last executing test programs:

4.567562268s ago: executing program 1 (id=697):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000b40)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000080)='1', 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x4e21, 0x100, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c, &(0x7f00000002c0)=[{&(0x7f00000001c0)='A', 0x1}], 0x1}}], 0x2, 0x2400c044) (async)
sendmmsg$inet6(r0, &(0x7f0000000b40)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000080)='1', 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x4e21, 0x100, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c, &(0x7f00000002c0)=[{&(0x7f00000001c0)='A', 0x1}], 0x1}}], 0x2, 0x2400c044)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f00000021c0)={0x2, [0x0, 0x0]}, &(0x7f0000007e00)=0xff89)

3.994392125s ago: executing program 1 (id=691):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e276800"/2574], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffec0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = socket(0x200000100000011, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="30000000000000002000000000000000d96e6c8d5e85080045f00d80724e11d56911"], 0x30}], 0x1}, 0x0)
r4 = accept$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000180)=0x1c)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11}, @TCA_FQ_QUANTUM={0x8}]}}]}, 0x40}}, 0x0)
ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f00000001c0)={@ipv4={'\x00', '\xff\xff', @loopback}, @remote, @loopback, 0x3, 0x2, 0x0, 0x500, 0x7, 0x802c4, r7})
r8 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r8, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
r9 = socket$kcm(0x29, 0x2, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
syz_io_uring_setup(0x24fa, &(0x7f0000000300)={0x0, 0x0, 0x10100}, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r9, 0x89e0, &(0x7f0000000300)={r8, r0})
ioctl$sock_kcm_SIOCKCMATTACH(r9, 0x89e0, &(0x7f0000000240)={r9, r0})
r10 = epoll_create1(0x0)
r11 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r10, &(0x7f00000000c0))
r12 = epoll_create1(0x0)
r13 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES16=r5, @ANYRES16=r13, @ANYBLOB="0500000000000000df250100000000000000014100568e0ce2e4040000001c00170000000c595200170000000000000000009e5df2b80000006532e30bcf968c851876b1dfed39ff93e14505f5665b48d900254deb63aa4f8cd3234ce045ee7e629dd833dc617feadae391c8a1ef67f3abf5310e0a34435f"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x8c084)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r12, &(0x7f00000000c0)={0x2000})
r14 = socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x4)
setsockopt$packet_int(r14, 0x107, 0x9, &(0x7f0000000000)=0x8, 0x4)

3.9319315s ago: executing program 1 (id=694):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000000)=""/4102, &(0x7f0000001080)=0x1006)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000380)={0x1ff, 0x2, 0x2000, 0x2000, &(0x7f0000feb000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001400)={r1, 0xe0, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000001040)=[0x0, 0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x2, 0x9, &(0x7f0000001180)=[0x0, 0x0], &(0x7f00000011c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xec, &(0x7f0000001200)=[{}], 0x8, 0x10, &(0x7f0000001240), &(0x7f0000001280), 0x8, 0x16, 0x8, 0x8, &(0x7f00000012c0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001480)={0x18, 0x5, &(0x7f00000010c0)=ANY=[], &(0x7f0000001440)='syzkaller\x00', 0x4ba7, 0x0, 0x0, 0x41000, 0x4, '\x00', r5, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0xa)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, &(0x7f0000000200)="650f09dc6a8166b81e018ee88fc978c7c966b822008ee8b8010000000f01d9f266f30f2295b97f0800000f32b9370200000f320f35", 0x35}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000b54000/0x2000)=nil, 0x2000, 0x9, 0x8010, r1, 0x10000000)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
readahead(r1, 0x200, 0x1)

2.984775001s ago: executing program 1 (id=708):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67a}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000480)="435d61e778eb38a7b38869e147b2bb2d8ea5f836c654c0d9d14ceca9529604eb9a1f8d24c87b2153413b8bc5d52b8aa671b64b2290f0d96afeaa40f60d23f9f9f7d8b4c37a6409abd84ddbe5264f73200c67d8f9742d0f51951f7bb8fe27a59cc395ba580c12f6e995b8a62901c58273c223abb6", 0x74}, {&(0x7f0000000180)="518cf9568a61ae870100000000000080b8e2d292b9e8", 0x16}, {&(0x7f0000000b80)="5132ac5e8205378f905fac4b0f7b0ad4ff080df00b5a6655e32124d51a45ebebdf4a86101587d502357bfc43f44098742b83caede42f6e007330dc8ab67371c65d39bc126b8f9bf17dce0ba9d14f263efa7056bb8a0291c5842e42342519a9e795b7d8aee13edfa09bd3f9ae3bdc4c2dccc27cc0cf4fe85fa17f46ff8c017571490f296ef2ea1cf31486bd4167bb33cb9a5e1f96de2ee8af9574695ddf5d1ec4d17c9508cdd9e77ec5bc62a820e263a31521f0b9031c9e1e14ae91f0c99b44960df2aaee22480355aa20d280d1ed54ae539055ca1e20a57f81db185fa20780f08847b683fb2ee1f75ca3344ad0d1145d6549734fa87b", 0xf6}, {&(0x7f0000001140)="6601a68e4cccac69431df174bbce91246fce262b3de6a53334d329a142ae0f304e4fbde8fab4d68bedcd182b41227278c65f7de353b11fb211723a88dbbaeb901b447fb35a9f3f4b671a3e3929c119f9deec5e46cdbe5cac679cad88c9aa61bc7ffd219a18b36ef0bfa46274c5cda17a4b8588c492dcdd43dee797fe7debf7c1143177d4f4b02255ca5a460117743cbf77041e01a6947526b1709ee269f30000000000a5354d5b58fc1105538f675f7dd86b01e55299cc74634421628c4604c608a587e994b173083d2d2561f1e2d7085d7ad84d0c3d85001dc44e4cbadc47de90ae358ef75d9bb41b44590ec1232737be96dc4d4ad7efc660f95ff623e4e053f8db0825b83a2df3ff1179f4e1634506f0d862e777ac9f14855f21b7bb21c9c963ec12e80dc56c3d5f174f0c00029673d797a5f146c8c9b97cb198d716c768ca756c7431018750be6c1c24", 0x14b}], 0x4}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000580)="1fdefa76cc6f846bf5a6f3b74b198be5210d7013d7c72653914b2d", 0x1b}, {&(0x7f00000005c0)="925f1604a8e43b732be04c9b3ba6e8e512ca21f2a68d2366d2f3679f622fd951bfd4abf2bed0b25673e9b8c0e0424914f84c5e5e03d3f1aeeb1abe6160216a7874eb3e7eed3a822035c26a06e605ea5d2791de4914862f3bc38c533b7baaf2adf8e40ac99c6c6ea28a32a67a88c0f7", 0x6f}, {&(0x7f00000000c0)="838b2e5b060676ef306171965a928c39179c22c920707c84944684000000000082dc907a", 0x24}, {&(0x7f0000000680)="672733c5976ca6c31adb6c24db79c83e9b45d13a8e1ea257366fb3bfa96784a260fa004d3fc2b710bbd01b54290769b373e99fbfcd8ff00ddbab81d104994815c477e3cb64d14282eec0e67db26a5e0b4ec7a9c740d7e24b53c4b88993b3fb971ed3a457b112ff610555694c4c6232a3c6f9e064f57b9131499992d33412244750adf6e7a3e1bc4db5c02e1bddf4517245abcbb615f1d5ed6ba966ba86992a0a6d170ec160d68df28491389f9f292524216e554ad60419161754391a108b00000000000000", 0xc5}, {&(0x7f0000000cc0)="73fd54eece75adf471522adb56455da4275933a676262ee25f3714893cc16885c81f70ce1dc0b806d5f8cd24495a346f938f8e31ce3b3d263ea7b8ef7328610c89a78b640d210fa06330b6b7570b1c82dcd06fafc2eb84815086cf75bc72b37681c6b77916636c68e787b3598a5a3962343b4967ef2ee352d8ec30817dc9aded78e2e90f22307f571a93ba01b47f67e0f5fbada2250b984d31fc74837562e1abc215c8aabea27702f540cd715435ed5c39fe8189ccb185f5da9ffcc156d2da0800dbeab36134c23854bdfcf1e3ff0b13f49424ee4e5e68f7ab7c8aa9c2e0e54c57ec4c42ca9a6517c2ca860657e013cca20e3ea54b3c646dd9bad0e4f678af0263a02ff4b98146d9f8386dd3d4fe9af036ca8624490cee580bdc6fe7509e841cd6051f3dfefd6f5c0a599e38ec04eb77417ebf9c9111f17da0cdee266b96d89a6b0000", 0x143}, {&(0x7f0000000840)="bd1e3434fadf3992f82b84c4a2dda68087c998", 0x13}, {&(0x7f00000009c0)="4da150f0290c413d64af754e90f9ab36b589fc38f62150e9613e2b8b1926b973b6010000002564ae101a31fda0b400884a3abceec83fb42f37acbce48d3985354b6058a4e0935af0aacf7e2d85f031fdd8c995e0a6dc363938f2622001de5e38cd3af42397b5a4d10974959a35960500000000000000483220430645e3bc8d30a586453126d6ce1a1510fb9a431edfede079b6c8b946af562fdafcaecf545922e47d0290770c6bcbc7ce9037011c3cee4a33d14894a4ca4c8c113de8da5e43117971cb15279863972426", 0xca}], 0x7}}], 0x3, 0x2000c044)
r2 = socket(0xf, 0x6, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_LIMIT={0x8, 0x7}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000380)='f2fs_write_end\x00'}, 0x18)
landlock_create_ruleset(0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000200)=""/229)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x0, 0x0)
getsockopt$sock_int(r5, 0x1, 0x10, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
r6 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000001900)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x0, 0xe138, 0x198, 0x1c0, 0x198, 0x2a0, 0x358, 0x358, 0x2a0, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bond\x00'}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000000000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x8}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x398)
r7 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000001900)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x0, 0xe138, 0x198, 0x1c0, 0x198, 0x2a0, 0x358, 0x358, 0x2a0, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bond\x00'}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000000000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x8}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x398)
listen(0xffffffffffffffff, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x1)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000300)=0x208)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0x2a, &(0x7f0000006780), 0x4)
landlock_restrict_self(r5, 0x0)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
recvmmsg(r8, &(0x7f0000005dc0)=[{{0x0, 0x0, 0x0}}], 0x4000000000002b1, 0x1f, 0x0)

2.171629595s ago: executing program 1 (id=715):
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0xc4, 0x3, 0x1, 0x301, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TUPLE_MASTER={0x2c, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x308}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x4}]}, @CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0xc, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x2}]}}, @CTA_PROTOINFO={0x20, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x5}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0xd0}]}}, @CTA_TUPLE_ORIG={0x40, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x20000804)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c00018006000600800a0000100002800c000b"], 0x34}}, 0xc000)

1.597357289s ago: executing program 2 (id=723):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r1, &(0x7f00000000c0), 0x12)
bind$x25(r2, &(0x7f0000000100), 0x12)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
read(r4, 0x0, 0x300)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r5], 0x1c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x7}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0xb, @local}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x4800)
close_range(r3, 0xffffffffffffffff, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000030000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x5, 0x0, r3, 0x1b5f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_REAPURB(r11, 0x4008550c, &(0x7f0000002680))
ioctl$USBDEVFS_FREE_STREAMS(r11, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000140)="c5", 0x1, r0)
add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000200)="4319e2aabc1e4a13e696a7f0d7557242d852f77f9c16bad3035548f5cdb5bc12d17a90b4063934ce295fa65c2323953d5e52a3ff4c543f247e4fb54ca97d0053f1606f9fe21d35d3b25e2c3a713579039c1ea1f53aaeabd7b902297b5fd3dccd0b11db742f0e5a832b3adef3a6eae7952cbf3874ef323373b5d03e736994b6eef1e78e566d8c26a21a5e0896bc5b515603985946e75f93f7bd54adfdb387b992d26814248b9a22e770160dcb9694b89abd64650a00"/192, 0x111, r0)
add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000480)="03", 0x1, 0xfffffffffffffffe)

1.376829468s ago: executing program 2 (id=728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000022bf000000001000b6946dbc9438a60f5aa10563dbf5d33934bfd8b6377f148a9c367fb67556022bf5fafc48f430cdfb4a28d24881c92953341a2aef18eccac9a03f7a04a44c906e9d57edd332aa60989ddcc355cef7b1c03bcaf57a36a1c85d63e0d065af1f42db872296dcde845339ea72ad4ee259c1e0f410ed21f6dca5f36dfe12ec2fc0aef08c96ce1573ceebb33dd1a2a0c7f165ed7b0e27efa8a539f4234a36bbef2035bc24fac8275e5de1d89a4fa28350516ccff3cfef702f9506ce5d347ad63f39ba03592771b0d4c229f90a5c4d6c91d22077d0cd0df42a34942dc77e2e3a20a2e8", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000140)=@ethtool_cmd={0x3d, 0x2, 0x101, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, [0x1000000]}})
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, r1)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, r1, 0x0)
timer_settime(0x0, 0x1, 0x0, &(0x7f00000007c0))
r2 = syz_open_dev$sg(0x0, 0x0, 0x5bdd43)
readv(r2, &(0x7f000001a340), 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
r3 = syz_usbip_server_init(0x4)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0)
write$usbip_server(r3, &(0x7f0000001540)=ANY=[@ANYBLOB="0000000300000001"], 0x30)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$UFFDIO_ZEROPAGE(r5, 0xc018aa06, &(0x7f0000000100)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1})
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x4c, r6, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x10}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}]}, 0x4c}}, 0x24000054)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xd, 0x1, 0x4, 0x1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f0000000380)={0x4, 0x108000})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r7, &(0x7f00000001c0), &(0x7f0000000280)=@udp6=r0}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x7ff, r7}, 0x38)

1.301409901s ago: executing program 1 (id=730):
mkdir(0x0, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x1000803c)
read$char_usb(r1, &(0x7f0000000440)=""/154, 0x9a)
r2 = socket$phonet(0x23, 0x2, 0x1)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='erspan0\x00', 0x10)
ioctl$SIOCPNGETOBJECT(r2, 0x89e0, &(0x7f0000000000)=0x2f9d)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x73, 0x101201)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x100)
setresuid(r4, 0x0, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r3, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303120008ff6000000002000020d3"])
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
timer_create(0x0, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r6, &(0x7f0000000200)=""/128, 0x80)
syz_usb_disconnect(r0)
readv(0xffffffffffffffff, 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, 0xffffffffffffffff)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs(r8, &(0x7f00000002c0)='fd/4\x00')
write$binfmt_script(r9, 0x0, 0x300)
write$P9_RLINK(r9, &(0x7f0000000080)={0x7, 0x47, 0x1}, 0x7)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="980400003a000b00a000"/20], 0x18}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.121821451s ago: executing program 0 (id=735):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-512\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0) (async)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0) (async)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x14, 0x0, @fd=r3})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0x2}, {@in=@local, 0x0, 0x3c}, @in=@local, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xaf}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0x2}, {@in=@local, 0x0, 0x3c}, @in=@local, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xaf}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33) (async)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f0000000140)={0x2, 0x0, 0xfdfd, {0x0, 0x0, 0x3ff, 0x8}})
ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000000400)={0x3, 0x1, 0x23, &(0x7f00000003c0)=""/35})
creat(&(0x7f0000000400)='./bus\x00', 0x0) (async)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f0000000280)=@md5={0x1, "bf5110b0dbe094319d585e800e0e621c"}, 0x11, 0x0)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000001600)=""/4098, 0x1002}, {&(0x7f0000004580)=""/4095, 0xfff}, {&(0x7f0000003540)=""/4102, 0x1006}, {&(0x7f0000002a40)=""/184, 0xb8}, {&(0x7f0000001540)=""/172, 0xac}, {&(0x7f0000000240)=""/142, 0x8e}, {&(0x7f0000001300)=""/203, 0xcb}], 0x7}, 0x2200) (async)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000001600)=""/4098, 0x1002}, {&(0x7f0000004580)=""/4095, 0xfff}, {&(0x7f0000003540)=""/4102, 0x1006}, {&(0x7f0000002a40)=""/184, 0xb8}, {&(0x7f0000001540)=""/172, 0xac}, {&(0x7f0000000240)=""/142, 0x8e}, {&(0x7f0000001300)=""/203, 0xcb}], 0x7}, 0x2200)
write$cgroup_int(r4, &(0x7f0000000000)=0x6, 0x12)
fsopen(&(0x7f0000000040)='ceph\x00', 0x0) (async)
r6 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000140)='source', &(0x7f0000000180)='[:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000a40)={'sit0\x00', &(0x7f00000004c0)={'gre0\x00', 0x0, 0x8, 0x7800, 0x6, 0xd4b, {{0x25, 0x4, 0x0, 0x2b, 0x94, 0x65, 0x0, 0x2, 0x29, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x40}, {[@timestamp_addr={0x44, 0x1c, 0x81, 0x1, 0x1, [{@loopback, 0xfffffffd}, {@multicast1, 0x8001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}]}, @timestamp={0x44, 0x8, 0x3a, 0x0, 0x4, [0x8001]}, @timestamp_prespec={0x44, 0xc, 0xb6, 0x3, 0x6, [{@private=0xa010100, 0x5}]}, @generic={0x44, 0x2}, @ssrr={0x89, 0x1b, 0x9f, [@remote, @multicast1, @empty, @broadcast, @dev={0xac, 0x14, 0x14, 0x12}, @multicast2]}, @noop, @timestamp_prespec={0x44, 0x1c, 0xbf, 0x3, 0xe, [{@multicast2, 0x8}, {@empty, 0x6}, {@multicast1, 0x200}]}, @timestamp_addr={0x44, 0x14, 0x31, 0x1, 0x6, [{@multicast2, 0x7}, {@broadcast, 0x6}]}]}}}}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000a80)={'veth0_to_batadv\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000a80)={'veth0_to_batadv\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000ac0))
sendmmsg$inet(r2, &(0x7f0000000bc0)=[{{&(0x7f0000000600)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f00000008c0)=[{&(0x7f0000000640)}, {&(0x7f0000000740)="80c9a592dcbd0afdcdb3d39fad885e725c3f8454b4ffa36fc056a6f2f215ae07e68e18de5c66a8ac8b5282e42ce37b62f16c07134eb0beb2e248928644474549b73d24f85d0914885b13ff47bd7e2dcaf623806b0b5b", 0x56}, {&(0x7f0000000800)}, {0x0}], 0x4, &(0x7f0000000b00)}}], 0x1, 0x4004)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x26, 0x7, 0xc, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x26, 0x7, 0xc, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r7, &(0x7f0000000080)="62272bee0013b302000000", 0xb)

1.118478179s ago: executing program 0 (id=736):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff0100000000000000fbffffffffff00e000000100000000000000000000000000000000000000000a0000000000002443c9330448810f2f16b08f7bccbb22c807af376b2375dc9f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000120000000000000000000000000000000000000000000000000000000000000005fa28adf83435000000000000004d22437b61f107de0c436be595c4000d5da6735cb9f1ed00000000000000000000000000000000000000000000000000000000000000000004000000000000000000"], 0xb8}}, 0x0) (async)
sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff0100000000000000fbffffffffff00e000000100000000000000000000000000000000000000000a0000000000002443c9330448810f2f16b08f7bccbb22c807af376b2375dc9f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000120000000000000000000000000000000000000000000000000000000000000005fa28adf83435000000000000004d22437b61f107de0c436be595c4000d5da6735cb9f1ed00000000000000000000000000000000000000000000000000000000000000000004000000000000000000"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff01000000000000000000000000ff"], 0xb8}}, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff01000000000000000000000000ff"], 0xb8}}, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup(r3) (async)
r4 = dup(r3)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1c, 0x4, 0x0, 0x0, 0x70, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x9, [0x0, 0x5, 0x0, 0x5]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}]}, @noop, @noop, @noop, @rr={0x7, 0xf, 0x0, [@dev, @multicast1, @private=0xa010102]}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1c, 0x4, 0x0, 0x0, 0x70, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x9, [0x0, 0x5, 0x0, 0x5]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}]}, @noop, @noop, @noop, @rr={0x7, 0xf, 0x0, [@dev, @multicast1, @private=0xa010102]}]}}}}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r7, 0x0, 0x0)
r8 = dup(r6)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0xfffffffffffffd55) (async)
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0xfffffffffffffd55)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000000)="9f90875a73ad17dee9ebece02db2103d44", 0x11) (async)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000000)="9f90875a73ad17dee9ebece02db2103d44", 0x11)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$BTRFS_IOC_SET_FEATURES(r5, 0x40309439, &(0x7f0000000580)={0x1, 0x3, 0xd})
ioctl$KVM_NMI(r9, 0xae9a)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000071000040"]) (async)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000071000040"])

874.046881ms ago: executing program 0 (id=742):
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4)

873.654444ms ago: executing program 0 (id=743):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x3, 0x3ff})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000080)={0x0, 0x5, 0x400})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @private1, 0x80}, 0x1c)
sendto$inet6(r2, &(0x7f00000000c0)="8d", 0x1, 0x0, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @private0}, 0x1c)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000080)={r3}, 0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES16=0x0, @ANYRES32], 0x24}}, 0xa000)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r7, @ANYBLOB], 0x28}}, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000140)={r3, 0x5, 0x10}, &(0x7f0000000180)=0xc)
r8 = openat$sr(0xffffffffffffff9c, &(0x7f0000004400), 0x0, 0x0)
fadvise64(r8, 0x0, 0xfc2, 0x5)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r9, 0x40045532, &(0x7f0000000100))
r10 = socket$inet(0x2, 0x80001, 0x84)
listen(r10, 0x2f)
listen(r10, 0x0)
listen(r10, 0xaca)
r11 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r11, 0x80045017, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0xc, 0x1e1d66)

873.365444ms ago: executing program 3 (id=744):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="367cd9254bff7b244deba395ba74bf7cb9b798ac988a30a8527ff77cddd35389721246eeb28f0f05f430378c6769b56293487b002c858eadea385dc71f3271a7aeede74d157152a0c131a938f708f13c5498b12adabdc4d8d6a9ec6f0c13cee2bfd108c91c175bebe31e87b37f4a3335603d71bb92bb13f4bceaa99ee57c858aaa29ec70173967859f99f7ae21bc646029"])
chdir(&(0x7f0000000280)='./file0\x00')
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

829.314018ms ago: executing program 3 (id=745):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x3, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r0, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000180)="4463b94f04d4389dfd622f1fa35592be7181889adf7c1c763b4bfb2b63eed3bbe4f0b88d7e31e7528bc1612df158f92a0b12353aea27c6a52bc71b5ed484187bedd7b18523e4695a460f4e6a356c0fbf2a71fa35793a5bdad5f368885831a9701af9d8debb54dcffdd99df3a582d6346e25f36adf9727a415e5ce014085c1d5aa675b5b35ffc80c3d5b8fb5e79c20cf1d4a73a9765478b2b94f63fe2fc44426aa4c2ca5141368646c74138094e936e1b8ffa719af2b5a0e732bb58f2d7c40bae8c6c4afe2b1bcb15d9fa6da0bd95b0026c5364afe8f4e1b3c4cf975f0da21d265c2131447059c5b4fc77930c70b4864218754ce0899329f967") (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x58) (async)
syz_emit_ethernet(0xe, &(0x7f00000003c0)=ANY=[], 0x0)

