][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  150.668949][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.670288][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.671616][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.672677][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.673772][T10099]  do_syscall_64+0xcd/0x250
[  150.674912][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.676381][T10099] page last free pid 10040 tgid 10040 stack trace:
[  150.677939][T10099]  free_unref_page+0x5f4/0xdc0
[  150.679122][T10099]  __put_partials+0x14c/0x170
[  150.680301][T10099]  qlist_free_all+0x4e/0x120
[  150.681420][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  150.682736][T10099]  __kasan_slab_alloc+0x69/0x90
[  150.683947][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  150.685275][T10099]  mas_alloc_nodes+0x176/0x860
[  150.686455][T10099]  mas_node_count_gfp+0x105/0x130
[  150.687682][T10099]  mas_preallocate+0x53b/0xcd0
[  150.688835][T10099]  commit_merge+0x61d/0xec0
[  150.689980][T10099]  vma_expand+0x3ee/0x990
[  150.691035][T10099]  vma_merge_new_range+0x37d/0xd20
[  150.692298][T10099]  mmap_region+0x499/0x2a50
[  150.693431][T10099]  do_mmap+0xc00/0xfc0
[  150.694457][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  150.695662][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  150.696888][T10099] Modules linked in:
[  150.697892][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  150.700871][T10099] Tainted: [B]=BAD_PAGE
[  150.702145][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.705034][T10099] Call Trace:
[  150.705893][T10099]  <TASK>
[  150.706669][T10099]  dump_stack_lvl+0x16c/0x1f0
[  150.707931][T10099]  bad_page+0xb3/0x1f0
[  150.708956][T10099]  ? __pfx_bad_page+0x10/0x10
[  150.710124][T10099]  ? page_bad_reason+0x9d/0x1e0
[  150.711415][T10099]  free_unref_page+0x657/0xdc0
[  150.712785][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  150.714343][T10099]  ? __phys_addr+0xc6/0x150
[  150.715493][T10099]  skb_free_head+0xa0/0x1d0
[  150.716678][T10099]  skb_release_data+0x560/0x730
[  150.717894][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  150.719323][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  150.721253][T10099]  ? kernel_text_address+0x8d/0x100
[  150.722538][T10099]  ? hlock_class+0x4e/0x130
[  150.723694][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  150.724933][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  150.726650][T10099]  ? hlock_class+0x4e/0x130
[  150.727784][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  150.729002][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  150.730264][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  150.731733][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  150.733275][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  150.734551][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.736749][T10099]  ? lock_acquire+0x2f/0xb0
[  150.738054][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.739614][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  150.741138][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  150.742742][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  150.744025][T10099]  ? __build_skb_around+0x278/0x3b0
[  150.745425][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  150.746790][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  150.748415][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  150.750024][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  150.751411][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.752754][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  150.754206][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.755678][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  150.757142][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  150.758573][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  150.759858][T10099]  ? 0xffffffffa0009640
[  150.761021][T10099]  ? 0xffffffffa0009640
[  150.762070][T10099]  ? 0xffffffffa0009640
[  150.763085][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.764533][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.765969][T10099]  ? lock_acquire+0x2f/0xb0
[  150.767105][T10099]  ? __fget_files+0x40/0x3f0
[  150.768267][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.769743][T10099]  ? fput+0x30/0x390
[  150.770726][T10099]  ? __bpf_prog_get+0xa0/0x290
[  150.771958][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.773392][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.774497][T10099]  ? __pfx_futex_wake+0x10/0x10
[  150.775954][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  150.777509][T10099]  ? __schedule+0xe5d/0x5730
[  150.778744][T10099]  ? __fget_files+0x23a/0x3f0
[  150.779958][T10099]  ? do_futex+0x123/0x350
[  150.781089][T10099]  ? __pfx_do_futex+0x10/0x10
[  150.782337][T10099]  ? xfd_validate_state+0x5d/0x180
[  150.783643][T10099]  ? rcu_is_watching+0x12/0xc0
[  150.784901][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.786048][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.787398][T10099]  do_syscall_64+0xcd/0x250
[  150.788560][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.790059][T10099] RIP: 0033:0x7f3c36f7e719
[  150.791195][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.796184][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.798282][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  150.800350][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  150.803015][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  150.805452][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.807614][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  150.809812][T10099]  </TASK>
[  150.810895][T10099] BUG: Bad page state in process syz.6.968  pfn:4d7b4
[  150.812952][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804d7b5e00 pfn:0x4d7b4
[  150.815796][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.817578][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  150.819791][T10099] raw: ffff88804d7b5e00 0000000000000001 00000000ffffffff 0000000000000000
[  150.822304][T10099] page dumped because: page_pool leak
[  150.823674][T10099] page_owner tracks the page as allocated
[  150.825410][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988299078, free_ts 144457182739
[  150.829756][T10099]  post_alloc_hook+0x2d1/0x350
[  150.831043][T10099]  get_page_from_freelist+0x101e/0x3070
[  150.832457][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  150.833804][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  150.835256][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  150.837154][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  150.838513][T10099]  page_pool_alloc_pages+0x1a/0x60
[  150.839897][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  150.841455][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.842806][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.844203][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.845313][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.846472][T10099]  do_syscall_64+0xcd/0x250
[  150.847746][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.849262][T10099] page last free pid 10040 tgid 10040 stack trace:
[  150.850989][T10099]  free_unref_page+0x5f4/0xdc0
[  150.852225][T10099]  __put_partials+0x14c/0x170
[  150.853425][T10099]  qlist_free_all+0x4e/0x120
[  150.854609][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  150.856029][T10099]  __kasan_slab_alloc+0x69/0x90
[  150.857268][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  150.858621][T10099]  mas_alloc_nodes+0x176/0x860
[  150.859903][T10099]  mas_node_count_gfp+0x105/0x130
[  150.861164][T10099]  mas_preallocate+0x53b/0xcd0
[  150.862358][T10099]  commit_merge+0x61d/0xec0
[  150.863525][T10099]  vma_expand+0x3ee/0x990
[  150.864623][T10099]  vma_merge_new_range+0x37d/0xd20
[  150.865937][T10099]  mmap_region+0x499/0x2a50
[  150.867044][T10099]  do_mmap+0xc00/0xfc0
[  150.868071][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  150.869221][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  150.870456][T10099] Modules linked in:
[  150.871472][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  150.874415][T10099] Tainted: [B]=BAD_PAGE
[  150.875515][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.878350][T10099] Call Trace:
[  150.879224][T10099]  <TASK>
[  150.879993][T10099]  dump_stack_lvl+0x16c/0x1f0
[  150.881207][T10099]  bad_page+0xb3/0x1f0
[  150.882259][T10099]  ? __pfx_bad_page+0x10/0x10
[  150.883463][T10099]  ? page_bad_reason+0x9d/0x1e0
[  150.884698][T10099]  free_unref_page+0x657/0xdc0
[  150.885967][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  150.887461][T10099]  ? __phys_addr+0xc6/0x150
[  150.888592][T10099]  skb_free_head+0xa0/0x1d0
[  150.889703][T10099]  skb_release_data+0x560/0x730
[  150.890895][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  150.892186][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  150.893860][T10099]  ? kernel_text_address+0x8d/0x100
[  150.895168][T10099]  ? hlock_class+0x4e/0x130
[  150.896219][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  150.897384][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  150.899111][T10099]  ? hlock_class+0x4e/0x130
[  150.900281][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  150.902168][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  150.903932][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  150.905481][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  150.907223][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  150.908498][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.910063][T10099]  ? lock_acquire+0x2f/0xb0
[  150.911196][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  150.912805][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  150.914378][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  150.916111][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  150.917450][T10099]  ? __build_skb_around+0x278/0x3b0
[  150.918769][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  150.920070][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  150.921610][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  150.923289][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  150.924737][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  150.926084][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  150.927606][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.929129][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  150.930628][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  150.932145][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  150.933499][T10099]  ? 0xffffffffa0009640
[  150.934578][T10099]  ? 0xffffffffa0009640
[  150.935665][T10099]  ? 0xffffffffa0009640
[  150.936712][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  150.938198][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  150.939614][T10099]  ? lock_acquire+0x2f/0xb0
[  150.940785][T10099]  ? __fget_files+0x40/0x3f0
[  150.941960][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.943944][T10099]  ? fput+0x30/0x390
[  150.945068][T10099]  ? __bpf_prog_get+0xa0/0x290
[  150.946472][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.948010][T10099]  __sys_bpf+0xfc6/0x49a0
[  150.949169][T10099]  ? __pfx_futex_wake+0x10/0x10
[  150.950523][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  150.951783][T10099]  ? __schedule+0xe5d/0x5730
[  150.952950][T10099]  ? __fget_files+0x23a/0x3f0
[  150.954147][T10099]  ? do_futex+0x123/0x350
[  150.955268][T10099]  ? __pfx_do_futex+0x10/0x10
[  150.956480][T10099]  ? xfd_validate_state+0x5d/0x180
[  150.957794][T10099]  ? rcu_is_watching+0x12/0xc0
[  150.959021][T10099]  __x64_sys_bpf+0x78/0xc0
[  150.960157][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.961482][T10099]  do_syscall_64+0xcd/0x250
[  150.962636][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.964128][T10099] RIP: 0033:0x7f3c36f7e719
[  150.965259][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.970056][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.972163][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  150.974146][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  150.976148][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  150.978589][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.980823][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  150.982845][T10099]  </TASK>
[  150.983759][T10099] BUG: Bad page state in process syz.6.968  pfn:23377
[  150.985509][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x23377
[  150.987884][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.989757][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  150.991976][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  150.994118][T10099] page dumped because: page_pool leak
[  150.995529][T10099] page_owner tracks the page as allocated
[  150.996949][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988294534, free_ts 144457186940
[  151.001596][T10099]  post_alloc_hook+0x2d1/0x350
[  151.002822][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.004362][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.005899][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.007416][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.009105][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.010710][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.012289][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  151.014070][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.015509][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.016864][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.017964][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.019540][T10099]  do_syscall_64+0xcd/0x250
[  151.020803][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.022303][T10099] page last free pid 10040 tgid 10040 stack trace:
[  151.024051][T10099]  free_unref_page+0x5f4/0xdc0
[  151.025300][T10099]  __put_partials+0x14c/0x170
[  151.026509][T10099]  qlist_free_all+0x4e/0x120
[  151.027716][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  151.029105][T10099]  __kasan_slab_alloc+0x69/0x90
[  151.030414][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  151.031808][T10099]  mas_alloc_nodes+0x176/0x860
[  151.033043][T10099]  mas_node_count_gfp+0x105/0x130
[  151.034328][T10099]  mas_preallocate+0x53b/0xcd0
[  151.035553][T10099]  commit_merge+0x61d/0xec0
[  151.036730][T10099]  vma_expand+0x3ee/0x990
[  151.037830][T10099]  vma_merge_new_range+0x37d/0xd20
[  151.039840][T10099]  mmap_region+0x499/0x2a50
[  151.041018][T10099]  do_mmap+0xc00/0xfc0
[  151.042104][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  151.043471][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  151.044665][T10099] Modules linked in:
[  151.045638][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  151.048661][T10099] Tainted: [B]=BAD_PAGE
[  151.049695][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.052282][T10099] Call Trace:
[  151.053108][T10099]  <TASK>
[  151.053834][T10099]  dump_stack_lvl+0x16c/0x1f0
[  151.055007][T10099]  bad_page+0xb3/0x1f0
[  151.056000][T10099]  ? __pfx_bad_page+0x10/0x10
[  151.057191][T10099]  ? page_bad_reason+0x9d/0x1e0
[  151.058450][T10099]  free_unref_page+0x657/0xdc0
[  151.059662][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  151.061168][T10099]  ? __phys_addr+0xc6/0x150
[  151.062310][T10099]  skb_free_head+0xa0/0x1d0
[  151.063556][T10099]  skb_release_data+0x560/0x730
[  151.064800][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  151.066144][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  151.067815][T10099]  ? kernel_text_address+0x8d/0x100
[  151.069076][T10099]  ? hlock_class+0x4e/0x130
[  151.070213][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  151.071444][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  151.073175][T10099]  ? hlock_class+0x4e/0x130
[  151.074322][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  151.075686][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  151.077160][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  151.078708][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  151.080358][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  151.081646][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.083310][T10099]  ? lock_acquire+0x2f/0xb0
[  151.084447][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.085979][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  151.087613][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  151.089225][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  151.090549][T10099]  ? __build_skb_around+0x278/0x3b0
[  151.091869][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  151.093169][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  151.094691][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  151.096332][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  151.097683][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.098994][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  151.100465][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.101931][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  151.103377][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  151.104815][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  151.106096][T10099]  ? 0xffffffffa0009640
[  151.107119][T10099]  ? 0xffffffffa0009640
[  151.108141][T10099]  ? 0xffffffffa0009640
[  151.109149][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.110595][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.111915][T10099]  ? lock_acquire+0x2f/0xb0
[  151.113047][T10099]  ? __fget_files+0x40/0x3f0
[  151.114192][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.115678][T10099]  ? fput+0x30/0x390
[  151.116670][T10099]  ? __bpf_prog_get+0xa0/0x290
[  151.117882][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.119349][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.120433][T10099]  ? __pfx_futex_wake+0x10/0x10
[  151.121684][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  151.122974][T10099]  ? __schedule+0xe5d/0x5730
[  151.124301][T10099]  ? __fget_files+0x23a/0x3f0
[  151.125492][T10099]  ? do_futex+0x123/0x350
[  151.126589][T10099]  ? __pfx_do_futex+0x10/0x10
[  151.127780][T10099]  ? xfd_validate_state+0x5d/0x180
[  151.129069][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.130297][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.131442][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.132783][T10099]  do_syscall_64+0xcd/0x250
[  151.133960][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.135608][T10099] RIP: 0033:0x7f3c36f7e719
[  151.136827][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.141893][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.144142][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  151.146116][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  151.148144][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  151.150114][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.152174][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  151.154145][T10099]  </TASK>
[  151.155085][T10099] BUG: Bad page state in process syz.6.968  pfn:23376
[  151.156808][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888023377e00 pfn:0x23376
[  151.159352][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.161192][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  151.164319][T10099] raw: ffff888023377e00 0000000000000001 00000000ffffffff 0000000000000000
[  151.166465][T10099] page dumped because: page_pool leak
[  151.167824][T10099] page_owner tracks the page as allocated
[  151.169298][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988290324, free_ts 144457186940
[  151.173529][T10099]  post_alloc_hook+0x2d1/0x350
[  151.174906][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.176319][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.177621][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.179018][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.180569][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.181902][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.183162][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  151.184718][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.186087][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.187405][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.188487][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.189686][T10099]  do_syscall_64+0xcd/0x250
[  151.190846][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.192379][T10099] page last free pid 10040 tgid 10040 stack trace:
[  151.194038][T10099]  free_unref_page+0x5f4/0xdc0
[  151.195278][T10099]  __put_partials+0x14c/0x170
[  151.196434][T10099]  qlist_free_all+0x4e/0x120
[  151.197605][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  151.198961][T10099]  __kasan_slab_alloc+0x69/0x90
[  151.200217][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  151.201514][T10099]  mas_alloc_nodes+0x176/0x860
[  151.202722][T10099]  mas_node_count_gfp+0x105/0x130
[  151.203990][T10099]  mas_preallocate+0x53b/0xcd0
[  151.205203][T10099]  commit_merge+0x61d/0xec0
[  151.206328][T10099]  vma_expand+0x3ee/0x990
[  151.207431][T10099]  vma_merge_new_range+0x37d/0xd20
[  151.208714][T10099]  mmap_region+0x499/0x2a50
[  151.209895][T10099]  do_mmap+0xc00/0xfc0
[  151.210894][T10099]  vm_mmap_pgoff+0x1ba/0x360
[  151.212043][T10099]  ksys_mmap_pgoff+0x32c/0x5c0
[  151.213265][T10099] Modules linked in:
[  151.214232][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  151.217170][T10099] Tainted: [B]=BAD_PAGE
[  151.218169][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.221126][T10099] Call Trace:
[  151.221956][T10099]  <TASK>
[  151.222711][T10099]  dump_stack_lvl+0x16c/0x1f0
[  151.223898][T10099]  bad_page+0xb3/0x1f0
[  151.224932][T10099]  ? __pfx_bad_page+0x10/0x10
[  151.226119][T10099]  ? page_bad_reason+0x9d/0x1e0
[  151.227357][T10099]  free_unref_page+0x657/0xdc0
[  151.228571][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  151.230057][T10099]  ? __phys_addr+0xc6/0x150
[  151.231230][T10099]  skb_free_head+0xa0/0x1d0
[  151.232442][T10099]  skb_release_data+0x560/0x730
[  151.233683][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  151.234970][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  151.236658][T10099]  ? kernel_text_address+0x8d/0x100
[  151.237972][T10099]  ? hlock_class+0x4e/0x130
[  151.239129][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  151.240411][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  151.242160][T10099]  ? hlock_class+0x4e/0x130
[  151.243336][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  151.244578][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  151.245883][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  151.247523][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  151.249132][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  151.250420][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.251989][T10099]  ? lock_acquire+0x2f/0xb0
[  151.253129][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.254713][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  151.256300][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  151.258034][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  151.259351][T10099]  ? __build_skb_around+0x278/0x3b0
[  151.260678][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  151.262009][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  151.263575][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  151.265201][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  151.266620][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.267980][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  151.269477][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.270942][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  151.272468][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  151.273938][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  151.275302][T10099]  ? 0xffffffffa0009640
[  151.276378][T10099]  ? 0xffffffffa0009640
[  151.277420][T10099]  ? 0xffffffffa0009640
[  151.278472][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.280114][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.281626][T10099]  ? lock_acquire+0x2f/0xb0
[  151.282884][T10099]  ? __fget_files+0x40/0x3f0
[  151.284116][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.285617][T10099]  ? fput+0x30/0x390
[  151.286648][T10099]  ? __bpf_prog_get+0xa0/0x290
[  151.287878][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.289465][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.290599][T10099]  ? __pfx_futex_wake+0x10/0x10
[  151.291843][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  151.293056][T10099]  ? __schedule+0xe5d/0x5730
[  151.294237][T10099]  ? __fget_files+0x23a/0x3f0
[  151.295448][T10099]  ? do_futex+0x123/0x350
[  151.296545][T10099]  ? __pfx_do_futex+0x10/0x10
[  151.298436][T10099]  ? xfd_validate_state+0x5d/0x180
[  151.299833][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.301091][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.302229][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.303641][T10099]  do_syscall_64+0xcd/0x250
[  151.304920][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.306634][T10099] RIP: 0033:0x7f3c36f7e719
[  151.307767][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.312510][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.314602][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  151.316547][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  151.318495][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  151.320725][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.322828][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  151.324942][T10099]  </TASK>
[  151.325818][T10099] BUG: Bad page state in process syz.6.968  pfn:561e3
[  151.327659][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x561e3
[  151.329848][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.331651][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  151.333812][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  151.336007][T10099] page dumped because: page_pool leak
[  151.337351][T10099] page_owner tracks the page as allocated
[  151.338818][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988286162, free_ts 145878670819
[  151.343033][T10099]  post_alloc_hook+0x2d1/0x350
[  151.344249][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.345648][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.346968][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.348374][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.349922][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.351279][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.352562][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  151.354114][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.355497][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.356861][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.357961][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.359090][T10099]  do_syscall_64+0xcd/0x250