705.255482ms ago: executing program 3 (id=746):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f00000000c0), 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000004000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000004200)="bc799292537d5b253c9ba57217488203490ea9a1b54bc4a83a866878163c12bdf9750d245d6766e70fb9105434e4aa7d2fbd4ff6956750a685c3d04430f3ef374bb4fd70b3be3c140e3cc55d627a667cda0e467bc44dd18a51c73eea0d1fb80be570b9f5fb8052a4f958415c91d33c0df8c7f8c35490b4b00bd2ffc159cd0ad18cf3fd2a04ce585e40b8a5daf574ac67da68b510e7df3d23bf182381ea080e47241bf881fe0f4c88280652e1118bb72c5a63ad1736aa1d6e8865bc43b76b213f25925e55d59b52995ce61360066ae999ce2781bc477dda788254c3ec7f4fc4b22e9221c383e32d000fb6aa92f73c44a63f7afbec2587c5388d2e5c8da2040543a91e732a8f87c760e2d69d13af9be6c0528a88f3bc345548e54ea1b0c65bfb965a63fdf8de370e91aba80e74290274ef1a78ccbadcff9c761a757e0bd0bc58e0dc9a7d60328fa763ee192fc8aa50a871d7e55ece54aa2f6898a90c7bb9ec9ca170c1ff5b13b28ae78d0f1174ebeef76775d5bed17c2b89abfc62d12d1c9b9a37954fb6b00b1aee434db784b3806c6cb89086009deee170e0e73cdab98b3477950ebef5142b4c2b0f417b16c0245be1bfb0b67fdc0521d897ac4d3dabf1a716077afbee36913af1513194b21e7f7c2f90ad8663047c23558efcdc70e40c8b7fab846e56fc91733a8e07647f06af2345d154a7c75aee33355f34d46240278bd6f21e327c7e97e63802bd2a1d16d52907b74e5583ba8b5501366dd18446910dae5f3f7b8a2ea5d7f45c6ee49aca5f165fdfd1f93a375305343c410c0770940978b1287052fd7892c37c23972ab786afdcd187587ac76edfb0fcb41aa4f41cc19364ea6a77b14cafd06b033d1c24c43befe5af1962b4a6d75ac56ef58728b0feacf1dc82fa1b38e21399640cb60612c719caf5e4454c185cc073061dfcb5a770a4b86d8ef7b35c2af67e1cac9a3c34f1b052a35539b962fcd67cd6806623e0dd67c6306aac7a5c58c6d2efeda9cf7f2db40ece73bf42c646eafc2430550bec894dbb83aab067d2d4829547a1b76558b9f35a133a7f3edbce96f9a72be66a0ebe6b69ec4d29c66a3bbc5d6586b574ccdeb73156cb4ab328b554c1677a6ed582f7682d49acaa5855deee5e1d81318ab07ba67d86c137d2ac7f4f76b031d11a1923c98e71f3bcbe1b800644f2eb9fffadd9afb82c245d77843dca50ab8025ccbb8cf386effa82094e364092d2512e54900382e5ee735e34e6a2f8b5baa5ede27fbfd24a49ad1140ebb569066d7d6ab02b25edc769a93dd71ad5592e0fe31786c36aa7f564724578dbbfbfaf8c35e5a6054fe17c9ecb5d4b5e8b928e2829275329d0922113a2b04c6bede4638be8f45212d744dc9cee3c29a6e603c234c11bc66b1965495d8523ca5cb58a38b4a9e3d6785942de4184489e4942b569d2215a4299d04f0218084eaa8a06ded775beeb0ac6ef7e1c206c292fe843d268aba332a61be2e5322d4401dced190685551a99ed52b18716b4acb0277cab6cea3b8e663e1630262becddbdc946e60e56db3037813e5ef41d36394eaaf151e03a18552cc68a83cbceeaa8a2f55ebd40887bc997faf5c34341dc73b40e5f506dae635797bf613e62c26179a2030bdafe679a556f4cf9df9ea34383e4654620f1aa1375edfebaa3d71538bca6b569dd527dc5399b9e36a03b2e4ede39b3588bbb73c9312a026898b4cce7157ca9fb2ef796cb444dec8f18b5423a76575624c6b252591311a550bfc9215e960a750cb98068ceeac72d8d84e45a2da3d13c271d289056b05e8b461d11af6d3837a4c93fc1d1156c5e8f344a23f25751c2b0a76183b557dbe1cce72db5af87cde68687ae15c1565473b1d4cff1b4a5ec86c822d8162ab6ab2585779f6d0ac1641483fbfe40b48cf3f3bff80a8a39656b1b9898dce0b582c19a4640a9c8e16b5f00b9e5adaf46c0cecaf9a442b5219a355bcaaab37fa803e99e19f15ef18ded87cc0aed4eaf8b2f94e1483a08bce983984c4e825b50af986b6f8970c26d1097ff4100e54c64e496b2749bd76a5c033a95332bf3342efdfdea05572b29272b28d1e888e9981e8ec5f785ba05eb7ea23f4549634bf4e4b13bb927cdab6162feef4cb7420b8dcd1fcfc3c43cca3d8633ca9c6d254b66e78f4be6718b98347a48cc731cacfbe6cdb5c63b5763da2899af7bca8496305bcee9fb3dc0875fc76b3695089e2d9e8bc50f9e4b2df4a42b09519ec3f68c6d8a704982711bdecb39194f39c9b7e37eac10cbd39a829edeba7eae8e09035ec6b06812d5e7368d8f470ca242b416a69f77b355746dcb6035bec6e94d958ee8fcb7165ae9f274e5dc8a74e2659c1149e4b039d5c29cd6f0cb7874a6399eae48b55a38ea1996d3f8786133a8c74162923590b22cdfd0edaee864e0a34ae5aa3351c5867c39c279ff1fa33846acdc8a92e933bca9c695e5fb1b6e6b039edddf47d9564781e55cb7e7f868addf1ce148553d4a5b7e06aa0621ac4a05a582d4b1fd63fd37e095bdc27ee0a153beef7152d6039de3acc8e784a72bd362c82706267438b75a96e6f03ec0fc8ef481c5f7737fc528f19a2d48294fa0150aa5aced5ec3f450de1e22aff07eb36d4d68e8a8380245edf23e344a9fa863af9347f30a05de00a63d667c3125c8bbf069ebe7c6aecc9e87827e7f34766ad7b23964f40465bd08232c0a30563ab28deb6e4db6331b159612796caf5ca449b5ce3f1acfec653321fbdbef81e8224e903883350a4e21aa47f60ec5de0c55cb02039b9814e3dafa6f154634ed7a162d58b0454c034a9e90e1010b474a03bc1d41d4c5d27b08a7344569dcc09264aed75a0dfc598a6ae8cd9588e27716c7a4f2efb45231786930cbb18efaf4ea763476e41a5a9ca5c3d59749c7e1cd93095899e83ca48d54239d450a319ae197ce3eafd152ff8b9a0f8e100d56451f8e6caa44ab7a3134c60f5bbf73a9da2c535515d5b00214faf263306a50c170aee2e7ecbbbb3aa1180455ce84682d7c3e24a5d538dcdef860ba0fb701c5ce5b04a2d39500f155a0e4b56b5ddf286c707dbb3fbbd63242e9cf6c93320349ce32ca565e4adede973d0c11acc088a0065cfcdeca3b6f82ce1d78e486cfe3e032c6ae89038601080fe7123f0eade75ab009e4ac1499e5120fa6dd4c2a8a7971226abaa2b9da4cec1e9992e191329b48f75bf53abfe999a8b5b62b6f8c518ce57e3e9e5c69557a50cfb335f739b39e28ce72fb0de9bf1d53235d1a72dafc655c63bad9c4d7241cdbc5bea58250f7275cd0441b900c08773d2183516adfb58779c7db61767dca591e3d569d697a57676754d82b7c4653a3ad58594e150f65990ace27e1d75977c21fb5a896cea461936788a2056ba465cd5d0ff9908a562cd1214cd94525a94d010c3fa61f66e083f0b81f6442f4e093918fe5d665dc29ea220719069ec6e58e5beb3de896bccb56265328ed557a47ddfd4c2cff25b54aaf0676934590477e729e1f16151183e965d08a1e9843e0afcc42f172fbced9eddb4b6edd2e8918237f71984b739ae2b2e8939d9e2d9b10dc6b68385a6c50c6fda6c8adc2630a51de089e67e8cf8617d4c07387c06dc0877fb8e6b3d304be8419e3fb953694510862b4c220eebc71fd4cd46b7ba297a854db047dcc2111c1ef21e0d82868178e1f4d2a4a4c02f4ff591214faf055876ec6255424661a96e0085147edef49cbeef220384258ff89d1b846da162704c212570bd05bdc7a524e5aa43baa5a4856360fc43e4e0a019d4db3279c3703bc2e711463591e530bca412ff4f19047fe3ff3ae9f253e0cc11a9d7438e95ecbe2465af4dcba3f5eff37dafaec35a7e8c3d6cf3d67039938ed44047b84ce1833f3d16a361db64f7c1776cf203beb2b9ee6223b1676afbe989257b13936cd03b8df5beac8d4f9b1b3811be02e15b53161d06884fa5bba4a0075677dfc878546cf09be42d48d4e8b6c8560b30de6b7a1a54e6ff7c40e80c0f59ae644cc31013eab9e1b4065a247c6d1c6cc099b88c6468ee65d3a612f28f19b66b4f35222bc29cf835d514e08e6d3ff032d638caa9ef9792ff4e4d71ca0a4f319508e1abcf06fbc6244d8d8b23d8c65b519fcacb4ab3679e2de87e97c28ab219a1fd49e51cb987b9e64e642183c7b6f8e53072c69ae15ffde1da5efdebd775ba9a933bb865c58e51f29bb390143d297661030acd9d1f42cf3c31eb46b9edaf40795067f5b7f9d2f8ac84174a33460a8317dce5ba855ef640d38f713831ec28e2337ddb0a42ba44b0328161caa083fa36ff734da2458d51dbe7e21d0572fe4ee9b17d8ab853b085a4e26e3ccd7590777009b1dc7ac8dfcda149a05c0472b6da18296e49d72b741bf3d9150a790507232f068bf32a87d701bda273364e413df124561afbb841b63e4bc816e16cd97604b07b67bf0f9eb6aeb338eaf3057a74ebbcf8945374d1e25bae7ef7b638f025378f8d8d5a8fdb785a650b34c3a8c745e7b22261748801f26d9118a3263eef9f4cd335c0ff67f29f401922d83346d62887d638dac1941639f6b874ce4ca43022492f28ab18502744ca1b00e1bdc72449bd22138c87687f0f8f8ef061b2a84c67a554755efaabb06dae585c1d806b2f13f62457f31f6f8e059ac937f4c5b6ca272cd586467d2a13572a28af6d7b641e91400be0c6c6cc48224b7641972fd8b968ee4267612c4e12c24cc301e634acf7191f4bb0417a195c4c0efab7ed0237796a8851851b71f899e5527e178a8c6564ee90489a1a2f5ffac354f77c4f0075d96c6602e268fc470b67c334c407ccad11897d6b385b3027640ba73a975633c7ee313d41c83962befeec37429deb389e450f8ed5e3ca407a93b6323c19019ef82534624472bc29f0ec6ae0c374bec628bdf955b8226ae32b2a8f9775fe47c8b1a40618cabc71a57b83addce5f6b24006ae8f63ee281a46d757230afe689e6ce1afeaa51eb1de47c22bd6adbd777ef985230e815751bf44176538179496c03f0422d61cdb54dac9aa50ddf37ca386e2b18e4fe1c778c1fed2efa1a91cb462fd8fa13817a10eeb8463db8af187b82cdde9b658b967a2cf56e447e5caf947292067f2f19c3728a60bff78529ce28a29254413924ccbdf5025b4a2de95850f89453ce95f258fbbd7cc74ed4caf4ce989547374285617806d214007810ca59300d5423d88f9871d04c5f8f721acf0eaf36aa68ec84956a002009e231ad01057a8544da5682e8561e6e4d8419573d4bf5f5fd0261668c85f6e646ba72ab6a8ea662b9f9ec2b9d12fd16a71d1c932c060e15d43269fc3115f0ff6775ddf5c4bedbcfb402bd61ee16b829a225fa18806333c473437879cc780366649c48977b660adade9247fd1b718411736a6a5514a6cda07152cbabc55b6167edfe44796784ae03b22d3d76f0a7281122627b9bcb9fe722a11d95e5a3b2d8643f3635b19e1e96ad51a416bad2eb69d6b0741e64e2706d7844f8be915f42a38158a05031bc4d75fefef6b4077d3124c7a390bccf744e27afd63de396b06468294149738b2e0d419620ddc626abd78bcab340244440e8bd7adcc5b4cd4b9c8871e2245061c64ddfd3ad4011729ce7221faaa738598f7aae41dc93c45a0c8af8146ef9b969ce023bfd5293c8c294b215bb56fc37a6f8ab0b7034d191c3de22c5ff8ce8d7903da2694b94b7463d18b4ab1cee5639521fa37265b305faabc02bbbbfd2dd891eda117c2246c6899dc0f73aa3752b4a55cec7526c66bd27a27f4120b6c41c63e1b4f92359bbb2b457578c76b81f28db13d9d2a9ae6d9a247b59714c968794922a825486b53ca0c7e7d1c1965586fda01188150e2eff828d2c30eedfaa4c04f697ae4e745dbb72598c46acee3e27668088fbf5bba017e2f4d07e095012f69dab4e9bba7e00a9eabe5da79f1daf67faf98b07b1da1f3286695ca0d7cdf90f329dd3d9b27bc3f90bdf783fd6fd4869684d1e8a68df3314e765dd2f91e97e6ad79090a9870f021072861c56ca07c06342c4ad386797833594192a3b9a8529bbcf0c010028b860930c612935af6f258fff02a79fedd913b4803bdca818d4b5ff20043a589929b6400a88e301de9a0843ec35c66acf067924a72d1622b7de815de8d6b5e474290b6553e9c4b47d58c8d4e1b090e8c30ef78c25aee56d478cde2efd1d9fd1b4a25eb12bfb1291119aeebc82ad128db518f9f8b419945fd527fbf1cf951c7792f0ecc04680a89db4ff5315b75a0b3e7befe5b0871e1ee8a814dc3d6cdfe70daaf86dcd5459e578a71b7374713976ee82dc201d3fd061107f035de59dab97a99d5e2cc448413b480aae7e6e2d967f44472bc0bbb89d3ebae25755e8b9990a6cff67de2ac9eee20e53598d0f26a704dfd136e53ff3093780bff4480ad6cef2bb79fdb861fbbbc402c665386adf144ceabda2942548d9acc6bd215249df61c8f47ec08654c5f3d8c4ca387f5c377993b406da054a0465946efaf30802fd5603c9a5cd580ded6ac1c93872347e948ecf60f0e55dddf716c8e77a7ce5b0ac72ee33510fa3afd262c69919637b34674f3c42441a5663acd7bb3e4dd06dcc45a1882409d85ec08251da8c9a789d273c2564e3c9fe56aae8e9ffe9be6bc46f79990e0462d4ab9764df75ab5e613404187fb9bab7586608f2cfb256c43da308069bbbcb743819c0e526a122a6d48a5b86ae34adb7cc5eae5175712928b5fb8264c544cdb8a4e6321545e3eba9217ebc68419500289f7ec11e996cec5f664f2bba7543bf5dd1e0cffd51b0d69e6e5b430361d5a496982f3eca585c9bcfc0746a07b3eeff65809ca004c01982c4068aba97feeb31d4b1d56dbaa2226aae48a256edc7231bc308ea78d020bb5f75ba564bc6aa8e6b612802ed2617a55c4e622e048a968ef71950786a3f214b77579f0be4b25311db0c65c324ebaf0adf6ece639b38a1a8d56bfa5a60eb8fd89ad8551459010c0b582a83fc06ed9974926a1cd685fef10ad90dd564aa93ad9e7d418640a61f0981d2135a60d046494cbd373c8f3221b8516e5c150a91040561c4f1b2fa25b6192971e36e31ced97a86774aa2c65af0a325c79ea48da42ef91326297bcbb2dc6f04c0bd9e546d51332d8cff855eeb9c504f3ff8966dd21a04111308d3dac0653163c69c7def1f9f5f612fdafb54f8ef9b0b7303c25c787f05a0664a4d2ea20187f8352a253c553d437bfbda19ef4453a26aea98b3dc9e5c9db176c33b57c9fef2a6f552a947de8208a17b53bec42c19b96607681989fda9eb196cc187cd0d18d7814c9aae76c044ebe80999a9e8eb457b48909c93b98817c374d517ed2a9a15cc56aeb071455fc580fed28de15811af05d5b0258390e970ae62ad059e9a6a14cd52fabe6bb35cc05c9418f92636ec180d3cd2e1b60933320ce36521b271f7825dfb9588b279b669bf43ae955f7f3fc63e3d3249422eb320b40621efe7ca037f5487efc6f54e768e2ee3d192edeb444beb7467956836b94dc6df8bed348a776a550a06985e9e5fa2cd5bd651abdbe15c21fcd8feb53ed545418108046556dba62448c33f6171adeef02ec81c45d092684654b0d91158519a212e241d59d65886e9a2938a1674fb38c88911dc1367123e41b104c73278452f32de40e9ae02c78eef5efc9f985854560586e92c36f2d5c106d7e7cd374e7b815d6eac1023637fe931ac1c427200732b392d221eba44186139e71ab79bea168081df748de32c1fbc3d7036d92871b701160bb10f33a22501a3c46c4a36d6f27e0cd3ecb7050be93f2ae94837a4daf4e33dec5133844eaa992a336790e3136545415a1c04a9b9804bd19768b546491b4c9546703dc56dc8f5892d94c52b9fe2232cab2457d2930b4dccbd87c1f6397c03998417c87d66ab30bcc3661ca2f0a26403924d884cd191fa8592e0462f84184fccb8cbaacbbf467eccebe767cd069fa601175744e7f7ad026d06124f2e7faa85c7ad2eaa7b4472a8d5299a29f7e98fff4adc92e4b6d4cc43a2074e81b65118a49062b93b3da7f1629a6361befb11d759f66cd1365ad9f35cb93b010d098c8cbefc5949c6ff67b722541c45cf1e115c10ddb0f15e7683420a082e3ac3ff796c1e22fc3332511046d82244d95063251aa21a82cd38dc40bbfd83ef5f1ac1f71bde67156d95a0f0516487ba86dbf12df1b85713043f5e1e6376f0d9e4d9d642d9e54314e7fd5cbb68862182bdeb4630bacaaf424b0fd83081964783eb007988603eb845a54b8dbeac198a9f9e3ecb2a6c88e6fea5c93974e8092b524c1995595962a7b227ac078b97d038b8dc2375e3a4cc55eea8b374ce3e9b05bcb2dcb54394ce89d2a9452f2b439876d49b7a85e8cc7065539b6234f3afc7b2dbc2f9c7568b5d5a202e3dbf9830ed407b0503c08c975a2698671e92184d15ab5da3c22fa8ffc887bf881607ec4139b16a1512665b27aded2077a29c57eda1c4e7a65c44194a259aee8c05c588c183bc0cf56c3c45a89efd62e6e135199e36361ee471a8b77c202903ae032bb102c1d46abc96683c78784c132590f920d98211a4fcf9dc65592be67a32be8377809c5e0a907fc3ecc35ac5b7a1cb2a7b77a6f7585ce55dfe31d0d560517eb2fd32245bb4ce22d66c066c12a4fcaa5777fed603d3d74319bf0daa7537322917e30e123d93e32f2cfb9e9bbcc4b7d16588d76968a06e236d90303913c62b6e203dc3c7c89a81dd7b9766c17aae2a7bd83b780f55fe9691b401eb65f57c1c18c8e0236c8b19f765e96aba8fefa8a97a0f5192b68020c13588d8db6413f24232ddd9971a0192c470c8cf4f00dfdf036f0eb4eeaf40c3b9449110e0ef5b1bcbf3e70effc3ca5f109d45d31894022cd243d992cc648a0a8eacbe55e93901b69e2388267c389998dddf838011728cfa3a08dd1e0ebbfdd577c523f4fa74d296da25f8b0422e9f56741a0a397636dbd7d8a841c58288ca99ce90f9300ae557f8eaf3dc715499ebd0a8c00b77a14c53a3992ebf6dfab514bace8f19f24a6d827f3a9c9aa8db859089afc8700b7765bd797691477b5afeeb216cb97206e1e2afa4c2138cce0ff9ec258cb553275be07b5fd6049fa2d30b4bb49afa65dcd61f061ffab83a855403aff43c61bb208ad1649a45558db1e94ebed8328dbe43cc62421754b106a722cb6e5d4436192ca43152bba5b7011b749cd6b36e7ab45d9ed9d38924339b514c6583dc3e3e2c5d814543f67effe696d6b19e8c58d8f4d13073b5316a92db0a7f0cdf900e4e3856af10d168d4303cd63b27963c5a0d8882489831141142f51e58bf2612e8dd204aa2e8954938767ce651061545b3b833545f102567dd9e3102483e95c0060bd5a1cf07473dda1f0c7ba78bb8cf4251788797ca5001a7c4e0c12fce1fd05036cc926b9781a80f33bc732bec2a8d828b2dc9365ddfef37fa08c817b9097ca030a53560a69a5170ec8f04750651490ae9b384f83141cdde8802d1c72ebf1ad671666c49e8c303c9512f385b57d686375621c9caff0996c35d399cc427e1a1085f885dde8926f9e9b93ade108a6bdc80b1c74a65b8f87e2ac6f4c5e33d365890ea121b1e1888fe04fd6e1461a2631a6df24017c376c15f0f46e0090261cb96f14242af61201b5eab79e46dc0002da1c6962714bac202149bb209d3f03cba5bad23ddd883287835841ff6e4ce9982df577aee013afe03603c1f857ca91c6626e3f98b4ce9623df8abb630fd67d349246cc460bfdbd0bee561634688b4412395afc6d189fa23c58a0a84e3ee7d2ca49796732bc7063d2d5bce08e4ffa2ca439ea78dc5a3001235b79878bf8a51e252d70d9960af1bb89f85444c5ee39e60d7fa0a156154d14bd4dbfc9df6fd86dbe88eaaf063b1dacb67fea064fa0abeece1854ea761992e877980270bd9939ab0484e5a7a6569408d2de90d768849d8fdb0f891d3d9222ae117ce82c969c8d12ff1d152f6c6e83a253882b63f82c3171096a07b2912cbe9271007b49df8c958c139fd23b0850e11a4377010b22006392e5d71d8e0c3cb460d7ea8cc9cce7d70c6f029d561807bb157b29c69207043495175c01e83d76f477df4816023b65b2e48a9befed7cabcc09e93a78a86c0b00a46645873a41b10cfac3992169d3982b04a7e7da238491a222b38d6cd00a33caea43f8c75b7becdaf9c8766d24aee3605b710f656dbe125b4267a1256c97b08c9e6a258e2e23b30b762f579a551c8066e56301a4c829df81f214d7b9fdc5f25cca6ab38c47682ce495b7476315dd825f7e87964117c7198f70e77b07a30d3f04ca32ce97e00b0c610dbdf9ed59c7afd502a47bae24458d1546caff557849a30f6904ac842b9620fd0fe2802d4e577dd1bed96cdf79df3dccaf2bed465ee39bcf03a63415dac0d6398389d20294a913191a50add239f2a29843e8ba86ec061b2baa61e8013e87c9f943955b69ad834d2e5ad6ce3b25f9b9be509dc04c8402db9bdf9df9a0141862cdcdbfd3f216ff480b038e72aef9ab8d6d3d1c1d4441f712abf6aa52ba17f10cc439a61bdf6c3e471d53083960663b8f8cbb2fdc48557c798526bdef3efe228cb87f21e25c986c7e2dc120b0f1c43a21600754856dcebda7c4891ece0e01d0c971ce4ac580083cbdd51703e41acf03d890c76b7437f155c7af03b8621f1d62072aa2cc60f283aba24d39e7a3a82dfb0cb7eaf6024eb347f195e282451d04399291d2847ab934d81210bde1ff4b8a66b3ddb37fcc866cff035cafc72e575583621644373e6df3e81d36c3988bebcc2154df1c621aa96b294692f429d9cb1fcc2550b9b0d0d72d78833e1ac777177dad0b7c4cdbc0bf51c9b4ce27b4ee70cc42a84c3f51091a2c00a857af7f6034b865098d0144b0ef142762daf0eaac00ab266fee352798d71139de1f1af937b8d21fbc124f537cadd67062ec34bf0a21aded30075c0345ee73cb3f5e1fb2addcbba9fe8691a9aa9ab8a37d229406b7eb4385371c339085ff4166e8ac6c60f8e1829382fc355bb7959a3bf798191fdb4f86abded2594dc898d6e4b62320031dcfdd3fbd498243f1cd9a442830b76f75d1dbe0f682e74290675b33aee6f8f4271d46d3cb94a6ba4e788f2724ec8b617e36b3a74b49950ae2e263ef5e71d44618461e7f02d30dcf4ed16b32fce77992207be6d892528d064f74711afe59376fd7fe10ace16c1ba9164920c077fc32c74ba2bd9eaa1b6edcf91f16dfab63979494585ffa1f57781ca767fdb7dfbc0de3953af58eae8d06e357558827307d2baeccd6035dcea3d6efbe84ed3c558880f30a7630ac190fb7aacd1a31239ecdc2f2ea301b57ab80951c5fd9e14f570eec0962b1e51e77cc46759bb189f0be70a116a5a196c0e2743850e4d7e65402df56cf2b00e28f67cca2413b13c3d1595aa05270418b16389a0235862e154069ece10f321bf259e83c6b64a09a3a1871e96178613a0bfd50fdd77ca06f2502f82805b6f238fe104599ef6c4a46a54d0c4be06f8c4d3a9c4812b50932d4482b8e522a465535a81599b5af6eb1d28d1d8036df2d3a5e66f3907d589f44f2bc72a0e0db8c8cdc27a34ec3f086624b1142e13", 0x2000, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x44401, 0x0)
io_setup(0xa3, &(0x7f0000000200)=<r6=>0x0)
write$binfmt_script(r5, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
io_submit(r6, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r5, 0x0}])
dup3(r2, r3, 0x0)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r1)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="170900000000000000000100000005000700000000000800090002000000060002000100000008000a000000000008001800e00000020800190041"], 0x44}}, 0x4000)
ioctl$sock_rose_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000000)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x2, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={'rose', 0x0}, 0x8, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket$l2tp(0x2, 0x2, 0x73) (async)
bind$l2tp(r0, &(0x7f00000000c0), 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) (async)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000004000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020) (async)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50) (async)
syz_fuse_handle_req(r3, &(0x7f0000004200)="bc799292537d5b253c9ba57217488203490ea9a1b54bc4a83a866878163c12bdf9750d245d6766e70fb9105434e4aa7d2fbd4ff6956750a685c3d04430f3ef374bb4fd70b3be3c140e3cc55d627a667cda0e467bc44dd18a51c73eea0d1fb80be570b9f5fb8052a4f958415c91d33c0df8c7f8c35490b4b00bd2ffc159cd0ad18cf3fd2a04ce585e40b8a5daf574ac67da68b510e7df3d23bf182381ea080e47241bf881fe0f4c88280652e1118bb72c5a63ad1736aa1d6e8865bc43b76b213f25925e55d59b52995ce61360066ae999ce2781bc477dda788254c3ec7f4fc4b22e9221c383e32d000fb6aa92f73c44a63f7afbec2587c5388d2e5c8da2040543a91e732a8f87c760e2d69d13af9be6c0528a88f3bc345548e54ea1b0c65bfb965a63fdf8de370e91aba80e74290274ef1a78ccbadcff9c761a757e0bd0bc58e0dc9a7d60328fa763ee192fc8aa50a871d7e55ece54aa2f6898a90c7bb9ec9ca170c1ff5b13b28ae78d0f1174ebeef76775d5bed17c2b89abfc62d12d1c9b9a37954fb6b00b1aee434db784b3806c6cb89086009deee170e0e73cdab98b3477950ebef5142b4c2b0f417b16c0245be1bfb0b67fdc0521d897ac4d3dabf1a716077afbee36913af1513194b21e7f7c2f90ad8663047c23558efcdc70e40c8b7fab846e56fc91733a8e07647f06af2345d154a7c75aee33355f34d46240278bd6f21e327c7e97e63802bd2a1d16d52907b74e5583ba8b5501366dd18446910dae5f3f7b8a2ea5d7f45c6ee49aca5f165fdfd1f93a375305343c410c0770940978b1287052fd7892c37c23972ab786afdcd187587ac76edfb0fcb41aa4f41cc19364ea6a77b14cafd06b033d1c24c43befe5af1962b4a6d75ac56ef58728b0feacf1dc82fa1b38e21399640cb60612c719caf5e4454c185cc073061dfcb5a770a4b86d8ef7b35c2af67e1cac9a3c34f1b052a35539b962fcd67cd6806623e0dd67c6306aac7a5c58c6d2efeda9cf7f2db40ece73bf42c646eafc2430550bec894dbb83aab067d2d4829547a1b76558b9f35a133a7f3edbce96f9a72be66a0ebe6b69ec4d29c66a3bbc5d6586b574ccdeb73156cb4ab328b554c1677a6ed582f7682d49acaa5855deee5e1d81318ab07ba67d86c137d2ac7f4f76b031d11a1923c98e71f3bcbe1b800644f2eb9fffadd9afb82c245d77843dca50ab8025ccbb8cf386effa82094e364092d2512e54900382e5ee735e34e6a2f8b5baa5ede27fbfd24a49ad1140ebb569066d7d6ab02b25edc769a93dd71ad5592e0fe31786c36aa7f564724578dbbfbfaf8c35e5a6054fe17c9ecb5d4b5e8b928e2829275329d0922113a2b04c6bede4638be8f45212d744dc9cee3c29a6e603c234c11bc66b1965495d8523ca5cb58a38b4a9e3d6785942de4184489e4942b569d2215a4299d04f0218084eaa8a06ded775beeb0ac6ef7e1c206c292fe843d268aba332a61be2e5322d4401dced190685551a99ed52b18716b4acb0277cab6cea3b8e663e1630262becddbdc946e60e56db3037813e5ef41d36394eaaf151e03a18552cc68a83cbceeaa8a2f55ebd40887bc997faf5c34341dc73b40e5f506dae635797bf613e62c26179a2030bdafe679a556f4cf9df9ea34383e4654620f1aa1375edfebaa3d71538bca6b569dd527dc5399b9e36a03b2e4ede39b3588bbb73c9312a026898b4cce7157ca9fb2ef796cb444dec8f18b5423a76575624c6b252591311a550bfc9215e960a750cb98068ceeac72d8d84e45a2da3d13c271d289056b05e8b461d11af6d3837a4c93fc1d1156c5e8f344a23f25751c2b0a76183b557dbe1cce72db5af87cde68687ae15c1565473b1d4cff1b4a5ec86c822d8162ab6ab2585779f6d0ac1641483fbfe40b48cf3f3bff80a8a39656b1b9898dce0b582c19a4640a9c8e16b5f00b9e5adaf46c0cecaf9a442b5219a355bcaaab37fa803e99e19f15ef18ded87cc0aed4eaf8b2f94e1483a08bce983984c4e825b50af986b6f8970c26d1097ff4100e54c64e496b2749bd76a5c033a95332bf3342efdfdea05572b29272b28d1e888e9981e8ec5f785ba05eb7ea23f4549634bf4e4b13bb927cdab6162feef4cb7420b8dcd1fcfc3c43cca3d8633ca9c6d254b66e78f4be6718b98347a48cc731cacfbe6cdb5c63b5763da2899af7bca8496305bcee9fb3dc0875fc76b3695089e2d9e8bc50f9e4b2df4a42b09519ec3f68c6d8a704982711bdecb39194f39c9b7e37eac10cbd39a829edeba7eae8e09035ec6b06812d5e7368d8f470ca242b416a69f77b355746dcb6035bec6e94d958ee8fcb7165ae9f274e5dc8a74e2659c1149e4b039d5c29cd6f0cb7874a6399eae48b55a38ea1996d3f8786133a8c74162923590b22cdfd0edaee864e0a34ae5aa3351c5867c39c279ff1fa33846acdc8a92e933bca9c695e5fb1b6e6b039edddf47d9564781e55cb7e7f868addf1ce148553d4a5b7e06aa0621ac4a05a582d4b1fd63fd37e095bdc27ee0a153beef7152d6039de3acc8e784a72bd362c82706267438b75a96e6f03ec0fc8ef481c5f7737fc528f19a2d48294fa0150aa5aced5ec3f450de1e22aff07eb36d4d68e8a8380245edf23e344a9fa863af9347f30a05de00a63d667c3125c8bbf069ebe7c6aecc9e87827e7f34766ad7b23964f40465bd08232c0a30563ab28deb6e4db6331b159612796caf5ca449b5ce3f1acfec653321fbdbef81e8224e903883350a4e21aa47f60ec5de0c55cb02039b9814e3dafa6f154634ed7a162d58b0454c034a9e90e1010b474a03bc1d41d4c5d27b08a7344569dcc09264aed75a0dfc598a6ae8cd9588e27716c7a4f2efb45231786930cbb18efaf4ea763476e41a5a9ca5c3d59749c7e1cd93095899e83ca48d54239d450a319ae197ce3eafd152ff8b9a0f8e100d56451f8e6caa44ab7a3134c60f5bbf73a9da2c535515d5b00214faf263306a50c170aee2e7ecbbbb3aa1180455ce84682d7c3e24a5d538dcdef860ba0fb701c5ce5b04a2d39500f155a0e4b56b5ddf286c707dbb3fbbd63242e9cf6c93320349ce32ca565e4adede973d0c11acc088a0065cfcdeca3b6f82ce1d78e486cfe3e032c6ae89038601080fe7123f0eade75ab009e4ac1499e5120fa6dd4c2a8a7971226abaa2b9da4cec1e9992e191329b48f75bf53abfe999a8b5b62b6f8c518ce57e3e9e5c69557a50cfb335f739b39e28ce72fb0de9bf1d53235d1a72dafc655c63bad9c4d7241cdbc5bea58250f7275cd0441b900c08773d2183516adfb58779c7db61767dca591e3d569d697a57676754d82b7c4653a3ad58594e150f65990ace27e1d75977c21fb5a896cea461936788a2056ba465cd5d0ff9908a562cd1214cd94525a94d010c3fa61f66e083f0b81f6442f4e093918fe5d665dc29ea220719069ec6e58e5beb3de896bccb56265328ed557a47ddfd4c2cff25b54aaf0676934590477e729e1f16151183e965d08a1e9843e0afcc42f172fbced9eddb4b6edd2e8918237f71984b739ae2b2e8939d9e2d9b10dc6b68385a6c50c6fda6c8adc2630a51de089e67e8cf8617d4c07387c06dc0877fb8e6b3d304be8419e3fb953694510862b4c220eebc71fd4cd46b7ba297a854db047dcc2111c1ef21e0d82868178e1f4d2a4a4c02f4ff591214faf055876ec6255424661a96e0085147edef49cbeef220384258ff89d1b846da162704c212570bd05bdc7a524e5aa43baa5a4856360fc43e4e0a019d4db3279c3703bc2e711463591e530bca412ff4f19047fe3ff3ae9f253e0cc11a9d7438e95ecbe2465af4dcba3f5eff37dafaec35a7e8c3d6cf3d67039938ed44047b84ce1833f3d16a361db64f7c1776cf203beb2b9ee6223b1676afbe989257b13936cd03b8df5beac8d4f9b1b3811be02e15b53161d06884fa5bba4a0075677dfc878546cf09be42d48d4e8b6c8560b30de6b7a1a54e6ff7c40e80c0f59ae644cc31013eab9e1b4065a247c6d1c6cc099b88c6468ee65d3a612f28f19b66b4f35222bc29cf835d514e08e6d3ff032d638caa9ef9792ff4e4d71ca0a4f319508e1abcf06fbc6244d8d8b23d8c65b519fcacb4ab3679e2de87e97c28ab219a1fd49e51cb987b9e64e642183c7b6f8e53072c69ae15ffde1da5efdebd775ba9a933bb865c58e51f29bb390143d297661030acd9d1f42cf3c31eb46b9edaf40795067f5b7f9d2f8ac84174a33460a8317dce5ba855ef640d38f713831ec28e2337ddb0a42ba44b0328161caa083fa36ff734da2458d51dbe7e21d0572fe4ee9b17d8ab853b085a4e26e3ccd7590777009b1dc7ac8dfcda149a05c0472b6da18296e49d72b741bf3d9150a790507232f068bf32a87d701bda273364e413df124561afbb841b63e4bc816e16cd97604b07b67bf0f9eb6aeb338eaf3057a74ebbcf8945374d1e25bae7ef7b638f025378f8d8d5a8fdb785a650b34c3a8c745e7b22261748801f26d9118a3263eef9f4cd335c0ff67f29f401922d83346d62887d638dac1941639f6b874ce4ca43022492f28ab18502744ca1b00e1bdc72449bd22138c87687f0f8f8ef061b2a84c67a554755efaabb06dae585c1d806b2f13f62457f31f6f8e059ac937f4c5b6ca272cd586467d2a13572a28af6d7b641e91400be0c6c6cc48224b7641972fd8b968ee4267612c4e12c24cc301e634acf7191f4bb0417a195c4c0efab7ed0237796a8851851b71f899e5527e178a8c6564ee90489a1a2f5ffac354f77c4f0075d96c6602e268fc470b67c334c407ccad11897d6b385b3027640ba73a975633c7ee313d41c83962befeec37429deb389e450f8ed5e3ca407a93b6323c19019ef82534624472bc29f0ec6ae0c374bec628bdf955b8226ae32b2a8f9775fe47c8b1a40618cabc71a57b83addce5f6b24006ae8f63ee281a46d757230afe689e6ce1afeaa51eb1de47c22bd6adbd777ef985230e815751bf44176538179496c03f0422d61cdb54dac9aa50ddf37ca386e2b18e4fe1c778c1fed2efa1a91cb462fd8fa13817a10eeb8463db8af187b82cdde9b658b967a2cf56e447e5caf947292067f2f19c3728a60bff78529ce28a29254413924ccbdf5025b4a2de95850f89453ce95f258fbbd7cc74ed4caf4ce989547374285617806d214007810ca59300d5423d88f9871d04c5f8f721acf0eaf36aa68ec84956a002009e231ad01057a8544da5682e8561e6e4d8419573d4bf5f5fd0261668c85f6e646ba72ab6a8ea662b9f9ec2b9d12fd16a71d1c932c060e15d43269fc3115f0ff6775ddf5c4bedbcfb402bd61ee16b829a225fa18806333c473437879cc780366649c48977b660adade9247fd1b718411736a6a5514a6cda07152cbabc55b6167edfe44796784ae03b22d3d76f0a7281122627b9bcb9fe722a11d95e5a3b2d8643f3635b19e1e96ad51a416bad2eb69d6b0741e64e2706d7844f8be915f42a38158a05031bc4d75fefef6b4077d3124c7a390bccf744e27afd63de396b06468294149738b2e0d419620ddc626abd78bcab340244440e8bd7adcc5b4cd4b9c8871e2245061c64ddfd3ad4011729ce7221faaa738598f7aae41dc93c45a0c8af8146ef9b969ce023bfd5293c8c294b215bb56fc37a6f8ab0b7034d191c3de22c5ff8ce8d7903da2694b94b7463d18b4ab1cee5639521fa37265b305faabc02bbbbfd2dd891eda117c2246c6899dc0f73aa3752b4a55cec7526c66bd27a27f4120b6c41c63e1b4f92359bbb2b457578c76b81f28db13d9d2a9ae6d9a247b59714c968794922a825486b53ca0c7e7d1c1965586fda01188150e2eff828d2c30eedfaa4c04f697ae4e745dbb72598c46acee3e27668088fbf5bba017e2f4d07e095012f69dab4e9bba7e00a9eabe5da79f1daf67faf98b07b1da1f3286695ca0d7cdf90f329dd3d9b27bc3f90bdf783fd6fd4869684d1e8a68df3314e765dd2f91e97e6ad79090a9870f021072861c56ca07c06342c4ad386797833594192a3b9a8529bbcf0c010028b860930c612935af6f258fff02a79fedd913b4803bdca818d4b5ff20043a589929b6400a88e301de9a0843ec35c66acf067924a72d1622b7de815de8d6b5e474290b6553e9c4b47d58c8d4e1b090e8c30ef78c25aee56d478cde2efd1d9fd1b4a25eb12bfb1291119aeebc82ad128db518f9f8b419945fd527fbf1cf951c7792f0ecc04680a89db4ff5315b75a0b3e7befe5b0871e1ee8a814dc3d6cdfe70daaf86dcd5459e578a71b7374713976ee82dc201d3fd061107f035de59dab97a99d5e2cc448413b480aae7e6e2d967f44472bc0bbb89d3ebae25755e8b9990a6cff67de2ac9eee20e53598d0f26a704dfd136e53ff3093780bff4480ad6cef2bb79fdb861fbbbc402c665386adf144ceabda2942548d9acc6bd215249df61c8f47ec08654c5f3d8c4ca387f5c377993b406da054a0465946efaf30802fd5603c9a5cd580ded6ac1c93872347e948ecf60f0e55dddf716c8e77a7ce5b0ac72ee33510fa3afd262c69919637b34674f3c42441a5663acd7bb3e4dd06dcc45a1882409d85ec08251da8c9a789d273c2564e3c9fe56aae8e9ffe9be6bc46f79990e0462d4ab9764df75ab5e613404187fb9bab7586608f2cfb256c43da308069bbbcb743819c0e526a122a6d48a5b86ae34adb7cc5eae5175712928b5fb8264c544cdb8a4e6321545e3eba9217ebc68419500289f7ec11e996cec5f664f2bba7543bf5dd1e0cffd51b0d69e6e5b430361d5a496982f3eca585c9bcfc0746a07b3eeff65809ca004c01982c4068aba97feeb31d4b1d56dbaa2226aae48a256edc7231bc308ea78d020bb5f75ba564bc6aa8e6b612802ed2617a55c4e622e048a968ef71950786a3f214b77579f0be4b25311db0c65c324ebaf0adf6ece639b38a1a8d56bfa5a60eb8fd89ad8551459010c0b582a83fc06ed9974926a1cd685fef10ad90dd564aa93ad9e7d418640a61f0981d2135a60d046494cbd373c8f3221b8516e5c150a91040561c4f1b2fa25b6192971e36e31ced97a86774aa2c65af0a325c79ea48da42ef91326297bcbb2dc6f04c0bd9e546d51332d8cff855eeb9c504f3ff8966dd21a04111308d3dac0653163c69c7def1f9f5f612fdafb54f8ef9b0b7303c25c787f05a0664a4d2ea20187f8352a253c553d437bfbda19ef4453a26aea98b3dc9e5c9db176c33b57c9fef2a6f552a947de8208a17b53bec42c19b96607681989fda9eb196cc187cd0d18d7814c9aae76c044ebe80999a9e8eb457b48909c93b98817c374d517ed2a9a15cc56aeb071455fc580fed28de15811af05d5b0258390e970ae62ad059e9a6a14cd52fabe6bb35cc05c9418f92636ec180d3cd2e1b60933320ce36521b271f7825dfb9588b279b669bf43ae955f7f3fc63e3d3249422eb320b40621efe7ca037f5487efc6f54e768e2ee3d192edeb444beb7467956836b94dc6df8bed348a776a550a06985e9e5fa2cd5bd651abdbe15c21fcd8feb53ed545418108046556dba62448c33f6171adeef02ec81c45d092684654b0d91158519a212e241d59d65886e9a2938a1674fb38c88911dc1367123e41b104c73278452f32de40e9ae02c78eef5efc9f985854560586e92c36f2d5c106d7e7cd374e7b815d6eac1023637fe931ac1c427200732b392d221eba44186139e71ab79bea168081df748de32c1fbc3d7036d92871b701160bb10f33a22501a3c46c4a36d6f27e0cd3ecb7050be93f2ae94837a4daf4e33dec5133844eaa992a336790e3136545415a1c04a9b9804bd19768b546491b4c9546703dc56dc8f5892d94c52b9fe2232cab2457d2930b4dccbd87c1f6397c03998417c87d66ab30bcc3661ca2f0a26403924d884cd191fa8592e0462f84184fccb8cbaacbbf467eccebe767cd069fa601175744e7f7ad026d06124f2e7faa85c7ad2eaa7b4472a8d5299a29f7e98fff4adc92e4b6d4cc43a2074e81b65118a49062b93b3da7f1629a6361befb11d759f66cd1365ad9f35cb93b010d098c8cbefc5949c6ff67b722541c45cf1e115c10ddb0f15e7683420a082e3ac3ff796c1e22fc3332511046d82244d95063251aa21a82cd38dc40bbfd83ef5f1ac1f71bde67156d95a0f0516487ba86dbf12df1b85713043f5e1e6376f0d9e4d9d642d9e54314e7fd5cbb68862182bdeb4630bacaaf424b0fd83081964783eb007988603eb845a54b8dbeac198a9f9e3ecb2a6c88e6fea5c93974e8092b524c1995595962a7b227ac078b97d038b8dc2375e3a4cc55eea8b374ce3e9b05bcb2dcb54394ce89d2a9452f2b439876d49b7a85e8cc7065539b6234f3afc7b2dbc2f9c7568b5d5a202e3dbf9830ed407b0503c08c975a2698671e92184d15ab5da3c22fa8ffc887bf881607ec4139b16a1512665b27aded2077a29c57eda1c4e7a65c44194a259aee8c05c588c183bc0cf56c3c45a89efd62e6e135199e36361ee471a8b77c202903ae032bb102c1d46abc96683c78784c132590f920d98211a4fcf9dc65592be67a32be8377809c5e0a907fc3ecc35ac5b7a1cb2a7b77a6f7585ce55dfe31d0d560517eb2fd32245bb4ce22d66c066c12a4fcaa5777fed603d3d74319bf0daa7537322917e30e123d93e32f2cfb9e9bbcc4b7d16588d76968a06e236d90303913c62b6e203dc3c7c89a81dd7b9766c17aae2a7bd83b780f55fe9691b401eb65f57c1c18c8e0236c8b19f765e96aba8fefa8a97a0f5192b68020c13588d8db6413f24232ddd9971a0192c470c8cf4f00dfdf036f0eb4eeaf40c3b9449110e0ef5b1bcbf3e70effc3ca5f109d45d31894022cd243d992cc648a0a8eacbe55e93901b69e2388267c389998dddf838011728cfa3a08dd1e0ebbfdd577c523f4fa74d296da25f8b0422e9f56741a0a397636dbd7d8a841c58288ca99ce90f9300ae557f8eaf3dc715499ebd0a8c00b77a14c53a3992ebf6dfab514bace8f19f24a6d827f3a9c9aa8db859089afc8700b7765bd797691477b5afeeb216cb97206e1e2afa4c2138cce0ff9ec258cb553275be07b5fd6049fa2d30b4bb49afa65dcd61f061ffab83a855403aff43c61bb208ad1649a45558db1e94ebed8328dbe43cc62421754b106a722cb6e5d4436192ca43152bba5b7011b749cd6b36e7ab45d9ed9d38924339b514c6583dc3e3e2c5d814543f67effe696d6b19e8c58d8f4d13073b5316a92db0a7f0cdf900e4e3856af10d168d4303cd63b27963c5a0d8882489831141142f51e58bf2612e8dd204aa2e8954938767ce651061545b3b833545f102567dd9e3102483e95c0060bd5a1cf07473dda1f0c7ba78bb8cf4251788797ca5001a7c4e0c12fce1fd05036cc926b9781a80f33bc732bec2a8d828b2dc9365ddfef37fa08c817b9097ca030a53560a69a5170ec8f04750651490ae9b384f83141cdde8802d1c72ebf1ad671666c49e8c303c9512f385b57d686375621c9caff0996c35d399cc427e1a1085f885dde8926f9e9b93ade108a6bdc80b1c74a65b8f87e2ac6f4c5e33d365890ea121b1e1888fe04fd6e1461a2631a6df24017c376c15f0f46e0090261cb96f14242af61201b5eab79e46dc0002da1c6962714bac202149bb209d3f03cba5bad23ddd883287835841ff6e4ce9982df577aee013afe03603c1f857ca91c6626e3f98b4ce9623df8abb630fd67d349246cc460bfdbd0bee561634688b4412395afc6d189fa23c58a0a84e3ee7d2ca49796732bc7063d2d5bce08e4ffa2ca439ea78dc5a3001235b79878bf8a51e252d70d9960af1bb89f85444c5ee39e60d7fa0a156154d14bd4dbfc9df6fd86dbe88eaaf063b1dacb67fea064fa0abeece1854ea761992e877980270bd9939ab0484e5a7a6569408d2de90d768849d8fdb0f891d3d9222ae117ce82c969c8d12ff1d152f6c6e83a253882b63f82c3171096a07b2912cbe9271007b49df8c958c139fd23b0850e11a4377010b22006392e5d71d8e0c3cb460d7ea8cc9cce7d70c6f029d561807bb157b29c69207043495175c01e83d76f477df4816023b65b2e48a9befed7cabcc09e93a78a86c0b00a46645873a41b10cfac3992169d3982b04a7e7da238491a222b38d6cd00a33caea43f8c75b7becdaf9c8766d24aee3605b710f656dbe125b4267a1256c97b08c9e6a258e2e23b30b762f579a551c8066e56301a4c829df81f214d7b9fdc5f25cca6ab38c47682ce495b7476315dd825f7e87964117c7198f70e77b07a30d3f04ca32ce97e00b0c610dbdf9ed59c7afd502a47bae24458d1546caff557849a30f6904ac842b9620fd0fe2802d4e577dd1bed96cdf79df3dccaf2bed465ee39bcf03a63415dac0d6398389d20294a913191a50add239f2a29843e8ba86ec061b2baa61e8013e87c9f943955b69ad834d2e5ad6ce3b25f9b9be509dc04c8402db9bdf9df9a0141862cdcdbfd3f216ff480b038e72aef9ab8d6d3d1c1d4441f712abf6aa52ba17f10cc439a61bdf6c3e471d53083960663b8f8cbb2fdc48557c798526bdef3efe228cb87f21e25c986c7e2dc120b0f1c43a21600754856dcebda7c4891ece0e01d0c971ce4ac580083cbdd51703e41acf03d890c76b7437f155c7af03b8621f1d62072aa2cc60f283aba24d39e7a3a82dfb0cb7eaf6024eb347f195e282451d04399291d2847ab934d81210bde1ff4b8a66b3ddb37fcc866cff035cafc72e575583621644373e6df3e81d36c3988bebcc2154df1c621aa96b294692f429d9cb1fcc2550b9b0d0d72d78833e1ac777177dad0b7c4cdbc0bf51c9b4ce27b4ee70cc42a84c3f51091a2c00a857af7f6034b865098d0144b0ef142762daf0eaac00ab266fee352798d71139de1f1af937b8d21fbc124f537cadd67062ec34bf0a21aded30075c0345ee73cb3f5e1fb2addcbba9fe8691a9aa9ab8a37d229406b7eb4385371c339085ff4166e8ac6c60f8e1829382fc355bb7959a3bf798191fdb4f86abded2594dc898d6e4b62320031dcfdd3fbd498243f1cd9a442830b76f75d1dbe0f682e74290675b33aee6f8f4271d46d3cb94a6ba4e788f2724ec8b617e36b3a74b49950ae2e263ef5e71d44618461e7f02d30dcf4ed16b32fce77992207be6d892528d064f74711afe59376fd7fe10ace16c1ba9164920c077fc32c74ba2bd9eaa1b6edcf91f16dfab63979494585ffa1f57781ca767fdb7dfbc0de3953af58eae8d06e357558827307d2baeccd6035dcea3d6efbe84ed3c558880f30a7630ac190fb7aacd1a31239ecdc2f2ea301b57ab80951c5fd9e14f570eec0962b1e51e77cc46759bb189f0be70a116a5a196c0e2743850e4d7e65402df56cf2b00e28f67cca2413b13c3d1595aa05270418b16389a0235862e154069ece10f321bf259e83c6b64a09a3a1871e96178613a0bfd50fdd77ca06f2502f82805b6f238fe104599ef6c4a46a54d0c4be06f8c4d3a9c4812b50932d4482b8e522a465535a81599b5af6eb1d28d1d8036df2d3a5e66f3907d589f44f2bc72a0e0db8c8cdc27a34ec3f086624b1142e13", 0x2000, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x44401, 0x0) (async)
io_setup(0xa3, &(0x7f0000000200)) (async)
write$binfmt_script(r5, &(0x7f00000000c0)={'#! ', './file0'}, 0xb) (async)
io_submit(r6, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r5, 0x0}]) (async)
dup3(r2, r3, 0x0) (async)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r1) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="170900000000000000000100000005000700000000000800090002000000060002000100000008000a000000000008001800e00000020800190041"], 0x44}}, 0x4000) (async)
ioctl$sock_rose_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000000)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x2, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={'rose', 0x0}, 0x8, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) (async)