[  151.360300][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.361774][T10099] page last free pid 10094 tgid 10094 stack trace:
[  151.363419][T10099]  free_unref_page+0x5f4/0xdc0
[  151.364632][T10099]  __mmdrop+0xd5/0x460
[  151.365677][T10099]  __mmput+0x3c8/0x480
[  151.366691][T10099]  mmput+0x62/0x70
[  151.367651][T10099]  begin_new_exec+0x13b9/0x3390
[  151.368861][T10099]  load_elf_binary+0x7ee/0x4e20
[  151.370105][T10099]  bprm_execve+0x703/0x1960
[  151.371306][T10099]  do_execveat_common.isra.0+0x4f1/0x630
[  151.372669][T10099]  __x64_sys_execve+0x8c/0xb0
[  151.373846][T10099]  do_syscall_64+0xcd/0x250
[  151.375278][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.377024][T10099] Modules linked in:
[  151.378066][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  151.381123][T10099] Tainted: [B]=BAD_PAGE
[  151.382354][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.385738][T10099] Call Trace:
[  151.386627][T10099]  <TASK>
[  151.387444][T10099]  dump_stack_lvl+0x16c/0x1f0
[  151.388648][T10099]  bad_page+0xb3/0x1f0
[  151.389708][T10099]  ? __pfx_bad_page+0x10/0x10
[  151.390907][T10099]  ? page_bad_reason+0x9d/0x1e0
[  151.392190][T10099]  free_unref_page+0x657/0xdc0
[  151.393369][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  151.394880][T10099]  ? __phys_addr+0xc6/0x150
[  151.396135][T10099]  skb_free_head+0xa0/0x1d0
[  151.397295][T10099]  skb_release_data+0x560/0x730
[  151.398578][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  151.399928][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  151.401625][T10099]  ? kernel_text_address+0x8d/0x100
[  151.402938][T10099]  ? hlock_class+0x4e/0x130
[  151.404250][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  151.405559][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  151.407457][T10099]  ? hlock_class+0x4e/0x130
[  151.408614][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  151.409848][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  151.411170][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  151.412804][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  151.414564][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  151.415938][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.417548][T10099]  ? lock_acquire+0x2f/0xb0
[  151.418716][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.420319][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  151.421881][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  151.423650][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  151.425097][T10099]  ? __build_skb_around+0x278/0x3b0
[  151.426463][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  151.427920][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  151.429521][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  151.431191][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  151.432529][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.433877][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  151.435424][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.436887][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  151.438381][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  151.439873][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  151.441397][T10099]  ? 0xffffffffa0009640
[  151.442444][T10099]  ? 0xffffffffa0009640
[  151.443629][T10099]  ? 0xffffffffa0009640
[  151.445011][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.446592][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.447954][T10099]  ? lock_acquire+0x2f/0xb0
[  151.449083][T10099]  ? __fget_files+0x40/0x3f0
[  151.450213][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.451662][T10099]  ? fput+0x30/0x390
[  151.452643][T10099]  ? __bpf_prog_get+0xa0/0x290
[  151.453849][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.455323][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.456446][T10099]  ? __pfx_futex_wake+0x10/0x10
[  151.457652][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  151.458843][T10099]  ? __schedule+0xe5d/0x5730
[  151.460038][T10099]  ? __fget_files+0x23a/0x3f0
[  151.461196][T10099]  ? do_futex+0x123/0x350
[  151.462267][T10099]  ? __pfx_do_futex+0x10/0x10
[  151.463440][T10099]  ? xfd_validate_state+0x5d/0x180
[  151.464696][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.465890][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.466975][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.468281][T10099]  do_syscall_64+0xcd/0x250
[  151.469426][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.470898][T10099] RIP: 0033:0x7f3c36f7e719
[  151.472017][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.476767][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.479291][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  151.481314][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  151.483314][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  151.485228][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.487143][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  151.489259][T10099]  </TASK>
[  151.490145][T10099] BUG: Bad page state in process syz.6.968  pfn:561e2
[  151.491824][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012006880 pfn:0x561e2
[  151.494365][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.496189][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  151.498348][T10099] raw: ffff888012006880 0000000000000001 00000000ffffffff 0000000000000000
[  151.500523][T10099] page dumped because: page_pool leak
[  151.501862][T10099] page_owner tracks the page as allocated
[  151.503300][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988281581, free_ts 145878670819
[  151.507488][T10099]  post_alloc_hook+0x2d1/0x350
[  151.508690][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.510059][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.511357][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.512697][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.514145][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.515466][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.516736][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  151.518241][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.519586][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.520911][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.521973][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.523081][T10099]  do_syscall_64+0xcd/0x250
[  151.524216][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.525645][T10099] page last free pid 10094 tgid 10094 stack trace:
[  151.527230][T10099]  free_unref_page+0x5f4/0xdc0
[  151.528386][T10099]  __mmdrop+0xd5/0x460
[  151.529414][T10099]  __mmput+0x3c8/0x480
[  151.530477][T10099]  mmput+0x62/0x70
[  151.531433][T10099]  begin_new_exec+0x13b9/0x3390
[  151.532636][T10099]  load_elf_binary+0x7ee/0x4e20
[  151.533845][T10099]  bprm_execve+0x703/0x1960
[  151.534994][T10099]  do_execveat_common.isra.0+0x4f1/0x630
[  151.536377][T10099]  __x64_sys_execve+0x8c/0xb0
[  151.537564][T10099]  do_syscall_64+0xcd/0x250
[  151.538693][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.540207][T10099] Modules linked in:
[  151.541238][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  151.544087][T10099] Tainted: [B]=BAD_PAGE
[  151.545122][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.547714][T10099] Call Trace:
[  151.548533][T10099]  <TASK>
[  151.549261][T10099]  dump_stack_lvl+0x16c/0x1f0
[  151.550431][T10099]  bad_page+0xb3/0x1f0
[  151.551454][T10099]  ? __pfx_bad_page+0x10/0x10
[  151.552643][T10099]  ? page_bad_reason+0x9d/0x1e0
[  151.553891][T10099]  free_unref_page+0x657/0xdc0
[  151.555097][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  151.556596][T10099]  ? __phys_addr+0xc6/0x150
[  151.557719][T10099]  skb_free_head+0xa0/0x1d0
[  151.558857][T10099]  skb_release_data+0x560/0x730
[  151.560061][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  151.561298][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  151.562918][T10099]  ? kernel_text_address+0x8d/0x100
[  151.564199][T10099]  ? hlock_class+0x4e/0x130
[  151.565326][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  151.566584][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  151.568361][T10099]  ? hlock_class+0x4e/0x130
[  151.569522][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  151.570754][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  151.572076][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  151.573593][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  151.575252][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  151.576592][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.578168][T10099]  ? lock_acquire+0x2f/0xb0
[  151.579291][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.580844][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  151.582347][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  151.583974][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  151.585255][T10099]  ? __build_skb_around+0x278/0x3b0
[  151.586555][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  151.587862][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  151.589402][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  151.591057][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  151.592494][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.593835][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  151.595348][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.596849][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  151.598340][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  151.599841][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  151.601162][T10099]  ? 0xffffffffa0009640
[  151.602190][T10099]  ? 0xffffffffa0009640
[  151.603253][T10099]  ? 0xffffffffa0009640
[  151.604305][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.605767][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.607108][T10099]  ? lock_acquire+0x2f/0xb0
[  151.608244][T10099]  ? __fget_files+0x40/0x3f0
[  151.609393][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.610836][T10099]  ? fput+0x30/0x390
[  151.611831][T10099]  ? __bpf_prog_get+0xa0/0x290
[  151.613051][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.614510][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.615620][T10099]  ? __pfx_futex_wake+0x10/0x10
[  151.616838][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  151.618045][T10099]  ? __schedule+0xe5d/0x5730
[  151.619219][T10099]  ? __fget_files+0x23a/0x3f0
[  151.620388][T10099]  ? do_futex+0x123/0x350
[  151.621479][T10099]  ? __pfx_do_futex+0x10/0x10
[  151.622661][T10099]  ? xfd_validate_state+0x5d/0x180
[  151.623911][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.625143][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.626256][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.627563][T10099]  do_syscall_64+0xcd/0x250
[  151.628728][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.630212][T10099] RIP: 0033:0x7f3c36f7e719
[  151.631331][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.636019][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.638165][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  151.640156][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  151.642102][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  151.644089][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.646029][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  151.647959][T10099]  </TASK>
[  151.648834][T10099] BUG: Bad page state in process syz.6.968  pfn:35014
[  151.650528][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888035015e00 pfn:0x35014
[  151.652969][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.654684][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  151.656796][T10099] raw: ffff888035015e00 0000000000000001 00000000ffffffff 0000000000000000
[  151.658942][T10099] page dumped because: page_pool leak
[  151.660352][T10099] page_owner tracks the page as allocated
[  151.661792][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988277041, free_ts 145690334397
[  151.665951][T10099]  post_alloc_hook+0x2d1/0x350
[  151.667292][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.668697][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.670240][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.671637][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.673112][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.674449][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.675733][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  151.677236][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.678568][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.679971][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.681062][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.682204][T10099]  do_syscall_64+0xcd/0x250
[  151.683361][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.684864][T10099] page last free pid 34 tgid 34 stack trace:
[  151.686365][T10099]  free_unref_page+0x5f4/0xdc0
[  151.687576][T10099]  __folio_put+0x30d/0x3d0
[  151.688711][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  151.690161][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  151.691434][T10099]  rcu_core+0x79d/0x14d0
[  151.692490][T10099]  handle_softirqs+0x213/0x8f0
[  151.693713][T10099]  run_ksoftirqd+0x3a/0x60
[  151.694842][T10099]  smpboot_thread_fn+0x661/0xa30
[  151.696089][T10099]  kthread+0x2c1/0x3a0
[  151.697117][T10099]  ret_from_fork+0x45/0x80
[  151.698224][T10099]  ret_from_fork_asm+0x1a/0x30
[  151.699409][T10099] Modules linked in:
[  151.700407][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  151.703415][T10099] Tainted: [B]=BAD_PAGE
[  151.704459][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.707097][T10099] Call Trace:
[  151.707943][T10099]  <TASK>
[  151.708712][T10099]  dump_stack_lvl+0x16c/0x1f0
[  151.709917][T10099]  bad_page+0xb3/0x1f0
[  151.710963][T10099]  ? __pfx_bad_page+0x10/0x10
[  151.712149][T10099]  ? page_bad_reason+0x9d/0x1e0
[  151.713388][T10099]  free_unref_page+0x657/0xdc0
[  151.714604][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  151.716106][T10099]  ? __phys_addr+0xc6/0x150
[  151.717279][T10099]  skb_free_head+0xa0/0x1d0
[  151.718429][T10099]  skb_release_data+0x560/0x730
[  151.719666][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  151.720926][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  151.722593][T10099]  ? kernel_text_address+0x8d/0x100
[  151.723903][T10099]  ? hlock_class+0x4e/0x130
[  151.725014][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  151.726308][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  151.728052][T10099]  ? hlock_class+0x4e/0x130
[  151.729190][T10099]  ? __lock_acquire+0xbdd/0x3ce0
[  151.730426][T10099]  ? __pfx___lock_acquire+0x10/0x10
[  151.731718][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  151.733200][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  151.734849][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  151.736188][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.737834][T10099]  ? lock_acquire+0x2f/0xb0
[  151.739012][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.740688][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  151.742210][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  151.743840][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  151.745106][T10099]  ? __build_skb_around+0x278/0x3b0
[  151.746395][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  151.747742][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  151.749335][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  151.751094][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  151.752618][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.753971][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  151.755472][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.756974][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  151.758493][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  151.760001][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  151.761351][T10099]  ? 0xffffffffa0009640
[  151.762393][T10099]  ? 0xffffffffa0009640
[  151.763419][T10099]  ? 0xffffffffa0009640
[  151.764428][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.765869][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.767173][T10099]  ? lock_acquire+0x2f/0xb0
[  151.768304][T10099]  ? __fget_files+0x40/0x3f0
[  151.769434][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.770887][T10099]  ? fput+0x30/0x390
[  151.771862][T10099]  ? __bpf_prog_get+0xa0/0x290
[  151.773051][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.774742][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.776040][T10099]  ? __pfx_futex_wake+0x10/0x10
[  151.777263][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  151.778437][T10099]  ? __schedule+0xe5d/0x5730
[  151.779580][T10099]  ? __fget_files+0x23a/0x3f0
[  151.780746][T10099]  ? do_futex+0x123/0x350
[  151.781832][T10099]  ? __pfx_do_futex+0x10/0x10
[  151.782969][T10099]  ? xfd_validate_state+0x5d/0x180
[  151.784268][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.785460][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.786571][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.787896][T10099]  do_syscall_64+0xcd/0x250
[  151.789033][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.790499][T10099] RIP: 0033:0x7f3c36f7e719
[  151.791626][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.796370][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.798434][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  151.800364][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  151.802436][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  151.804394][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.806346][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  151.808320][T10099]  </TASK>
[  151.809238][T10099] BUG: Bad page state in process syz.6.968  pfn:46fb4
[  151.810986][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888046fb7c00 pfn:0x46fb4
[  151.813540][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.815349][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  151.817507][T10099] raw: ffff888046fb7c00 0000000000000001 00000000ffffffff 0000000000000000
[  151.819714][T10099] page dumped because: page_pool leak
[  151.821063][T10099] page_owner tracks the page as allocated
[  151.822481][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988271868, free_ts 145560269001
[  151.826715][T10099]  post_alloc_hook+0x2d1/0x350
[  151.827936][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.829308][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.830753][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.832146][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.833596][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.834954][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.836305][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  151.837874][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.839277][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.840699][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.841786][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.842927][T10099]  do_syscall_64+0xcd/0x250
[  151.844097][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.845564][T10099] page last free pid 29 tgid 29 stack trace:
[  151.847084][T10099]  free_unref_page+0x5f4/0xdc0
[  151.848317][T10099]  __folio_put+0x30d/0x3d0
[  151.849539][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  151.850960][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  151.852266][T10099]  rcu_core+0x79d/0x14d0
[  151.853365][T10099]  handle_softirqs+0x213/0x8f0
[  151.854573][T10099]  run_ksoftirqd+0x3a/0x60
[  151.855718][T10099]  smpboot_thread_fn+0x661/0xa30
[  151.856982][T10099]  kthread+0x2c1/0x3a0
[  151.858029][T10099]  ret_from_fork+0x45/0x80
[  151.859144][T10099]  ret_from_fork_asm+0x1a/0x30
[  151.860421][T10099] Modules linked in:
[  151.861554][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  151.864571][T10099] Tainted: [B]=BAD_PAGE
[  151.865632][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.868502][T10099] Call Trace:
[  151.869415][T10099]  <TASK>
[  151.870238][T10099]  dump_stack_lvl+0x16c/0x1f0
[  151.871502][T10099]  bad_page+0xb3/0x1f0
[  151.872633][T10099]  ? __pfx_bad_page+0x10/0x10
[  151.873908][T10099]  ? page_bad_reason+0x9d/0x1e0
[  151.875252][T10099]  free_unref_page+0x657/0xdc0
[  151.876541][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  151.878172][T10099]  ? __phys_addr+0xc6/0x150
[  151.879415][T10099]  skb_free_head+0xa0/0x1d0
[  151.880604][T10099]  skb_release_data+0x560/0x730
[  151.881838][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  151.883134][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  151.884790][T10099]  ? kernel_text_address+0x8d/0x100
[  151.886097][T10099]  ? hlock_class+0x4e/0x130
[  151.887243][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  151.888501][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  151.890235][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.891438][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  151.892946][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  151.894558][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  151.895921][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.897545][T10099]  ? lock_acquire+0x2f/0xb0
[  151.898877][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  151.900604][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  151.902365][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  151.904083][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  151.905539][T10099]  ? __build_skb_around+0x278/0x3b0
[  151.907008][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  151.908384][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  151.909969][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  151.911636][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  151.913051][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  151.914411][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  151.915916][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.917739][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  151.919363][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  151.921072][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  151.923342][T10099]  ? 0xffffffffa0009640
[  151.924438][T10099]  ? 0xffffffffa0009640
[  151.925562][T10099]  ? 0xffffffffa0009640
[  151.926611][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  151.927971][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  151.929385][T10099]  ? lock_acquire+0x2f/0xb0
[  151.930524][T10099]  ? __fget_files+0x40/0x3f0
[  151.931708][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.933185][T10099]  ? fput+0x30/0x390
[  151.934182][T10099]  ? __bpf_prog_get+0xa0/0x290
[  151.935436][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  151.936924][T10099]  __sys_bpf+0xfc6/0x49a0
[  151.938383][T10099]  ? __pfx_futex_wake+0x10/0x10
[  151.939656][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  151.940887][T10099]  ? __schedule+0xe5d/0x5730
[  151.942223][T10099]  ? __fget_files+0x23a/0x3f0
[  151.943484][T10099]  ? do_futex+0x123/0x350
[  151.944590][T10099]  ? __pfx_do_futex+0x10/0x10
[  151.945919][T10099]  ? xfd_validate_state+0x5d/0x180
[  151.947221][T10099]  ? rcu_is_watching+0x12/0xc0
[  151.948437][T10099]  __x64_sys_bpf+0x78/0xc0
[  151.949576][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.950870][T10099]  do_syscall_64+0xcd/0x250
[  151.952034][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.953518][T10099] RIP: 0033:0x7f3c36f7e719
[  151.954619][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.959429][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  151.961540][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  151.963493][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  151.965445][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  151.967413][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.969448][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  151.971424][T10099]  </TASK>
[  151.972310][T10099] BUG: Bad page state in process syz.6.968  pfn:58086
[  151.973984][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888058087e00 pfn:0x58086
[  151.976493][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  151.978287][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  151.980492][T10099] raw: ffff888058087e00 0000000000000001 00000000ffffffff 0000000000000000
[  151.982589][T10099] page dumped because: page_pool leak
[  151.983984][T10099] page_owner tracks the page as allocated
[  151.985386][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988267134, free_ts 145296239137
[  151.989553][T10099]  post_alloc_hook+0x2d1/0x350
[  151.990754][T10099]  get_page_from_freelist+0x101e/0x3070
[  151.992119][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  151.993443][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  151.994841][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  151.996308][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  151.997613][T10099]  page_pool_alloc_pages+0x1a/0x60
[  151.998899][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.000632][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.002070][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.003613][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.005008][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.006178][T10099]  do_syscall_64+0xcd/0x250
[  152.007341][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.008852][T10099] page last free pid 5361 tgid 5361 stack trace:
[  152.010483][T10099]  free_unref_page+0x5f4/0xdc0
[  152.011713][T10099]  __put_partials+0x14c/0x170
[  152.012916][T10099]  qlist_free_all+0x4e/0x120
[  152.014099][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  152.015485][T10099]  __kasan_slab_alloc+0x69/0x90
[  152.016705][T10099]  __kmalloc_noprof+0x199/0x400
[  152.017973][T10099]  tomoyo_realpath_from_path+0xb9/0x720
[  152.019350][T10099]  tomoyo_path_perm+0x273/0x450
[  152.020579][T10099]  security_inode_getattr+0x116/0x290
[  152.021912][T10099]  vfs_fstat+0x53/0xd0
[  152.022962][T10099]  vfs_fstatat+0x146/0x160
[  152.024354][T10099]  __do_sys_newfstatat+0xa2/0x130
[  152.025622][T10099]  do_syscall_64+0xcd/0x250
[  152.026763][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.028355][T10099] Modules linked in:
[  152.029382][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  152.032325][T10099] Tainted: [B]=BAD_PAGE
[  152.033431][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.036066][T10099] Call Trace:
[  152.036915][T10099]  <TASK>
[  152.037677][T10099]  dump_stack_lvl+0x16c/0x1f0
[  152.038946][T10099]  bad_page+0xb3/0x1f0
[  152.040035][T10099]  ? __pfx_bad_page+0x10/0x10
[  152.041362][T10099]  ? page_bad_reason+0x9d/0x1e0
[  152.042645][T10099]  free_unref_page+0x657/0xdc0
[  152.043887][T10099]  ? __phys_addr+0xc6/0x150
[  152.045126][T10099]  ? page_frag_free+0x46/0x1e0
[  152.046316][T10099]  skb_free_head+0xa0/0x1d0
[  152.047487][T10099]  skb_release_data+0x560/0x730
[  152.048725][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  152.050040][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  152.051785][T10099]  ? kernel_text_address+0x8d/0x100
[  152.053188][T10099]  ? hlock_class+0x4e/0x130
[  152.054399][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  152.055728][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  152.057517][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.058950][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  152.060743][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  152.062609][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  152.064085][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.065787][T10099]  ? lock_acquire+0x2f/0xb0
[  152.066915][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.068543][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  152.070176][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  152.071803][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  152.073103][T10099]  ? __build_skb_around+0x278/0x3b0
[  152.074440][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  152.075841][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  152.077407][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  152.079056][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  152.080720][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.082142][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  152.083971][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.085618][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.087161][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  152.088681][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.090036][T10099]  ? 0xffffffffa0009640
[  152.091109][T10099]  ? 0xffffffffa0009640
[  152.092210][T10099]  ? 0xffffffffa0009640
[  152.093273][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.094765][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.096176][T10099]  ? lock_acquire+0x2f/0xb0
[  152.097349][T10099]  ? __fget_files+0x40/0x3f0
[  152.098633][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.100218][T10099]  ? fput+0x30/0x390
[  152.101530][T10099]  ? __bpf_prog_get+0xa0/0x290
[  152.103053][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.104528][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.105624][T10099]  ? __pfx_futex_wake+0x10/0x10
[  152.106856][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  152.108156][T10099]  ? __schedule+0xe5d/0x5730
[  152.109321][T10099]  ? __fget_files+0x23a/0x3f0
[  152.110514][T10099]  ? do_futex+0x123/0x350
[  152.111628][T10099]  ? __pfx_do_futex+0x10/0x10
[  152.112813][T10099]  ? xfd_validate_state+0x5d/0x180
[  152.114107][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.115331][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.116455][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.117751][T10099]  do_syscall_64+0xcd/0x250
[  152.119091][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.120708][T10099] RIP: 0033:0x7f3c36f7e719
[  152.121823][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.126561][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.128656][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  152.130618][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  152.132539][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  152.134490][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.136415][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  152.138426][T10099]  </TASK>
[  152.139628][T10099] BUG: Bad page state in process syz.6.968  pfn:5df53
[  152.141500][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5df53
[  152.143715][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  152.145607][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  152.147727][T10099] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[  152.149924][T10099] page dumped because: page_pool leak
[  152.151279][T10099] page_owner tracks the page as allocated
[  152.152695][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988262861, free_ts 145529813555
[  152.156982][T10099]  post_alloc_hook+0x2d1/0x350
[  152.158359][T10099]  get_page_from_freelist+0x101e/0x3070
[  152.160132][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  152.161466][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  152.163405][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  152.165034][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  152.166454][T10099]  page_pool_alloc_pages+0x1a/0x60
[  152.167776][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.169353][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.170737][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.172108][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.173201][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.174305][T10099]  do_syscall_64+0xcd/0x250
[  152.175472][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.177132][T10099] page last free pid 29 tgid 29 stack trace:
[  152.178901][T10099]  free_unref_page+0x5f4/0xdc0
[  152.180566][T10099]  __folio_put+0x30d/0x3d0
[  152.181897][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  152.183360][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  152.184711][T10099]  rcu_core+0x79d/0x14d0
[  152.185852][T10099]  handle_softirqs+0x213/0x8f0
[  152.187175][T10099]  run_ksoftirqd+0x3a/0x60
[  152.188326][T10099]  smpboot_thread_fn+0x661/0xa30
[  152.189719][T10099]  kthread+0x2c1/0x3a0
[  152.190838][T10099]  ret_from_fork+0x45/0x80
[  152.192045][T10099]  ret_from_fork_asm+0x1a/0x30
[  152.193234][T10099] Modules linked in:
[  152.194199][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  152.197402][T10099] Tainted: [B]=BAD_PAGE
[  152.198559][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.201249][T10099] Call Trace:
[  152.202101][T10099]  <TASK>
[  152.202841][T10099]  dump_stack_lvl+0x16c/0x1f0
[  152.204035][T10099]  bad_page+0xb3/0x1f0
[  152.205089][T10099]  ? __pfx_bad_page+0x10/0x10
[  152.206273][T10099]  ? page_bad_reason+0x9d/0x1e0
[  152.207524][T10099]  free_unref_page+0x657/0xdc0
[  152.208736][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  152.210225][T10099]  ? __phys_addr+0xc6/0x150
[  152.211375][T10099]  skb_free_head+0xa0/0x1d0
[  152.212523][T10099]  skb_release_data+0x560/0x730
[  152.213717][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  152.214934][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  152.216570][T10099]  ? kernel_text_address+0x8d/0x100
[  152.217848][T10099]  ? hlock_class+0x4e/0x130
[  152.219018][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  152.220313][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  152.222100][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.223349][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  152.224862][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  152.226493][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  152.227817][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.229396][T10099]  ? lock_acquire+0x2f/0xb0
[  152.230530][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.232134][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  152.233639][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  152.235263][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  152.236537][T10099]  ? __build_skb_around+0x278/0x3b0
[  152.237806][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  152.239162][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  152.240739][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  152.242360][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  152.243746][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.245094][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  152.246562][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.248070][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.249563][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  152.251054][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.252412][T10099]  ? 0xffffffffa0009640
[  152.253482][T10099]  ? 0xffffffffa0009640
[  152.254532][T10099]  ? 0xffffffffa0009640
[  152.255604][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.257085][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.258467][T10099]  ? lock_acquire+0x2f/0xb0
[  152.259643][T10099]  ? __fget_files+0x40/0x3f0
[  152.260948][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.262423][T10099]  ? fput+0x30/0x390
[  152.263432][T10099]  ? __bpf_prog_get+0xa0/0x290
[  152.264652][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.266140][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.267271][T10099]  ? __pfx_futex_wake+0x10/0x10
[  152.268492][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  152.269712][T10099]  ? __schedule+0xe5d/0x5730
[  152.270907][T10099]  ? __fget_files+0x23a/0x3f0
[  152.272132][T10099]  ? do_futex+0x123/0x350
[  152.273250][T10099]  ? __pfx_do_futex+0x10/0x10
[  152.274409][T10099]  ? xfd_validate_state+0x5d/0x180
[  152.275717][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.276936][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.278274][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.279715][T10099]  do_syscall_64+0xcd/0x250
[  152.281170][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.282647][T10099] RIP: 0033:0x7f3c36f7e719
[  152.283834][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.288638][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.290764][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  152.292816][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  152.294792][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  152.296773][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.298791][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  152.300801][T10099]  </TASK>
[  152.301690][T10099] BUG: Bad page state in process syz.6.968  pfn:32599
[  152.303349][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x32599
[  152.305852][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  152.307634][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  152.309818][T10099] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[  152.311922][T10099] page dumped because: page_pool leak
[  152.313242][T10099] page_owner tracks the page as allocated
[  152.314642][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988258438, free_ts 145399973963
[  152.318832][T10099]  post_alloc_hook+0x2d1/0x350
[  152.320089][T10099]  get_page_from_freelist+0x101e/0x3070
[  152.321483][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  152.322824][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  152.324220][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  152.325686][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  152.327007][T10099]  page_pool_alloc_pages+0x1a/0x60
[  152.328333][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.329956][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.331310][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.332687][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.333815][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.334922][T10099]  do_syscall_64+0xcd/0x250
[  152.336076][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.337570][T10099] page last free pid 29 tgid 29 stack trace:
[  152.339086][T10099]  free_unref_page+0x5f4/0xdc0
[  152.340376][T10099]  __folio_put+0x30d/0x3d0
[  152.341498][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  152.342848][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  152.344117][T10099]  rcu_core+0x79d/0x14d0
[  152.345201][T10099]  handle_softirqs+0x213/0x8f0
[  152.346431][T10099]  run_ksoftirqd+0x3a/0x60
[  152.347767][T10099]  smpboot_thread_fn+0x661/0xa30
[  152.349001][T10099]  kthread+0x2c1/0x3a0
[  152.350099][T10099]  ret_from_fork+0x45/0x80
[  152.351217][T10099]  ret_from_fork_asm+0x1a/0x30
[  152.352411][T10099] Modules linked in:
[  152.353416][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  152.356414][T10099] Tainted: [B]=BAD_PAGE
[  152.357457][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.360104][T10099] Call Trace:
[  152.360956][T10099]  <TASK>
[  152.361707][T10099]  dump_stack_lvl+0x16c/0x1f0
[  152.362900][T10099]  bad_page+0xb3/0x1f0
[  152.363959][T10099]  ? __pfx_bad_page+0x10/0x10
[  152.365154][T10099]  ? page_bad_reason+0x9d/0x1e0
[  152.366399][T10099]  free_unref_page+0x657/0xdc0
[  152.367621][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  152.369134][T10099]  ? __phys_addr+0xc6/0x150
[  152.370290][T10099]  skb_free_head+0xa0/0x1d0
[  152.371465][T10099]  skb_release_data+0x560/0x730
[  152.372704][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  152.373972][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  152.375680][T10099]  ? kernel_text_address+0x8d/0x100
[  152.376875][T10099]  ? hlock_class+0x4e/0x130
[  152.377899][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  152.379123][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  152.380859][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.382090][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  152.383594][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  152.385191][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  152.386507][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.388117][T10099]  ? lock_acquire+0x2f/0xb0
[  152.389274][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.390854][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  152.392435][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  152.394119][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  152.395489][T10099]  ? __build_skb_around+0x278/0x3b0
[  152.396811][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  152.398159][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  152.399732][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  152.401376][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  152.402805][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.404179][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  152.405654][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.407131][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.408635][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  152.410107][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.411408][T10099]  ? 0xffffffffa0009640
[  152.412466][T10099]  ? 0xffffffffa0009640
[  152.413507][T10099]  ? 0xffffffffa0009640
[  152.414539][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.416051][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.417410][T10099]  ? lock_acquire+0x2f/0xb0
[  152.418548][T10099]  ? __fget_files+0x40/0x3f0
[  152.419695][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.421250][T10099]  ? fput+0x30/0x390
[  152.422245][T10099]  ? __bpf_prog_get+0xa0/0x290
[  152.423461][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.424865][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.425973][T10099]  ? __pfx_futex_wake+0x10/0x10
[  152.427214][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  152.428430][T10099]  ? __schedule+0xe5d/0x5730
[  152.429607][T10099]  ? __fget_files+0x23a/0x3f0
[  152.430803][T10099]  ? do_futex+0x123/0x350
[  152.431915][T10099]  ? __pfx_do_futex+0x10/0x10
[  152.433108][T10099]  ? xfd_validate_state+0x5d/0x180
[  152.434386][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.435643][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.436802][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.438631][T10099]  do_syscall_64+0xcd/0x250
[  152.440401][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.441932][T10099] RIP: 0033:0x7f3c36f7e719
[  152.443075][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.447927][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.449970][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  152.451907][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  152.453859][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  152.455850][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.457739][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  152.459723][T10099]  </TASK>
[  152.460595][T10099] BUG: Bad page state in process syz.6.968  pfn:42b5a
[  152.462567][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888042b5be00 pfn:0x42b5a
[  152.465177][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  152.466991][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  152.469186][T10099] raw: ffff888042b5be00 0000000000000001 00000000ffffffff 0000000000000000
[  152.471408][T10099] page dumped because: page_pool leak
[  152.472796][T10099] page_owner tracks the page as allocated
[  152.474228][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988253986, free_ts 142930763381
[  152.478422][T10099]  post_alloc_hook+0x2d1/0x350
[  152.479703][T10099]  get_page_from_freelist+0x101e/0x3070
[  152.481118][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  152.482463][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  152.483897][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  152.485386][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  152.486700][T10099]  page_pool_alloc_pages+0x1a/0x60
[  152.487971][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.489541][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.490844][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.492228][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.493283][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.494397][T10099]  do_syscall_64+0xcd/0x250
[  152.495560][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.497037][T10099] page last free pid 9990 tgid 9990 stack trace:
[  152.498616][T10099]  free_unref_page+0x5f4/0xdc0
[  152.499901][T10099]  vfree+0x17a/0x890
[  152.500892][T10099]  kvm_arch_free_memslot+0x115/0x1d0
[  152.502235][T10099]  kvm_free_memslots.part.0+0x12a/0x1f0
[  152.503643][T10099]  kvm_put_kvm+0x8b5/0xb40
[  152.504722][T10099]  kvm_vm_release+0x3c/0x50
[  152.505880][T10099]  __fput+0x3f6/0xb60
[  152.506885][T10099]  task_work_run+0x14e/0x250
[  152.508072][T10099]  syscall_exit_to_user_mode+0x27b/0x2a0
[  152.509565][T10099]  do_syscall_64+0xda/0x250
[  152.510821][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.512312][T10099] Modules linked in:
[  152.513273][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  152.516169][T10099] Tainted: [B]=BAD_PAGE
[  152.517169][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.519748][T10099] Call Trace:
[  152.520605][T10099]  <TASK>
[  152.521356][T10099]  dump_stack_lvl+0x16c/0x1f0
[  152.522530][T10099]  bad_page+0xb3/0x1f0
[  152.523540][T10099]  ? __pfx_bad_page+0x10/0x10
[  152.524808][T10099]  ? page_bad_reason+0x9d/0x1e0
[  152.526026][T10099]  free_unref_page+0x657/0xdc0
[  152.527269][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  152.528708][T10099]  ? __phys_addr+0xc6/0x150
[  152.529837][T10099]  skb_free_head+0xa0/0x1d0
[  152.530956][T10099]  skb_release_data+0x560/0x730
[  152.532470][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  152.533789][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  152.535595][T10099]  ? kernel_text_address+0x8d/0x100
[  152.536920][T10099]  ? hlock_class+0x4e/0x130
[  152.538049][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  152.539435][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  152.541383][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.542631][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  152.544180][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  152.545772][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  152.547207][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.548805][T10099]  ? lock_acquire+0x2f/0xb0
[  152.549930][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.551472][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  152.553133][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  152.554832][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  152.556196][T10099]  ? __build_skb_around+0x278/0x3b0
[  152.557552][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  152.559041][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  152.560627][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  152.562302][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  152.563669][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.564993][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  152.566448][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.567940][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.569405][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  152.570878][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.572405][T10099]  ? 0xffffffffa0009640
[  152.573457][T10099]  ? 0xffffffffa0009640
[  152.574502][T10099]  ? 0xffffffffa0009640
[  152.575560][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.577049][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.578444][T10099]  ? lock_acquire+0x2f/0xb0
[  152.579627][T10099]  ? __fget_files+0x40/0x3f0
[  152.580805][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.582290][T10099]  ? fput+0x30/0x390
[  152.583297][T10099]  ? __bpf_prog_get+0xa0/0x290
[  152.584512][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.585973][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.587044][T10099]  ? __pfx_futex_wake+0x10/0x10
[  152.588205][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  152.589380][T10099]  ? __schedule+0xe5d/0x5730
[  152.590500][T10099]  ? __fget_files+0x23a/0x3f0
[  152.591702][T10099]  ? do_futex+0x123/0x350
[  152.592803][T10099]  ? __pfx_do_futex+0x10/0x10
[  152.593974][T10099]  ? xfd_validate_state+0x5d/0x180
[  152.595284][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.596482][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.597773][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.599454][T10099]  do_syscall_64+0xcd/0x250
[  152.600638][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.602151][T10099] RIP: 0033:0x7f3c36f7e719
[  152.603304][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.607957][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.609977][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  152.611894][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  152.613817][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  152.615746][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.617677][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  152.619655][T10099]  </TASK>
[  152.620542][T10099] BUG: Bad page state in process syz.6.968  pfn:5f239
[  152.622199][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x8 pfn:0x5f239
[  152.624345][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  152.626116][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  152.628197][T10099] raw: 0000000000000008 0000000000000001 00000000ffffffff 0000000000000000
[  152.630329][T10099] page dumped because: page_pool leak
[  152.631665][T10099] page_owner tracks the page as allocated
[  152.633089][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988249344, free_ts 145690319339
[  152.637220][T10099]  post_alloc_hook+0x2d1/0x350
[  152.638398][T10099]  get_page_from_freelist+0x101e/0x3070
[  152.639759][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  152.641052][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  152.642401][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  152.643830][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  152.645092][T10099]  page_pool_alloc_pages+0x1a/0x60
[  152.646328][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.647965][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.649294][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.650679][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.651793][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.652911][T10099]  do_syscall_64+0xcd/0x250
[  152.654033][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.655509][T10099] page last free pid 34 tgid 34 stack trace:
[  152.656965][T10099]  free_unref_page+0x5f4/0xdc0
[  152.658482][T10099]  __folio_put+0x30d/0x3d0
[  152.659719][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  152.661120][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  152.662407][T10099]  rcu_core+0x79d/0x14d0
[  152.663521][T10099]  handle_softirqs+0x213/0x8f0
[  152.664744][T10099]  run_ksoftirqd+0x3a/0x60
[  152.665914][T10099]  smpboot_thread_fn+0x661/0xa30
[  152.667247][T10099]  kthread+0x2c1/0x3a0
[  152.668379][T10099]  ret_from_fork+0x45/0x80
[  152.669572][T10099]  ret_from_fork_asm+0x1a/0x30
[  152.670767][T10099] Modules linked in:
[  152.671752][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  152.674741][T10099] Tainted: [B]=BAD_PAGE
[  152.675923][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.678852][T10099] Call Trace:
[  152.680192][T10099]  <TASK>
[  152.681009][T10099]  dump_stack_lvl+0x16c/0x1f0
[  152.682652][T10099]  bad_page+0xb3/0x1f0
[  152.683725][T10099]  ? __pfx_bad_page+0x10/0x10
[  152.684918][T10099]  ? page_bad_reason+0x9d/0x1e0
[  152.686127][T10099]  free_unref_page+0x657/0xdc0
[  152.687331][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  152.688842][T10099]  ? __phys_addr+0xc6/0x150
[  152.690142][T10099]  skb_free_head+0xa0/0x1d0
[  152.691343][T10099]  skb_release_data+0x560/0x730
[  152.692587][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  152.693824][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  152.695499][T10099]  ? kernel_text_address+0x8d/0x100
[  152.696790][T10099]  ? hlock_class+0x4e/0x130
[  152.697929][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  152.699333][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  152.701162][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.702389][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  152.703881][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  152.705531][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  152.706837][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.708438][T10099]  ? lock_acquire+0x2f/0xb0
[  152.709581][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.711160][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  152.712722][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  152.714349][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  152.715901][T10099]  ? __build_skb_around+0x278/0x3b0