437.572983ms ago: executing program 3 (id=747):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ipvlan0\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)={0x38, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x38}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ff"], 0x230}, 0x0)
mkdir(&(0x7f0000005800)='./file0\x00', 0x86)
setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000b40), &(0x7f0000000b80), 0x2c, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
fstat(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xee01, r4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, <r5=>0x0}}, './file0\x00'})
mount$fuse(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000100), 0xa40800, &(0x7f0000000440)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r4}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@max_read={'max_read', 0x3d, 0xfffffffffffffff8}}, {@max_read={'max_read', 0x3d, 0x5}}]}})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

436.445941ms ago: executing program 3 (id=748):
epoll_create(0x0)
inotify_init1(0x80800)
userfaultfd(0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x3, @loopback, 0x4}, @in={0x2, 0x4e20, @remote}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e21, @private=0xa010102}, @in6={0xa, 0x4e20, 0xe, @private2, 0x4}], 0x88)
prctl$PR_SET_FPEXC(0xc, 0x100000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_LIST(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, r2, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_SECCTX={0x13, 0x7, '/sbin/dhclient\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x6c}}, 0x20000040)
prctl$PR_SET_FPEXC(0xc, 0x100000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
clock_gettime(0x0, &(0x7f00000002c0)={<r3=>0x0, <r4=>0x0})
futex(&(0x7f0000000280)=0x2, 0x4, 0x1, &(0x7f0000000300)={r3, r4+10000000}, &(0x7f0000000340)=0x1, 0x1)
recvmmsg(r0, &(0x7f0000004600)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000380)=""/1, 0x1}, {&(0x7f00000003c0)=""/39, 0x27}, {&(0x7f0000000400)=""/189, 0xbd}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)=""/40, 0x28}, {&(0x7f0000001500)=""/110, 0x6e}, {&(0x7f0000001580)=""/161, 0xa1}], 0x7, &(0x7f00000016c0)=""/2, 0x2}, 0x4}, {{&(0x7f0000001700)=@in6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000001b80)=[{&(0x7f0000001780)=""/110, 0x6e}, {&(0x7f0000001800)=""/100, 0x64}, {&(0x7f0000001880)=""/246, 0xf6}, {&(0x7f0000001980)=""/39, 0x27}, {&(0x7f00000019c0)=""/105, 0x69}, {&(0x7f0000001a40)=""/7, 0x7}, {&(0x7f0000001a80)}, {&(0x7f0000001ac0)=""/12, 0xc}, {&(0x7f0000001b00)=""/66, 0x42}], 0x9, &(0x7f0000001c40)=""/219, 0xdb}, 0x5}, {{0x0, 0x0, &(0x7f0000002e40)=[{&(0x7f0000001d40)=""/4096, 0x1000}, {&(0x7f0000002d40)=""/225, 0xe1}], 0x2, &(0x7f0000002e80)=""/12, 0xc}, 0xf50115f}, {{0x0, 0x0, &(0x7f0000002f80)=[{&(0x7f0000002ec0)=""/129, 0x81}], 0x1, &(0x7f0000002fc0)=""/4096, 0x1000}}, {{&(0x7f0000003fc0)=@sco, 0x80, &(0x7f0000004540)=[{&(0x7f0000004040)=""/69, 0x45}, {&(0x7f00000040c0)=""/67, 0x43}, {&(0x7f0000004140)=""/135, 0x87}, {&(0x7f0000004200)=""/194, 0xc2}, {&(0x7f0000004300)}, {&(0x7f0000004340)=""/249, 0xf9}, {&(0x7f0000004440)=""/218, 0xda}], 0x7, &(0x7f00000045c0)=""/48, 0x30}}], 0x5, 0x1, &(0x7f0000004740))
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000004780), 0x8000, 0x0)
mq_timedreceive(r5, &(0x7f00000047c0)=""/186, 0xba, 0x7, &(0x7f0000004880)={0x0, 0x989680})
prctl$PR_SET_FPEXC(0xc, 0x80)
mq_timedreceive(r5, &(0x7f00000048c0)=""/156, 0x9c, 0xf0a, &(0x7f0000004980)={0x77359400})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004a40)={{r5}, &(0x7f00000049c0), &(0x7f0000004a00)=r5}, 0x20)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000004a80), 0x212040, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8924, &(0x7f0000004ac0)={'batadv_slave_1\x00', @broadcast})
getsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0x11, &(0x7f0000004b00)={<r7=>0x0}, &(0x7f0000004b40)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000004b80)={r7, @in6={{0xa, 0x4e22, 0x4, @empty, 0xf71}}, 0x8, 0x8}, &(0x7f0000004c40)=0x90)
sendto$netrom(r5, &(0x7f0000004c80)="c4ffcfe0f2f92025e4c120daed71705f6b9ed55d0ee66724cb4237b00fa271a8ad1988a6d244c5b658bb2eaa45570e30f1008150c8bc1d95d2fbb3cfe7921a238eb71e551c6f3f864a0d304f", 0x4c, 0x80, 0x0, 0x0)
r8 = openat$incfs(r5, &(0x7f0000004d00)='.log\x00', 0x1a002, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000004d40)={<r9=>0x0})
r10 = accept4$llc(r5, &(0x7f0000004dc0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000004e00)=0x10, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000004e40)={r9, 0x2, r10, 0x8, 0x80000})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000004e80)='\x00')

368.204681ms ago: executing program 3 (id=749):
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1)
prlimit64(0x0, 0xc, &(0x7f00000001c0)={0x8, 0x100000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid() (async)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x1}, 0x6e) (async)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x0, @private0}, 0x1c) (async)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x0, @private0}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x26048851, &(0x7f0000001380)={0xa, 0x2, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r2, 0x0, 0x0, 0x26048851, &(0x7f0000001380)={0xa, 0x2, 0x0, @loopback}, 0x1c)
shutdown(r2, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000400)=0x40)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="24000000020605000000000000000000000000000500ff7f000000000000050002000000"], 0x24}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003100), r5)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r5, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYRESHEX], 0x50}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[@ANYBLOB="8feb010018000000000000000c00000c000000020000000000000000000006040000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (async)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[@ANYBLOB="8feb010018000000000000000c00000c000000020000000000000000000006040000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x15, 0x8, 0x4, 0x0, 0x9c, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
socket$inet(0x2, 0x5, 0x5)