[  152.717191][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  152.718485][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  152.720050][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  152.721665][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  152.723079][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.724413][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  152.725871][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.727310][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.728821][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  152.730270][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.731562][T10099]  ? 0xffffffffa0009640
[  152.732578][T10099]  ? 0xffffffffa0009640
[  152.733606][T10099]  ? 0xffffffffa0009640
[  152.734622][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.736948][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.738296][T10099]  ? lock_acquire+0x2f/0xb0
[  152.739462][T10099]  ? __fget_files+0x40/0x3f0
[  152.740633][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.742117][T10099]  ? fput+0x30/0x390
[  152.743089][T10099]  ? __bpf_prog_get+0xa0/0x290
[  152.744312][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.745797][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.746893][T10099]  ? __pfx_futex_wake+0x10/0x10
[  152.748146][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  152.749344][T10099]  ? __schedule+0xe5d/0x5730
[  152.749696][ T5953] Bluetooth: hci4: command tx timeout
[  152.750487][T10099]  ? __fget_files+0x23a/0x3f0
[  152.753215][T10099]  ? do_futex+0x123/0x350
[  152.754318][T10099]  ? __pfx_do_futex+0x10/0x10
[  152.755516][T10099]  ? xfd_validate_state+0x5d/0x180
[  152.756755][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.757920][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.759045][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.760648][T10099]  do_syscall_64+0xcd/0x250
[  152.761755][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.763236][T10099] RIP: 0033:0x7f3c36f7e719
[  152.764332][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.769109][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.771177][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  152.773133][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  152.775099][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  152.777425][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.779368][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  152.781248][T10099]  </TASK>
[  152.782085][T10099] BUG: Bad page state in process syz.6.968  pfn:5e0c6
[  152.783734][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5e0c6
[  152.785848][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  152.787614][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  152.789762][T10099] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[  152.791894][T10099] page dumped because: page_pool leak
[  152.793248][T10099] page_owner tracks the page as allocated
[  152.794653][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988244484, free_ts 145560169105
[  152.798709][T10099]  post_alloc_hook+0x2d1/0x350
[  152.799955][T10099]  get_page_from_freelist+0x101e/0x3070
[  152.801314][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  152.802628][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  152.803997][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  152.805459][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  152.806756][T10099]  page_pool_alloc_pages+0x1a/0x60
[  152.808014][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.809583][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.810884][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.812242][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.813338][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.814443][T10099]  do_syscall_64+0xcd/0x250
[  152.815715][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.817338][T10099] page last free pid 29 tgid 29 stack trace:
[  152.818878][T10099]  free_unref_page+0x5f4/0xdc0
[  152.820284][T10099]  __folio_put+0x30d/0x3d0
[  152.821509][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  152.823285][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  152.824559][T10099]  rcu_core+0x79d/0x14d0
[  152.825645][T10099]  handle_softirqs+0x213/0x8f0
[  152.826925][T10099]  run_ksoftirqd+0x3a/0x60
[  152.828068][T10099]  smpboot_thread_fn+0x661/0xa30
[  152.829333][T10099]  kthread+0x2c1/0x3a0
[  152.830431][T10099]  ret_from_fork+0x45/0x80
[  152.831591][T10099]  ret_from_fork_asm+0x1a/0x30
[  152.832797][T10099] Modules linked in:
[  152.833769][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  152.836727][T10099] Tainted: [B]=BAD_PAGE
[  152.837785][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.840491][T10099] Call Trace:
[  152.841341][T10099]  <TASK>
[  152.842096][T10099]  dump_stack_lvl+0x16c/0x1f0
[  152.843477][T10099]  bad_page+0xb3/0x1f0
[  152.844511][T10099]  ? __pfx_bad_page+0x10/0x10
[  152.845711][T10099]  ? page_bad_reason+0x9d/0x1e0
[  152.846975][T10099]  free_unref_page+0x657/0xdc0
[  152.848221][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  152.849762][T10099]  ? __phys_addr+0xc6/0x150
[  152.850924][T10099]  skb_free_head+0xa0/0x1d0
[  152.852111][T10099]  skb_release_data+0x560/0x730
[  152.853401][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  152.854690][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  152.856396][T10099]  ? kernel_text_address+0x8d/0x100
[  152.857695][T10099]  ? hlock_class+0x4e/0x130
[  152.858826][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  152.860097][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  152.861868][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.863061][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  152.864568][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  152.866144][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  152.867449][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.869026][T10099]  ? lock_acquire+0x2f/0xb0
[  152.870166][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  152.871751][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  152.873383][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  152.875073][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  152.876386][T10099]  ? __build_skb_around+0x278/0x3b0
[  152.877714][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  152.879239][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  152.880924][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  152.882590][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  152.883995][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.885288][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  152.886724][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.888551][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  152.890140][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  152.891615][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  152.892957][T10099]  ? 0xffffffffa0009640
[  152.894009][T10099]  ? 0xffffffffa0009640
[  152.895080][T10099]  ? 0xffffffffa0009640
[  152.896118][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  152.897570][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.898862][T10099]  ? lock_acquire+0x2f/0xb0
[  152.900094][T10099]  ? __fget_files+0x40/0x3f0
[  152.901686][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.903368][T10099]  ? fput+0x30/0x390
[  152.904314][T10099]  ? __bpf_prog_get+0xa0/0x290
[  152.905518][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  152.906975][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.908047][T10099]  ? __pfx_futex_wake+0x10/0x10
[  152.909259][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  152.910471][T10099]  ? __schedule+0xe5d/0x5730
[  152.911727][T10099]  ? __fget_files+0x23a/0x3f0
[  152.912907][T10099]  ? do_futex+0x123/0x350
[  152.914002][T10099]  ? __pfx_do_futex+0x10/0x10
[  152.915594][T10099]  ? xfd_validate_state+0x5d/0x180
[  152.916970][T10099]  ? rcu_is_watching+0x12/0xc0
[  152.918333][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.919445][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.920764][T10099]  do_syscall_64+0xcd/0x250
[  152.922069][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.923626][T10099] RIP: 0033:0x7f3c36f7e719
[  152.924731][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.929460][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.931546][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  152.933492][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  152.935470][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  152.937441][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.939464][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  152.941744][T10099]  </TASK>
[  152.942610][T10099] BUG: Bad page state in process syz.6.968  pfn:5e0ca
[  152.944321][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5e0ca
[  152.946685][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  152.948557][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  152.950800][T10099] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[  152.952968][T10099] page dumped because: page_pool leak
[  152.954301][T10099] page_owner tracks the page as allocated
[  152.955841][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988240024, free_ts 145507168641
[  152.960389][T10099]  post_alloc_hook+0x2d1/0x350
[  152.961632][T10099]  get_page_from_freelist+0x101e/0x3070
[  152.963168][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  152.964602][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  152.966149][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  152.967742][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  152.969069][T10099]  page_pool_alloc_pages+0x1a/0x60
[  152.970406][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  152.971947][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  152.973295][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  152.974649][T10099]  __sys_bpf+0xfc6/0x49a0
[  152.975862][T10099]  __x64_sys_bpf+0x78/0xc0
[  152.977017][T10099]  do_syscall_64+0xcd/0x250
[  152.978181][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.979720][T10099] page last free pid 10061 tgid 10060 stack trace:
[  152.981509][T10099]  free_unref_page+0x5f4/0xdc0
[  152.982737][T10099]  __folio_put+0x30d/0x3d0
[  152.983898][T10099]  put_page+0x21e/0x280
[  152.985020][T10099]  anon_pipe_buf_release+0x11a/0x240
[  152.986440][T10099]  free_pipe_info+0x1fa/0x3b0
[  152.987667][T10099]  pipe_release+0x2bf/0x320
[  152.988841][T10099]  __fput+0x3f6/0xb60
[  152.989925][T10099]  task_work_run+0x14e/0x250
[  152.991098][T10099]  get_signal+0x1ca/0x2770
[  152.992224][T10099]  arch_do_signal_or_restart+0x90/0x7e0
[  152.993607][T10099]  syscall_exit_to_user_mode+0x150/0x2a0
[  152.995043][T10099]  do_syscall_64+0xda/0x250
[  152.996250][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.997788][T10099] Modules linked in:
[  152.998796][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.001863][T10099] Tainted: [B]=BAD_PAGE
[  153.002882][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.005563][T10099] Call Trace:
[  153.006413][T10099]  <TASK>
[  153.007196][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.008427][T10099]  bad_page+0xb3/0x1f0
[  153.009475][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.010672][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.012079][T10099]  free_unref_page+0x657/0xdc0
[  153.013332][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.014849][T10099]  ? __phys_addr+0xc6/0x150
[  153.016216][T10099]  skb_free_head+0xa0/0x1d0
[  153.017400][T10099]  skb_release_data+0x560/0x730
[  153.018724][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.020013][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.021922][T10099]  ? kernel_text_address+0x8d/0x100
[  153.023258][T10099]  ? hlock_class+0x4e/0x130
[  153.024556][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.025906][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.027799][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.029002][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.030497][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.032131][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.033444][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.035056][T10099]  ? lock_acquire+0x2f/0xb0
[  153.036216][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.037825][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  153.039355][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  153.040980][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  153.042262][T10099]  ? __build_skb_around+0x278/0x3b0
[  153.043583][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  153.044855][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  153.046436][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  153.048111][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  153.049540][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.050854][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  153.052352][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.053820][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  153.055312][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  153.056775][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  153.058146][T10099]  ? 0xffffffffa0009640
[  153.059223][T10099]  ? 0xffffffffa0009640
[  153.060310][T10099]  ? 0xffffffffa0009640
[  153.061398][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.063121][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.065068][T10099]  ? lock_acquire+0x2f/0xb0
[  153.066244][T10099]  ? __fget_files+0x40/0x3f0
[  153.067458][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.068961][T10099]  ? fput+0x30/0x390
[  153.069997][T10099]  ? __bpf_prog_get+0xa0/0x290
[  153.071255][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.072734][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.073804][T10099]  ? __pfx_futex_wake+0x10/0x10
[  153.075146][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  153.076606][T10099]  ? __schedule+0xe5d/0x5730
[  153.077915][T10099]  ? __fget_files+0x23a/0x3f0
[  153.079154][T10099]  ? do_futex+0x123/0x350
[  153.080510][T10099]  ? __pfx_do_futex+0x10/0x10
[  153.081870][T10099]  ? xfd_validate_state+0x5d/0x180
[  153.083166][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.084392][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.085596][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.086930][T10099]  do_syscall_64+0xcd/0x250
[  153.088094][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.089562][T10099] RIP: 0033:0x7f3c36f7e719
[  153.090652][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.095639][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.098281][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  153.100442][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  153.102428][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  153.104417][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.106483][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  153.108553][T10099]  </TASK>
[  153.109505][T10099] BUG: Bad page state in process syz.6.968  pfn:48f28
[  153.111303][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888048f29e00 pfn:0x48f28
[  153.113944][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  153.116118][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  153.118429][T10099] raw: ffff888048f29e00 0000000000000001 00000000ffffffff 0000000000000000
[  153.120783][T10099] page dumped because: page_pool leak
[  153.122127][T10099] page_owner tracks the page as allocated
[  153.123554][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988235773, free_ts 145370789857
[  153.127853][T10099]  post_alloc_hook+0x2d1/0x350
[  153.129091][T10099]  get_page_from_freelist+0x101e/0x3070
[  153.130570][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  153.131920][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  153.133289][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  153.134788][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  153.136297][T10099]  page_pool_alloc_pages+0x1a/0x60
[  153.137701][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  153.139835][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.141159][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.142969][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.144146][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.145403][T10099]  do_syscall_64+0xcd/0x250
[  153.146530][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.148023][T10099] page last free pid 5941 tgid 5941 stack trace:
[  153.149645][T10099]  free_unref_page+0x5f4/0xdc0
[  153.150860][T10099]  __put_partials+0x14c/0x170
[  153.152051][T10099]  qlist_free_all+0x4e/0x120
[  153.153208][T10099]  kasan_quarantine_reduce+0x192/0x1e0
[  153.154581][T10099]  __kasan_slab_alloc+0x69/0x90
[  153.156248][T10099]  kmem_cache_alloc_noprof+0x121/0x2f0
[  153.157643][T10099]  ptlock_alloc+0x1f/0x70
[  153.158799][T10099]  pte_alloc_one+0x74/0x360
[  153.160136][T10099]  __pte_alloc+0x6e/0x390
[  153.161269][T10099]  copy_page_range+0x16ce/0x4f40
[  153.162556][T10099]  copy_process+0x82f9/0x8cb0
[  153.163890][T10099]  kernel_clone+0xfd/0x960
[  153.165148][T10099]  __do_sys_clone+0xba/0x100
[  153.166440][T10099]  do_syscall_64+0xcd/0x250
[  153.167712][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.169300][T10099] Modules linked in:
[  153.170410][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.173690][T10099] Tainted: [B]=BAD_PAGE
[  153.174726][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.178393][T10099] Call Trace:
[  153.179273][T10099]  <TASK>
[  153.180039][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.181239][T10099]  bad_page+0xb3/0x1f0
[  153.182269][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.183460][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.184672][T10099]  free_unref_page+0x657/0xdc0
[  153.185933][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.187441][T10099]  ? __phys_addr+0xc6/0x150
[  153.188560][T10099]  skb_free_head+0xa0/0x1d0
[  153.189690][T10099]  skb_release_data+0x560/0x730
[  153.190879][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.192129][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.193751][T10099]  ? kernel_text_address+0x8d/0x100
[  153.195043][T10099]  ? hlock_class+0x4e/0x130
[  153.196387][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.197652][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.199442][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.200659][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.202122][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.203695][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.204978][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.206529][T10099]  ? lock_acquire+0x2f/0xb0
[  153.207690][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.209261][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  153.210828][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  153.212575][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  153.213872][T10099]  ? __build_skb_around+0x278/0x3b0
[  153.216198][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  153.217535][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  153.219063][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  153.220692][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  153.222089][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.223418][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  153.224851][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.226333][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  153.227819][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  153.229279][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  153.230566][T10099]  ? 0xffffffffa0009640
[  153.231678][T10099]  ? 0xffffffffa0009640
[  153.232702][T10099]  ? 0xffffffffa0009640
[  153.233758][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.235247][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.236593][T10099]  ? lock_acquire+0x2f/0xb0
[  153.237708][T10099]  ? __fget_files+0x40/0x3f0
[  153.239284][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.240734][T10099]  ? fput+0x30/0x390
[  153.241672][T10099]  ? __bpf_prog_get+0xa0/0x290
[  153.242850][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.244286][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.245369][T10099]  ? __pfx_futex_wake+0x10/0x10
[  153.246600][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  153.247822][T10099]  ? __schedule+0xe5d/0x5730
[  153.248978][T10099]  ? __fget_files+0x23a/0x3f0
[  153.250156][T10099]  ? do_futex+0x123/0x350
[  153.251237][T10099]  ? __pfx_do_futex+0x10/0x10
[  153.252410][T10099]  ? xfd_validate_state+0x5d/0x180
[  153.253665][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.254841][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.255976][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.257259][T10099]  do_syscall_64+0xcd/0x250
[  153.258380][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.259835][T10099] RIP: 0033:0x7f3c36f7e719
[  153.260913][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.265498][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.267496][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  153.269393][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  153.271276][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  153.273193][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.275122][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  153.277073][T10099]  </TASK>
[  153.277977][T10099] BUG: Bad page state in process syz.6.968  pfn:559c0
[  153.279669][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880559c0f00 pfn:0x559c0
[  153.282052][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  153.283773][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  153.285862][T10099] raw: ffff8880559c0f00 0000000000000001 00000000ffffffff 0000000000000000
[  153.287920][T10099] page dumped because: page_pool leak
[  153.289237][T10099] page_owner tracks the page as allocated
[  153.290705][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988231324, free_ts 144459707755
[  153.294748][T10099]  post_alloc_hook+0x2d1/0x350
[  153.295948][T10099]  get_page_from_freelist+0x101e/0x3070
[  153.297299][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  153.298621][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  153.300050][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  153.301516][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  153.302795][T10099]  page_pool_alloc_pages+0x1a/0x60
[  153.304060][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  153.305565][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.307053][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.308471][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.309630][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.310769][T10099]  do_syscall_64+0xcd/0x250
[  153.311918][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.313374][T10099] page last free pid 10042 tgid 10041 stack trace:
[  153.314946][T10099]  free_unref_page+0x5f4/0xdc0
[  153.316180][T10099]  __folio_put+0x30d/0x3d0
[  153.317383][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  153.318748][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  153.320242][T10099]  rcu_core+0x79d/0x14d0
[  153.321572][T10099]  handle_softirqs+0x213/0x8f0
[  153.322805][T10099]  irq_exit_rcu+0xbb/0x120
[  153.324025][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  153.325419][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  153.326911][T10099] Modules linked in:
[  153.327909][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.330822][T10099] Tainted: [B]=BAD_PAGE
[  153.331813][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.334404][T10099] Call Trace:
[  153.335249][T10099]  <TASK>
[  153.335974][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.338012][T10099]  bad_page+0xb3/0x1f0
[  153.339348][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.340611][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.341854][T10099]  free_unref_page+0x657/0xdc0
[  153.343047][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.344511][T10099]  ? __phys_addr+0xc6/0x150
[  153.345653][T10099]  skb_free_head+0xa0/0x1d0
[  153.346820][T10099]  skb_release_data+0x560/0x730
[  153.348071][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.349356][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.351028][T10099]  ? kernel_text_address+0x8d/0x100
[  153.352319][T10099]  ? hlock_class+0x4e/0x130
[  153.353458][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.354679][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.356421][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.357668][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.359207][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.360855][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.362386][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.363994][T10099]  ? lock_acquire+0x2f/0xb0
[  153.365160][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.366738][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  153.368363][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  153.370017][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  153.371310][T10099]  ? __build_skb_around+0x278/0x3b0
[  153.372651][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  153.373953][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  153.375530][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  153.377147][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  153.378522][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.380134][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  153.381944][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.383625][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  153.385334][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  153.386800][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  153.388089][T10099]  ? 0xffffffffa0009640
[  153.389136][T10099]  ? 0xffffffffa0009640
[  153.390191][T10099]  ? 0xffffffffa0009640
[  153.391245][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.392742][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.394108][T10099]  ? lock_acquire+0x2f/0xb0
[  153.395278][T10099]  ? __fget_files+0x40/0x3f0
[  153.396482][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.398058][T10099]  ? fput+0x30/0x390
[  153.399140][T10099]  ? __bpf_prog_get+0xa0/0x290
[  153.400662][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.402142][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.403411][T10099]  ? __pfx_futex_wake+0x10/0x10
[  153.404656][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  153.405865][T10099]  ? __schedule+0xe5d/0x5730
[  153.407045][T10099]  ? __fget_files+0x23a/0x3f0