188.616579ms ago: executing program 2 (id=750):
r0 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0xcf, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000005c0)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)={0x24, r1, 0x425, 0x0, 0x0, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={&(0x7f0000000300)=""/88, 0x58, <r4=>0x0, &(0x7f0000000380)=""/100, 0x64}}, 0x10)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
lseek(r5, 0x401, 0x0)
mq_notify(r5, &(0x7f0000000180)={0x0, 0x1c, 0x0, @thr={&(0x7f00000002c0)="c760cad1cd61f4888c5e6a4fc0fd69ecdc1a124d7f4fd17b3e5e93356d6492215d1389dd0b04d434933f720ec8bdc405a88d6e6b768c915f1b39b2d29abb1c564eb16313336f093bcc7dd0e4f526333c5540faf68d3d9dc4cbf43e7badba37f654946669d3e579c2883b8c7554201c2a76530e0ecb41ef564931bcdd2a67476f4f96a4be1cb177ab4062ce71b91b309376811a7cd2", &(0x7f0000000380)="47c37f7599ed717a1d087d0e38252da89eaa8c4aefa533de98545a42118ab92b3ce43b25069d5545e4363323637a07c34f8f0b423e129b9151a23ffaa478e5c4dbc038fa03dbbb21e78996fe3fb0d9719b2792c604b6c6964c95966a06b7de5d41cb40744eb3880e13ae4261dd773d60f0c4d20a4be5cad70f2fa6acdb9458e53a05b37df99c334248c0689b97c813a9c3341f5d1179fab3ceed37c3234aaf7032fb5f417dd6e344cbdd70b302f438ee9b84aa019a7182b825"}})
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00')
faccessat2(r6, &(0x7f0000000040)='\x00', 0x1, 0x1300)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x8, 0x11, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@cb_func={0x18, 0xa, 0x4, 0x0, 0x5}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x2}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1ff}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x2, &(0x7f0000000280)=""/2, 0x41100, 0x670beecd4ecda0f4, '\x00', r3, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, r4, r5, 0x7, &(0x7f00000004c0)=[r6, 0x1], &(0x7f0000000500)=[{0x3, 0x2, 0xf, 0x6}, {0x2, 0x3, 0xe, 0x3}, {0x4, 0x2, 0x1, 0x4}, {0x4, 0x3, 0x3, 0x5}, {0x4, 0x5, 0x1, 0xf220b126844d7383}, {0x4, 0x2, 0x1, 0x4}, {0x2, 0x1, 0x0, 0x1}], 0x10, 0x40, @value}, 0x94)
setsockopt$inet6_int(r0, 0x29, 0x0, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1={0xff, 0x0, '\x00', 0x0}, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
creat(&(0x7f0000000300)='./file1\x00', 0x0)
mount$cgroup2(0x0, &(0x7f0000000b00)='./file1\x00', &(0x7f0000000b40), 0x80, &(0x7f0000000b80)={[{@memory_localevents}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x9, 0x1c, &(0x7f0000000040)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x9b69}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

187.390747ms ago: executing program 2 (id=751):
r0 = socket(0x2a, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x38, r2, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'macvlan1\x00'}}}}}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x3}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000140)='t', 0x1}], 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r5, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r5, 0x8948, &(0x7f0000000000))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {}, {0x2}}, [@filter_kind_options=@f_route={{0xa}, {0xffffffffffffff8f, 0x2, [@TCA_ROUTE4_ACT={0x4}]}}]}, 0x38}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)

129.955134ms ago: executing program 2 (id=752):
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x0, 0xfffffffff7ffffff}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000280)={{}, {0x77359400}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x2, 0x0, 0x0, 0xe, 0x5}]}, {0x0, [0x30, 0x5f]}}, 0x0, 0x2c, 0x0, 0x1, 0x1, 0x0, @void, @value}, 0x28)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
set_mempolicy(0x3, &(0x7f0000000240)=0x1020fff, 0x6)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r6 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x2)
ftruncate(r6, 0xfbff)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000000)={r6, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r7, 0x40086200, &(0x7f0000000440)=0x2)
close_range(r4, 0xffffffffffffffff, 0x0)
r8 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000045}, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x4000, 0x100)
r10 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x20800, 0x1bc)
futimesat(r10, &(0x7f0000000240)='./file0\x00', &(0x7f0000000100)={{}, {0x77359400}})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)

129.308786ms ago: executing program 2 (id=753):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000000)=0x3)
socket$can_raw(0x1d, 0x3, 0x1)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x88, 0x4}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x1000)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x3, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYBLOB="18419f8c2ae6daa7c8bb54bcda216518d9ec5ee031a7a811aad69ee276f1e320a04aaa52e2888044d1834f438f8393a9c83f31e670b5330058bb56b2b2372fe6000e2ba18264f54a9b86a8fe986ca9931f21dfa940c54f880a498868c6149dab54eeb20853325f25c5822612f61bf1ed09fdc0405098544fd66663033a1e44149a36fd6edb82ded3889285977f94c368b4c31d6da5744bb90d3b08e0fde09cc9818e5a73c9", @ANYRES16=r1])
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x44)
symlinkat(&(0x7f00000000c0)='./file1\x00', r3, &(0x7f0000000100)='./file1\x00')
r4 = open(&(0x7f0000000240)='./file1\x00', 0x40c000, 0x4)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = open(&(0x7f00000000c0)='.\x00', 0x5b9200, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)
r6 = userfaultfd(0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0xadf197caff3c819)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f000076e000/0x4000)=nil, 0x400000, 0x0, 0x2})
socket$inet6(0xa, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)

1.193972ms ago: executing program 0 (id=754):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) (async)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@broadcast, @random="0408fcc67af2", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x0, 0x88be, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x3, r2, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})

0s ago: executing program 0 (id=755):
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x5c, r2, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x100}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x4}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}, @NBD_ATTR_CLIENT_FLAGS={0xc}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x804)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