[  153.408280][T10099]  ? do_futex+0x123/0x350
[  153.409378][T10099]  ? __pfx_do_futex+0x10/0x10
[  153.410598][T10099]  ? xfd_validate_state+0x5d/0x180
[  153.411921][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.413149][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.414322][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.415665][T10099]  do_syscall_64+0xcd/0x250
[  153.416826][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.418324][T10099] RIP: 0033:0x7f3c36f7e719
[  153.419430][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.424589][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.426871][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  153.428898][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  153.430897][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  153.432926][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.434947][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  153.437006][T10099]  </TASK>
[  153.438070][T10099] BUG: Bad page state in process syz.6.968  pfn:2d4c9
[  153.440044][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802d4c9f00 pfn:0x2d4c9
[  153.442560][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  153.444364][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  153.446545][T10099] raw: ffff88802d4c9f00 0000000000000001 00000000ffffffff 0000000000000000
[  153.448756][T10099] page dumped because: page_pool leak
[  153.450153][T10099] page_owner tracks the page as allocated
[  153.451606][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988227040, free_ts 144459713031
[  153.455822][T10099]  post_alloc_hook+0x2d1/0x350
[  153.457067][T10099]  get_page_from_freelist+0x101e/0x3070
[  153.458469][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  153.459877][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  153.461282][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  153.462763][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  153.464143][T10099]  page_pool_alloc_pages+0x1a/0x60
[  153.465516][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  153.467077][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.468415][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.469809][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.470898][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.472026][T10099]  do_syscall_64+0xcd/0x250
[  153.473169][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.474650][T10099] page last free pid 10042 tgid 10041 stack trace:
[  153.476288][T10099]  free_unref_page+0x5f4/0xdc0
[  153.477502][T10099]  __folio_put+0x30d/0x3d0
[  153.478633][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  153.480067][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  153.481363][T10099]  rcu_core+0x79d/0x14d0
[  153.482448][T10099]  handle_softirqs+0x213/0x8f0
[  153.483668][T10099]  irq_exit_rcu+0xbb/0x120
[  153.484903][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  153.486313][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  153.487827][T10099] Modules linked in:
[  153.488827][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.491832][T10099] Tainted: [B]=BAD_PAGE
[  153.492868][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.496107][T10099] Call Trace:
[  153.496972][T10099]  <TASK>
[  153.497718][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.498920][T10099]  bad_page+0xb3/0x1f0
[  153.500029][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.501249][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.502477][T10099]  free_unref_page+0x657/0xdc0
[  153.503701][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.505217][T10099]  ? __phys_addr+0xc6/0x150
[  153.506359][T10099]  skb_free_head+0xa0/0x1d0
[  153.507545][T10099]  skb_release_data+0x560/0x730
[  153.508819][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.510107][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.511786][T10099]  ? kernel_text_address+0x8d/0x100
[  153.513087][T10099]  ? hlock_class+0x4e/0x130
[  153.514242][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.515519][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.517314][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.518537][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.520022][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.521621][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.522913][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.524488][T10099]  ? lock_acquire+0x2f/0xb0
[  153.525636][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.527233][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  153.528781][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  153.530447][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  153.531752][T10099]  ? __build_skb_around+0x278/0x3b0
[  153.533066][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  153.534383][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  153.535944][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  153.537574][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  153.538975][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.540307][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  153.541844][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.543432][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  153.544907][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  153.546364][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  153.547685][T10099]  ? 0xffffffffa0009640
[  153.548720][T10099]  ? 0xffffffffa0009640
[  153.549769][T10099]  ? 0xffffffffa0009640
[  153.550818][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.552317][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.553668][T10099]  ? lock_acquire+0x2f/0xb0
[  153.554832][T10099]  ? __fget_files+0x40/0x3f0
[  153.556050][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.557446][T10099]  ? fput+0x30/0x390
[  153.558416][T10099]  ? __bpf_prog_get+0xa0/0x290
[  153.559642][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.561125][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.562213][T10099]  ? __pfx_futex_wake+0x10/0x10
[  153.563498][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  153.564710][T10099]  ? __schedule+0xe5d/0x5730
[  153.565888][T10099]  ? __fget_files+0x23a/0x3f0
[  153.567076][T10099]  ? do_futex+0x123/0x350
[  153.568185][T10099]  ? __pfx_do_futex+0x10/0x10
[  153.569377][T10099]  ? xfd_validate_state+0x5d/0x180
[  153.570665][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.571899][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.573036][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.574388][T10099]  do_syscall_64+0xcd/0x250
[  153.575560][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.577034][T10099] RIP: 0033:0x7f3c36f7e719
[  153.578171][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.582952][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.585003][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  153.586971][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  153.588949][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  153.590933][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.592905][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  153.594919][T10099]  </TASK>
[  153.595839][T10099] BUG: Bad page state in process syz.6.968  pfn:22549
[  153.597563][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888022549aa8 pfn:0x22549
[  153.600122][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  153.601884][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  153.603997][T10099] raw: ffff888022549aa8 0000000000000001 00000000ffffffff 0000000000000000
[  153.606236][T10099] page dumped because: page_pool leak
[  153.607573][T10099] page_owner tracks the page as allocated
[  153.608961][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988222840, free_ts 144459717896
[  153.613156][T10099]  post_alloc_hook+0x2d1/0x350
[  153.614370][T10099]  get_page_from_freelist+0x101e/0x3070
[  153.615781][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  153.617075][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  153.618423][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  153.619911][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  153.621263][T10099]  page_pool_alloc_pages+0x1a/0x60
[  153.622535][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  153.624118][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.625436][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.626769][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.627855][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.628972][T10099]  do_syscall_64+0xcd/0x250
[  153.630170][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.631638][T10099] page last free pid 10042 tgid 10041 stack trace:
[  153.633225][T10099]  free_unref_page+0x5f4/0xdc0
[  153.634421][T10099]  __folio_put+0x30d/0x3d0
[  153.635570][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  153.636950][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  153.638203][T10099]  rcu_core+0x79d/0x14d0
[  153.639266][T10099]  handle_softirqs+0x213/0x8f0
[  153.640500][T10099]  irq_exit_rcu+0xbb/0x120
[  153.641631][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  153.643042][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  153.644557][T10099] Modules linked in:
[  153.645549][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.648493][T10099] Tainted: [B]=BAD_PAGE
[  153.649531][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.652179][T10099] Call Trace:
[  153.653022][T10099]  <TASK>
[  153.653772][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.654965][T10099]  bad_page+0xb3/0x1f0
[  153.655999][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.657180][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.658399][T10099]  free_unref_page+0x657/0xdc0
[  153.659627][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.661220][T10099]  ? __phys_addr+0xc6/0x150
[  153.662399][T10099]  skb_free_head+0xa0/0x1d0
[  153.663553][T10099]  skb_release_data+0x560/0x730
[  153.664781][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.666048][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.667700][T10099]  ? kernel_text_address+0x8d/0x100
[  153.668978][T10099]  ? hlock_class+0x4e/0x130
[  153.670128][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.671537][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.673311][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.674532][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.676066][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.677673][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.678985][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.680576][T10099]  ? lock_acquire+0x2f/0xb0
[  153.681714][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.683298][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  153.684828][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  153.686475][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  153.687776][T10099]  ? __build_skb_around+0x278/0x3b0
[  153.689009][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  153.690335][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  153.691899][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  153.693550][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  153.694982][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.696293][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  153.697762][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.699194][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  153.700663][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  153.702119][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  153.703444][T10099]  ? 0xffffffffa0009640
[  153.704484][T10099]  ? 0xffffffffa0009640
[  153.705515][T10099]  ? 0xffffffffa0009640
[  153.706566][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.708053][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.709408][T10099]  ? lock_acquire+0x2f/0xb0
[  153.710555][T10099]  ? __fget_files+0x40/0x3f0
[  153.711722][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.713157][T10099]  ? fput+0x30/0x390
[  153.714163][T10099]  ? __bpf_prog_get+0xa0/0x290
[  153.715375][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.716812][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.717872][T10099]  ? __pfx_futex_wake+0x10/0x10
[  153.719101][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  153.720313][T10099]  ? __schedule+0xe5d/0x5730
[  153.721490][T10099]  ? __fget_files+0x23a/0x3f0
[  153.722669][T10099]  ? do_futex+0x123/0x350
[  153.723758][T10099]  ? __pfx_do_futex+0x10/0x10
[  153.724974][T10099]  ? xfd_validate_state+0x5d/0x180
[  153.726258][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.727490][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.728635][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.729933][T10099]  do_syscall_64+0xcd/0x250
[  153.731084][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.732539][T10099] RIP: 0033:0x7f3c36f7e719
[  153.733650][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.738367][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.740481][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  153.742428][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  153.744397][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  153.746344][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.748331][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  153.750311][T10099]  </TASK>
[  153.751217][T10099] BUG: Bad page state in process syz.6.968  pfn:27c29
[  153.752904][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888027c29f00 pfn:0x27c29
[  153.755485][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  153.757269][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  153.759409][T10099] raw: ffff888027c29f00 0000000000000001 00000000ffffffff 0000000000000000
[  153.761561][T10099] page dumped because: page_pool leak
[  153.762926][T10099] page_owner tracks the page as allocated
[  153.764340][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988218547, free_ts 144459723275
[  153.768538][T10099]  post_alloc_hook+0x2d1/0x350
[  153.769767][T10099]  get_page_from_freelist+0x101e/0x3070
[  153.771150][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  153.772494][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  153.773958][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  153.775487][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  153.776808][T10099]  page_pool_alloc_pages+0x1a/0x60
[  153.778072][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  153.779658][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.780962][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.782334][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.783452][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.784594][T10099]  do_syscall_64+0xcd/0x250
[  153.785739][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.787247][T10099] page last free pid 10042 tgid 10041 stack trace:
[  153.788865][T10099]  free_unref_page+0x5f4/0xdc0
[  153.790118][T10099]  __folio_put+0x30d/0x3d0
[  153.791273][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  153.792656][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  153.793927][T10099]  rcu_core+0x79d/0x14d0
[  153.795017][T10099]  handle_softirqs+0x213/0x8f0
[  153.796246][T10099]  irq_exit_rcu+0xbb/0x120
[  153.797798][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  153.799385][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  153.801006][T10099] Modules linked in:
[  153.802018][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.805002][T10099] Tainted: [B]=BAD_PAGE
[  153.806062][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.808839][T10099] Call Trace:
[  153.809715][T10099]  <TASK>
[  153.810471][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.811725][T10099]  bad_page+0xb3/0x1f0
[  153.812775][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.813984][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.815241][T10099]  free_unref_page+0x657/0xdc0
[  153.816450][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.817989][T10099]  ? __phys_addr+0xc6/0x150
[  153.819142][T10099]  skb_free_head+0xa0/0x1d0
[  153.820377][T10099]  skb_release_data+0x560/0x730
[  153.821613][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.822883][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.824561][T10099]  ? kernel_text_address+0x8d/0x100
[  153.825860][T10099]  ? hlock_class+0x4e/0x130
[  153.827041][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.828316][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.830066][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.831270][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.832771][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.834418][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.835763][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.837339][T10099]  ? lock_acquire+0x2f/0xb0
[  153.838499][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.840096][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  153.841651][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  153.843297][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  153.844626][T10099]  ? __build_skb_around+0x278/0x3b0
[  153.845947][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  153.847314][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  153.848887][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  153.850550][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  153.851956][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.853304][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  153.854766][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.856269][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  153.857774][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  153.859259][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  153.860587][T10099]  ? 0xffffffffa0009640
[  153.861620][T10099]  ? 0xffffffffa0009640
[  153.862634][T10099]  ? 0xffffffffa0009640
[  153.863663][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  153.865127][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.866459][T10099]  ? lock_acquire+0x2f/0xb0
[  153.867571][T10099]  ? __fget_files+0x40/0x3f0
[  153.868707][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.870176][T10099]  ? fput+0x30/0x390
[  153.871161][T10099]  ? __bpf_prog_get+0xa0/0x290
[  153.872385][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  153.873792][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.874860][T10099]  ? __pfx_futex_wake+0x10/0x10
[  153.876120][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  153.877323][T10099]  ? __schedule+0xe5d/0x5730
[  153.878484][T10099]  ? __fget_files+0x23a/0x3f0
[  153.879668][T10099]  ? do_futex+0x123/0x350
[  153.880743][T10099]  ? __pfx_do_futex+0x10/0x10
[  153.881928][T10099]  ? xfd_validate_state+0x5d/0x180
[  153.883230][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.884447][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.885576][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.886862][T10099]  do_syscall_64+0xcd/0x250
[  153.888015][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.889480][T10099] RIP: 0033:0x7f3c36f7e719
[  153.890604][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.895380][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  153.897716][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  153.899716][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  153.901788][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  153.904737][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.906734][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  153.908808][T10099]  </TASK>
[  153.909694][T10099] BUG: Bad page state in process syz.6.968  pfn:21820
[  153.911369][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888021820c98 pfn:0x21820
[  153.913830][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  153.915642][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  153.917854][T10099] raw: ffff888021820c98 0000000000000001 00000000ffffffff 0000000000000000
[  153.920052][T10099] page dumped because: page_pool leak
[  153.921586][T10099] page_owner tracks the page as allocated
[  153.923025][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988213633, free_ts 144459728743
[  153.927570][T10099]  post_alloc_hook+0x2d1/0x350
[  153.928974][T10099]  get_page_from_freelist+0x101e/0x3070
[  153.930643][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  153.931969][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  153.933392][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  153.934859][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  153.936211][T10099]  page_pool_alloc_pages+0x1a/0x60
[  153.937508][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  153.939044][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  153.940422][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  153.941760][T10099]  __sys_bpf+0xfc6/0x49a0
[  153.942871][T10099]  __x64_sys_bpf+0x78/0xc0
[  153.944385][T10099]  do_syscall_64+0xcd/0x250
[  153.945521][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.946993][T10099] page last free pid 10042 tgid 10041 stack trace:
[  153.948646][T10099]  free_unref_page+0x5f4/0xdc0
[  153.950021][T10099]  __folio_put+0x30d/0x3d0
[  153.951139][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  153.952546][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  153.953817][T10099]  rcu_core+0x79d/0x14d0
[  153.954890][T10099]  handle_softirqs+0x213/0x8f0
[  153.956113][T10099]  irq_exit_rcu+0xbb/0x120
[  153.957235][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  153.958616][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  153.960184][T10099] Modules linked in:
[  153.961173][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  153.964151][T10099] Tainted: [B]=BAD_PAGE
[  153.965194][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.967833][T10099] Call Trace:
[  153.968689][T10099]  <TASK>
[  153.969445][T10099]  dump_stack_lvl+0x16c/0x1f0
[  153.970647][T10099]  bad_page+0xb3/0x1f0
[  153.971670][T10099]  ? __pfx_bad_page+0x10/0x10
[  153.972852][T10099]  ? page_bad_reason+0x9d/0x1e0
[  153.974070][T10099]  free_unref_page+0x657/0xdc0
[  153.975292][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  153.976778][T10099]  ? __phys_addr+0xc6/0x150
[  153.977913][T10099]  skb_free_head+0xa0/0x1d0
[  153.979050][T10099]  skb_release_data+0x560/0x730
[  153.980263][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  153.981521][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  153.983172][T10099]  ? kernel_text_address+0x8d/0x100
[  153.984471][T10099]  ? hlock_class+0x4e/0x130
[  153.985642][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  153.986927][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  153.988687][T10099]  ? rcu_is_watching+0x12/0xc0
[  153.989907][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  153.991408][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  153.993035][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  153.994348][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.995951][T10099]  ? lock_acquire+0x2f/0xb0
[  153.997083][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  153.998624][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.000159][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.001808][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.003124][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.004422][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.005734][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.007304][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.008937][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.010325][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.011631][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.013100][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.014571][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.016066][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.017516][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.018843][T10099]  ? 0xffffffffa0009640
[  154.019920][T10099]  ? 0xffffffffa0009640
[  154.020989][T10099]  ? 0xffffffffa0009640
[  154.022043][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.023535][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.024911][T10099]  ? lock_acquire+0x2f/0xb0
[  154.026085][T10099]  ? __fget_files+0x40/0x3f0
[  154.027254][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.028739][T10099]  ? fput+0x30/0x390
[  154.029726][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.030963][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.032437][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.033580][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.034778][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.035972][T10099]  ? __schedule+0xe5d/0x5730
[  154.037115][T10099]  ? __fget_files+0x23a/0x3f0
[  154.038299][T10099]  ? do_futex+0x123/0x350
[  154.039381][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.040562][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.041865][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.043046][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.044147][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.045429][T10099]  do_syscall_64+0xcd/0x250
[  154.046576][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.048030][T10099] RIP: 0033:0x7f3c36f7e719
[  154.049150][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.053804][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.055901][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  154.057908][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  154.059833][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  154.061754][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.063651][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  154.065576][T10099]  </TASK>
[  154.066443][T10099] BUG: Bad page state in process syz.6.968  pfn:48321
[  154.068141][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888048321e88 pfn:0x48321
[  154.070685][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  154.072432][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  154.074512][T10099] raw: ffff888048321e88 0000000000000001 00000000ffffffff 0000000000000000
[  154.076729][T10099] page dumped because: page_pool leak
[  154.078607][T10099] page_owner tracks the page as allocated
[  154.080119][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988209044, free_ts 144459739898
[  154.084321][T10099]  post_alloc_hook+0x2d1/0x350
[  154.085536][T10099]  get_page_from_freelist+0x101e/0x3070
[  154.086927][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  154.088227][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  154.089649][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  154.091128][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  154.092460][T10099]  page_pool_alloc_pages+0x1a/0x60