[   31.909555][   T39] audit: type=1400 audit(1730351602.862:80): avc:  denied  { write } for  pid=5853 comm="sh" path="pipe:[7440]" dev="pipefs" ino=7440 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   31.915313][   T39] audit: type=1400 audit(1730351602.862:81): avc:  denied  { rlimitinh } for  pid=5853 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   31.920847][   T39] audit: type=1400 audit(1730351602.862:82): avc:  denied  { siginh } for  pid=5853 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:17142' (ED25519) to the list of known hosts.
[   32.892856][   T39] audit: type=1400 audit(1730351603.862:83): avc:  denied  { name_bind } for  pid=5863 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   32.920305][   T39] audit: type=1400 audit(1730351603.892:84): avc:  denied  { execute } for  pid=5865 comm="sh" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   32.926523][   T39] audit: type=1400 audit(1730351603.892:85): avc:  denied  { execute_no_trans } for  pid=5865 comm="sh" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   33.028099][   T39] audit: type=1400 audit(1730351604.002:86): avc:  denied  { read } for  pid=5342 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   33.033710][   T39] audit: type=1400 audit(1730351604.002:87): avc:  denied  { append } for  pid=5342 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   34.584237][ T5865] cgroup: Unknown subsys name 'net'
[   34.720137][ T5865] cgroup: Unknown subsys name 'cpuset'
[   34.723266][ T5865] cgroup: Unknown subsys name 'rlimit'
[   34.917875][ T5929] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   35.552878][ T5865] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   37.065318][   T39] kauditd_printk_skb: 17 callbacks suppressed
[   37.065330][   T39] audit: type=1400 audit(1730351608.032:105): avc:  denied  { execmem } for  pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   37.202727][   T39] audit: type=1400 audit(1730351608.172:106): avc:  denied  { create } for  pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   37.208455][   T39] audit: type=1400 audit(1730351608.172:107): avc:  denied  { read write } for  pid=5941 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.213804][   T39] audit: type=1400 audit(1730351608.172:108): avc:  denied  { open } for  pid=5941 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.219228][   T39] audit: type=1400 audit(1730351608.182:109): avc:  denied  { ioctl } for  pid=5941 comm="syz-executor" path="socket:[6538]" dev="sockfs" ino=6538 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   37.235376][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   37.238538][ T5947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   37.240885][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   37.242877][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   37.244895][ T5947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   37.246540][ T5952] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   37.246823][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   37.249222][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   37.250238][ T5947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   37.252266][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   37.253824][ T5947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   37.255102][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   37.257569][ T5947] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   37.257651][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   37.258265][ T5955] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   37.259746][ T5955] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   37.260460][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   37.262245][ T5955] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   37.268096][ T5303] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   37.269552][   T39] audit: type=1400 audit(1730351608.242:110): avc:  denied  { read } for  pid=5941 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   37.269821][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   37.270533][ T5954] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   37.270577][   T39] audit: type=1400 audit(1730351608.242:111): avc:  denied  { open } for  pid=5941 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   37.270595][   T39] audit: type=1400 audit(1730351608.242:112): avc:  denied  { mounton } for  pid=5941 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   37.271571][ T5303] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   37.272208][ T5954] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   37.272317][ T5954] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   37.408968][   T39] audit: type=1400 audit(1730351608.382:113): avc:  denied  { module_request } for  pid=5944 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   37.431118][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   37.434174][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   37.456494][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   37.503940][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   37.563662][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.565704][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.567943][ T5941] bridge_slave_0: entered allmulticast mode
[   37.570148][ T5941] bridge_slave_0: entered promiscuous mode
[   37.618682][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.620527][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.622319][ T5941] bridge_slave_1: entered allmulticast mode
[   37.624215][ T5941] bridge_slave_1: entered promiscuous mode
[   37.641183][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.643092][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.644941][ T5942] bridge_slave_0: entered allmulticast mode
[   37.646907][ T5942] bridge_slave_0: entered promiscuous mode
[   37.648990][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.650840][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.652639][ T5944] bridge_slave_0: entered allmulticast mode
[   37.654545][ T5944] bridge_slave_0: entered promiscuous mode
[   37.669880][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.671558][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.673181][ T5942] bridge_slave_1: entered allmulticast mode
[   37.674993][ T5942] bridge_slave_1: entered promiscuous mode
[   37.677506][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.679485][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.681478][ T5944] bridge_slave_1: entered allmulticast mode
[   37.683426][ T5944] bridge_slave_1: entered promiscuous mode
[   37.701196][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.733510][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.735371][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.737439][ T5949] bridge_slave_0: entered allmulticast mode
[   37.739398][ T5949] bridge_slave_0: entered promiscuous mode
[   37.743506][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.749161][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.753183][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.757826][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.760763][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.762584][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.764382][ T5949] bridge_slave_1: entered allmulticast mode
[   37.766262][ T5949] bridge_slave_1: entered promiscuous mode
[   37.799047][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.817354][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.821197][ T5941] team0: Port device team_slave_0 added
[   37.838073][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.840794][ T5941] team0: Port device team_slave_1 added
[   37.850819][ T5942] team0: Port device team_slave_0 added
[   37.853461][ T5944] team0: Port device team_slave_0 added
[   37.881927][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.884016][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.892105][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.896401][ T5942] team0: Port device team_slave_1 added
[   37.907836][ T5944] team0: Port device team_slave_1 added
[   37.910654][ T5949] team0: Port device team_slave_0 added
[   37.912431][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.914197][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.920783][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.940009][ T5949] team0: Port device team_slave_1 added
[   37.952749][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.954536][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.961052][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.971296][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.973116][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.979630][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.983215][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.984944][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.991881][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.003718][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.005509][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.012883][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.019651][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.021426][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.027918][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.049343][ T5941] hsr_slave_0: entered promiscuous mode
[   38.051864][ T5941] hsr_slave_1: entered promiscuous mode
[   38.055193][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.057468][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.065669][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.112178][ T5944] hsr_slave_0: entered promiscuous mode
[   38.114256][ T5944] hsr_slave_1: entered promiscuous mode
[   38.116124][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.118453][ T5944] Cannot create hsr debugfs directory
[   38.121728][ T5942] hsr_slave_0: entered promiscuous mode
[   38.123769][ T5942] hsr_slave_1: entered promiscuous mode
[   38.125594][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.127708][ T5942] Cannot create hsr debugfs directory
[   38.183342][ T5949] hsr_slave_0: entered promiscuous mode
[   38.185225][ T5949] hsr_slave_1: entered promiscuous mode
[   38.187077][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.189007][ T5949] Cannot create hsr debugfs directory
[   38.361249][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   38.365443][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   38.368921][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   38.372307][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   38.412066][ T5944] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   38.415259][ T5944] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   38.429268][ T5944] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   38.434054][ T5944] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   38.444194][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   38.449523][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   38.462619][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   38.471297][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   38.486283][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.497631][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   38.501793][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   38.504714][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   38.510579][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   38.521818][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   38.525674][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.532414][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.534363][ T1168] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.544211][ T1219] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.546060][ T1219] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.559286][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   38.572158][ T1219] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.574023][ T1219] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.584049][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.585913][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.602928][   T39] audit: type=1400 audit(1730351609.572:114): avc:  denied  { sys_module } for  pid=5941 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   38.621479][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.628973][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.635128][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   38.641109][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.643059][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.646179][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.648122][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.653915][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   38.666813][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.671401][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.673066][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.684739][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.686421][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.708978][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.726686][ T5941] veth0_vlan: entered promiscuous mode
[   38.732332][ T5941] veth1_vlan: entered promiscuous mode
[   38.744478][ T5944] veth0_vlan: entered promiscuous mode
[   38.752264][ T5941] veth0_macvtap: entered promiscuous mode
[   38.755836][ T5944] veth1_vlan: entered promiscuous mode
[   38.759075][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.762665][ T5941] veth1_macvtap: entered promiscuous mode
[   38.773338][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.782495][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.789771][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.792074][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.794280][ T5941] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.796450][ T5941] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.809879][ T5944] veth0_macvtap: entered promiscuous mode
[   38.813518][ T5944] veth1_macvtap: entered promiscuous mode
[   38.822346][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.824460][ T5949] veth0_vlan: entered promiscuous mode
[   38.836639][ T5949] veth1_vlan: entered promiscuous mode
[   38.840092][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.842814][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.845796][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.856698][ T1219] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   38.859018][ T1219] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   38.861832][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.864531][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.868021][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.871599][ T5944] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.873786][ T5944] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.875966][ T5944] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.878546][ T5944] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.896414][ T1219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   38.898412][ T1219] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   38.906110][ T5949] veth0_macvtap: entered promiscuous mode
[   38.913128][ T5942] veth0_vlan: entered promiscuous mode
[   38.921442][ T5949] veth1_macvtap: entered promiscuous mode
[   38.926560][ T1219] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   38.930424][ T1219] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   38.939815][ T5942] veth1_vlan: entered promiscuous mode
[   38.943086][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.944267][ T5941] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.945428][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.952102][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.954681][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.958223][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.963359][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.965986][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.968709][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.971342][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.974375][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.985191][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.987751][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.989935][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.992145][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.996975][ T6006] syz.0.1 uses obsolete (PF_INET,SOCK_PACKET)
[   38.999607][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.000249][ T5942] veth0_macvtap: entered promiscuous mode
[   39.002008][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.008667][ T5942] veth1_macvtap: entered promiscuous mode
[   39.027440][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.031152][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.033710][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.036402][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.039192][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.041769][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.045232][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.048108][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.050709][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.053132][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.055710][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.058263][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.060841][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.064048][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.076299][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.078703][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.079416][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.083525][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.085821][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.088338][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.111520][ T1168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.113695][ T1168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.138178][ T6022] xt_l2tp: v2 doesn't support IP mode
[   39.148867][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.151123][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.171872][ T1219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.173923][ T1219] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.277946][ T5951] Bluetooth: hci0: command tx timeout
[   39.283673][ T6047] capability: warning: `syz.1.2' uses deprecated v2 capabilities in a way that may be insecure
[   39.347571][ T5951] Bluetooth: hci2: command tx timeout
[   39.349292][ T5951] Bluetooth: hci3: command tx timeout
[   39.350949][ T5951] Bluetooth: hci1: command tx timeout
[   39.381905][ T6050] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   39.468426][ T6054] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.523164][ T6062] bridge1: entered promiscuous mode
[   39.524534][ T6062] bridge1: entered allmulticast mode
[   39.947302][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   39.997164][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.018162][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.022588][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.024507][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.026435][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.028503][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.030525][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.032638][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.034593][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.036553][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.039122][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.042211][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.044204][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.046169][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.048247][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.050237][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.052567][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.054551][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.056523][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.058827][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.060764][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.062647][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.064517][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.066456][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.068848][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.070796][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.072741][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.074637][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.076576][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.079140][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.081162][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.083112][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.084943][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.086801][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.088789][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.090701][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.092631][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.094521][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.096416][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.098421][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.100349][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.102286][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.104319][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.105564][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   40.106499][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.110266][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.112188][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.114090][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.116005][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.118057][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.120064][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.121983][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.123897][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.125790][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.127773][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.129759][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.131916][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.133895][ T1319] hid-generic 0001:0000:0000.0002: unknown main item tag 0x0
[   40.144857][ T1319] hid-generic 0001:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   40.197216][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.208023][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   40.257243][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.407518][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.487185][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.587166][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   40.767719][ T6126] Illegal XDP return value 2192945758 on prog  (id 3) dev N/A, expect packet loss!
[   41.027373][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   41.447207][ T5303] Bluetooth: hci0: command tx timeout
[   41.447292][ T5951] Bluetooth: hci1: command tx timeout
[   41.447380][   T65] Bluetooth: hci2: command tx timeout
[   41.448179][ T5946] Bluetooth: hci3: command tx timeout
[   41.667315][ T6004] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   41.829297][ T6004] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   41.832003][ T6004] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[   41.842630][ T6004] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   41.844997][ T6004] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   41.851848][ T6004] usb 6-1: SerialNumber: syz
[   41.856675][ T6004] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[   42.064108][ T6004] usb 6-1: USB disconnect, device number 2
[   42.455640][   T39] kauditd_printk_skb: 107 callbacks suppressed
[   42.455651][   T39] audit: type=1400 audit(1730351613.422:222): avc:  denied  { mounton } for  pid=6162 comm="syz.2.53" path="/proc/34/task" dev="proc" ino=9531 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   42.579268][   T39] audit: type=1400 audit(1730351613.552:223): avc:  denied  { write } for  pid=6165 comm="syz.2.54" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   42.911927][ T1484] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   43.061861][   T39] audit: type=1400 audit(1730351614.032:224): avc:  denied  { setopt } for  pid=6178 comm="syz.0.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   43.079578][ T1484] usb 7-1: New USB device found, idVendor=0bda, idProduct=818a, bcdDevice=e2.d8
[   43.081875][ T1484] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.084756][ T1484] usb 7-1: config 0 descriptor??
[   43.507511][ T5951] Bluetooth: hci0: command tx timeout
[   43.507542][ T5303] Bluetooth: hci3: command tx timeout
[   43.508058][ T5946] Bluetooth: hci2: command tx timeout
[   43.508083][ T5946] Bluetooth: hci1: command tx timeout
[   43.637245][ T1484] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   43.669846][   T39] audit: type=1400 audit(1730351614.642:225): avc:  denied  { map } for  pid=6185 comm="syz.1.62" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   43.683033][   T39] audit: type=1400 audit(1730351614.652:226): avc:  denied  { write } for  pid=6185 comm="syz.1.62" path="socket:[9030]" dev="sockfs" ino=9030 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   43.818408][ T1484] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   43.823076][ T1484] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   43.825503][ T1484] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   43.828071][ T1484] usb 8-1: SerialNumber: syz
[   44.537398][   T39] audit: type=1400 audit(1730351615.512:227): avc:  denied  { getopt } for  pid=6181 comm="syz.3.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   44.573387][ T6191] syz.1.63 (6191) used greatest stack depth: 21376 bytes left
[   44.659608][   T39] audit: type=1400 audit(1730351615.622:228): avc:  denied  { write } for  pid=6218 comm="syz.1.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   44.675516][   T39] audit: type=1400 audit(1730351615.622:229): avc:  denied  { nlmsg_write } for  pid=6218 comm="syz.1.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   44.739038][ T1484] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71
[   44.743865][ T1484] usb 8-1: USB disconnect, device number 2
[   44.829962][   T39] audit: type=1400 audit(1730351615.782:230): avc:  denied  { connect } for  pid=6220 comm="syz.1.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   45.587773][ T5303] Bluetooth: hci1: command tx timeout
[   45.587780][ T5951] Bluetooth: hci0: command tx timeout
[   45.590503][ T5303] Bluetooth: hci2: command tx timeout
[   45.597217][ T5303] Bluetooth: hci3: command tx timeout
[   45.666859][ T6242] cgroup: Unknown subsys name 'cpuset'
[   45.677963][   T35] usb 7-1: USB disconnect, device number 2
[   45.742929][ T5303] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[   45.745532][ T5303] CPU: 3 UID: 0 PID: 5303 Comm: kworker/u33:1 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   45.746741][ T6250] mmap: syz.0.86 (6250) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   45.748417][ T5303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   45.748444][ T5303] Workqueue: hci0 hci_rx_work
[   45.748476][ T5303] Call Trace:
[   45.748484][ T5303]  <TASK>
[   45.748493][ T5303]  dump_stack_lvl+0x16c/0x1f0
[   45.758502][ T5303]  sysfs_warn_dup+0x7f/0xa0
[   45.759718][ T5303]  sysfs_create_dir_ns+0x24d/0x2b0
[   45.761057][ T5303]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   45.762518][ T5303]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   45.763939][ T5303]  ? kobject_add_internal+0x12d/0x990
[   45.765346][ T5303]  ? do_raw_spin_unlock+0x172/0x230
[   45.766725][ T5303]  kobject_add_internal+0x2c8/0x990
[   45.768294][ T5303]  kobject_add+0x16f/0x240
[   45.769953][ T5303]  ? __pfx_kobject_add+0x10/0x10
[   45.771620][ T5303]  ? class_to_subsys+0x3e/0x160
[   45.772907][ T5303]  ? do_raw_spin_unlock+0x172/0x230
[   45.774273][ T5303]  ? kobject_put+0xab/0x5a0
[   45.775482][ T5303]  device_add+0x289/0x1a70
[   45.776665][ T5303]  ? __pfx_dev_set_name+0x10/0x10
[   45.777996][ T5303]  ? __pfx_device_add+0x10/0x10
[   45.779693][ T5303]  ? mgmt_send_event_skb+0x2f2/0x460
[   45.781132][ T5303]  hci_conn_add_sysfs+0x17e/0x230
[   45.782463][ T5303]  le_conn_complete_evt+0x1078/0x1d80
[   45.783884][ T5303]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   45.785380][ T5303]  ? trace_contention_end+0xea/0x140
[   45.786798][ T5303]  hci_le_conn_complete_evt+0x23c/0x370
[   45.788269][ T5303]  hci_le_meta_evt+0x2e2/0x5d0
[   45.790040][ T5303]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   45.791981][ T5303]  hci_event_packet+0x666/0x1180
[   45.793288][ T5303]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   45.794691][ T5303]  ? __pfx_hci_event_packet+0x10/0x10
[   45.796107][ T5303]  ? mark_held_locks+0x9f/0xe0
[   45.797374][ T5303]  ? kcov_remote_start+0x3cf/0x6e0
[   45.798928][ T5303]  ? lockdep_hardirqs_on+0x7c/0x110
[   45.800312][ T5303]  hci_rx_work+0x2c6/0x16c0
[   45.801521][ T5303]  ? lock_acquire+0x2f/0xb0
[   45.802727][ T5303]  ? process_one_work+0x921/0x1ba0
[   45.804077][ T5303]  process_one_work+0x9c5/0x1ba0
[   45.805388][ T5303]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   45.806873][ T5303]  ? __pfx_process_one_work+0x10/0x10
[   45.808326][ T5303]  ? assign_work+0x1a0/0x250
[   45.810056][ T5303]  worker_thread+0x6c8/0xf00
[   45.811589][ T5303]  ? __kthread_parkme+0x148/0x220
[   45.812923][ T5303]  ? __pfx_worker_thread+0x10/0x10
[   45.814266][ T5303]  kthread+0x2c1/0x3a0
[   45.815362][ T5303]  ? _raw_spin_unlock_irq+0x23/0x50
[   45.816734][ T5303]  ? __pfx_kthread+0x10/0x10
[   45.818082][ T5303]  ret_from_fork+0x45/0x80
[   45.819360][ T5303]  ? __pfx_kthread+0x10/0x10
[   45.820582][ T5303]  ret_from_fork_asm+0x1a/0x30
[   45.821863][ T5303]  </TASK>
[   45.824740][ T5303] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   45.828695][ T5303] Bluetooth: hci0: failed to register connection device
[   46.560137][   T39] audit: type=1400 audit(1730351617.532:231): avc:  denied  { connect } for  pid=6261 comm="syz.1.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   46.645523][ T6280] xt_TCPMSS: Only works on TCP SYN packets
[   46.718281][ T6276] kvm: kvm [6274]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x800
[   47.670757][   T39] kauditd_printk_skb: 18 callbacks suppressed
[   47.670769][   T39] audit: type=1400 audit(1730351618.642:250): avc:  denied  { sqpoll } for  pid=6336 comm="syz.3.125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   47.752955][   T39] audit: type=1400 audit(1730351618.722:251): avc:  denied  { bind } for  pid=6346 comm="syz.2.129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   47.797395][   T39] audit: type=1326 audit(1730351618.772:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.803241][   T39] audit: type=1326 audit(1730351618.772:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.808954][   T39] audit: type=1326 audit(1730351618.772:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.814606][   T39] audit: type=1326 audit(1730351618.772:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.820236][   T39] audit: type=1326 audit(1730351618.772:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.826469][   T39] audit: type=1326 audit(1730351618.772:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.832510][   T39] audit: type=1326 audit(1730351618.772:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   47.837772][ T6359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.133'.
[   47.839094][   T39] audit: type=1326 audit(1730351618.772:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6349 comm="syz.0.131" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x7ffc0000
[   48.535422][ T6393] hub 6-0:1.0: USB hub found
[   48.536970][ T6393] hub 6-0:1.0: 1 port detected
[   48.806555][ T6401] netlink: 24 bytes leftover after parsing attributes in process `syz.1.149'.
[   48.866417][ T6405] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.871756][ T6405] xt_TCPMSS: Only works on TCP SYN packets
[   49.135285][ T6412] xt_hashlimit: overflow, rate too high: 0
[   49.704163][ T6421] netlink: 8 bytes leftover after parsing attributes in process `syz.1.157'.
[   50.427409][ T6479] hub 6-0:1.0: USB hub found
[   50.429406][ T6479] hub 6-0:1.0: 1 port detected
[   50.971439][ T6499] binder: 6498:6499 ioctl 4018620d 0 returned -22
[   51.061438][ T6513] warning: `syz.0.195' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   51.377348][ T1484] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   51.597187][ T1484] usb 5-1: Using ep0 maxpacket: 8
[   51.625714][ T1484] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   51.628554][ T1484] usb 5-1: New USB device found, idVendor=05a9, idProduct=2640, bcdDevice=55.12
[   51.631048][ T1484] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.645007][ T1484] usb 5-1: config 0 descriptor??
[   51.667922][ T5303] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   51.670776][ T5303] Bluetooth: hci1: Injecting HCI hardware error event
[   51.674440][ T5951] Bluetooth: hci1: hardware error 0x00
[   52.257527][   T35] usb 5-1: USB disconnect, device number 2
[   52.728815][   T39] kauditd_printk_skb: 32 callbacks suppressed
[   52.728825][   T39] audit: type=1400 audit(1730351623.702:292): avc:  denied  { write } for  pid=6575 comm="syz.2.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.904463][   T39] audit: type=1400 audit(1730351623.872:293): avc:  denied  { name_bind } for  pid=6583 comm="syz.0.225" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   53.601931][   T39] audit: type=1400 audit(1730351624.572:294): avc:  denied  { watch } for  pid=6608 comm="syz.1.235" path="/62" dev="tmpfs" ino=329 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   53.609456][   T39] audit: type=1400 audit(1730351624.572:295): avc:  denied  { watch_sb watch_reads } for  pid=6608 comm="syz.1.235" path="/62" dev="tmpfs" ino=329 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   53.917887][ T5983] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   53.918033][ T5951] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   54.067179][ T5983] usb 6-1: Using ep0 maxpacket: 32
[   54.070151][ T5983] usb 6-1: config 0 has an invalid interface number: 230 but max is 0
[   54.072320][ T5983] usb 6-1: config 0 has no interface number 0
[   54.075894][ T5983] usb 6-1: New USB device found, idVendor=deee, idProduct=0300, bcdDevice=53.0a
[   54.078307][ T5983] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.080761][ T5983] usb 6-1: Product: syz
[   54.081879][ T5983] usb 6-1: Manufacturer: syz
[   54.083112][ T5983] usb 6-1: SerialNumber: syz
[   54.085923][ T5983] usb 6-1: config 0 descriptor??
[   54.207192][   T35] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   54.370146][   T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   54.373285][   T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   54.376352][   T35] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   54.379898][   T35] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   54.382554][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.390443][   T35] usb 5-1: config 0 descriptor??
[   54.393770][ T6619] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   54.816705][   T35] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   54.821726][   T35] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   54.854582][   T35] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   55.033386][ T6649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.253'.
[   55.181744][ T5983] hub 6-1:0.230: bad descriptor, ignoring hub
[   55.183564][ T5983] hub 6-1:0.230: probe with driver hub failed with error -5
[   55.187159][ T5983] ftdi_sio 6-1:0.230: FTDI USB Serial Device converter detected
[   55.191425][ T5983] ftdi_sio ttyUSB0: unknown device type: 0x530a
[   55.192755][ T5994] usb 5-1: USB disconnect, device number 3
[   55.210324][ T5983] usb 6-1: USB disconnect, device number 3
[   55.213705][ T5983] ftdi_sio 6-1:0.230: device disconnected
[   55.308378][   T39] audit: type=1400 audit(1730351626.282:296): avc:  denied  { write } for  pid=6666 comm="syz.1.258" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   55.667163][ T5988] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   55.848618][ T5988] usb 8-1: Using ep0 maxpacket: 8
[   55.851540][ T5988] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[   55.853732][ T5988] usb 8-1: config 179 has no interface number 0
[   55.855376][ T5988] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   55.858548][ T5988] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   55.861475][ T5988] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   55.864305][ T5988] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[   55.868112][ T5988] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   55.871881][ T5988] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   55.874133][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.878218][ T6669] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   55.987175][   T35] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   56.138614][   T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.141509][   T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   56.143936][   T35] usb 5-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[   56.147739][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.151441][   T35] usb 5-1: config 0 descriptor??
[   56.284274][ T6669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.289488][ T6669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.494126][ T5983] usb 8-1: USB disconnect, device number 3
[   56.494204][    C3] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   56.498279][    C3] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   56.561138][   T35] magicmouse 0003:05AC:0269.0004: hidraw1: USB HID v0.00 Device [HID 05ac:0269] on usb-dummy_hcd.0-1/input0
[   56.568951][ T5994] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   56.717157][ T5994] usb 6-1: Using ep0 maxpacket: 16
[   56.719757][ T5994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.722592][ T5994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   56.725116][ T5994] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   56.728702][ T5994] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[   56.731095][ T5994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.734125][ T5994] usb 6-1: config 0 descriptor??
[   56.760708][   T75] usb 5-1: USB disconnect, device number 4
[   57.143569][ T5994] ryos 0003:1E7D:31CE.0005: hidraw1: USB HID v0.00 Device [HID 1e7d:31ce] on usb-dummy_hcd.1-1/input0
[   57.170069][   T39] audit: type=1400 audit(1730351628.142:297): avc:  denied  { ioctl } for  pid=6701 comm="syz.3.274" path="/dev/rtc0" dev="devtmpfs" ino=944 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   57.385588][    T9] usb 6-1: USB disconnect, device number 4
[   57.745721][   T39] audit: type=1400 audit(1730351628.712:298): avc:  denied  { mount } for  pid=6713 comm="syz.2.278" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   57.764417][   T39] audit: type=1400 audit(1730351628.732:299): avc:  denied  { unmount } for  pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   58.153331][ T6735] kvm: kvm [6734]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x800
[   58.238518][ T5994] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   58.313989][ T6748] Bluetooth: MGMT ver 1.23
[   58.318002][   T39] audit: type=1400 audit(1730351629.292:300): avc:  denied  { create } for  pid=6747 comm="syz.0.292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   58.324836][   T39] audit: type=1400 audit(1730351629.292:301): avc:  denied  { sys_admin } for  pid=6747 comm="syz.0.292" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   58.332379][   T39] audit: type=1400 audit(1730351629.292:302): avc:  denied  { sys_ptrace } for  pid=6747 comm="syz.0.292" capability=19  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   58.410129][ T5994] usb 7-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[   58.413921][ T5994] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   58.417587][ T5994] usb 7-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   58.422145][ T5994] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   58.425368][ T5994] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.432824][ T5994] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   58.434892][ T5994] usb 7-1: invalid MIDI out EP 0
[   58.474300][ T5994] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -22
[   58.489279][ T6765] Bluetooth: hci0: load_link_keys: expected 51203 bytes, got 7 bytes
[   58.635708][ T5983] usb 7-1: USB disconnect, device number 3
[   59.011751][   T39] audit: type=1400 audit(1730351629.982:303): avc:  denied  { lock } for  pid=6771 comm="syz.3.301" path="socket:[11756]" dev="sockfs" ino=11756 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   59.114746][   T39] audit: type=1400 audit(1730351630.082:304): avc:  denied  { bind } for  pid=6783 comm="syz.1.308" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   59.122568][   T39] audit: type=1400 audit(1730351630.082:305): avc:  denied  { name_bind } for  pid=6783 comm="syz.1.308" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   59.128457][   T39] audit: type=1400 audit(1730351630.082:306): avc:  denied  { node_bind } for  pid=6783 comm="syz.1.308" saddr=ff01::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   59.159135][   T39] audit: type=1400 audit(1730351630.132:307): avc:  denied  { relabelfrom } for  pid=6787 comm="syz.1.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   59.287225][ T5994] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   59.433775][ T6811] kvm: emulating exchange as write
[   59.648697][ T5994] usb 8-1: Using ep0 maxpacket: 16
[   59.653634][ T5994] usb 8-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   59.656099][ T5994] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.658271][ T5994] usb 8-1: Product: syz
[   59.659448][ T5994] usb 8-1: Manufacturer: syz
[   59.660723][ T5994] usb 8-1: SerialNumber: syz
[   59.662868][ T5994] usb 8-1: config 0 descriptor??
[   59.666924][ T5994] ftdi_sio 8-1:0.0: FTDI USB Serial Device converter detected
[   59.669410][ T5994] usb 8-1: Detected FT232H
[   59.737215][   T63] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   59.868094][ T5994] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   59.897192][   T63] usb 5-1: Using ep0 maxpacket: 16
[   59.902178][   T63] usb 5-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice=4e.06
[   59.904513][   T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.906619][   T63] usb 5-1: Product: syz
[   59.907871][   T63] usb 5-1: Manufacturer: syz
[   59.909103][   T63] usb 5-1: SerialNumber: syz
[   59.911585][   T63] usb 5-1: config 0 descriptor??
[   59.922841][   T63] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[   59.934702][ T5956] udevd[5956]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   60.211052][ T6823] netlink: 4 bytes leftover after parsing attributes in process `syz.1.324'.
[   60.235485][ T6825] sock: sock_set_timeout: `syz.1.325' (pid 6825) tries to set negative timeout
[   60.274957][ T5994] usb 8-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   60.339382][ T6833] syzkaller0: entered promiscuous mode
[   60.340855][ T6833] syzkaller0: entered allmulticast mode
[   60.387543][ T5951] Bluetooth: hci0: Opcode 0x0401 failed: -110
[   60.387567][ T5303] Bluetooth: hci0: command 0x0401 tx timeout
[   60.475505][   T63] usb 8-1: USB disconnect, device number 4
[   60.508076][ T1484] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   60.509385][   T63] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   60.512775][   T63] ftdi_sio 8-1:0.0: device disconnected
[   60.659845][ T1484] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.662927][ T1484] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.665439][ T1484] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   60.668446][ T1484] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.674305][ T1484] usb 6-1: config 0 descriptor??
[   61.096477][ T1484] hid-led 0003:0FC5:B080.0006: unknown main item tag 0x0
[   61.297955][ T1484] hid-led 0003:0FC5:B080.0006: probe with driver hid-led failed with error -71
[   61.301533][ T1484] usb 6-1: USB disconnect, device number 5
[   61.698279][ T6869] Dead loop on virtual device ip6_vti0, fix it urgently!
[   62.536640][   T63] usb 5-1: USB disconnect, device number 5
[   62.760943][   T39] kauditd_printk_skb: 13 callbacks suppressed
[   62.760955][   T39] audit: type=1400 audit(1730351633.732:321): avc:  denied  { mount } for  pid=6891 comm="syz.3.354" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   62.769875][   T39] audit: type=1400 audit(1730351633.732:322): avc:  denied  { remount } for  pid=6891 comm="syz.3.354" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   62.775113][   T39] audit: type=1400 audit(1730351633.742:323): avc:  denied  { unmount } for  pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   62.990701][ T6900] netlink: 44 bytes leftover after parsing attributes in process `syz.1.358'.
[   62.993162][ T6900] netlink: 43 bytes leftover after parsing attributes in process `syz.1.358'.
[   62.995567][ T6900] netlink: 'syz.1.358': attribute type 5 has an invalid length.
[   62.997919][ T6900] netlink: 43 bytes leftover after parsing attributes in process `syz.1.358'.
[   63.027240][ T5994] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   63.203602][ T5994] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.206445][ T5994] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.209034][ T5994] usb 8-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[   63.211435][ T5994] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.214466][ T5994] usb 8-1: config 0 descriptor??
[   63.433277][ T6922] input: syz0 as /devices/virtual/input/input8
[   63.439980][   T39] audit: type=1400 audit(1730351634.412:324): avc:  denied  { read } for  pid=5345 comm="acpid" name="event4" dev="devtmpfs" ino=2855 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   63.447167][   T39] audit: type=1400 audit(1730351634.412:325): avc:  denied  { open } for  pid=5345 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2855 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   63.453779][   T39] audit: type=1400 audit(1730351634.412:326): avc:  denied  { ioctl } for  pid=5345 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2855 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   63.475722][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.369'.
[   63.520149][ T6932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.371'.
[   63.522427][ T6932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.371'.