[  154.093750][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  154.095412][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.096740][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.098090][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.099198][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.100444][T10099]  do_syscall_64+0xcd/0x250
[  154.101780][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.103377][T10099] page last free pid 10042 tgid 10041 stack trace:
[  154.104914][T10099]  free_unref_page+0x5f4/0xdc0
[  154.106262][T10099]  __folio_put+0x30d/0x3d0
[  154.107404][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  154.108791][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  154.110151][T10099]  rcu_core+0x79d/0x14d0
[  154.111250][T10099]  handle_softirqs+0x213/0x8f0
[  154.112475][T10099]  irq_exit_rcu+0xbb/0x120
[  154.113597][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  154.115039][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  154.116579][T10099] Modules linked in:
[  154.117563][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  154.120920][T10099] Tainted: [B]=BAD_PAGE
[  154.122345][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.125251][T10099] Call Trace:
[  154.126098][T10099]  <TASK>
[  154.126918][T10099]  dump_stack_lvl+0x16c/0x1f0
[  154.128261][T10099]  bad_page+0xb3/0x1f0
[  154.129316][T10099]  ? __pfx_bad_page+0x10/0x10
[  154.130519][T10099]  ? page_bad_reason+0x9d/0x1e0
[  154.131751][T10099]  free_unref_page+0x657/0xdc0
[  154.132962][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  154.134462][T10099]  ? __phys_addr+0xc6/0x150
[  154.135765][T10099]  skb_free_head+0xa0/0x1d0
[  154.136964][T10099]  skb_release_data+0x560/0x730
[  154.138475][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  154.139782][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  154.141465][T10099]  ? kernel_text_address+0x8d/0x100
[  154.142785][T10099]  ? hlock_class+0x4e/0x130
[  154.143960][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  154.145254][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  154.147058][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.148335][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  154.149873][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  154.151535][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  154.152854][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.154447][T10099]  ? lock_acquire+0x2f/0xb0
[  154.155653][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.157232][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.158809][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.160507][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.161839][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.163185][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.164551][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.166162][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.167854][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.169292][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.170661][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.172284][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.173783][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.175344][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.176822][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.178181][T10099]  ? 0xffffffffa0009640
[  154.179270][T10099]  ? 0xffffffffa0009640
[  154.180335][T10099]  ? 0xffffffffa0009640
[  154.181390][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.182896][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.184272][T10099]  ? lock_acquire+0x2f/0xb0
[  154.185396][T10099]  ? __fget_files+0x40/0x3f0
[  154.186560][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.188048][T10099]  ? fput+0x30/0x390
[  154.189062][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.190280][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.191732][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.192809][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.194059][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.195298][T10099]  ? __schedule+0xe5d/0x5730
[  154.196475][T10099]  ? __fget_files+0x23a/0x3f0
[  154.197678][T10099]  ? do_futex+0x123/0x350
[  154.198858][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.200026][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.201303][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.202510][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.203638][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.204969][T10099]  do_syscall_64+0xcd/0x250
[  154.206133][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.207625][T10099] RIP: 0033:0x7f3c36f7e719
[  154.208764][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.213547][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.215680][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  154.217639][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  154.219628][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  154.221631][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.223968][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  154.225971][T10099]  </TASK>
[  154.226879][T10099] BUG: Bad page state in process syz.6.968  pfn:31300
[  154.228644][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888031300c30 pfn:0x31300
[  154.231168][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  154.232980][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  154.235149][T10099] raw: ffff888031300c30 0000000000000001 00000000ffffffff 0000000000000000
[  154.237482][T10099] page dumped because: page_pool leak
[  154.238900][T10099] page_owner tracks the page as allocated
[  154.240541][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988204524, free_ts 144459745485
[  154.245083][T10099]  post_alloc_hook+0x2d1/0x350
[  154.246308][T10099]  get_page_from_freelist+0x101e/0x3070
[  154.247729][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  154.249065][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  154.250537][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  154.252040][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  154.253354][T10099]  page_pool_alloc_pages+0x1a/0x60
[  154.254641][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  154.256213][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.257555][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.258926][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.260237][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.261402][T10099]  do_syscall_64+0xcd/0x250
[  154.262583][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.264331][T10099] page last free pid 10042 tgid 10041 stack trace:
[  154.266056][T10099]  free_unref_page+0x5f4/0xdc0
[  154.267335][T10099]  __folio_put+0x30d/0x3d0
[  154.268496][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  154.269929][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  154.271259][T10099]  rcu_core+0x79d/0x14d0
[  154.272338][T10099]  handle_softirqs+0x213/0x8f0
[  154.273545][T10099]  irq_exit_rcu+0xbb/0x120
[  154.274660][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  154.276091][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  154.277581][T10099] Modules linked in:
[  154.278586][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  154.281475][T10099] Tainted: [B]=BAD_PAGE
[  154.282524][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.285259][T10099] Call Trace:
[  154.286109][T10099]  <TASK>
[  154.286879][T10099]  dump_stack_lvl+0x16c/0x1f0
[  154.288103][T10099]  bad_page+0xb3/0x1f0
[  154.289151][T10099]  ? __pfx_bad_page+0x10/0x10
[  154.290340][T10099]  ? page_bad_reason+0x9d/0x1e0
[  154.291572][T10099]  free_unref_page+0x657/0xdc0
[  154.292783][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  154.294337][T10099]  ? __phys_addr+0xc6/0x150
[  154.295583][T10099]  skb_free_head+0xa0/0x1d0
[  154.296773][T10099]  skb_release_data+0x560/0x730
[  154.298217][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  154.299764][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  154.301425][T10099]  ? kernel_text_address+0x8d/0x100
[  154.302727][T10099]  ? hlock_class+0x4e/0x130
[  154.303958][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  154.305253][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  154.306992][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.308202][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  154.309662][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  154.311293][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  154.312590][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.314239][T10099]  ? lock_acquire+0x2f/0xb0
[  154.315417][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.317033][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.318580][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.320274][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.321620][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.323031][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.324353][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.325922][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.327573][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.328962][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.330294][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.331754][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.333227][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.334718][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.336192][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.337497][T10099]  ? 0xffffffffa0009640
[  154.338544][T10099]  ? 0xffffffffa0009640
[  154.339587][T10099]  ? 0xffffffffa0009640
[  154.340634][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.342137][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.343487][T10099]  ? lock_acquire+0x2f/0xb0
[  154.344618][T10099]  ? __fget_files+0x40/0x3f0
[  154.345881][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.347331][T10099]  ? fput+0x30/0x390
[  154.348312][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.349514][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.350984][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.352109][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.353369][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.354575][T10099]  ? __schedule+0xe5d/0x5730
[  154.355767][T10099]  ? __fget_files+0x23a/0x3f0
[  154.356949][T10099]  ? do_futex+0x123/0x350
[  154.358035][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.359226][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.360516][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.361696][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.362815][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.364501][T10099]  do_syscall_64+0xcd/0x250
[  154.365665][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.367138][T10099] RIP: 0033:0x7f3c36f7e719
[  154.368481][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.373604][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.375698][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  154.377746][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  154.379960][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  154.381930][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.383875][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  154.385852][T10099]  </TASK>
[  154.386730][T10099] BUG: Bad page state in process syz.6.968  pfn:5af5d
[  154.388403][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805af5de88 pfn:0x5af5d
[  154.390910][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  154.392679][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  154.394783][T10099] raw: ffff88805af5de88 0000000000000001 00000000ffffffff 0000000000000000
[  154.396920][T10099] page dumped because: page_pool leak
[  154.398267][T10099] page_owner tracks the page as allocated
[  154.399727][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988200033, free_ts 144459750848
[  154.403865][T10099]  post_alloc_hook+0x2d1/0x350
[  154.405073][T10099]  get_page_from_freelist+0x101e/0x3070
[  154.406504][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  154.407818][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  154.409207][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  154.410753][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  154.412077][T10099]  page_pool_alloc_pages+0x1a/0x60
[  154.413348][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  154.414881][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.416210][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.417523][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.418606][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.419765][T10099]  do_syscall_64+0xcd/0x250
[  154.420897][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.422356][T10099] page last free pid 10042 tgid 10041 stack trace:
[  154.423971][T10099]  free_unref_page+0x5f4/0xdc0
[  154.425154][T10099]  __folio_put+0x30d/0x3d0
[  154.426258][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  154.427654][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  154.428895][T10099]  rcu_core+0x79d/0x14d0
[  154.429991][T10099]  handle_softirqs+0x213/0x8f0
[  154.431204][T10099]  irq_exit_rcu+0xbb/0x120
[  154.432322][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  154.433722][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  154.435229][T10099] Modules linked in:
[  154.436356][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  154.439305][T10099] Tainted: [B]=BAD_PAGE
[  154.440346][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.442968][T10099] Call Trace:
[  154.443814][T10099]  <TASK>
[  154.444555][T10099]  dump_stack_lvl+0x16c/0x1f0
[  154.445759][T10099]  bad_page+0xb3/0x1f0
[  154.446789][T10099]  ? __pfx_bad_page+0x10/0x10
[  154.447989][T10099]  ? page_bad_reason+0x9d/0x1e0
[  154.449393][T10099]  free_unref_page+0x657/0xdc0
[  154.450620][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  154.452130][T10099]  ? __phys_addr+0xc6/0x150
[  154.453277][T10099]  skb_free_head+0xa0/0x1d0
[  154.454415][T10099]  skb_release_data+0x560/0x730
[  154.455661][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  154.456924][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  154.458554][T10099]  ? kernel_text_address+0x8d/0x100
[  154.459908][T10099]  ? hlock_class+0x4e/0x130
[  154.461051][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  154.462300][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  154.464029][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.465242][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  154.466735][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  154.468366][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  154.469658][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.471246][T10099]  ? lock_acquire+0x2f/0xb0
[  154.472383][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.473958][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.475520][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.477166][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.478473][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.479791][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.481112][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.482680][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.484345][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.485783][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.487102][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.488569][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.490039][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.491536][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.492989][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.494321][T10099]  ? 0xffffffffa0009640
[  154.495484][T10099]  ? 0xffffffffa0009640
[  154.496533][T10099]  ? 0xffffffffa0009640
[  154.497584][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.499089][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.500566][T10099]  ? lock_acquire+0x2f/0xb0
[  154.501702][T10099]  ? __fget_files+0x40/0x3f0
[  154.502881][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.504359][T10099]  ? fput+0x30/0x390
[  154.505336][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.506536][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.508000][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.509085][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.510309][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.511489][T10099]  ? __schedule+0xe5d/0x5730
[  154.512649][T10099]  ? __fget_files+0x23a/0x3f0
[  154.513854][T10099]  ? do_futex+0x123/0x350
[  154.514973][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.516162][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.517470][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.518685][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.519812][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.521100][T10099]  do_syscall_64+0xcd/0x250
[  154.522247][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.523707][T10099] RIP: 0033:0x7f3c36f7e719
[  154.524815][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.529519][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.531580][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  154.533508][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  154.535496][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  154.537466][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.539431][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  154.541412][T10099]  </TASK>
[  154.542300][T10099] BUG: Bad page state in process syz.6.968  pfn:2e1a6
[  154.543996][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802e1a6e88 pfn:0x2e1a6
[  154.546452][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  154.548242][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  154.550360][T10099] raw: ffff88802e1a6e88 0000000000000001 00000000ffffffff 0000000000000000
[  154.552448][T10099] page dumped because: page_pool leak
[  154.553780][T10099] page_owner tracks the page as allocated
[  154.555187][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988195348, free_ts 144459756201
[  154.559297][T10099]  post_alloc_hook+0x2d1/0x350
[  154.560557][T10099]  get_page_from_freelist+0x101e/0x3070
[  154.561957][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  154.563297][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  154.564679][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  154.566165][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  154.567495][T10099]  page_pool_alloc_pages+0x1a/0x60
[  154.568789][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  154.570390][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.571736][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.573092][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.574189][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.575340][T10099]  do_syscall_64+0xcd/0x250
[  154.576505][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.577989][T10099] page last free pid 10042 tgid 10041 stack trace:
[  154.579665][T10099]  free_unref_page+0x5f4/0xdc0
[  154.580872][T10099]  __folio_put+0x30d/0x3d0
[  154.582006][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  154.583388][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  154.584667][T10099]  rcu_core+0x79d/0x14d0
[  154.585731][T10099]  handle_softirqs+0x213/0x8f0
[  154.586921][T10099]  irq_exit_rcu+0xbb/0x120
[  154.588049][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  154.589505][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  154.590994][T10099] Modules linked in:
[  154.591994][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  154.594933][T10099] Tainted: [B]=BAD_PAGE
[  154.595978][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.598628][T10099] Call Trace:
[  154.599496][T10099]  <TASK>
[  154.600237][T10099]  dump_stack_lvl+0x16c/0x1f0
[  154.601373][T10099]  bad_page+0xb3/0x1f0
[  154.602396][T10099]  ? __pfx_bad_page+0x10/0x10
[  154.603608][T10099]  ? page_bad_reason+0x9d/0x1e0
[  154.604844][T10099]  free_unref_page+0x657/0xdc0
[  154.606063][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  154.607571][T10099]  ? __phys_addr+0xc6/0x150
[  154.608707][T10099]  skb_free_head+0xa0/0x1d0
[  154.609851][T10099]  skb_release_data+0x560/0x730
[  154.611078][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  154.612349][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  154.614024][T10099]  ? kernel_text_address+0x8d/0x100
[  154.615346][T10099]  ? hlock_class+0x4e/0x130
[  154.616500][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  154.617748][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  154.619487][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.620686][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  154.622178][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  154.623829][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  154.625113][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.626694][T10099]  ? lock_acquire+0x2f/0xb0
[  154.627856][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.629450][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.630995][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.632652][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.633973][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.635307][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.636647][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.638210][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.639876][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.641298][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.642644][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.644152][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.645653][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.647157][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.648642][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.649982][T10099]  ? 0xffffffffa0009640
[  154.651035][T10099]  ? 0xffffffffa0009640
[  154.652086][T10099]  ? 0xffffffffa0009640
[  154.653132][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.654617][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.655989][T10099]  ? lock_acquire+0x2f/0xb0
[  154.657164][T10099]  ? __fget_files+0x40/0x3f0
[  154.658330][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.659801][T10099]  ? fput+0x30/0x390
[  154.660791][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.662004][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.663479][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.664570][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.665808][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.667015][T10099]  ? __schedule+0xe5d/0x5730
[  154.668203][T10099]  ? __fget_files+0x23a/0x3f0
[  154.669392][T10099]  ? do_futex+0x123/0x350
[  154.670494][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.671666][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.672956][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.674176][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.675314][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.676641][T10099]  do_syscall_64+0xcd/0x250
[  154.677810][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.679300][T10099] RIP: 0033:0x7f3c36f7e719
[  154.680435][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.685225][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.687312][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  154.689295][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  154.691283][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  154.693279][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.695269][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  154.697280][T10099]  </TASK>
[  154.698180][T10099] BUG: Bad page state in process syz.6.968  pfn:5d92b
[  154.699950][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805d92bca8 pfn:0x5d92b
[  154.702715][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  154.704524][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  154.706665][T10099] raw: ffff88805d92bca8 0000000000000001 00000000ffffffff 0000000000000000
[  154.708796][T10099] page dumped because: page_pool leak
[  154.710305][T10099] page_owner tracks the page as allocated
[  154.711729][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988190609, free_ts 144459761528
[  154.715914][T10099]  post_alloc_hook+0x2d1/0x350
[  154.717109][T10099]  get_page_from_freelist+0x101e/0x3070
[  154.718471][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  154.719857][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  154.721247][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  154.722708][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  154.724043][T10099]  page_pool_alloc_pages+0x1a/0x60
[  154.725338][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  154.726884][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.728233][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.729627][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.730729][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.731860][T10099]  do_syscall_64+0xcd/0x250
[  154.733007][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.734498][T10099] page last free pid 10042 tgid 10041 stack trace:
[  154.736123][T10099]  free_unref_page+0x5f4/0xdc0
[  154.737348][T10099]  __folio_put+0x30d/0x3d0
[  154.738507][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  154.739982][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  154.741262][T10099]  rcu_core+0x79d/0x14d0
[  154.742351][T10099]  handle_softirqs+0x213/0x8f0
[  154.743578][T10099]  irq_exit_rcu+0xbb/0x120
[  154.744706][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  154.746113][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  154.747643][T10099] Modules linked in:
[  154.748630][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  154.751663][T10099] Tainted: [B]=BAD_PAGE
[  154.752699][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.755334][T10099] Call Trace:
[  154.756172][T10099]  <TASK>
[  154.756923][T10099]  dump_stack_lvl+0x16c/0x1f0
[  154.758116][T10099]  bad_page+0xb3/0x1f0
[  154.759153][T10099]  ? __pfx_bad_page+0x10/0x10
[  154.760333][T10099]  ? page_bad_reason+0x9d/0x1e0
[  154.761564][T10099]  free_unref_page+0x657/0xdc0
[  154.762776][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  154.764290][T10099]  ? __phys_addr+0xc6/0x150
[  154.765448][T10099]  skb_free_head+0xa0/0x1d0
[  154.766602][T10099]  skb_release_data+0x560/0x730