[   63.624885][ T5994] sony 0003:054C:024B.0007: unknown main item tag 0x0
[   63.626649][ T5994] sony 0003:054C:024B.0007: unknown main item tag 0x0
[   63.628786][ T5994] sony 0003:054C:024B.0007: global environment stack underflow
[   63.631624][ T5994] sony 0003:054C:024B.0007: item 0 4 1 11 parsing failed
[   63.636240][ T5994] sony 0003:054C:024B.0007: parse failed
[   63.638111][ T5994] sony 0003:054C:024B.0007: probe with driver sony failed with error -22
[   63.828909][   T35] usb 8-1: USB disconnect, device number 5
[   64.621336][   T39] audit: type=1400 audit(1730351635.442:327): avc:  denied  { mounton } for  pid=6970 comm="syz.0.390" path="/84/file0" dev="tmpfs" ino=440 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   64.627171][   T39] audit: type=1400 audit(1730351635.552:328): avc:  denied  { nlmsg_write } for  pid=6973 comm="syz.0.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   64.633687][   T39] audit: type=1400 audit(1730351635.582:329): avc:  denied  { create } for  pid=6982 comm="syz.3.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[   65.017110][ T6521] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[   65.219169][ T6521] usb 7-1: config 0 has an invalid interface number: 214 but max is 0
[   65.222718][ T6521] usb 7-1: config 0 has no interface number 0
[   65.224531][ T6521] usb 7-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[   65.230397][ T6521] usb 7-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[   65.232910][ T6521] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   65.235265][ T6521] usb 7-1: Product: syz
[   65.236467][ T6521] usb 7-1: Manufacturer: syz
[   65.238090][ T6521] usb 7-1: SerialNumber: syz
[   65.244137][ T6521] usb 7-1: config 0 descriptor??
[   65.712239][   T39] audit: type=1400 audit(1730351636.682:330): avc:  denied  { read } for  pid=7005 comm="syz.0.404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   65.865232][ T6521] usbtouchscreen 7-1:0.214: probe with driver usbtouchscreen failed with error -71
[   65.871953][ T6521] usb 7-1: USB disconnect, device number 4
[   65.955017][ T7020] xt_CT: You must specify a L4 protocol and not use inversions on it
[   66.953634][ T7045] Zero length message leads to an empty skb
[   67.161901][ T5951] Bluetooth: hci3: unexpected event for opcode 0x0c14
[   67.304262][ T7070] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   67.604364][ T7079] binder: 7078:7079 ioctl c018620c 0 returned -14
[   67.606368][ T7079] binder: 7078:7079 ioctl c0046209 0 returned -22
[   67.937292][ T1484] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   68.076872][ T7114] input: syz0 as /devices/virtual/input/input10
[   68.098614][ T1484] usb 6-1: config 0 has no interfaces?
[   68.100117][ T1484] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   68.101575][ T7106] kvm: kvm [7104]: vcpu7, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   68.102534][ T1484] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.108109][ T1484] usb 6-1: config 0 descriptor??
[   68.111189][ T7106] kvm: kvm [7104]: vcpu7, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   68.200519][ T7127] netlink: 8 bytes leftover after parsing attributes in process `syz.2.453'.
[   68.292416][   T39] kauditd_printk_skb: 12 callbacks suppressed
[   68.292427][   T39] audit: type=1400 audit(1730351639.261:343): avc:  denied  { set_context_mgr } for  pid=7137 comm="syz.3.458" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   68.365724][ T5994] usb 6-1: USB disconnect, device number 6
[   68.892253][ T7145] binder: 7144:7145 ioctl 4018620d 0 returned -22
[   69.085443][   T39] audit: type=1326 audit(1730351640.063:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7158 comm="syz.0.467" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f389a37e719 code=0x0
[   69.155900][   T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   69.302076][   T39] audit: type=1400 audit(1730351640.279:345): avc:  denied  { nlmsg_read } for  pid=7182 comm="syz.2.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   69.308525][   T35] usb 6-1: Using ep0 maxpacket: 32
[   69.311080][   T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   69.313928][   T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.316509][   T35] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   69.319226][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.322117][   T35] usb 6-1: config 0 descriptor??
[   69.372627][   T63] hid-generic 0008:7FFFFFFF:00D4.0008: item fetching failed at offset 3/4
[   69.375109][   T63] hid-generic 0008:7FFFFFFF:00D4.0008: probe with driver hid-generic failed with error -22
[   69.512083][ T5994] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   69.667216][ T5994] usb 8-1: Using ep0 maxpacket: 16
[   69.670133][ T5994] usb 8-1: config index 0 descriptor too short (expected 164, got 36)
[   69.672320][ T5994] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid maxpacket 65522, setting to 64
[   69.675368][ T5994] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   69.679270][ T5994] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[   69.681803][ T5994] usb 8-1: config 0 interface 0 has no altsetting 0
[   69.685184][ T5994] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[   69.687899][ T5994] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.689968][ T5994] usb 8-1: Product: syz
[   69.691076][ T5994] usb 8-1: Manufacturer: syz
[   69.692303][ T5994] usb 8-1: SerialNumber: syz
[   69.694418][ T5994] usb 8-1: config 0 descriptor??
[   69.722404][   T35] savu 0003:1E7D:2D5A.0009: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[   69.901876][ T5994] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input11
[   69.905899][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.909883][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.912821][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.914584][ T7196] binfmt_misc: register: failed to install interpreter file ./file0
[   69.917687][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.942254][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.945691][ T5956] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.954360][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.958311][ T5345] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[   69.979768][ T5994] usb 6-1: USB disconnect, device number 7
[   70.100307][   T35] usb 8-1: USB disconnect, device number 6
[   70.981637][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[   70.983489][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[   72.595673][   T39] audit: type=1400 audit(1730351643.673:346): avc:  denied  { setopt } for  pid=7275 comm="syz.3.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   72.615639][ T7289] xt_CT: You must specify a L4 protocol and not use inversions on it
[   72.618004][   T39] audit: type=1400 audit(1730351643.694:347): avc:  denied  { nlmsg_read } for  pid=7290 comm="syz.0.522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   72.866793][   T39] audit: type=1400 audit(1730351643.940:348): avc:  denied  { read write } for  pid=7294 comm="syz.0.525" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   72.873915][   T39] audit: type=1400 audit(1730351643.940:349): avc:  denied  { open } for  pid=7294 comm="syz.0.525" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   72.880243][   T39] audit: type=1400 audit(1730351643.940:350): avc:  denied  { ioctl } for  pid=7294 comm="syz.0.525" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   73.112073][ T5983] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   73.317096][ T5983] usb 5-1: Using ep0 maxpacket: 8
[   73.331301][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.334134][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.344431][ T5983] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[   73.346935][ T5983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.351185][ T5983] usb 5-1: config 0 descriptor??
[   73.424308][   T39] audit: type=1400 audit(1730351644.514:351): avc:  denied  { view } for  pid=7318 comm="syz.3.533" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   73.499982][ T7321] tap0: tun_chr_ioctl cmd 2147767521
[   74.060905][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.063536][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.069406][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.071925][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.074689][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.077073][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.079461][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.081861][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.084107][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.086239][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.089474][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.092379][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.094892][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.097330][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.099861][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.102000][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.105620][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.107903][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.110268][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.112475][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.114762][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.116977][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.119599][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.121729][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.123864][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.126077][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.129154][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.131636][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.133895][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.136404][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.139586][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.142080][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.144389][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.146699][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.149749][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.151954][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.154609][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.156989][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.160162][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.164907][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.169799][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.174437][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.178882][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.181480][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.183996][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.186366][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.188658][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.191008][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.193199][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.195727][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.200106][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.203302][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.205679][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.209719][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.213433][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.216941][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.219521][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.221875][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.224276][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.228155][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.231307][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.235149][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.237484][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.240104][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.242864][ T5983] cherry 0003:046A:0027.000A: unknown main item tag 0x0
[   74.283363][ T5983] cherry 0003:046A:0027.000A: hidraw1: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.0-1/input0
[   74.373887][ T5983] usb 5-1: USB disconnect, device number 6
[   74.711960][   T39] audit: type=1400 audit(1730351645.823:352): avc:  denied  { watch watch_reads } for  pid=7329 comm="syz.1.538" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   75.027589][   T75] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   75.193947][   T75] usb 6-1: Using ep0 maxpacket: 16
[   75.196859][   T75] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   75.201131][   T75] usb 6-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[   75.203899][   T75] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.206048][   T75] usb 6-1: Product: syz
[   75.207384][   T75] usb 6-1: Manufacturer: syz
[   75.208829][   T75] usb 6-1: SerialNumber: syz
[   75.212462][   T75] usb 6-1: config 0 descriptor??
[   75.539586][ T7343] netlink: 12 bytes leftover after parsing attributes in process `syz.2.543'.
[   75.561401][ T7345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.544'.
[   75.610596][   T75] usb 6-1: Found UVC 0.00 device syz (045e:0721)
[   75.612401][   T75] usb 6-1: No valid video chain found.
[   75.809760][ T1484] usb 6-1: USB disconnect, device number 8
[   75.979478][ T7375] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[   76.019033][   T39] audit: type=1326 audit(1730351647.171:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7377 comm="syz.3.558" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b377e719 code=0x7ffc0000
[   76.025048][   T39] audit: type=1326 audit(1730351647.171:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7377 comm="syz.3.558" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b377e719 code=0x7ffc0000
[   76.047924][  T828] cfg80211: failed to load regulatory.db
[   76.077656][   T39] audit: type=1326 audit(1730351647.232:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7377 comm="syz.3.558" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b377e719 code=0x7ffc0000
[   76.083652][   T39] audit: type=1326 audit(1730351647.232:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7377 comm="syz.3.558" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b377e719 code=0x7ffc0000
[   77.971533][ T5951] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[   77.974190][ T5951] CPU: 2 UID: 0 PID: 5951 Comm: kworker/u33:4 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   77.977005][ T5951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.979792][ T5951] Workqueue: hci3 hci_rx_work
[   77.981062][ T5951] Call Trace:
[   77.981943][ T5951]  <TASK>
[   77.982744][ T5951]  dump_stack_lvl+0x16c/0x1f0
[   77.983958][ T5951]  sysfs_warn_dup+0x7f/0xa0
[   77.985105][ T5951]  sysfs_create_dir_ns+0x24d/0x2b0
[   77.986378][ T5951]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   77.987794][ T5951]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   77.989329][ T5951]  ? kobject_add_internal+0x12d/0x990
[   77.990673][ T5951]  ? do_raw_spin_unlock+0x172/0x230
[   77.991989][ T5951]  kobject_add_internal+0x2c8/0x990
[   77.993299][ T5951]  kobject_add+0x16f/0x240
[   77.994429][ T5951]  ? __pfx_kobject_add+0x10/0x10
[   77.995683][ T5951]  ? class_to_subsys+0x3e/0x160
[   77.997027][ T5951]  ? do_raw_spin_unlock+0x172/0x230
[   77.999116][ T5951]  ? kobject_put+0xab/0x5a0
[   78.000345][ T5951]  device_add+0x289/0x1a70
[   78.001524][ T5951]  ? __pfx_dev_set_name+0x10/0x10
[   78.002852][ T5951]  ? __pfx_device_add+0x10/0x10
[   78.004133][ T5951]  ? mgmt_send_event_skb+0x2f2/0x460
[   78.005522][ T5951]  hci_conn_add_sysfs+0x17e/0x230
[   78.006855][ T5951]  le_conn_complete_evt+0x1078/0x1d80
[   78.008261][ T5951]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   78.009738][ T5951]  ? trace_contention_end+0xea/0x140
[   78.011077][ T5951]  hci_le_conn_complete_evt+0x23c/0x370
[   78.012407][ T5951]  hci_le_meta_evt+0x2e2/0x5d0
[   78.013610][ T5951]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   78.015197][ T5951]  hci_event_packet+0x666/0x1180
[   78.016500][ T5951]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   78.017882][ T5951]  ? __pfx_hci_event_packet+0x10/0x10
[   78.018724][ T1484] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   78.019335][ T5951]  ? mark_held_locks+0x9f/0xe0
[   78.022704][ T5951]  ? kcov_remote_start+0x3cf/0x6e0
[   78.024042][ T5951]  ? lockdep_hardirqs_on+0x7c/0x110
[   78.025409][ T5951]  hci_rx_work+0x2c6/0x16c0
[   78.026619][ T5951]  ? lock_acquire+0x2f/0xb0
[   78.027812][ T5951]  ? process_one_work+0x921/0x1ba0
[   78.029157][ T5951]  process_one_work+0x9c5/0x1ba0
[   78.030473][ T5951]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   78.031951][ T5951]  ? __pfx_process_one_work+0x10/0x10
[   78.033357][ T5951]  ? assign_work+0x1a0/0x250
[   78.034583][ T5951]  worker_thread+0x6c8/0xf00
[   78.035802][ T5951]  ? __pfx_worker_thread+0x10/0x10
[   78.037140][ T5951]  kthread+0x2c1/0x3a0
[   78.038241][ T5951]  ? _raw_spin_unlock_irq+0x23/0x50
[   78.039610][ T5951]  ? __pfx_kthread+0x10/0x10
[   78.040828][ T5951]  ret_from_fork+0x45/0x80
[   78.042006][ T5951]  ? __pfx_kthread+0x10/0x10
[   78.043238][ T5951]  ret_from_fork_asm+0x1a/0x30
[   78.044513][ T5951]  </TASK>
[   78.046524][ T5951] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   78.050628][ T5951] Bluetooth: hci3: failed to register connection device
[   78.201833][ T1484] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.205392][ T1484] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   78.208972][ T1484] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   78.211687][ T1484] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.221787][ T1484] usb 5-1: config 0 descriptor??
[   78.243462][ T7424] syz.3.574[7424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.244009][ T7424] syz.3.574[7424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.247647][ T7424] syz.3.574[7424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.639842][ T1484] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[   78.644965][ T1484] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[   78.648888][ T1484] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   78.688267][   T39] audit: type=1400 audit(1730351649.881:357): avc:  denied  { create } for  pid=7425 comm="syz.1.575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   78.693475][   T39] audit: type=1400 audit(1730351649.881:358): avc:  denied  { create } for  pid=7425 comm="syz.1.575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   78.856362][   T39] audit: type=1400 audit(1730351650.064:359): avc:  denied  { read } for  pid=7436 comm="syz.2.576" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   78.862202][   T39] audit: type=1400 audit(1730351650.064:360): avc:  denied  { open } for  pid=7436 comm="syz.2.576" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   78.865987][ T7437] netlink: 80 bytes leftover after parsing attributes in process `syz.2.576'.
[   78.868229][   T39] audit: type=1400 audit(1730351650.064:361): avc:  denied  { ioctl } for  pid=7436 comm="syz.2.576" path="/dev/dri/card1" dev="devtmpfs" ino=636 ioctlcmd=0x640d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   78.877764][ T7437] netlink: 80 bytes leftover after parsing attributes in process `syz.2.576'.
[   78.878271][   T39] audit: type=1400 audit(1730351650.064:362): avc:  denied  { getopt } for  pid=7436 comm="syz.2.576" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   78.895645][   T63] usb 5-1: USB disconnect, device number 7
[   78.904372][   T39] audit: type=1400 audit(1730351650.115:363): avc:  denied  { listen } for  pid=7438 comm="syz.1.579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   78.909726][   T39] audit: type=1400 audit(1730351650.115:364): avc:  denied  { create } for  pid=7438 comm="syz.1.579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   78.915030][   T39] audit: type=1400 audit(1730351650.125:365): avc:  denied  { read } for  pid=7438 comm="syz.1.579" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   78.920921][   T39] audit: type=1400 audit(1730351650.125:366): avc:  denied  { open } for  pid=7438 comm="syz.1.579" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   78.972753][ T7441] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   78.974620][ T7441] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   78.979654][ T7441] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   78.982814][ T7441] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   78.987493][ T7441] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   78.989464][ T7441] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   78.993044][ T7441] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   78.995787][ T7441] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   78.997580][ T7441] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   79.003006][ T7441] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   79.005135][ T7441] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   79.035823][ T7451] ata3.00: invalid multi_count 1 ignored
[   79.127295][ T7465] trusted_key: syz.1.587 sent an empty control message without MSG_MORE.
[   79.132653][ T7465] netlink: 164 bytes leftover after parsing attributes in process `syz.1.587'.
[   79.135139][ T7464] netlink: 164 bytes leftover after parsing attributes in process `syz.1.587'.
[   79.138234][ T7465] netlink: 'syz.1.587': attribute type 10 has an invalid length.
[   79.144376][ T7465] team0: Cannot enslave team device to itself
[   79.146108][ T7464] netlink: 'syz.1.587': attribute type 10 has an invalid length.
[   79.148683][ T7464] team0: Cannot enslave team device to itself
[   79.155707][ T7471] netlink: 8 bytes leftover after parsing attributes in process `syz.3.589'.
[   79.177493][ T7475] fuse: Bad value for 'user_id'
[   79.178715][ T7475] fuse: Bad value for 'user_id'
[   79.181936][ T7478] netlink: 341 bytes leftover after parsing attributes in process `syz.2.584'.
[   79.312925][ T7488] netlink: 'syz.3.594': attribute type 10 has an invalid length.
[   79.320326][ T7487] netlink: 'syz.3.594': attribute type 10 has an invalid length.
[   79.330495][ T7487] syz.3.594 (7487): /proc/7486/oom_adj is deprecated, please use /proc/7486/oom_score_adj instead.
[   79.346086][ T5951] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[   79.640384][ T5951] Bluetooth: hci0: unexpected event for opcode 0x0c7b
[   79.788497][ T7543] netlink: 52 bytes leftover after parsing attributes in process `syz.0.610'.
[   79.904604][ T7540] netlink: 28 bytes leftover after parsing attributes in process `syz.3.609'.
[   79.908760][ T7540] netlink: 'syz.3.609': attribute type 7 has an invalid length.
[   79.911291][ T7540] netlink: 'syz.3.609': attribute type 8 has an invalid length.
[   79.916616][ T7540] bond0: entered promiscuous mode
[   79.918542][ T7540] bond_slave_0: entered promiscuous mode
[   79.920510][ T7540] bond_slave_1: entered promiscuous mode
[   79.923584][ T7540] batadv_slave_1: entered promiscuous mode
[   79.927852][ T7540] bond0: left promiscuous mode
[   79.929138][ T7540] bond_slave_0: left promiscuous mode
[   79.930949][ T7540] bond_slave_1: left promiscuous mode
[   79.932930][ T7540] batadv_slave_1: left promiscuous mode
[   79.981536][ T7551] x_tables: ip_tables: icmp match: only valid for protocol 1
[   80.063016][ T5951] Bluetooth: hci0: unexpected event for opcode 0x0c7b
[   80.221874][ T7578] random: crng reseeded on system resumption
[   80.367526][ T7580] =======================================================
[   80.367526][ T7580] WARNING: The mand mount option has been deprecated and
[   80.367526][ T7580]          and is ignored by this kernel. Remove the mand
[   80.367526][ T7580]          option from the mount to silence this warning.
[   80.367526][ T7580] =======================================================
[   80.447284][ T5951] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[   80.596465][ T6521] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   80.659677][ T7610] atomic_op ffff888032ae6998 conn xmit_atomic 0000000000000000
[   80.745270][ T6521] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 14251, setting to 64
[   80.748127][ T6521] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   80.751444][ T6521] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   80.753778][ T6521] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.757344][ T6521] usb 8-1: config 0 descriptor??
[   80.761646][ T6521] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[   80.776786][ T7622] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   81.001372][ T5951] Bluetooth: hci3: command 0x0405 tx timeout
[   81.004717][ T7632] __nla_validate_parse: 2 callbacks suppressed
[   81.004727][ T7632] netlink: 16 bytes leftover after parsing attributes in process `syz.1.632'.
[   81.092345][ T7643] netlink: 'syz.1.635': attribute type 21 has an invalid length.
[   81.094360][ T7643] netlink: 132 bytes leftover after parsing attributes in process `syz.1.635'.
[   81.096834][ T7643] netlink: 28 bytes leftover after parsing attributes in process `syz.1.635'.
[   81.301989][ T7665] netlink: 16 bytes leftover after parsing attributes in process `syz.1.641'.
[   81.359643][ T7680] geneve0: entered promiscuous mode
[   81.361105][ T7680] macvlan2: entered promiscuous mode
[   81.362588][ T7680] macvlan2: entered allmulticast mode
[   81.364011][ T7680] geneve0: entered allmulticast mode
[   81.437951][ T7670] kvm: pic: non byte write
[   81.704344][ T5951] Bluetooth: hci0: unexpected event for opcode 0x0c7b
[   81.747412][ T7701] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.752487][ T7701] ipt_REJECT: ECHOREPLY no longer supported.
[   82.226943][ T7707] capability: warning: `syz.2.651' uses 32-bit capabilities (legacy support in use)
[   82.310796][ T7711] input: syz1 as /devices/virtual/input/input15
[   82.444195][ T7716] netlink: 24 bytes leftover after parsing attributes in process `syz.1.654'.
[   82.492467][ T7724] netlink: 48 bytes leftover after parsing attributes in process `syz.1.654'.
[   82.730921][ T7744] netlink: 'syz.1.660': attribute type 1 has an invalid length.
[   82.733896][ T7744] netlink: 9348 bytes leftover after parsing attributes in process `syz.1.660'.
[   82.805389][  T828] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   82.866123][ T7749] netlink: 47 bytes leftover after parsing attributes in process `syz.1.661'.
[   82.964752][  T828] usb 7-1: config 0 has an invalid interface number: 18 but max is 0
[   82.967632][  T828] usb 7-1: config 0 has no interface number 0
[   82.969843][  T828] usb 7-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.975413][  T828] usb 7-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[   82.978581][  T828] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   82.980848][  T828] usb 7-1: Manufacturer: syz
[   82.983948][  T828] usb 7-1: config 0 descriptor??
[   83.052448][ T5951] Bluetooth: hci3: command 0x0405 tx timeout
[   83.096056][ T5951] Bluetooth: hci0: unexpected event for opcode 0x0c46
[   83.241504][   T75] usb 8-1: USB disconnect, device number 7
[   83.267817][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.674'.
[   83.289907][ T5951] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   83.294421][ T5951] Bluetooth: hci2: Injecting HCI hardware error event
[   83.296538][ T5951] Bluetooth: hci2: hardware error 0x00
[   83.382268][ T7797] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[   83.390521][  T828] input: syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.18/0003:054C:03D5.000C/input/input16
[   83.460986][  T828] sony 0003:054C:03D5.000C: input,hidraw1: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.2-1/input18
[   83.606365][ T5303] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[   83.609112][ T5303] Bluetooth: hci0: Injecting HCI hardware error event
[   83.611362][   T65] Bluetooth: hci0: hardware error 0x00
[   83.638175][ T7805] netlink: 24 bytes leftover after parsing attributes in process `syz.2.657'.
[   83.656564][ T5988] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[   83.782986][ T5988] usb 8-1: device descriptor read/64, error -71
[   84.020186][ T5988] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[   84.148681][ T5988] usb 8-1: device descriptor read/64, error -71
[   84.268563][ T5988] usb usb8-port1: attempt power cycle
[   84.613148][ T5988] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[   84.644136][ T5988] usb 8-1: device descriptor read/8, error -71
[   84.880078][ T5988] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[   84.900203][ T5988] usb 8-1: device descriptor read/8, error -71
[   85.009440][ T5988] usb usb8-port1: unable to enumerate USB device
[   85.107668][ T5303] Bluetooth: hci3: command 0x0405 tx timeout
[   85.344996][ T5951] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   85.521546][   T75] usb 7-1: USB disconnect, device number 5
[   85.570367][ T7820] xt_nat: multiple ranges no longer supported
[   85.623914][ T7826] fuse: Bad value for 'fd'
[   85.625819][   T39] kauditd_printk_skb: 130 callbacks suppressed
[   85.625829][   T39] audit: type=1400 audit(1730351656.916:497): avc:  denied  { ioctl } for  pid=7825 comm="syz.1.684" path="socket:[18065]" dev="sockfs" ino=18065 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   85.635856][   T39] audit: type=1400 audit(1730351656.926:498): avc:  denied  { shutdown } for  pid=7825 comm="syz.1.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   85.644930][   T39] audit: type=1326 audit(1730351656.936:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7825 comm="syz.1.684" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdbcb37e719 code=0x0
[   85.650889][   T39] audit: type=1326 audit(1730351656.936:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7825 comm="syz.1.684" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdbcb37e719 code=0x0
[   85.671510][   T65] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   85.744574][   T39] audit: type=1400 audit(1730351657.037:501): avc:  denied  { read } for  pid=7825 comm="syz.1.684" dev="sockfs" ino=18065 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   86.468172][   T39] audit: type=1400 audit(1730351657.775:502): avc:  denied  { accept } for  pid=7850 comm="syz.1.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   86.474045][   T65] Bluetooth: hci3: unexpected event for opcode 0x0c46
[   86.474420][   T39] audit: type=1400 audit(1730351657.785:503): avc:  denied  { create } for  pid=7850 comm="syz.1.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   86.481348][   T39] audit: type=1400 audit(1730351657.785:504): avc:  denied  { ioctl } for  pid=7850 comm="syz.1.691" path="socket:[18082]" dev="sockfs" ino=18082 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   86.514747][ T7858] SELinux:  Context system_u:object_r:initctl_t:s0 is not valid (left unmapped).
[   86.519035][   T39] audit: type=1400 audit(1730351657.826:505): avc:  denied  { relabelto } for  pid=7855 comm="syz.2.692" name="file0" dev="tmpfs" ino=930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sock_file permissive=1 trawcon="system_u:object_r:initctl_t:s0"
[   86.520895][ T7858] x_tables: duplicate underflow at hook 3
[   86.527469][   T39] audit: type=1400 audit(1730351657.826:506): avc:  denied  { associate } for  pid=7855 comm="syz.2.692" name="file0" dev="tmpfs" ino=930 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:initctl_t:s0"
[   86.864711][ T7890] __nla_validate_parse: 4 callbacks suppressed
[   86.864721][ T7890] netlink: 40 bytes leftover after parsing attributes in process `syz.2.701'.
[   87.254472][ T7911] netlink: 'syz.2.705': attribute type 2 has an invalid length.
[   87.256999][ T7911] netlink: 'syz.2.705': attribute type 11 has an invalid length.
[   87.259885][ T7911] netlink: 132 bytes leftover after parsing attributes in process `syz.2.705'.
[   87.329421][ T7914] binder: 7913:7914 ioctl c018620c 200002c0 returned -1
[   87.445666][ T7917] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.450347][ T7917] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.978286][   T75] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[   88.138372][   T75] usb 8-1: not running at top speed; connect to a high speed hub
[   88.141945][   T75] usb 8-1: config 1 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   88.146460][   T75] usb 8-1: config 1 interface 0 has no altsetting 0
[   88.158371][   T75] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   88.161398][   T75] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.164098][   T75] usb 8-1: Product: 뺬䩲⼚髫诺巸舸䊴銂訾㽩㲩佩汔�Ⲻ䊮釈墦얣懔笮䖜ံ뉼浆㗄ꂡ稠㖘
[   88.166706][ T5988] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   88.168346][   T75] usb 8-1: Manufacturer: �
[   88.172378][   T75] usb 8-1: SerialNumber: Б
[   88.249557][ T7929] netlink: 'syz.0.714': attribute type 4 has an invalid length.
[   88.251634][ T7929] netlink: 17 bytes leftover after parsing attributes in process `syz.0.714'.
[   88.259111][ T7929] netlink: 28 bytes leftover after parsing attributes in process `syz.0.714'.
[   88.270045][ T7929] netlink: 'syz.0.714': attribute type 4 has an invalid length.
[   88.272722][ T7929] netlink: 17 bytes leftover after parsing attributes in process `syz.0.714'.
[   88.326797][ T5988] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[   88.328932][ T5988] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.332309][ T5988] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[   88.334559][ T5988] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[   88.337538][ T5988] usb 7-1: Manufacturer: syz
[   88.339619][ T5988] usb 7-1: config 0 descriptor??
[   88.350078][ T7938] openvswitch: netlink: Actions may not be safe on all matching packets
[   88.384644][ T5988] rc_core: IR keymap rc-hauppauge not found
[   88.384717][ T7921] netlink: 48 bytes leftover after parsing attributes in process `syz.3.710'.
[   88.386206][ T5988] Registered IR keymap rc-empty
[   88.387041][ T5988] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[   88.390869][ T7921] netlink: 44 bytes leftover after parsing attributes in process `syz.3.710'.
[   88.394807][ T5988] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input18
[   88.407517][   T75] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 250 proto 1 vid 0x0525 pid 0xA4A8
[   88.414018][   T75] usb 8-1: USB disconnect, device number 12
[   88.422928][ T7941] xt_socket: unknown flags 0x8
[   88.434604][   T75] usblp0: removed
[   88.544265][ T7923] Invalid logical block size (1280)
[   88.583645][ T5994] usb 7-1: USB disconnect, device number 6
[   88.973976][ T7971] netlink: 16 bytes leftover after parsing attributes in process `syz.2.723'.
[   88.987559][ T7980] bridge0: the hash_elasticity option has been deprecated and is always 16
[   89.002983][ T7980] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.005814][ T7980] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.049653][ T7977] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   89.077800][ T7986] 9pnet_fd: Insufficient options for proto=fd
[   89.082377][ T7986] netlink: 36 bytes leftover after parsing attributes in process `syz.3.727'.
[   89.088961][ T7988] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[   89.090817][ T7988] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   89.093685][ T7988] vhci_hcd vhci_hcd.0: Device attached
[   89.171991][ T7998] overlayfs: conflicting lowerdir path
[   89.276799][  T828] vhci_hcd: vhci_device speed not set
[   89.336219][ T5983] usb 7-1: new low-speed USB device number 7 using dummy_hcd
[   89.339118][  T828] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[   89.383583][ T8020] (syz.3.738,8020,2):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[   89.387411][ T8020] (syz.3.738,8020,2):ocfs2_fill_super:1178 ERROR: status = -22
[   89.415571][ T5988] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   89.496371][ T5983] usb 7-1: config 0 has no interfaces?
[   89.498384][ T5983] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   89.501043][ T5983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.505126][ T5983] usb 7-1: config 0 descriptor??
[   89.584477][ T5988] usb 6-1: Using ep0 maxpacket: 32
[   89.587823][ T5988] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   89.591849][ T5988] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   89.594740][ T5988] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   89.596832][ T5988] usb 6-1: Product: syz
[   89.597910][ T5988] usb 6-1: Manufacturer: syz
[   89.600835][ T5988] usb 6-1: SerialNumber: syz
[   89.605203][ T5988] usb 6-1: config 0 descriptor??
[   89.607111][ T7994] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   89.706732][ T7989] usb 41-1: recv xbuf, 0
[   89.708193][ T5983] usb 7-1: USB disconnect, device number 7
[   89.709577][ T7621] vhci_hcd: stop threads
[   89.711745][ T7621] vhci_hcd: release socket
[   89.715079][ T7621] vhci_hcd: disconnect device
[   89.782497][  T828] vhci_hcd: vhci_device speed not set
[   89.813084][ T7994] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   89.917885][ T5988] usb 6-1: USB disconnect, device number 9
[   90.182651][ T8064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.749'.
[   90.262762][ T8070] tipc: Started in network mode
[   90.264318][ T8070] tipc: Node identity aaaaaaaaaa35, cluster identity 4711
[   90.266452][ T8070] tipc: Enabled bearer <eth:macvlan1>, priority 0
[   90.374610][ T8075] autofs: Unknown parameter '²7/æ'
[   90.479529][ T8082] BUG: Bad page state in process syz.0.755  pfn:24a6e
[   90.481424][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x31 pfn:0x24a6e
[   90.485291][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   90.487638][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   90.489799][ T8082] raw: 0000000000000031 0000000000000001 00000000ffffffff 0000000000000000
[   90.492021][ T8082] page dumped because: page_pool leak
[   90.493421][ T8082] page_owner tracks the page as allocated
[   90.495101][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475043191, free_ts 89498594624
[   90.499456][ T8082]  post_alloc_hook+0x2d1/0x350
[   90.500737][ T8082]  get_page_from_freelist+0x101e/0x3070
[   90.502183][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   90.503578][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   90.505025][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   90.506642][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   90.508031][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   90.509391][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   90.511082][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   90.512469][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   90.513875][ T8082]  __sys_bpf+0xfc6/0x49a0
[   90.515025][ T8082]  __x64_sys_bpf+0x78/0xc0
[   90.516200][ T8082]  do_syscall_64+0xcd/0x250
[   90.517458][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.519028][ T8082] page last free pid 8013 tgid 8013 stack trace:
[   90.520673][ T8082]  free_unref_page+0x5f4/0xdc0
[   90.521929][ T8082]  free_loaded_vmcs+0xe4/0x1a0
[   90.523203][ T8082]  vmx_vcpu_free+0xbe/0x1a0
[   90.524400][ T8082]  kvm_arch_vcpu_destroy+0x53/0x2a0
[   90.525780][ T8082]  kvm_destroy_vcpus+0x114/0x2a0
[   90.527160][ T8082]  kvm_arch_destroy_vm+0x2ec/0x490
[   90.528596][ T8082]  kvm_put_kvm+0x4fa/0xb40
[   90.529781][ T8082]  kvm_vm_release+0x3c/0x50
[   90.530991][ T8082]  __fput+0x3f6/0xb60
[   90.532054][ T8082]  task_work_run+0x14e/0x250
[   90.533269][ T8082]  syscall_exit_to_user_mode+0x27b/0x2a0
[   90.534755][ T8082]  do_syscall_64+0xda/0x250
[   90.535956][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.537568][ T8082] Modules linked in:
[   90.538640][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   90.541389][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.544179][ T8082] Call Trace:
[   90.545050][ T8082]  <TASK>
[   90.545830][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   90.547085][ T8082]  bad_page+0xb3/0x1f0
[   90.548167][ T8082]  ? __pfx_bad_page+0x10/0x10
[   90.549406][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   90.550691][ T8082]  free_unref_page+0x657/0xdc0
[   90.551946][ T8082]  ? hlock_class+0x4e/0x130
[   90.553142][ T8082]  ? __phys_addr+0xc6/0x150
[   90.554339][ T8082]  skb_free_head+0xa0/0x1d0
[   90.555538][ T8082]  skb_release_data+0x560/0x730
[   90.556843][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   90.558177][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   90.559916][ T8082]  ? kernel_text_address+0x8d/0x100
[   90.561275][ T8082]  ? hlock_class+0x4e/0x130
[   90.562474][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   90.563801][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   90.565641][ T8082]  ? hlock_class+0x4e/0x130
[   90.566839][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   90.568136][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   90.569497][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   90.571078][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   90.572771][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   90.574137][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   90.575790][ T8082]  ? lock_acquire+0x2f/0xb0
[   90.576978][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   90.578649][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   90.580259][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   90.581996][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   90.583365][ T8082]  ? __build_skb_around+0x278/0x3b0
[   90.584727][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   90.586111][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   90.587746][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   90.589460][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   90.590916][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   90.592305][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   90.593826][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   90.595376][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   90.596921][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   90.598471][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   90.599858][ T8082]  ? 0xffffffffa0004340
[   90.600959][ T8082]  ? 0xffffffffa0004340
[   90.602056][ T8082]  ? 0xffffffffa0004340
[   90.603156][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   90.604705][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   90.606122][ T8082]  ? lock_acquire+0x2f/0xb0
[   90.607320][ T8082]  ? __fget_files+0x40/0x3f0
[   90.608547][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.610078][ T8082]  ? fput+0x30/0x390
[   90.611116][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   90.612382][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.613902][ T8082]  __sys_bpf+0xfc6/0x49a0
[   90.615053][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   90.616307][ T8082]  ? __fget_files+0x23a/0x3f0
[   90.617543][ T8082]  ? do_futex+0x123/0x350
[   90.618697][ T8082]  ? __pfx_do_futex+0x10/0x10
[   90.619945][ T8082]  ? fdget_pos+0x262/0x360
[   90.621121][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   90.622501][ T8082]  ? ksys_write+0x1ad/0x260
[   90.623694][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   90.624976][ T8082]  __x64_sys_bpf+0x78/0xc0
[   90.626148][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   90.627532][ T8082]  do_syscall_64+0xcd/0x250
[   90.628729][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.630288][ T8082] RIP: 0033:0x7f389a37e719
[   90.631463][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.636439][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.638645][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   90.640698][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   90.642773][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   90.644831][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   90.646906][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   90.648962][ T8082]  </TASK>
[   90.649793][    C1] vkms_vblank_simulate: vblank timer overrun
[   90.651464][ T8082] Disabling lock debugging due to kernel taint
[   90.653077][ T8082] BUG: Bad page state in process syz.0.755  pfn:2fa63
[   90.654835][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x3c pfn:0x2fa63
[   90.657147][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   90.659007][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   90.661250][ T8082] raw: 000000000000003c 0000000000000001 00000000ffffffff 0000000000000000
[   90.663469][ T8082] page dumped because: page_pool leak
[   90.664872][ T8082] page_owner tracks the page as allocated
[   90.666325][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475038703, free_ts 89498606949
[   90.670506][ T8082]  post_alloc_hook+0x2d1/0x350
[   90.671765][ T8082]  get_page_from_freelist+0x101e/0x3070
[   90.673209][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   90.674587][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   90.676080][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   90.677615][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   90.679011][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   90.680349][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   90.681933][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   90.683298][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   90.684704][ T8082]  __sys_bpf+0xfc6/0x49a0
[   90.685875][ T8082]  __x64_sys_bpf+0x78/0xc0
[   90.687034][ T8082]  do_syscall_64+0xcd/0x250
[   90.688218][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.689699][ T8082] page last free pid 8013 tgid 8013 stack trace:
[   90.691265][ T8082]  free_unref_page+0x5f4/0xdc0
[   90.692444][ T8082]  vfree+0x17a/0x890
[   90.693457][ T8082]  fpu_free_guest_fpstate+0x89/0xb0
[   90.694822][ T8082]  kvm_arch_vcpu_destroy+0x94/0x2a0
[   90.696213][ T8082]  kvm_destroy_vcpus+0x114/0x2a0
[   90.697500][ T8082]  kvm_arch_destroy_vm+0x2ec/0x490
[   90.698849][ T8082]  kvm_put_kvm+0x4fa/0xb40
[   90.699964][ T8082]  kvm_vm_release+0x3c/0x50
[   90.701125][ T8082]  __fput+0x3f6/0xb60
[   90.702144][ T8082]  task_work_run+0x14e/0x250
[   90.703349][ T8082]  syscall_exit_to_user_mode+0x27b/0x2a0
[   90.704834][ T8082]  do_syscall_64+0xda/0x250
[   90.706010][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.707517][ T8082] Modules linked in:
[   90.708495][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   90.711493][ T8082] Tainted: [B]=BAD_PAGE
[   90.712554][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.715223][ T8082] Call Trace:
[   90.716059][ T8082]  <TASK>
[   90.716827][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   90.718074][ T8082]  bad_page+0xb3/0x1f0
[   90.719151][ T8082]  ? __pfx_bad_page+0x10/0x10
[   90.720377][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   90.721652][ T8082]  free_unref_page+0x657/0xdc0
[   90.722910][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   90.724414][ T8082]  ? __phys_addr+0xc6/0x150
[   90.725568][ T8082]  skb_free_head+0xa0/0x1d0
[   90.726730][ T8082]  skb_release_data+0x560/0x730
[   90.727965][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   90.729198][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   90.730819][ T8082]  ? kernel_text_address+0x8d/0x100
[   90.732173][ T8082]  ? hlock_class+0x4e/0x130
[   90.733294][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   90.734551][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   90.736232][ T8082]  ? hlock_class+0x4e/0x130
[   90.737363][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   90.738600][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   90.739892][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   90.741458][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   90.743160][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   90.744515][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   90.746151][ T8082]  ? lock_acquire+0x2f/0xb0
[   90.747278][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   90.748894][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   90.750501][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   90.752224][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   90.753578][ T8082]  ? __build_skb_around+0x278/0x3b0
[   90.754938][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   90.756277][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   90.757759][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   90.759348][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   90.760729][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   90.762015][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   90.763480][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   90.764647][ T5983] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   90.764889][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   90.768422][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   90.769941][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   90.771324][ T8082]  ? 0xffffffffa0004340
[   90.772411][ T8082]  ? 0xffffffffa0004340
[   90.773498][ T8082]  ? 0xffffffffa0004340
[   90.774592][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   90.776123][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   90.777514][ T8082]  ? lock_acquire+0x2f/0xb0
[   90.778719][ T8082]  ? __fget_files+0x40/0x3f0
[   90.779935][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.781457][ T8082]  ? fput+0x30/0x390
[   90.782496][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   90.783747][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.785261][ T8082]  __sys_bpf+0xfc6/0x49a0
[   90.786405][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   90.787659][ T8082]  ? __fget_files+0x23a/0x3f0
[   90.788898][ T8082]  ? do_futex+0x123/0x350
[   90.790048][ T8082]  ? __pfx_do_futex+0x10/0x10
[   90.791289][ T8082]  ? fdget_pos+0x262/0x360
[   90.792457][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   90.793826][ T8082]  ? ksys_write+0x1ad/0x260
[   90.795021][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   90.796292][ T8082]  __x64_sys_bpf+0x78/0xc0
[   90.797455][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   90.798818][ T8082]  do_syscall_64+0xcd/0x250
[   90.800003][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.801526][ T8082] RIP: 0033:0x7f389a37e719
[   90.802693][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.807596][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.809722][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   90.811750][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   90.813774][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   90.815835][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   90.817868][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   90.819912][ T8082]  </TASK>
[   90.820729][    C1] vkms_vblank_simulate: vblank timer overrun
[   90.822326][ T8082] BUG: Bad page state in process syz.0.755  pfn:29e76
[   90.824099][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x37 pfn:0x29e76
[   90.826223][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   90.827946][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   90.830150][ T8082] raw: 0000000000000037 0000000000000001 00000000ffffffff 0000000000000000
[   90.832348][ T8082] page dumped because: page_pool leak
[   90.833732][ T8082] page_owner tracks the page as allocated
[   90.835255][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475034129, free_ts 89498646392
[   90.839433][ T8082]  post_alloc_hook+0x2d1/0x350
[   90.840649][ T8082]  get_page_from_freelist+0x101e/0x3070
[   90.842055][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   90.843426][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   90.844889][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   90.846413][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   90.847776][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   90.849103][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   90.850665][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   90.852010][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   90.853398][ T8082]  __sys_bpf+0xfc6/0x49a0
[   90.854568][ T8082]  __x64_sys_bpf+0x78/0xc0
[   90.855753][ T8082]  do_syscall_64+0xcd/0x250
[   90.856937][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.858522][ T8082] page last free pid 8013 tgid 8013 stack trace:
[   90.860149][ T8082]  free_unref_page+0x5f4/0xdc0
[   90.861396][ T8082]  kvm_arch_vcpu_destroy+0x20e/0x2a0
[   90.862772][ T8082]  kvm_destroy_vcpus+0x114/0x2a0
[   90.864117][ T8082]  kvm_arch_destroy_vm+0x2ec/0x490
[   90.865458][ T8082]  kvm_put_kvm+0x4fa/0xb40
[   90.866630][ T8082]  kvm_vm_release+0x3c/0x50
[   90.867813][ T8082]  __fput+0x3f6/0xb60
[   90.868857][ T8082]  task_work_run+0x14e/0x250
[   90.870057][ T8082]  syscall_exit_to_user_mode+0x27b/0x2a0
[   90.871515][ T8082]  do_syscall_64+0xda/0x250
[   90.872718][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.874362][ T8082] Modules linked in:
[   90.875345][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   90.878407][ T8082] Tainted: [B]=BAD_PAGE
[   90.879493][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.882272][ T8082] Call Trace:
[   90.883147][ T8082]  <TASK>
[   90.883934][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   90.885172][ T8082]  bad_page+0xb3/0x1f0
[   90.886255][ T8082]  ? __pfx_bad_page+0x10/0x10
[   90.887493][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   90.888767][ T8082]  free_unref_page+0x657/0xdc0
[   90.890030][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   90.891616][ T8082]  ? __phys_addr+0xc6/0x150
[   90.892806][ T8082]  skb_free_head+0xa0/0x1d0
[   90.893998][ T8082]  skb_release_data+0x560/0x730
[   90.895226][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   90.896496][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   90.898250][ T8082]  ? kernel_text_address+0x8d/0x100
[   90.899618][ T8082]  ? hlock_class+0x4e/0x130
[   90.900817][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   90.902139][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   90.903977][ T8082]  ? hlock_class+0x4e/0x130
[   90.905175][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   90.906470][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   90.907819][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   90.909382][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   90.911069][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   90.912421][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   90.914068][ T8082]  ? lock_acquire+0x2f/0xb0
[   90.915250][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   90.916887][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   90.918511][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   90.920244][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   90.921604][ T8082]  ? __build_skb_around+0x278/0x3b0
[   90.922970][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   90.924351][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   90.925981][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   90.927694][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   90.929157][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   90.930545][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   90.932073][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   90.933194][ T5983] usb 7-1: device descriptor read/64, error -71
[   90.933620][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   90.936831][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   90.938383][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   90.939790][ T8082]  ? 0xffffffffa0004340
[   90.940880][ T8082]  ? 0xffffffffa0004340
[   90.941969][ T8082]  ? 0xffffffffa0004340
[   90.943076][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   90.944608][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   90.946007][ T8082]  ? lock_acquire+0x2f/0xb0
[   90.947214][ T8082]  ? __fget_files+0x40/0x3f0
[   90.948437][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.949966][ T8082]  ? fput+0x30/0x390
[   90.951014][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   90.952277][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.953793][ T8082]  __sys_bpf+0xfc6/0x49a0
[   90.954931][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   90.956217][ T8082]  ? __fget_files+0x23a/0x3f0
[   90.957454][ T8082]  ? do_futex+0x123/0x350
[   90.958613][ T8082]  ? __pfx_do_futex+0x10/0x10
[   90.959849][ T8082]  ? fdget_pos+0x262/0x360
[   90.961027][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   90.962432][ T8082]  ? ksys_write+0x1ad/0x260
[   90.963646][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   90.964925][ T8082]  __x64_sys_bpf+0x78/0xc0
[   90.966102][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   90.967476][ T8082]  do_syscall_64+0xcd/0x250
[   90.968675][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.970230][ T8082] RIP: 0033:0x7f389a37e719
[   90.971426][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.976391][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.978575][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   90.980620][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   90.982683][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   90.984793][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   90.986863][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   90.988910][ T8082]  </TASK>
[   90.989764][    C1] vkms_vblank_simulate: vblank timer overrun
[   90.991370][ T8082] BUG: Bad page state in process syz.0.755  pfn:2b61a
[   90.993166][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x108 pfn:0x2b61a
[   90.995476][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   90.997297][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   90.999523][ T8082] raw: 0000000000000108 0000000000000001 00000000ffffffff 0000000000000000
[   91.001722][ T8082] page dumped because: page_pool leak
[   91.003177][ T8082] page_owner tracks the page as allocated
[   91.004648][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475029130, free_ts 89498651386
[   91.008955][ T8082]  post_alloc_hook+0x2d1/0x350
[   91.010230][ T8082]  get_page_from_freelist+0x101e/0x3070
[   91.011684][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   91.013111][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   91.014556][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   91.016091][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   91.017651][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   91.019032][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   91.020655][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.022053][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.023543][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.024688][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.025865][ T8082]  do_syscall_64+0xcd/0x250
[   91.027077][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.028633][ T8082] page last free pid 8013 tgid 8013 stack trace:
[   91.030286][ T8082]  free_unref_page+0x5f4/0xdc0
[   91.031546][ T8082]  kvm_destroy_vcpus+0x171/0x2a0
[   91.032902][ T8082]  kvm_arch_destroy_vm+0x2ec/0x490
[   91.034255][ T8082]  kvm_put_kvm+0x4fa/0xb40
[   91.035435][ T8082]  kvm_vm_release+0x3c/0x50
[   91.036633][ T8082]  __fput+0x3f6/0xb60
[   91.037682][ T8082]  task_work_run+0x14e/0x250
[   91.038905][ T8082]  syscall_exit_to_user_mode+0x27b/0x2a0
[   91.040408][ T8082]  do_syscall_64+0xda/0x250
[   91.041600][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.043228][ T8082] Modules linked in:
[   91.044256][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   91.047335][ T8082] Tainted: [B]=BAD_PAGE
[   91.048427][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.051190][ T8082] Call Trace:
[   91.052061][ T8082]  <TASK>
[   91.052842][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   91.054077][ T8082]  bad_page+0xb3/0x1f0
[   91.055162][ T8082]  ? __pfx_bad_page+0x10/0x10
[   91.056400][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   91.057676][ T8082]  free_unref_page+0x657/0xdc0
[   91.058955][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   91.060530][ T8082]  ? __phys_addr+0xc6/0x150
[   91.061723][ T8082]  skb_free_head+0xa0/0x1d0
[   91.062932][ T8082]  skb_release_data+0x560/0x730
[   91.064210][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   91.065533][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   91.067277][ T8082]  ? kernel_text_address+0x8d/0x100
[   91.068639][ T8082]  ? hlock_class+0x4e/0x130
[   91.069840][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   91.071163][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   91.073011][ T8082]  ? hlock_class+0x4e/0x130
[   91.074209][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   91.075523][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   91.076879][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   91.078474][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   91.080160][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   91.081520][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.083162][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.084349][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.085999][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   91.087609][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   91.089357][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   91.090717][ T8082]  ? __build_skb_around+0x278/0x3b0
[   91.092090][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   91.093466][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   91.095086][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   91.096799][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   91.098285][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.099664][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   91.101184][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.102736][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   91.104349][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   91.105870][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   91.107254][ T8082]  ? 0xffffffffa0004340
[   91.108343][ T8082]  ? 0xffffffffa0004340
[   91.109429][ T8082]  ? 0xffffffffa0004340
[   91.110525][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.112070][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.113469][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.114667][ T8082]  ? __fget_files+0x40/0x3f0
[   91.115883][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.117413][ T8082]  ? fput+0x30/0x390
[   91.118467][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   91.119729][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.121252][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.122394][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   91.123644][ T8082]  ? __fget_files+0x23a/0x3f0
[   91.124882][ T8082]  ? do_futex+0x123/0x350
[   91.126021][ T8082]  ? __pfx_do_futex+0x10/0x10
[   91.127279][ T8082]  ? fdget_pos+0x262/0x360
[   91.128453][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   91.129823][ T8082]  ? ksys_write+0x1ad/0x260
[   91.131039][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   91.132317][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.133493][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.134861][ T8082]  do_syscall_64+0xcd/0x250
[   91.136068][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.137615][ T8082] RIP: 0033:0x7f389a37e719
[   91.138906][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.143904][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.146058][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   91.148115][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   91.150168][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   91.152226][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.154219][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   91.156350][ T8082]  </TASK>
[   91.157267][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.158911][ T8082] BUG: Bad page state in process syz.0.755  pfn:50f5b
[   91.160655][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888050f5b000 pfn:0x50f5b
[   91.163299][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   91.165123][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   91.167350][ T8082] raw: ffff888050f5b000 0000000000000001 00000000ffffffff 0000000000000000
[   91.169540][ T8082] page dumped because: page_pool leak
[   91.170943][ T8082] page_owner tracks the page as allocated
[   91.172464][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475015427, free_ts 89524649080
[   91.176685][ T8082]  post_alloc_hook+0x2d1/0x350
[   91.177938][ T8082]  get_page_from_freelist+0x101e/0x3070
[   91.179393][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   91.180775][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   91.182421][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   91.183982][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   91.185380][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   91.186737][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   91.188369][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.189815][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.191287][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.192424][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.193609][ T8082]  do_syscall_64+0xcd/0x250
[   91.194827][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.196380][ T8082] page last free pid 0 tgid 0 stack trace:
[   91.197896][ T8082]  free_unref_page+0x5f4/0xdc0
[   91.199188][ T8082]  __folio_put+0x30d/0x3d0
[   91.200362][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   91.201880][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   91.203213][ T8082]  rcu_core+0x79d/0x14d0
[   91.204329][ T8082]  handle_softirqs+0x213/0x8f0
[   91.205617][ T8082]  irq_exit_rcu+0xbb/0x120
[   91.206818][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   91.208284][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   91.209846][ T8082] Modules linked in:
[   91.210882][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   91.213972][ T8082] Tainted: [B]=BAD_PAGE
[   91.215070][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.217849][ T8082] Call Trace:
[   91.218765][ T8082]  <TASK>
[   91.219543][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   91.220778][ T8082]  bad_page+0xb3/0x1f0
[   91.221854][ T8082]  ? __pfx_bad_page+0x10/0x10
[   91.223100][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   91.224385][ T8082]  free_unref_page+0x657/0xdc0
[   91.225637][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   91.227209][ T8082]  ? __phys_addr+0xc6/0x150
[   91.228403][ T8082]  skb_free_head+0xa0/0x1d0
[   91.229598][ T8082]  skb_release_data+0x560/0x730
[   91.230880][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   91.232200][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   91.233958][ T8082]  ? kernel_text_address+0x8d/0x100
[   91.235324][ T8082]  ? hlock_class+0x4e/0x130
[   91.236546][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   91.237871][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   91.239737][ T8082]  ? hlock_class+0x4e/0x130
[   91.240969][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   91.242322][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   91.243724][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   91.245349][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   91.247102][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   91.248468][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.250125][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.251327][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.252976][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   91.254496][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   91.256195][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   91.257548][ T8082]  ? __build_skb_around+0x278/0x3b0
[   91.258945][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   91.260327][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   91.260726][ T5983] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[   91.261951][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   91.261974][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   91.267148][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.268537][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   91.270065][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.271663][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   91.273218][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   91.274784][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   91.276174][ T8082]  ? 0xffffffffa0004340
[   91.277268][ T8082]  ? 0xffffffffa0004340
[   91.278403][ T8082]  ? 0xffffffffa0004340
[   91.279495][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.281047][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.282476][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.283674][ T8082]  ? __fget_files+0x40/0x3f0
[   91.284898][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.286436][ T8082]  ? fput+0x30/0x390
[   91.287468][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   91.288728][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.290264][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.291432][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   91.292682][ T8082]  ? __fget_files+0x23a/0x3f0
[   91.293920][ T8082]  ? do_futex+0x123/0x350
[   91.295074][ T8082]  ? __pfx_do_futex+0x10/0x10
[   91.296310][ T8082]  ? fdget_pos+0x262/0x360
[   91.297483][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   91.298864][ T8082]  ? ksys_write+0x1ad/0x260
[   91.300058][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   91.301342][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.302548][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.303908][ T8082]  do_syscall_64+0xcd/0x250
[   91.305117][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.306700][ T8082] RIP: 0033:0x7f389a37e719
[   91.307872][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.310459][  T828] tipc: Node number set to 10463914
[   91.312843][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.312859][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   91.312866][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   91.312873][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   91.312879][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.312885][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   91.326845][ T8082]  </TASK>
[   91.327735][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.329328][ T8082] BUG: Bad page state in process syz.0.755  pfn:5ae61
[   91.331133][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x4d73 pfn:0x5ae61
[   91.333460][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   91.335303][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   91.337543][ T8082] raw: 0000000000004d73 0000000000000001 00000000ffffffff 0000000000000000
[   91.339783][ T8082] page dumped because: page_pool leak
[   91.341228][ T8082] page_owner tracks the page as allocated
[   91.342707][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475011084, free_ts 89524654361
[   91.346999][ T8082]  post_alloc_hook+0x2d1/0x350
[   91.348265][ T8082]  get_page_from_freelist+0x101e/0x3070
[   91.349706][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   91.351167][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   91.352606][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   91.354185][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   91.355589][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   91.356930][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   91.358556][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.359993][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.361407][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.362551][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.363722][ T8082]  do_syscall_64+0xcd/0x250
[   91.364922][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.366470][ T8082] page last free pid 0 tgid 0 stack trace:
[   91.367986][ T8082]  free_unref_page+0x5f4/0xdc0
[   91.369252][ T8082]  __folio_put+0x30d/0x3d0
[   91.370502][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   91.371944][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   91.373266][ T8082]  rcu_core+0x79d/0x14d0
[   91.374384][ T8082]  handle_softirqs+0x213/0x8f0
[   91.375638][ T8082]  irq_exit_rcu+0xbb/0x120
[   91.376798][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   91.378270][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   91.379882][ T8082] Modules linked in:
[   91.380906][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   91.383913][ T8082] Tainted: [B]=BAD_PAGE
[   91.384990][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.387787][ T8082] Call Trace:
[   91.388651][ T8082]  <TASK>
[   91.389425][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   91.390677][ T8082]  bad_page+0xb3/0x1f0
[   91.391750][ T8082]  ? __pfx_bad_page+0x10/0x10
[   91.392972][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   91.394255][ T8082]  free_unref_page+0x657/0xdc0
[   91.395433][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   91.396968][ T8082]  ? __phys_addr+0xc6/0x150
[   91.398158][ T8082]  skb_free_head+0xa0/0x1d0
[   91.399339][ T8082]  skb_release_data+0x560/0x730
[   91.400605][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   91.401913][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   91.403618][ T8082]  ? kernel_text_address+0x8d/0x100
[   91.404970][ T8082]  ? hlock_class+0x4e/0x130
[   91.406098][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   91.407383][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   91.409166][ T8082]  ? hlock_class+0x4e/0x130
[   91.410357][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   91.411566][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   91.412901][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   91.414478][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   91.416163][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   91.417524][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.419188][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.420384][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.422057][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   91.423663][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   91.425394][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   91.426779][ T8082]  ? __build_skb_around+0x278/0x3b0
[   91.428155][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   91.429469][ T5983] usb 7-1: device descriptor read/64, error -71
[   91.429527][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   91.432860][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   91.434580][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   91.436048][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.437441][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   91.438974][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.440538][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   91.442076][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   91.443602][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   91.444983][ T8082]  ? 0xffffffffa0004340
[   91.446092][ T8082]  ? 0xffffffffa0004340
[   91.447186][ T8082]  ? 0xffffffffa0004340
[   91.448275][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.449819][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.451237][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.452429][ T8082]  ? __fget_files+0x40/0x3f0
[   91.453642][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.455176][ T8082]  ? fput+0x30/0x390
[   91.456207][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   91.457462][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.458997][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.460141][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   91.461396][ T8082]  ? __fget_files+0x23a/0x3f0
[   91.462636][ T8082]  ? do_futex+0x123/0x350
[   91.463769][ T8082]  ? __pfx_do_futex+0x10/0x10
[   91.465000][ T8082]  ? fdget_pos+0x262/0x360
[   91.466173][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   91.467558][ T8082]  ? ksys_write+0x1ad/0x260
[   91.468751][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   91.470028][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.471204][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.472566][ T8082]  do_syscall_64+0xcd/0x250
[   91.473761][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.475239][ T8082] RIP: 0033:0x7f389a37e719
[   91.476406][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.481363][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.483507][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   91.485532][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   91.487564][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   91.489591][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.491623][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   91.493656][ T8082]  </TASK>
[   91.494477][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.496087][ T8082] BUG: Bad page state in process syz.0.755  pfn:5ae82
[   91.497815][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x4d94 pfn:0x5ae82
[   91.500189][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   91.502005][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   91.504245][ T8082] raw: 0000000000004d94 0000000000000001 00000000ffffffff 0000000000000000
[   91.506441][ T8082] page dumped because: page_pool leak
[   91.507822][ T8082] page_owner tracks the page as allocated
[   91.509333][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475006940, free_ts 89524659565
[   91.513547][ T8082]  post_alloc_hook+0x2d1/0x350
[   91.514795][ T8082]  get_page_from_freelist+0x101e/0x3070
[   91.516115][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   91.517412][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   91.518822][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   91.520321][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   91.521631][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   91.522981][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   91.524470][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.525817][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.527182][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.528306][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.529513][ T8082]  do_syscall_64+0xcd/0x250
[   91.530683][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.532221][ T8082] page last free pid 0 tgid 0 stack trace:
[   91.533736][ T8082]  free_unref_page+0x5f4/0xdc0
[   91.534992][ T8082]  __folio_put+0x30d/0x3d0
[   91.536197][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   91.537626][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   91.539005][ T8082]  rcu_core+0x79d/0x14d0
[   91.540118][ T8082]  handle_softirqs+0x213/0x8f0
[   91.541367][ T8082]  irq_exit_rcu+0xbb/0x120
[   91.542558][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   91.544012][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   91.545575][ T8082] Modules linked in:
[   91.546618][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   91.548978][ T5983] usb usb7-port1: attempt power cycle
[   91.549691][ T8082] Tainted: [B]=BAD_PAGE
[   91.549696][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.555398][ T8082] Call Trace:
[   91.556280][ T8082]  <TASK>
[   91.557058][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   91.558298][ T8082]  bad_page+0xb3/0x1f0
[   91.559374][ T8082]  ? __pfx_bad_page+0x10/0x10
[   91.560609][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   91.561888][ T8082]  free_unref_page+0x657/0xdc0
[   91.563148][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   91.564723][ T8082]  ? __phys_addr+0xc6/0x150
[   91.565916][ T8082]  skb_free_head+0xa0/0x1d0
[   91.567119][ T8082]  skb_release_data+0x560/0x730
[   91.568417][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   91.569730][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   91.571470][ T8082]  ? kernel_text_address+0x8d/0x100
[   91.572831][ T8082]  ? hlock_class+0x4e/0x130
[   91.574024][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   91.575361][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   91.577190][ T8082]  ? hlock_class+0x4e/0x130
[   91.578399][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   91.579679][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   91.581032][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   91.582598][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   91.584276][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   91.585599][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.587241][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.588421][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.590073][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   91.591678][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   91.593394][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   91.594755][ T8082]  ? __build_skb_around+0x278/0x3b0
[   91.596117][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   91.597487][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   91.599146][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   91.600851][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   91.602312][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.603711][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   91.605151][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.606631][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   91.608099][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   91.609535][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   91.610828][ T8082]  ? 0xffffffffa0004340
[   91.611864][ T8082]  ? 0xffffffffa0004340
[   91.612902][ T8082]  ? 0xffffffffa0004340
[   91.613949][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.615478][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.616878][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.618081][ T8082]  ? __fget_files+0x40/0x3f0
[   91.619284][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.620710][ T8082]  ? fput+0x30/0x390
[   91.621673][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   91.622851][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.624319][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.625384][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   91.626582][ T8082]  ? __fget_files+0x23a/0x3f0
[   91.627812][ T8082]  ? do_futex+0x123/0x350
[   91.628897][ T8082]  ? __pfx_do_futex+0x10/0x10
[   91.630114][ T8082]  ? fdget_pos+0x262/0x360
[   91.631297][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   91.632687][ T8082]  ? ksys_write+0x1ad/0x260
[   91.633878][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   91.635165][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.636333][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.637704][ T8082]  do_syscall_64+0xcd/0x250
[   91.638923][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.640470][ T8082] RIP: 0033:0x7f389a37e719
[   91.641636][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.646624][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.648786][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   91.650840][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   91.652885][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   91.654937][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.656937][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   91.658950][ T8082]  </TASK>
[   91.659787][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.661331][ T8082] BUG: Bad page state in process syz.0.755  pfn:31f89
[   91.663070][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888031f89e40 pfn:0x31f89
[   91.665645][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   91.667493][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   91.669763][ T8082] raw: ffff888031f89e40 0000000000000001 00000000ffffffff 0000000000000000
[   91.671982][ T8082] page dumped because: page_pool leak
[   91.673381][ T8082] page_owner tracks the page as allocated
[   91.674863][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90475002662, free_ts 89524664381
[   91.679180][ T8082]  post_alloc_hook+0x2d1/0x350
[   91.680429][ T8082]  get_page_from_freelist+0x101e/0x3070
[   91.681880][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   91.683267][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   91.684741][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   91.686279][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   91.687704][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   91.689036][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   91.690646][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.692025][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.693421][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.694554][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.695714][ T8082]  do_syscall_64+0xcd/0x250
[   91.696886][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.698490][ T8082] page last free pid 0 tgid 0 stack trace:
[   91.699997][ T8082]  free_unref_page+0x5f4/0xdc0
[   91.701273][ T8082]  __folio_put+0x30d/0x3d0
[   91.702451][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   91.703878][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   91.705188][ T8082]  rcu_core+0x79d/0x14d0
[   91.706307][ T8082]  handle_softirqs+0x213/0x8f0
[   91.707601][ T8082]  irq_exit_rcu+0xbb/0x120
[   91.708764][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   91.710221][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   91.711787][ T8082] Modules linked in:
[   91.712812][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   91.715879][ T8082] Tainted: [B]=BAD_PAGE
[   91.716977][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.719758][ T8082] Call Trace:
[   91.720636][ T8082]  <TASK>
[   91.721416][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   91.722665][ T8082]  bad_page+0xb3/0x1f0
[   91.723738][ T8082]  ? __pfx_bad_page+0x10/0x10
[   91.724974][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   91.726253][ T8082]  free_unref_page+0x657/0xdc0
[   91.727506][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   91.729079][ T8082]  ? __phys_addr+0xc6/0x150
[   91.730274][ T8082]  skb_free_head+0xa0/0x1d0
[   91.731468][ T8082]  skb_release_data+0x560/0x730
[   91.732739][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   91.734126][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   91.735864][ T8082]  ? kernel_text_address+0x8d/0x100
[   91.737221][ T8082]  ? hlock_class+0x4e/0x130
[   91.738429][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   91.739737][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   91.741571][ T8082]  ? hlock_class+0x4e/0x130
[   91.742774][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   91.744073][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   91.745428][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   91.747008][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   91.748699][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   91.750064][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.751723][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.752918][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.754574][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   91.756181][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   91.757897][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   91.759125][ T8082]  ? __build_skb_around+0x278/0x3b0
[   91.760480][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   91.761862][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   91.763495][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   91.765200][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   91.766636][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.768006][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   91.769494][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.770989][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   91.772500][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   91.773995][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   91.775350][ T8082]  ? 0xffffffffa0004340
[   91.776418][ T8082]  ? 0xffffffffa0004340
[   91.777457][ T8082]  ? 0xffffffffa0004340
[   91.778534][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.780087][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.781452][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.782634][ T8082]  ? __fget_files+0x40/0x3f0
[   91.783823][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.785271][ T8082]  ? fput+0x30/0x390
[   91.786299][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   91.787552][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.789061][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.790184][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   91.791449][ T8082]  ? __fget_files+0x23a/0x3f0
[   91.792694][ T8082]  ? do_futex+0x123/0x350
[   91.793818][ T8082]  ? __pfx_do_futex+0x10/0x10
[   91.795052][ T8082]  ? fdget_pos+0x262/0x360
[   91.796219][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   91.797589][ T8082]  ? ksys_write+0x1ad/0x260
[   91.798798][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   91.800063][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.801220][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.802605][ T8082]  do_syscall_64+0xcd/0x250
[   91.803815][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.805373][ T8082] RIP: 0033:0x7f389a37e719
[   91.806561][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.811727][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.813875][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   91.815922][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   91.817948][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   91.820055][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.822124][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   91.824204][ T8082]  </TASK>
[   91.825071][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.826678][ T8082] BUG: Bad page state in process syz.0.755  pfn:2d659
[   91.828421][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x2d659
[   91.830696][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   91.832519][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   91.834760][ T8082] raw: 000000000000001c 0000000000000001 00000000ffffffff 0000000000000000
[   91.837010][ T8082] page dumped because: page_pool leak
[   91.838419][ T8082] page_owner tracks the page as allocated
[   91.839890][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474997999, free_ts 89524669541
[   91.844139][ T8082]  post_alloc_hook+0x2d1/0x350
[   91.845392][ T8082]  get_page_from_freelist+0x101e/0x3070
[   91.846880][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   91.848254][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   91.849689][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   91.851257][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   91.852643][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   91.853964][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   91.855562][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.856970][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.858381][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.859513][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.860680][ T8082]  do_syscall_64+0xcd/0x250
[   91.861871][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.863409][ T8082] page last free pid 0 tgid 0 stack trace:
[   91.864910][ T8082]  free_unref_page+0x5f4/0xdc0
[   91.866156][ T8082]  __folio_put+0x30d/0x3d0
[   91.867381][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   91.868806][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   91.870113][ T8082]  rcu_core+0x79d/0x14d0
[   91.871224][ T8082]  handle_softirqs+0x213/0x8f0
[   91.872472][ T8082]  irq_exit_rcu+0xbb/0x120
[   91.873639][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   91.875123][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   91.876725][ T8082] Modules linked in:
[   91.877748][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   91.880840][ T8082] Tainted: [B]=BAD_PAGE
[   91.881917][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.884683][ T8082] Call Trace:
[   91.885561][ T8082]  <TASK>
[   91.886349][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   91.887593][ T8082]  bad_page+0xb3/0x1f0
[   91.888671][ T8082]  ? __pfx_bad_page+0x10/0x10
[   91.889907][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   91.891194][ T8082]  free_unref_page+0x657/0xdc0
[   91.892449][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   91.894011][ T8082]  ? __phys_addr+0xc6/0x150
[   91.895205][ T8082]  skb_free_head+0xa0/0x1d0
[   91.896368][ T8082]  skb_release_data+0x560/0x730
[   91.897593][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   91.898894][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   91.900610][ T8082]  ? kernel_text_address+0x8d/0x100
[   91.901956][ T8082]  ? hlock_class+0x4e/0x130
[   91.903157][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   91.904466][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   91.906315][ T8082]  ? hlock_class+0x4e/0x130
[   91.907497][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   91.908784][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   91.910129][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   91.911722][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   91.913412][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   91.914827][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.916479][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.917626][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   91.919263][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   91.920829][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   91.922560][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   91.923885][ T8082]  ? __build_skb_around+0x278/0x3b0