[  154.767837][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  154.769117][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  154.770795][T10099]  ? kernel_text_address+0x8d/0x100
[  154.772140][T10099]  ? hlock_class+0x4e/0x130
[  154.773286][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  154.774549][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  154.776339][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.777613][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  154.779138][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  154.780768][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  154.782084][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.783649][T10099]  ? lock_acquire+0x2f/0xb0
[  154.784782][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.786356][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.787923][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.789595][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.790920][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.792260][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.793571][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.795165][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.796841][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.798260][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.799601][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.801069][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.802566][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.804070][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.805531][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.806865][T10099]  ? 0xffffffffa0009640
[  154.807941][T10099]  ? 0xffffffffa0009640
[  154.808997][T10099]  ? 0xffffffffa0009640
[  154.810052][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.811558][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.812905][T10099]  ? lock_acquire+0x2f/0xb0
[  154.814067][T10099]  ? __fget_files+0x40/0x3f0
[  154.815242][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.816718][T10099]  ? fput+0x30/0x390
[  154.817729][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.818948][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.820444][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.821558][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.822811][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.824028][T10099]  ? __schedule+0xe5d/0x5730
[  154.825156][T10099]  ? __fget_files+0x23a/0x3f0
[  154.826344][T10099]  ? do_futex+0x123/0x350
[  154.827429][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.828618][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.829888][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.831118][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.832268][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.833586][T10099]  do_syscall_64+0xcd/0x250
[  154.834750][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.836280][T10099] RIP: 0033:0x7f3c36f7e719
[  154.837412][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.842195][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  154.844316][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  154.846297][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  154.848280][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  154.850253][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.852213][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  154.854202][T10099]  </TASK>
[  154.855085][T10099] BUG: Bad page state in process syz.6.968  pfn:29fc2
[  154.856784][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888029fc2a20 pfn:0x29fc2
[  154.859328][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  154.861140][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  154.863245][T10099] raw: ffff888029fc2a20 0000000000000001 00000000ffffffff 0000000000000000
[  154.865368][T10099] page dumped because: page_pool leak
[  154.866722][T10099] page_owner tracks the page as allocated
[  154.868134][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988186084, free_ts 144459767250
[  154.872358][T10099]  post_alloc_hook+0x2d1/0x350
[  154.873576][T10099]  get_page_from_freelist+0x101e/0x3070
[  154.874982][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  154.876326][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  154.877716][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  154.879187][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  154.880570][T10099]  page_pool_alloc_pages+0x1a/0x60
[  154.881848][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  154.883416][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.884768][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.886118][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.887224][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.888342][T10099]  do_syscall_64+0xcd/0x250
[  154.889528][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.890961][T10099] page last free pid 10042 tgid 10041 stack trace:
[  154.892543][T10099]  free_unref_page+0x5f4/0xdc0
[  154.893730][T10099]  __folio_put+0x30d/0x3d0
[  154.894821][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  154.896197][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  154.897436][T10099]  rcu_core+0x79d/0x14d0
[  154.898506][T10099]  handle_softirqs+0x213/0x8f0
[  154.899780][T10099]  irq_exit_rcu+0xbb/0x120
[  154.900913][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  154.902292][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  154.903777][T10099] Modules linked in:
[  154.904764][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  154.907745][T10099] Tainted: [B]=BAD_PAGE
[  154.908791][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.911467][T10099] Call Trace:
[  154.912296][T10099]  <TASK>
[  154.913017][T10099]  dump_stack_lvl+0x16c/0x1f0
[  154.914198][T10099]  bad_page+0xb3/0x1f0
[  154.915242][T10099]  ? __pfx_bad_page+0x10/0x10
[  154.916437][T10099]  ? page_bad_reason+0x9d/0x1e0
[  154.917662][T10099]  free_unref_page+0x657/0xdc0
[  154.918875][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  154.920394][T10099]  ? __phys_addr+0xc6/0x150
[  154.921547][T10099]  skb_free_head+0xa0/0x1d0
[  154.922699][T10099]  skb_release_data+0x560/0x730
[  154.923902][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  154.925190][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  154.926840][T10099]  ? kernel_text_address+0x8d/0x100
[  154.928135][T10099]  ? hlock_class+0x4e/0x130
[  154.929286][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  154.930561][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  154.932328][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.933534][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  154.935054][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  154.936695][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  154.938011][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.939611][T10099]  ? lock_acquire+0x2f/0xb0
[  154.940744][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  154.942322][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  154.943889][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  154.945561][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  154.946850][T10099]  ? __build_skb_around+0x278/0x3b0
[  154.948183][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  154.949552][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  154.951130][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  154.952822][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  154.954248][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  154.955606][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  154.957092][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.958608][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  154.960176][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  154.961664][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  154.962996][T10099]  ? 0xffffffffa0009640
[  154.964065][T10099]  ? 0xffffffffa0009640
[  154.965131][T10099]  ? 0xffffffffa0009640
[  154.966169][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  154.967645][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  154.969025][T10099]  ? lock_acquire+0x2f/0xb0
[  154.970181][T10099]  ? __fget_files+0x40/0x3f0
[  154.971384][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.972834][T10099]  ? fput+0x30/0x390
[  154.973809][T10099]  ? __bpf_prog_get+0xa0/0x290
[  154.975038][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  154.976492][T10099]  __sys_bpf+0xfc6/0x49a0
[  154.977586][T10099]  ? __pfx_futex_wake+0x10/0x10
[  154.978928][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  154.980482][T10099]  ? __schedule+0xe5d/0x5730
[  154.981729][T10099]  ? __fget_files+0x23a/0x3f0
[  154.982921][T10099]  ? do_futex+0x123/0x350
[  154.984052][T10099]  ? __pfx_do_futex+0x10/0x10
[  154.985245][T10099]  ? xfd_validate_state+0x5d/0x180
[  154.986570][T10099]  ? rcu_is_watching+0x12/0xc0
[  154.987810][T10099]  __x64_sys_bpf+0x78/0xc0
[  154.988969][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.990404][T10099]  do_syscall_64+0xcd/0x250
[  154.991594][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.993096][T10099] RIP: 0033:0x7f3c36f7e719
[  154.994234][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.999096][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.001631][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.003846][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.005898][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.008005][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.010099][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.012108][T10099]  </TASK>
[  155.012998][T10099] BUG: Bad page state in process syz.6.968  pfn:27c13
[  155.014735][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888027c13e88 pfn:0x27c13
[  155.017296][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  155.019098][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  155.021319][T10099] raw: ffff888027c13e88 0000000000000001 00000000ffffffff 0000000000000000
[  155.023445][T10099] page dumped because: page_pool leak
[  155.024801][T10099] page_owner tracks the page as allocated
[  155.026212][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988181224, free_ts 144459772449
[  155.030509][T10099]  post_alloc_hook+0x2d1/0x350
[  155.031734][T10099]  get_page_from_freelist+0x101e/0x3070
[  155.033114][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  155.034455][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  155.035890][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  155.037384][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  155.038708][T10099]  page_pool_alloc_pages+0x1a/0x60
[  155.040043][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  155.041589][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.042915][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.044272][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.045357][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.046476][T10099]  do_syscall_64+0xcd/0x250
[  155.047634][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.049144][T10099] page last free pid 10042 tgid 10041 stack trace:
[  155.050790][T10099]  free_unref_page+0x5f4/0xdc0
[  155.052008][T10099]  __folio_put+0x30d/0x3d0
[  155.053131][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  155.054526][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  155.055801][T10099]  rcu_core+0x79d/0x14d0
[  155.056869][T10099]  handle_softirqs+0x213/0x8f0
[  155.058100][T10099]  irq_exit_rcu+0xbb/0x120
[  155.059246][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  155.060719][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  155.062212][T10099] Modules linked in:
[  155.063558][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  155.066673][T10099] Tainted: [B]=BAD_PAGE
[  155.067750][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.070440][T10099] Call Trace:
[  155.071303][T10099]  <TASK>
[  155.072070][T10099]  dump_stack_lvl+0x16c/0x1f0
[  155.073280][T10099]  bad_page+0xb3/0x1f0
[  155.074326][T10099]  ? __pfx_bad_page+0x10/0x10
[  155.075553][T10099]  ? page_bad_reason+0x9d/0x1e0
[  155.076805][T10099]  free_unref_page+0x657/0xdc0
[  155.078032][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  155.079623][T10099]  ? __phys_addr+0xc6/0x150
[  155.080751][T10099]  skb_free_head+0xa0/0x1d0
[  155.081883][T10099]  skb_release_data+0x560/0x730
[  155.083122][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  155.084406][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  155.086101][T10099]  ? kernel_text_address+0x8d/0x100
[  155.087444][T10099]  ? hlock_class+0x4e/0x130
[  155.088604][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  155.089881][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  155.091656][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.092891][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  155.094384][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  155.096001][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  155.097293][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.098862][T10099]  ? lock_acquire+0x2f/0xb0
[  155.100001][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.101595][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  155.103225][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  155.104968][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  155.106315][T10099]  ? __build_skb_around+0x278/0x3b0
[  155.107797][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  155.109267][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  155.110850][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  155.112543][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  155.113979][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.115365][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  155.116862][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.118354][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  155.119876][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  155.121359][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  155.122707][T10099]  ? 0xffffffffa0009640
[  155.123786][T10099]  ? 0xffffffffa0009640
[  155.124850][T10099]  ? 0xffffffffa0009640
[  155.125906][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.127417][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.128771][T10099]  ? lock_acquire+0x2f/0xb0
[  155.129932][T10099]  ? __fget_files+0x40/0x3f0
[  155.131111][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.132565][T10099]  ? fput+0x30/0x390
[  155.133563][T10099]  ? __bpf_prog_get+0xa0/0x290
[  155.134771][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.136258][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.137329][T10099]  ? __pfx_futex_wake+0x10/0x10
[  155.138546][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  155.139766][T10099]  ? __schedule+0xe5d/0x5730
[  155.140934][T10099]  ? __fget_files+0x23a/0x3f0
[  155.142123][T10099]  ? do_futex+0x123/0x350
[  155.143228][T10099]  ? __pfx_do_futex+0x10/0x10
[  155.144441][T10099]  ? xfd_validate_state+0x5d/0x180
[  155.145733][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.146935][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.148078][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.149413][T10099]  do_syscall_64+0xcd/0x250
[  155.150589][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.152055][T10099] RIP: 0033:0x7f3c36f7e719
[  155.153180][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.158378][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.160520][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.162520][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.164517][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.166503][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.168653][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.170646][T10099]  </TASK>
[  155.171551][T10099] BUG: Bad page state in process syz.6.968  pfn:23003
[  155.173239][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888023003948 pfn:0x23003
[  155.175777][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  155.177584][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  155.179772][T10099] raw: ffff888023003948 0000000000000001 00000000ffffffff 0000000000000000
[  155.181927][T10099] page dumped because: page_pool leak
[  155.183302][T10099] page_owner tracks the page as allocated
[  155.184850][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988176670, free_ts 144459777765
[  155.189084][T10099]  post_alloc_hook+0x2d1/0x350
[  155.190346][T10099]  get_page_from_freelist+0x101e/0x3070
[  155.191717][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  155.193044][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  155.194419][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  155.195899][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  155.197214][T10099]  page_pool_alloc_pages+0x1a/0x60
[  155.198514][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  155.200133][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.201452][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.202814][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.203917][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.205046][T10099]  do_syscall_64+0xcd/0x250
[  155.206197][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.207705][T10099] page last free pid 10042 tgid 10041 stack trace:
[  155.209310][T10099]  free_unref_page+0x5f4/0xdc0
[  155.210572][T10099]  __folio_put+0x30d/0x3d0
[  155.211722][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  155.213112][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  155.214392][T10099]  rcu_core+0x79d/0x14d0
[  155.215497][T10099]  handle_softirqs+0x213/0x8f0
[  155.216697][T10099]  irq_exit_rcu+0xbb/0x120
[  155.217816][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  155.219248][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  155.220806][T10099] Modules linked in:
[  155.221810][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  155.224861][T10099] Tainted: [B]=BAD_PAGE
[  155.225927][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.228618][T10099] Call Trace:
[  155.229476][T10099]  <TASK>
[  155.230239][T10099]  dump_stack_lvl+0x16c/0x1f0
[  155.231466][T10099]  bad_page+0xb3/0x1f0
[  155.232521][T10099]  ? __pfx_bad_page+0x10/0x10
[  155.233711][T10099]  ? page_bad_reason+0x9d/0x1e0
[  155.234972][T10099]  free_unref_page+0x657/0xdc0
[  155.236207][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  155.237711][T10099]  ? __phys_addr+0xc6/0x150
[  155.238855][T10099]  skb_free_head+0xa0/0x1d0
[  155.240015][T10099]  skb_release_data+0x560/0x730
[  155.241252][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  155.242518][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  155.244169][T10099]  ? kernel_text_address+0x8d/0x100
[  155.245472][T10099]  ? hlock_class+0x4e/0x130
[  155.246612][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  155.247875][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  155.249627][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.250852][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  155.252337][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  155.253942][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  155.255285][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.256889][T10099]  ? lock_acquire+0x2f/0xb0
[  155.258044][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.259620][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  155.261172][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  155.262849][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  155.264190][T10099]  ? __build_skb_around+0x278/0x3b0
[  155.265508][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  155.266851][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  155.268456][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  155.270097][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  155.271515][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.272844][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  155.274302][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.275791][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  155.277279][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  155.278727][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  155.280081][T10099]  ? 0xffffffffa0009640
[  155.281138][T10099]  ? 0xffffffffa0009640
[  155.282201][T10099]  ? 0xffffffffa0009640
[  155.283258][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.284733][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.286098][T10099]  ? lock_acquire+0x2f/0xb0
[  155.287254][T10099]  ? __fget_files+0x40/0x3f0
[  155.288430][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.289917][T10099]  ? fput+0x30/0x390
[  155.290903][T10099]  ? __bpf_prog_get+0xa0/0x290
[  155.292083][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.293511][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.294588][T10099]  ? __pfx_futex_wake+0x10/0x10
[  155.295836][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  155.297047][T10099]  ? __schedule+0xe5d/0x5730
[  155.298229][T10099]  ? __fget_files+0x23a/0x3f0
[  155.299428][T10099]  ? do_futex+0x123/0x350
[  155.300520][T10099]  ? __pfx_do_futex+0x10/0x10
[  155.301703][T10099]  ? xfd_validate_state+0x5d/0x180
[  155.302948][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.304192][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.305313][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.306609][T10099]  do_syscall_64+0xcd/0x250
[  155.307771][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.309244][T10099] RIP: 0033:0x7f3c36f7e719
[  155.310372][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.315139][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.317249][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.319236][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.321234][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.323224][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.325199][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.327186][T10099]  </TASK>
[  155.328059][T10099] BUG: Bad page state in process syz.6.968  pfn:4fc43
[  155.329798][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x4fc43
[  155.332001][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  155.333782][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  155.335941][T10099] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[  155.338061][T10099] page dumped because: page_pool leak
[  155.339426][T10099] page_owner tracks the page as allocated
[  155.340919][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988171758, free_ts 144459782737
[  155.345106][T10099]  post_alloc_hook+0x2d1/0x350
[  155.346310][T10099]  get_page_from_freelist+0x101e/0x3070
[  155.347676][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  155.348995][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  155.350434][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  155.351958][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  155.353293][T10099]  page_pool_alloc_pages+0x1a/0x60
[  155.354591][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  155.356177][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.357489][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.358824][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.359967][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.361108][T10099]  do_syscall_64+0xcd/0x250
[  155.362267][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.364029][T10099] page last free pid 10042 tgid 10041 stack trace:
[  155.365748][T10099]  free_unref_page+0x5f4/0xdc0
[  155.367004][T10099]  __folio_put+0x30d/0x3d0
[  155.368156][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  155.369618][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  155.370881][T10099]  rcu_core+0x79d/0x14d0
[  155.371973][T10099]  handle_softirqs+0x213/0x8f0
[  155.373184][T10099]  irq_exit_rcu+0xbb/0x120
[  155.374322][T10099]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  155.375713][T10099]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  155.377200][T10099] Modules linked in:
[  155.378185][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  155.381182][T10099] Tainted: [B]=BAD_PAGE
[  155.382221][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.384893][T10099] Call Trace:
[  155.385715][T10099]  <TASK>
[  155.386455][T10099]  dump_stack_lvl+0x16c/0x1f0
[  155.387653][T10099]  bad_page+0xb3/0x1f0
[  155.388659][T10099]  ? __pfx_bad_page+0x10/0x10
[  155.389825][T10099]  ? page_bad_reason+0x9d/0x1e0
[  155.391029][T10099]  free_unref_page+0x657/0xdc0
[  155.392244][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  155.393748][T10099]  ? __phys_addr+0xc6/0x150
[  155.394893][T10099]  skb_free_head+0xa0/0x1d0
[  155.396079][T10099]  skb_release_data+0x560/0x730
[  155.397315][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  155.398598][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  155.400286][T10099]  ? kernel_text_address+0x8d/0x100
[  155.401610][T10099]  ? hlock_class+0x4e/0x130
[  155.402780][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  155.404061][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  155.405852][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.407093][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  155.408619][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  155.410262][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  155.411603][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.413193][T10099]  ? lock_acquire+0x2f/0xb0
[  155.414350][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.415984][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  155.417527][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  155.419236][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  155.420562][T10099]  ? __build_skb_around+0x278/0x3b0
[  155.421909][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  155.423278][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  155.424883][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  155.426553][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  155.427969][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.429267][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  155.430725][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.432245][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  155.433734][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  155.435238][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  155.436638][T10099]  ? 0xffffffffa0009640
[  155.437693][T10099]  ? 0xffffffffa0009640
[  155.438737][T10099]  ? 0xffffffffa0009640
[  155.439798][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.441307][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.442673][T10099]  ? lock_acquire+0x2f/0xb0
[  155.443844][T10099]  ? __fget_files+0x40/0x3f0
[  155.445024][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.446505][T10099]  ? fput+0x30/0x390
[  155.447519][T10099]  ? __bpf_prog_get+0xa0/0x290
[  155.448737][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.450215][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.451327][T10099]  ? __pfx_futex_wake+0x10/0x10
[  155.452588][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  155.453773][T10099]  ? __schedule+0xe5d/0x5730
[  155.454956][T10099]  ? __fget_files+0x23a/0x3f0
[  155.456126][T10099]  ? do_futex+0x123/0x350
[  155.457177][T10099]  ? __pfx_do_futex+0x10/0x10
[  155.458364][T10099]  ? xfd_validate_state+0x5d/0x180
[  155.459651][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.460863][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.461983][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.463298][T10099]  do_syscall_64+0xcd/0x250
[  155.464433][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.465932][T10099] RIP: 0033:0x7f3c36f7e719
[  155.467078][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.471935][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.474053][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.476061][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.478039][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.480047][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.482038][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.484022][T10099]  </TASK>
[  155.484878][T10099] BUG: Bad page state in process syz.6.968  pfn:2917f
[  155.486578][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2917f
[  155.488773][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  155.490623][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  155.492773][T10099] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[  155.494925][T10099] page dumped because: page_pool leak
[  155.496308][T10099] page_owner tracks the page as allocated
[  155.497714][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988166972, free_ts 145936375817
[  155.502325][T10099]  post_alloc_hook+0x2d1/0x350
[  155.503560][T10099]  get_page_from_freelist+0x101e/0x3070
[  155.504952][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  155.506293][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  155.507691][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  155.509178][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  155.510764][T10099]  page_pool_alloc_pages+0x1a/0x60
[  155.512122][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  155.513663][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.515009][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.516457][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.517545][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.518685][T10099]  do_syscall_64+0xcd/0x250
[  155.520036][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.521736][T10099] page last free pid 8382 tgid 8382 stack trace:
[  155.523314][T10099]  free_unref_page+0x5f4/0xdc0
[  155.524529][T10099]  inode_doinit_with_dentry+0xac4/0x12c0
[  155.525931][T10099]  selinux_d_instantiate+0x26/0x30
[  155.527210][T10099]  security_d_instantiate+0x142/0x1a0
[  155.528552][T10099]  d_splice_alias+0x94/0xdf0
[  155.529766][T10099]  kernfs_iop_lookup+0x286/0x330
[  155.531005][T10099]  __lookup_slow+0x24f/0x460
[  155.532268][T10099]  walk_component+0x350/0x5b0
[  155.533476][T10099]  path_lookupat+0x17f/0x770
[  155.534671][T10099]  filename_lookup+0x1e5/0x5b0
[  155.535926][T10099]  vfs_statx+0x11e/0x1e0
[  155.537006][T10099]  vfs_fstatat+0x9f/0x160
[  155.538131][T10099]  __do_sys_newfstatat+0xa2/0x130
[  155.539428][T10099]  do_syscall_64+0xcd/0x250
[  155.540815][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.542506][T10099] Modules linked in:
[  155.543524][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  155.546495][T10099] Tainted: [B]=BAD_PAGE
[  155.547577][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.550268][T10099] Call Trace:
[  155.551113][T10099]  <TASK>
[  155.551871][T10099]  dump_stack_lvl+0x16c/0x1f0
[  155.553073][T10099]  bad_page+0xb3/0x1f0
[  155.554111][T10099]  ? __pfx_bad_page+0x10/0x10
[  155.555325][T10099]  ? page_bad_reason+0x9d/0x1e0
[  155.556535][T10099]  free_unref_page+0x657/0xdc0
[  155.557723][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  155.559233][T10099]  ? __phys_addr+0xc6/0x150
[  155.560360][T10099]  skb_free_head+0xa0/0x1d0
[  155.561491][T10099]  skb_release_data+0x560/0x730
[  155.562707][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  155.563945][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  155.565601][T10099]  ? kernel_text_address+0x8d/0x100
[  155.566896][T10099]  ? hlock_class+0x4e/0x130
[  155.568034][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  155.569267][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  155.570986][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.572154][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  155.573553][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  155.575158][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  155.576471][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.578078][T10099]  ? lock_acquire+0x2f/0xb0
[  155.579251][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.580835][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  155.582401][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  155.584094][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  155.585407][T10099]  ? __build_skb_around+0x278/0x3b0
[  155.586726][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  155.588058][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  155.589585][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  155.591308][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  155.592740][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.594080][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  155.595591][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.597091][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  155.598566][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  155.600072][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  155.601421][T10099]  ? 0xffffffffa0009640
[  155.602802][T10099]  ? 0xffffffffa0009640
[  155.603929][T10099]  ? 0xffffffffa0009640
[  155.605017][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.606516][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.607906][T10099]  ? lock_acquire+0x2f/0xb0
[  155.609047][T10099]  ? __fget_files+0x40/0x3f0
[  155.610213][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.611752][T10099]  ? fput+0x30/0x390
[  155.612729][T10099]  ? __bpf_prog_get+0xa0/0x290
[  155.613942][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.615595][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.617091][T10099]  ? __pfx_futex_wake+0x10/0x10
[  155.618346][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  155.619670][T10099]  ? __schedule+0xe5d/0x5730
[  155.620827][T10099]  ? __fget_files+0x23a/0x3f0
[  155.622024][T10099]  ? do_futex+0x123/0x350
[  155.623120][T10099]  ? __pfx_do_futex+0x10/0x10
[  155.624318][T10099]  ? xfd_validate_state+0x5d/0x180
[  155.625589][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.626750][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.627880][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.629383][T10099]  do_syscall_64+0xcd/0x250
[  155.630553][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.632222][T10099] RIP: 0033:0x7f3c36f7e719
[  155.633363][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.638213][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.640619][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.642702][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.644767][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.646722][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.648820][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.650825][T10099]  </TASK>
[  155.651697][T10099] BUG: Bad page state in process syz.6.968  pfn:40180
[  155.653396][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888040186600 pfn:0x40180
[  155.655906][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  155.657735][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  155.660055][T10099] raw: ffff888040186600 0000000000000001 00000000ffffffff 0000000000000000
[  155.662320][T10099] page dumped because: page_pool leak
[  155.663708][T10099] page_owner tracks the page as allocated
[  155.665242][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988162209, free_ts 145939979216
[  155.669634][T10099]  post_alloc_hook+0x2d1/0x350
[  155.670846][T10099]  get_page_from_freelist+0x101e/0x3070
[  155.672207][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  155.673543][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  155.674967][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  155.676586][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  155.677961][T10099]  page_pool_alloc_pages+0x1a/0x60
[  155.679260][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  155.680884][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.682334][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.683680][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.684775][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.685882][T10099]  do_syscall_64+0xcd/0x250
[  155.687019][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.688632][T10099] page last free pid 6226 tgid 6226 stack trace:
[  155.690262][T10099]  free_unref_page+0x5f4/0xdc0
[  155.691500][T10099]  __folio_put+0x30d/0x3d0
[  155.692637][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  155.694044][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  155.695358][T10099]  rcu_core+0x79d/0x14d0
[  155.696446][T10099]  handle_softirqs+0x213/0x8f0
[  155.697669][T10099]  do_softirq+0xb2/0xf0
[  155.698719][T10099]  __local_bh_enable_ip+0x100/0x120
[  155.700041][T10099]  hash_ipportip4_gc+0x240/0x460
[  155.701280][T10099]  process_one_work+0x9c5/0x1ba0
[  155.702539][T10099]  worker_thread+0x6c8/0xf00
[  155.703714][T10099]  kthread+0x2c1/0x3a0
[  155.704746][T10099]  ret_from_fork+0x45/0x80
[  155.705892][T10099]  ret_from_fork_asm+0x1a/0x30
[  155.707111][T10099] Modules linked in:
[  155.708098][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  155.711076][T10099] Tainted: [B]=BAD_PAGE
[  155.712116][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.714793][T10099] Call Trace:
[  155.715654][T10099]  <TASK>
[  155.716391][T10099]  dump_stack_lvl+0x16c/0x1f0
[  155.717553][T10099]  bad_page+0xb3/0x1f0
[  155.718579][T10099]  ? __pfx_bad_page+0x10/0x10
[  155.719763][T10099]  ? page_bad_reason+0x9d/0x1e0
[  155.720998][T10099]  free_unref_page+0x657/0xdc0
[  155.722213][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  155.723738][T10099]  ? __phys_addr+0xc6/0x150
[  155.724885][T10099]  skb_free_head+0xa0/0x1d0
[  155.726042][T10099]  skb_release_data+0x560/0x730
[  155.727272][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  155.728537][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  155.730172][T10099]  ? kernel_text_address+0x8d/0x100
[  155.731444][T10099]  ? hlock_class+0x4e/0x130
[  155.732577][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  155.733824][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  155.735569][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.736787][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  155.738291][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  155.739958][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  155.741292][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.742895][T10099]  ? lock_acquire+0x2f/0xb0
[  155.744054][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.745657][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  155.747232][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  155.748915][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  155.750241][T10099]  ? __build_skb_around+0x278/0x3b0
[  155.751556][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  155.752884][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  155.754464][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  155.756264][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  155.757690][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.759056][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  155.760701][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.762244][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  155.763784][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  155.765292][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  155.766621][T10099]  ? 0xffffffffa0009640
[  155.767683][T10099]  ? 0xffffffffa0009640
[  155.768727][T10099]  ? 0xffffffffa0009640
[  155.769777][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.771283][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.772624][T10099]  ? lock_acquire+0x2f/0xb0
[  155.773770][T10099]  ? __fget_files+0x40/0x3f0
[  155.774949][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.776421][T10099]  ? fput+0x30/0x390
[  155.777434][T10099]  ? __bpf_prog_get+0xa0/0x290
[  155.778655][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.780145][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.781235][T10099]  ? __pfx_futex_wake+0x10/0x10
[  155.782466][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  155.783691][T10099]  ? __schedule+0xe5d/0x5730
[  155.784859][T10099]  ? __fget_files+0x23a/0x3f0
[  155.786073][T10099]  ? do_futex+0x123/0x350
[  155.787176][T10099]  ? __pfx_do_futex+0x10/0x10
[  155.788384][T10099]  ? xfd_validate_state+0x5d/0x180
[  155.789686][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.790923][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.792079][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.793401][T10099]  do_syscall_64+0xcd/0x250
[  155.794591][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.796118][T10099] RIP: 0033:0x7f3c36f7e719
[  155.797264][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.802052][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.804149][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.806145][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.808157][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.810173][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.812158][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.814164][T10099]  </TASK>
[  155.815081][T10099] BUG: Bad page state in process syz.6.968  pfn:40447
[  155.816808][T10099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888040447f00 pfn:0x40447
[  155.819334][T10099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  155.821192][T10099] raw: 00fff00000000000 dead000000000040 ffff888033265000 0000000000000000
[  155.823378][T10099] raw: ffff888040447f00 0000000000000001 00000000ffffffff 0000000000000000
[  155.825556][T10099] page dumped because: page_pool leak
[  155.826923][T10099] page_owner tracks the page as allocated
[  155.828344][T10099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 10099, tgid 10095 (syz.6.968), ts 145988157490, free_ts 145939986919
[  155.832610][T10099]  post_alloc_hook+0x2d1/0x350
[  155.833850][T10099]  get_page_from_freelist+0x101e/0x3070
[  155.835233][T10099]  __alloc_pages_noprof+0x223/0x25a0
[  155.836560][T10099]  alloc_pages_bulk_noprof+0x77c/0x1110
[  155.837961][T10099]  __page_pool_alloc_pages_slow+0x18f/0x770
[  155.839529][T10099]  page_pool_alloc_netmem+0xc4/0x160
[  155.840889][T10099]  page_pool_alloc_pages+0x1a/0x60
[  155.842410][T10099]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  155.843967][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.845315][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.846850][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.848033][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.849199][T10099]  do_syscall_64+0xcd/0x250
[  155.850439][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.851936][T10099] page last free pid 6226 tgid 6226 stack trace:
[  155.853528][T10099]  free_unref_page+0x5f4/0xdc0
[  155.854734][T10099]  __folio_put+0x30d/0x3d0
[  155.855896][T10099]  free_page_and_swap_cache+0x249/0x2c0
[  155.857288][T10099]  tlb_remove_table_rcu+0x89/0xe0
[  155.858671][T10099]  rcu_core+0x79d/0x14d0
[  155.859954][T10099]  handle_softirqs+0x213/0x8f0
[  155.861453][T10099]  do_softirq+0xb2/0xf0
[  155.862862][T10099]  __local_bh_enable_ip+0x100/0x120
[  155.864238][T10099]  hash_ipportip4_gc+0x240/0x460
[  155.865509][T10099]  process_one_work+0x9c5/0x1ba0
[  155.866902][T10099]  worker_thread+0x6c8/0xf00
[  155.868109][T10099]  kthread+0x2c1/0x3a0
[  155.869155][T10099]  ret_from_fork+0x45/0x80
[  155.870354][T10099]  ret_from_fork_asm+0x1a/0x30
[  155.871582][T10099] Modules linked in:
[  155.872542][T10099] CPU: 3 UID: 0 PID: 10099 Comm: syz.6.968 Tainted: G    B              6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0
[  155.875780][T10099] Tainted: [B]=BAD_PAGE
[  155.876862][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.880242][T10099] Call Trace:
[  155.881303][T10099]  <TASK>
[  155.882212][T10099]  dump_stack_lvl+0x16c/0x1f0
[  155.883436][T10099]  bad_page+0xb3/0x1f0
[  155.884462][T10099]  ? __pfx_bad_page+0x10/0x10
[  155.885734][T10099]  ? page_bad_reason+0x9d/0x1e0
[  155.886930][T10099]  free_unref_page+0x657/0xdc0
[  155.888140][T10099]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  155.889638][T10099]  ? __phys_addr+0xc6/0x150
[  155.890812][T10099]  skb_free_head+0xa0/0x1d0
[  155.891961][T10099]  skb_release_data+0x560/0x730
[  155.893198][T10099]  sk_skb_reason_drop+0x129/0x1a0
[  155.894469][T10099]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  155.896217][T10099]  ? kernel_text_address+0x8d/0x100
[  155.897527][T10099]  ? hlock_class+0x4e/0x130
[  155.898676][T10099]  ? __lock_acquire+0x163e/0x3ce0
[  155.899911][T10099]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  155.901621][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.902803][T10099]  __netif_receive_skb_list_core+0x357/0x950
[  155.904265][T10099]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  155.905897][T10099]  ? trace_lock_acquire+0x14a/0x1d0
[  155.907182][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.908720][T10099]  ? lock_acquire+0x2f/0xb0
[  155.909835][T10099]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  155.911401][T10099]  netif_receive_skb_list_internal+0x753/0xdb0
[  155.912936][T10099]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  155.914618][T10099]  ? __pfx_eth_type_trans+0x10/0x10
[  155.915980][T10099]  ? __build_skb_around+0x278/0x3b0
[  155.917274][T10099]  netif_receive_skb_list+0x4f/0x4a0
[  155.918614][T10099]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  155.920345][T10099]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  155.922026][T10099]  ? bpf_test_timer_continue+0x150/0x3d0
[  155.923594][T10099]  bpf_test_run_xdp_live+0x365/0x500
[  155.925041][T10099]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  155.926670][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.928154][T10099]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  155.929644][T10099]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  155.931138][T10099]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  155.932477][T10099]  ? 0xffffffffa0009640
[  155.933520][T10099]  ? 0xffffffffa0009640
[  155.934568][T10099]  ? 0xffffffffa0009640
[  155.935647][T10099]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  155.937149][T10099]  bpf_prog_test_run_xdp+0x827/0x1580
[  155.938489][T10099]  ? lock_acquire+0x2f/0xb0
[  155.939655][T10099]  ? __fget_files+0x40/0x3f0
[  155.941024][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.942555][T10099]  ? fput+0x30/0x390
[  155.943731][T10099]  ? __bpf_prog_get+0xa0/0x290
[  155.945315][T10099]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  155.946870][T10099]  __sys_bpf+0xfc6/0x49a0
[  155.948046][T10099]  ? __pfx_futex_wake+0x10/0x10
[  155.949338][T10099]  ? __pfx___sys_bpf+0x10/0x10
[  155.950549][T10099]  ? __schedule+0xe5d/0x5730
[  155.951750][T10099]  ? __fget_files+0x23a/0x3f0
[  155.952971][T10099]  ? do_futex+0x123/0x350
[  155.954076][T10099]  ? __pfx_do_futex+0x10/0x10
[  155.955285][T10099]  ? xfd_validate_state+0x5d/0x180
[  155.956563][T10099]  ? rcu_is_watching+0x12/0xc0
[  155.957771][T10099]  __x64_sys_bpf+0x78/0xc0
[  155.958889][T10099]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.960227][T10099]  do_syscall_64+0xcd/0x250
[  155.961508][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.963011][T10099] RIP: 0033:0x7f3c36f7e719
[  155.964184][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.969179][T10099] RSP: 002b:00007f3c37ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.971295][T10099] RAX: ffffffffffffffda RBX: 00007f3c37136058 RCX: 00007f3c36f7e719
[  155.973245][T10099] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  155.975255][T10099] RBP: 00007f3c36ff132e R08: 0000000000000000 R09: 0000000000000000
[  155.977236][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.979370][T10099] R13: 0000000000000000 R14: 00007f3c37136058 R15: 00007ffe02d56c68
[  155.981508][T10099]  </TASK>

VM DIAGNOSIS:
06:23:12  Registers:
info registers vcpu 0

CPU#0
RAX=00000000000000a5 RBX=ffffc90006523818 RCX=ffffffff864c1b77 RDX=1ffff11004e11f83
RSI=ffffffff864c1b84 RDI=ffff88802708fc2a RBP=00000000000000a5 RSP=ffffc9000389ee70
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=00000000ab10007c R13=dffffc0000000000 R14=ffffc900000bda40 R15=ffff888107fc0000
RIP=ffffffff864c1c26 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f0cbe4c6d00 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffe6d35eff8 CR3=0000000031ba0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=81e50b1181e50b11 81e50b1181e50b11 81e50b1181e50b11 81e50b1181e50b11 81e50b1181e50b11 81e50b1181e50b11 81e50b1181e50b11 81e50b1181e50b11
ZMM22=be891e0dbe891e0d be891e0dbe891e0d be891e0dbe891e0d be891e0dbe891e0d be891e0dbe891e0d be891e0dbe891e0d be891e0dbe891e0d be891e0dbe891e0d
ZMM23=9da761609da76160 9da761609da76160 9da761609da76160 9da761609da76160 9da761609da76160 9da761609da76160 9da761609da76160 9da761609da76160
ZMM24=b7de64b9b7de64b9 b7de64b9b7de64b9 b7de64b9b7de64b9 b7de64b9b7de64b9 b7de64b9b7de64b9 b7de64b9b7de64b9 b7de64b9b7de64b9 b7de64b9b7de64b9
ZMM25=76f0ddfa76f0ddfa 76f0ddfa76f0ddfa 76f0ddfa76f0ddfa 76f0ddfa76f0ddfa 76f0ddfa76f0ddfa 76f0ddfa76f0ddfa 76f0ddfa76f0ddfa 76f0ddfa76f0ddfa
ZMM26=26fc7cb326fc7cb3 26fc7cb326fc7cb3 26fc7cb326fc7cb3 26fc7cb326fc7cb3 26fc7cb326fc7cb3 26fc7cb326fc7cb3 26fc7cb326fc7cb3 26fc7cb326fc7cb3
ZMM27=5a46b64b5a46b64b 5a46b64b5a46b64b 5a46b64b5a46b64b 5a46b64b5a46b64b 5a46b64b5a46b64b 5a46b64b5a46b64b 5a46b64b5a46b64b 5a46b64b5a46b64b
ZMM28=000000a00000009f 0000009e0000009d 0000009c0000009b 0000009a00000099 0000009800000097 0000009600000095 0000009400000093 0000009200000091
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=3e0500003e050000 3e0500003e050000 3e0500003e050000 3e0500003e050000 3e0500003e050000 3e0500003e050000 3e0500003e050000 3e0500003e050000
info registers vcpu 1

CPU#1
RAX=ffffffff9abc1940 RBX=0000000000000000 RCX=0000000000000001 RDX=1ffff1100531a0e3
RSI=1ffff92000a94eb9 RDI=ffff8880298d0718 RBP=0000000000000001 RSP=ffffc900054a7538
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff905f508f R11=0000000000000000
R12=ffff8880298d0718 R13=ffff8880298d0718 R14=0000000000000000 R15=ffff88802726a440
RIP=ffffffff816a5c6f RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd4fdc406c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f302ba67d60 CR3=0000000058f8e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f302af0c6a3 00007f302af0c6a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1fdf6c00 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558d261fe0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558d1e9490
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558d27361f 000055558d271060
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10000a012bea0002 0018ba0358020018 b80308808010ae00 188a037a02001888
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f7080f8003003065 6c69662f2e01ffff ffffffffffffef08 0e80030010000380
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0365646f6d01ffff fffffffffffff708 1880030066706201 ffffffffffffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10000a012bea0002 0018ba0358020018 b80308808010ae00 188a037a02001888
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0138100001800401 0000120806060103 9200080001b00300 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000004 RDX=ffffffff96e713d0
RSI=1ffff92000a8eeae RDI=ffff8880298d0120 RBP=0000000000000001 RSP=ffffc900054774e0
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff905f508f R11=0000000000000000
R12=ffff8880298d0118 R13=0000000000000000 R14=0000000000000000 R15=ffff888027128000
RIP=ffffffff816a5d25 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd4fdc1f6c0 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f3c36f74f93 CR3=0000000058f8e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000400001 Opmask01=0000000000000054 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcdf21cb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcdf21d8
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcdf21d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcdf21e6
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcdf226c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcdf234a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcf0c488 00007fd4fcf0c480 00007fd4fcf0c478 00007fd4fcf0c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fda6d100 00007fd4fcf0c440 00007fd4fcf0c458 00007fd4fcf0c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd4fcf0c498 00007fd4fcf0c490 00007fd4fcf0c488 00007fd4fcf0c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000006c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850b46e5 RDI=ffffffff9aae7bc0 RBP=ffffffff9aae7b80 RSP=ffffc900052e6990
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006c R14=ffffffff850b4680 R15=0000000000000000
RIP=ffffffff850b470f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3c37ce06c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2b60a1 CR3=00000000350fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe02d57000 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c36ff21cb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c36ff21d8
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c36ff21d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c36ff21e6
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c36ff226c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c36ff234a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000007c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 000000000000007c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000