[   91.925220][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   91.926615][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   91.928246][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   91.929950][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   91.931426][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   91.932804][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   91.934335][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.935875][ T5983] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[   91.935893][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   91.939453][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   91.940993][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   91.942397][ T8082]  ? 0xffffffffa0004340
[   91.943494][ T8082]  ? 0xffffffffa0004340
[   91.944589][ T8082]  ? 0xffffffffa0004340
[   91.945678][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   91.947226][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   91.948633][ T8082]  ? lock_acquire+0x2f/0xb0
[   91.949821][ T8082]  ? __fget_files+0x40/0x3f0
[   91.951050][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.952601][ T8082]  ? fput+0x30/0x390
[   91.953634][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   91.954902][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   91.956430][ T8082]  __sys_bpf+0xfc6/0x49a0
[   91.957567][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   91.958841][ T8082]  ? __fget_files+0x23a/0x3f0
[   91.960080][ T8082]  ? do_futex+0x123/0x350
[   91.961218][ T8082]  ? __pfx_do_futex+0x10/0x10
[   91.962467][ T8082]  ? fdget_pos+0x262/0x360
[   91.963647][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   91.965032][ T8082]  ? ksys_write+0x1ad/0x260
[   91.966225][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   91.967518][ T8082]  __x64_sys_bpf+0x78/0xc0
[   91.968691][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.970055][ T8082]  do_syscall_64+0xcd/0x250
[   91.971261][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.972809][ T8082] RIP: 0033:0x7f389a37e719
[   91.973962][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.978880][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.981033][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   91.983081][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   91.985119][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   91.985804][ T5983] usb 7-1: device descriptor read/8, error -71
[   91.987157][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.987168][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   91.993470][ T8082]  </TASK>
[   91.994311][    C1] vkms_vblank_simulate: vblank timer overrun
[   91.995902][ T8082] BUG: Bad page state in process syz.0.755  pfn:28a23
[   91.997630][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28a23
[   91.999917][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.001742][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   92.003958][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   92.006220][ T8082] page dumped because: page_pool leak
[   92.007616][ T8082] page_owner tracks the page as allocated
[   92.009092][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474993847, free_ts 89524674825
[   92.013325][ T8082]  post_alloc_hook+0x2d1/0x350
[   92.014590][ T8082]  get_page_from_freelist+0x101e/0x3070
[   92.016080][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   92.017448][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   92.018912][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   92.020451][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   92.021821][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   92.023167][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   92.024763][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.026185][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.027589][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.028723][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.029890][ T8082]  do_syscall_64+0xcd/0x250
[   92.031092][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.032657][ T8082] page last free pid 0 tgid 0 stack trace:
[   92.034171][ T8082]  free_unref_page+0x5f4/0xdc0
[   92.035489][ T8082]  __folio_put+0x30d/0x3d0
[   92.036667][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   92.038126][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   92.039455][ T8082]  rcu_core+0x79d/0x14d0
[   92.040570][ T8082]  handle_softirqs+0x213/0x8f0
[   92.041824][ T8082]  irq_exit_rcu+0xbb/0x120
[   92.043004][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   92.044470][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   92.046087][ T8082] Modules linked in:
[   92.047126][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   92.050222][ T8082] Tainted: [B]=BAD_PAGE
[   92.051317][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.054090][ T8082] Call Trace:
[   92.054973][ T8082]  <TASK>
[   92.055750][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   92.056987][ T8082]  bad_page+0xb3/0x1f0
[   92.058075][ T8082]  ? __pfx_bad_page+0x10/0x10
[   92.059320][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   92.060600][ T8082]  free_unref_page+0x657/0xdc0
[   92.061859][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   92.063431][ T8082]  ? __phys_addr+0xc6/0x150
[   92.064624][ T8082]  skb_free_head+0xa0/0x1d0
[   92.065823][ T8082]  skb_release_data+0x560/0x730
[   92.067106][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   92.068427][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   92.070159][ T8082]  ? kernel_text_address+0x8d/0x100
[   92.071522][ T8082]  ? hlock_class+0x4e/0x130
[   92.072714][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   92.074031][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   92.075868][ T8082]  ? hlock_class+0x4e/0x130
[   92.077060][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   92.078367][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   92.079728][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   92.081297][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   92.082987][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   92.084346][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.085989][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.087188][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.088832][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   92.090445][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   92.092185][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   92.093544][ T8082]  ? __build_skb_around+0x278/0x3b0
[   92.094925][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   92.096313][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   92.097944][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   92.099670][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   92.101135][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.102811][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   92.104359][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.105915][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.107620][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   92.109164][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.110569][ T8082]  ? 0xffffffffa0004340
[   92.111798][ T8082]  ? 0xffffffffa0004340
[   92.112902][ T8082]  ? 0xffffffffa0004340
[   92.114002][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.115561][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.117100][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.118318][ T8082]  ? __fget_files+0x40/0x3f0
[   92.119535][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.121189][ T8082]  ? fput+0x30/0x390
[   92.122225][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   92.123502][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.125030][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.126303][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   92.127561][ T8082]  ? __fget_files+0x23a/0x3f0
[   92.128796][ T8082]  ? do_futex+0x123/0x350
[   92.130064][ T8082]  ? __pfx_do_futex+0x10/0x10
[   92.131309][ T8082]  ? fdget_pos+0x262/0x360
[   92.132659][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   92.134140][ T8082]  ? ksys_write+0x1ad/0x260
[   92.135396][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   92.136680][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.137859][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.139377][ T8082]  do_syscall_64+0xcd/0x250
[   92.140581][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.142143][ T8082] RIP: 0033:0x7f389a37e719
[   92.143449][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.148439][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.150610][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   92.152797][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   92.154865][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   92.156918][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.159121][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   92.161181][ T8082]  </TASK>
[   92.162009][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.163761][ T8082] BUG: Bad page state in process syz.0.755  pfn:329b3
[   92.165543][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x329b3
[   92.167815][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.169734][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   92.172004][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   92.174407][ T8082] page dumped because: page_pool leak
[   92.175796][ T8082] page_owner tracks the page as allocated
[   92.177277][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474989672, free_ts 89524680264
[   92.181847][ T8082]  post_alloc_hook+0x2d1/0x350
[   92.183114][ T8082]  get_page_from_freelist+0x101e/0x3070
[   92.184598][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   92.185976][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   92.187551][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   92.189094][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   92.190479][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   92.191941][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   92.193546][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.194983][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.196500][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.197667][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.198856][ T8082]  do_syscall_64+0xcd/0x250
[   92.200074][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.201741][ T8082] page last free pid 0 tgid 0 stack trace:
[   92.203260][ T8082]  free_unref_page+0x5f4/0xdc0
[   92.204566][ T8082]  __folio_put+0x30d/0x3d0
[   92.205864][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   92.207480][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   92.208818][ T8082]  rcu_core+0x79d/0x14d0
[   92.209965][ T8082]  handle_softirqs+0x213/0x8f0
[   92.211268][ T8082]  irq_exit_rcu+0xbb/0x120
[   92.212445][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   92.213984][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   92.215616][ T8082] Modules linked in:
[   92.216645][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   92.219781][ T8082] Tainted: [B]=BAD_PAGE
[   92.220869][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.223671][ T8082] Call Trace:
[   92.224559][ T8082]  <TASK>
[   92.225337][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   92.226590][ T8082]  bad_page+0xb3/0x1f0
[   92.227667][ T8082]  ? __pfx_bad_page+0x10/0x10
[   92.228904][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   92.230187][ T8082]  free_unref_page+0x657/0xdc0
[   92.231449][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   92.233032][ T8082]  ? __phys_addr+0xc6/0x150
[   92.234290][ T8082]  skb_free_head+0xa0/0x1d0
[   92.235495][ T8082]  skb_release_data+0x560/0x730
[   92.236772][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   92.238140][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   92.239887][ T8082]  ? kernel_text_address+0x8d/0x100
[   92.241288][ T8082]  ? hlock_class+0x4e/0x130
[   92.242524][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   92.243861][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   92.245749][ T8082]  ? hlock_class+0x4e/0x130
[   92.246963][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   92.248269][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   92.249634][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   92.251219][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   92.252912][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   92.254283][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.255938][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.257131][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.258800][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   92.260418][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   92.262155][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   92.263529][ T8082]  ? __build_skb_around+0x278/0x3b0
[   92.264894][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   92.266285][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   92.267918][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   92.269636][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   92.271110][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.272497][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   92.273370][ T5983] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[   92.274019][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.277599][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.279183][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   92.280730][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.282119][ T8082]  ? 0xffffffffa0004340
[   92.283229][ T8082]  ? 0xffffffffa0004340
[   92.284289][ T8082]  ? 0xffffffffa0004340
[   92.285376][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.286932][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.288340][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.289531][ T8082]  ? __fget_files+0x40/0x3f0
[   92.290759][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.292289][ T8082]  ? fput+0x30/0x390
[   92.293326][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   92.294529][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.296054][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.297195][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   92.298477][ T8082]  ? __fget_files+0x23a/0x3f0
[   92.299717][ T8082]  ? do_futex+0x123/0x350
[   92.300858][ T8082]  ? __pfx_do_futex+0x10/0x10
[   92.302115][ T8082]  ? fdget_pos+0x262/0x360
[   92.303300][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   92.304603][ T8082]  ? ksys_write+0x1ad/0x260
[   92.305808][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   92.307113][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.308295][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.309675][ T8082]  do_syscall_64+0xcd/0x250
[   92.310924][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.312484][ T8082] RIP: 0033:0x7f389a37e719
[   92.313657][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.318671][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.320833][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   92.322905][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   92.323550][ T5983] usb 7-1: device descriptor read/8, error -71
[   92.324958][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   92.328683][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.330772][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   92.332836][ T8082]  </TASK>
[   92.333686][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.335290][ T8082] BUG: Bad page state in process syz.0.755  pfn:4e3c9
[   92.337039][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x8 pfn:0x4e3c9
[   92.339318][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.341163][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   92.343449][ T8082] raw: 0000000000000008 0000000000000001 00000000ffffffff 0000000000000000
[   92.345666][ T8082] page dumped because: page_pool leak
[   92.347107][ T8082] page_owner tracks the page as allocated
[   92.348581][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474985450, free_ts 89524685325
[   92.352912][ T8082]  post_alloc_hook+0x2d1/0x350
[   92.354176][ T8082]  get_page_from_freelist+0x101e/0x3070
[   92.355638][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   92.357027][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   92.358488][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   92.360036][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   92.361428][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   92.362831][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   92.364458][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.365751][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.367092][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.368170][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.369319][ T8082]  do_syscall_64+0xcd/0x250
[   92.370530][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.372084][ T8082] page last free pid 0 tgid 0 stack trace:
[   92.373633][ T8082]  free_unref_page+0x5f4/0xdc0
[   92.374799][ T8082]  __folio_put+0x30d/0x3d0
[   92.375975][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   92.377420][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   92.378736][ T8082]  rcu_core+0x79d/0x14d0
[   92.379840][ T8082]  handle_softirqs+0x213/0x8f0
[   92.381065][ T8082]  irq_exit_rcu+0xbb/0x120
[   92.382182][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   92.383667][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   92.385214][ T8082] Modules linked in:
[   92.386255][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   92.389358][ T8082] Tainted: [B]=BAD_PAGE
[   92.390457][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.393254][ T8082] Call Trace:
[   92.394137][ T8082]  <TASK>
[   92.394926][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   92.396174][ T8082]  bad_page+0xb3/0x1f0
[   92.397260][ T8082]  ? __pfx_bad_page+0x10/0x10
[   92.398518][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   92.399809][ T8082]  free_unref_page+0x657/0xdc0
[   92.401068][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   92.402635][ T8082]  ? __phys_addr+0xc6/0x150
[   92.403825][ T8082]  skb_free_head+0xa0/0x1d0
[   92.405022][ T8082]  skb_release_data+0x560/0x730
[   92.406301][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   92.407628][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   92.409368][ T8082]  ? kernel_text_address+0x8d/0x100
[   92.410738][ T8082]  ? hlock_class+0x4e/0x130
[   92.411933][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   92.413249][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   92.415042][ T8082]  ? hlock_class+0x4e/0x130
[   92.416226][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   92.417515][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   92.418877][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   92.420483][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   92.422167][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   92.423534][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.425186][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.426385][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.428053][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   92.429661][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   92.431393][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   92.432746][ T8082]  ? __build_skb_around+0x278/0x3b0
[   92.434105][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   92.435485][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   92.437111][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   92.438839][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   92.440304][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.441678][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   92.442577][ T5983] usb usb7-port1: unable to enumerate USB device
[   92.443189][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.443205][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.443218][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   92.449514][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.450910][ T8082]  ? 0xffffffffa0004340
[   92.452004][ T8082]  ? 0xffffffffa0004340
[   92.453086][ T8082]  ? 0xffffffffa0004340
[   92.454168][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.455717][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.457126][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.458342][ T8082]  ? __fget_files+0x40/0x3f0
[   92.459562][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.461096][ T8082]  ? fput+0x30/0x390
[   92.462125][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   92.463386][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.464914][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.466048][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   92.467305][ T8082]  ? __fget_files+0x23a/0x3f0
[   92.468538][ T8082]  ? do_futex+0x123/0x350
[   92.469667][ T8082]  ? __pfx_do_futex+0x10/0x10
[   92.470872][ T8082]  ? fdget_pos+0x262/0x360
[   92.472017][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   92.473395][ T8082]  ? ksys_write+0x1ad/0x260
[   92.474596][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   92.475879][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.477046][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.478419][ T8082]  do_syscall_64+0xcd/0x250
[   92.479607][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.481143][ T8082] RIP: 0033:0x7f389a37e719
[   92.482317][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.487271][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.489420][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   92.491467][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   92.493512][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   92.495580][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.497637][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   92.499729][ T8082]  </TASK>
[   92.500639][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.502270][ T8082] BUG: Bad page state in process syz.0.755  pfn:25d22
[   92.504015][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x60 pfn:0x25d22
[   92.506303][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.508136][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   92.510354][ T8082] raw: 0000000000000060 0000000000000001 00000000ffffffff 0000000000000000
[   92.512633][ T8082] page dumped because: page_pool leak
[   92.514031][ T8082] page_owner tracks the page as allocated
[   92.515512][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474981197, free_ts 89524696386
[   92.519783][ T8082]  post_alloc_hook+0x2d1/0x350
[   92.521041][ T8082]  get_page_from_freelist+0x101e/0x3070
[   92.522536][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   92.523909][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   92.525354][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   92.526905][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   92.528288][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   92.529649][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   92.531266][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.532685][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.534084][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.535221][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.536384][ T8082]  do_syscall_64+0xcd/0x250
[   92.537573][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.539125][ T8082] page last free pid 0 tgid 0 stack trace:
[   92.540626][ T8082]  free_unref_page+0x5f4/0xdc0
[   92.541917][ T8082]  __folio_put+0x30d/0x3d0
[   92.543092][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   92.544524][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   92.545867][ T8082]  rcu_core+0x79d/0x14d0
[   92.546985][ T8082]  handle_softirqs+0x213/0x8f0
[   92.548231][ T8082]  irq_exit_rcu+0xbb/0x120
[   92.549402][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   92.550862][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   92.552476][ T8082] Modules linked in:
[   92.553500][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   92.556571][ T8082] Tainted: [B]=BAD_PAGE
[   92.557652][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.560428][ T8082] Call Trace:
[   92.561309][ T8082]  <TASK>
[   92.562091][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   92.563331][ T8082]  bad_page+0xb3/0x1f0
[   92.564403][ T8082]  ? __pfx_bad_page+0x10/0x10
[   92.565632][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   92.566919][ T8082]  free_unref_page+0x657/0xdc0
[   92.568178][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   92.569746][ T8082]  ? __phys_addr+0xc6/0x150
[   92.570952][ T8082]  skb_free_head+0xa0/0x1d0
[   92.572152][ T8082]  skb_release_data+0x560/0x730
[   92.573435][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   92.574761][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   92.576490][ T8082]  ? kernel_text_address+0x8d/0x100
[   92.577840][ T8082]  ? hlock_class+0x4e/0x130
[   92.579056][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   92.580373][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   92.582204][ T8082]  ? hlock_class+0x4e/0x130
[   92.583401][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   92.584693][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   92.586046][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   92.587618][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   92.589317][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   92.590690][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.592346][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.593530][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.595186][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   92.596786][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   92.598531][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   92.599890][ T8082]  ? __build_skb_around+0x278/0x3b0
[   92.601249][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   92.602627][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   92.604249][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   92.605959][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   92.607430][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.608814][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   92.610345][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.611885][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.613430][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   92.614951][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.616326][ T8082]  ? 0xffffffffa0004340
[   92.617408][ T8082]  ? 0xffffffffa0004340
[   92.618504][ T8082]  ? 0xffffffffa0004340
[   92.619592][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.621165][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.622541][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.623695][ T8082]  ? __fget_files+0x40/0x3f0
[   92.624877][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.626382][ T8082]  ? fput+0x30/0x390
[   92.627419][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   92.628682][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.630217][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.631418][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   92.632677][ T8082]  ? __fget_files+0x23a/0x3f0
[   92.633919][ T8082]  ? do_futex+0x123/0x350
[   92.635076][ T8082]  ? __pfx_do_futex+0x10/0x10
[   92.636316][ T8082]  ? fdget_pos+0x262/0x360
[   92.637494][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   92.638890][ T8082]  ? ksys_write+0x1ad/0x260
[   92.640095][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   92.641383][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.642564][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.643904][ T8082]  do_syscall_64+0xcd/0x250
[   92.645089][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.646651][ T8082] RIP: 0033:0x7f389a37e719
[   92.647830][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.652747][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.654865][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   92.656920][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   92.658994][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   92.661010][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.663082][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   92.665149][ T8082]  </TASK>
[   92.666012][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.667608][ T8082] BUG: Bad page state in process syz.0.755  pfn:57df0
[   92.669475][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888057df6000 pfn:0x57df0
[   92.672094][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.673954][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   92.676200][ T8082] raw: ffff888057df6000 0000000000000001 00000000ffffffff 0000000000000000
[   92.678486][ T8082] page dumped because: page_pool leak
[   92.679893][ T8082] page_owner tracks the page as allocated
[   92.681438][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474976972, free_ts 89524701477
[   92.685660][ T8082]  post_alloc_hook+0x2d1/0x350
[   92.686938][ T8082]  get_page_from_freelist+0x101e/0x3070
[   92.688388][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   92.689770][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   92.691276][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   92.692827][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   92.694255][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   92.695610][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   92.697229][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.698629][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.700040][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.701225][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.702408][ T8082]  do_syscall_64+0xcd/0x250
[   92.703616][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.705169][ T8082] page last free pid 0 tgid 0 stack trace:
[   92.706698][ T8082]  free_unref_page+0x5f4/0xdc0
[   92.707955][ T8082]  __folio_put+0x30d/0x3d0
[   92.709137][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   92.710668][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   92.712001][ T8082]  rcu_core+0x79d/0x14d0
[   92.713125][ T8082]  handle_softirqs+0x213/0x8f0
[   92.714392][ T8082]  irq_exit_rcu+0xbb/0x120
[   92.715562][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   92.717023][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   92.718605][ T8082] Modules linked in:
[   92.719636][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   92.722736][ T8082] Tainted: [B]=BAD_PAGE
[   92.723826][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.726593][ T8082] Call Trace:
[   92.727462][ T8082]  <TASK>
[   92.728240][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   92.729475][ T8082]  bad_page+0xb3/0x1f0
[   92.730575][ T8082]  ? __pfx_bad_page+0x10/0x10
[   92.731799][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   92.733070][ T8082]  free_unref_page+0x657/0xdc0
[   92.734325][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   92.735873][ T8082]  ? __phys_addr+0xc6/0x150
[   92.737052][ T8082]  skb_free_head+0xa0/0x1d0
[   92.738264][ T8082]  skb_release_data+0x560/0x730
[   92.739504][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   92.740790][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   92.742548][ T8082]  ? kernel_text_address+0x8d/0x100
[   92.743913][ T8082]  ? hlock_class+0x4e/0x130
[   92.745118][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   92.746446][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   92.748302][ T8082]  ? hlock_class+0x4e/0x130
[   92.749499][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   92.750815][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   92.752188][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   92.753757][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   92.755460][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   92.756822][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.758493][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.759691][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.761349][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   92.762978][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   92.764713][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   92.766090][ T8082]  ? __build_skb_around+0x278/0x3b0
[   92.767459][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   92.768848][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   92.770491][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   92.772212][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   92.773687][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.775078][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   92.776599][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.778153][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.779699][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   92.781258][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.782651][ T8082]  ? 0xffffffffa0004340
[   92.783740][ T8082]  ? 0xffffffffa0004340
[   92.784831][ T8082]  ? 0xffffffffa0004340
[   92.785919][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.787484][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.788893][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.790090][ T8082]  ? __fget_files+0x40/0x3f0
[   92.791314][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.792836][ T8082]  ? fput+0x30/0x390
[   92.793872][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   92.795144][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.796674][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.797816][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   92.799100][ T8082]  ? __fget_files+0x23a/0x3f0
[   92.800341][ T8082]  ? do_futex+0x123/0x350
[   92.801474][ T8082]  ? __pfx_do_futex+0x10/0x10
[   92.802718][ T8082]  ? fdget_pos+0x262/0x360
[   92.803869][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   92.805184][ T8082]  ? ksys_write+0x1ad/0x260
[   92.806360][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   92.807572][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.808690][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.809997][ T8082]  do_syscall_64+0xcd/0x250
[   92.811215][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.812701][ T8082] RIP: 0033:0x7f389a37e719
[   92.813826][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.818510][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.820658][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   92.822633][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   92.824621][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   92.826578][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.828457][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   92.830400][ T8082]  </TASK>
[   92.831206][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.832695][ T8082] BUG: Bad page state in process syz.0.755  pfn:49fbc
[   92.834391][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888049fbc3c0 pfn:0x49fbc
[   92.836958][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   92.838809][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   92.841085][ T8082] raw: ffff888049fbc3c0 0000000000000001 00000000ffffffff 0000000000000000
[   92.843336][ T8082] page dumped because: page_pool leak
[   92.844734][ T8082] page_owner tracks the page as allocated
[   92.846236][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474972742, free_ts 89524706724
[   92.850412][ T8082]  post_alloc_hook+0x2d1/0x350
[   92.851566][ T8082]  get_page_from_freelist+0x101e/0x3070
[   92.852916][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   92.854216][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   92.855619][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   92.857098][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   92.858497][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   92.859881][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   92.861475][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.862806][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.864210][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.865345][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.866512][ T8082]  do_syscall_64+0xcd/0x250
[   92.867636][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.869075][ T8082] page last free pid 0 tgid 0 stack trace:
[   92.870538][ T8082]  free_unref_page+0x5f4/0xdc0
[   92.871701][ T8082]  __folio_put+0x30d/0x3d0
[   92.872825][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   92.874244][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   92.875545][ T8082]  rcu_core+0x79d/0x14d0
[   92.876641][ T8082]  handle_softirqs+0x213/0x8f0
[   92.877883][ T8082]  irq_exit_rcu+0xbb/0x120
[   92.879098][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   92.880604][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   92.882183][ T8082] Modules linked in:
[   92.883230][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   92.886333][ T8082] Tainted: [B]=BAD_PAGE
[   92.887425][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.890216][ T8082] Call Trace:
[   92.891113][ T8082]  <TASK>
[   92.891873][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   92.893093][ T8082]  bad_page+0xb3/0x1f0
[   92.894156][ T8082]  ? __pfx_bad_page+0x10/0x10
[   92.895405][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   92.896691][ T8082]  free_unref_page+0x657/0xdc0
[   92.897953][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   92.899551][ T8082]  ? __phys_addr+0xc6/0x150
[   92.900750][ T8082]  skb_free_head+0xa0/0x1d0
[   92.901952][ T8082]  skb_release_data+0x560/0x730
[   92.903251][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   92.904584][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   92.906346][ T8082]  ? kernel_text_address+0x8d/0x100
[   92.907710][ T8082]  ? hlock_class+0x4e/0x130
[   92.908912][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   92.910242][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   92.912075][ T8082]  ? hlock_class+0x4e/0x130
[   92.913273][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   92.914589][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   92.915952][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   92.917528][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   92.919248][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   92.920609][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.922267][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.923464][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   92.925117][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   92.926743][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   92.928485][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   92.929852][ T8082]  ? __build_skb_around+0x278/0x3b0
[   92.931234][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   92.932621][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   92.934319][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   92.936036][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   92.937511][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   92.938910][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   92.940445][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.941988][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.943551][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   92.945082][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.946469][ T8082]  ? 0xffffffffa0004340
[   92.947554][ T8082]  ? 0xffffffffa0004340
[   92.948641][ T8082]  ? 0xffffffffa0004340
[   92.949733][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   92.951295][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   92.952707][ T8082]  ? lock_acquire+0x2f/0xb0
[   92.953902][ T8082]  ? __fget_files+0x40/0x3f0
[   92.955137][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.956817][ T8082]  ? fput+0x30/0x390
[   92.957917][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   92.959210][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.960781][ T8082]  __sys_bpf+0xfc6/0x49a0
[   92.961928][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   92.963204][ T8082]  ? __fget_files+0x23a/0x3f0
[   92.964441][ T8082]  ? do_futex+0x123/0x350
[   92.965540][ T8082]  ? __pfx_do_futex+0x10/0x10
[   92.966781][ T8082]  ? fdget_pos+0x262/0x360
[   92.967966][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   92.969351][ T8082]  ? ksys_write+0x1ad/0x260
[   92.970569][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   92.971856][ T8082]  __x64_sys_bpf+0x78/0xc0
[   92.973024][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.974359][ T8082]  do_syscall_64+0xcd/0x250
[   92.975548][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.977118][ T8082] RIP: 0033:0x7f389a37e719
[   92.978315][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.983304][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.985469][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   92.987536][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   92.989578][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   92.991584][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.993648][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   92.995715][ T8082]  </TASK>
[   92.996582][    C1] vkms_vblank_simulate: vblank timer overrun
[   92.998195][ T8082] BUG: Bad page state in process syz.0.755  pfn:2a020
[   92.999984][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x6e pfn:0x2a020
[   93.002270][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.004104][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   93.006332][ T8082] raw: 000000000000006e 0000000000000001 00000000ffffffff 0000000000000000
[   93.008585][ T8082] page dumped because: page_pool leak
[   93.010004][ T8082] page_owner tracks the page as allocated
[   93.011486][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474968626, free_ts 89524712839
[   93.015742][ T8082]  post_alloc_hook+0x2d1/0x350
[   93.017005][ T8082]  get_page_from_freelist+0x101e/0x3070
[   93.018516][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   93.019895][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   93.021343][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   93.022886][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   93.024265][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   93.025630][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   93.027198][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.028509][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.029885][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.031041][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.032218][ T8082]  do_syscall_64+0xcd/0x250
[   93.033417][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.034978][ T8082] page last free pid 0 tgid 0 stack trace:
[   93.036502][ T8082]  free_unref_page+0x5f4/0xdc0
[   93.037756][ T8082]  __folio_put+0x30d/0x3d0
[   93.038992][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   93.040437][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   93.041790][ T8082]  rcu_core+0x79d/0x14d0
[   93.042911][ T8082]  handle_softirqs+0x213/0x8f0
[   93.044167][ T8082]  irq_exit_rcu+0xbb/0x120
[   93.045337][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.046801][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.048403][ T8082] Modules linked in:
[   93.049564][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   93.052651][ T8082] Tainted: [B]=BAD_PAGE
[   93.053732][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.056514][ T8082] Call Trace:
[   93.057389][ T8082]  <TASK>
[   93.058188][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   93.059439][ T8082]  bad_page+0xb3/0x1f0
[   93.060521][ T8082]  ? __pfx_bad_page+0x10/0x10
[   93.061764][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   93.063029][ T8082]  free_unref_page+0x657/0xdc0
[   93.064261][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   93.065829][ T8082]  ? __phys_addr+0xc6/0x150
[   93.067038][ T8082]  skb_free_head+0xa0/0x1d0
[   93.068243][ T8082]  skb_release_data+0x560/0x730
[   93.069520][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   93.070848][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   93.072577][ T8082]  ? kernel_text_address+0x8d/0x100
[   93.073936][ T8082]  ? hlock_class+0x4e/0x130
[   93.075139][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   93.076452][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   93.078302][ T8082]  ? hlock_class+0x4e/0x130
[   93.079496][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   93.080792][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   93.082151][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   93.083731][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   93.085429][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   93.086799][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.088451][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.089639][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.091299][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   93.092908][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   93.094648][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   93.096014][ T8082]  ? __build_skb_around+0x278/0x3b0
[   93.097382][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   93.098783][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   93.100420][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   93.102131][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   93.103609][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.105000][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   93.106535][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.108080][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   93.109625][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.111160][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   93.112537][ T8082]  ? 0xffffffffa0004340
[   93.113627][ T8082]  ? 0xffffffffa0004340
[   93.114721][ T8082]  ? 0xffffffffa0004340
[   93.115811][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.117350][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.118771][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.119959][ T8082]  ? __fget_files+0x40/0x3f0
[   93.121177][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.122709][ T8082]  ? fput+0x30/0x390
[   93.123742][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   93.124999][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.126478][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.127551][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   93.128743][ T8082]  ? __fget_files+0x23a/0x3f0
[   93.129890][ T8082]  ? do_futex+0x123/0x350
[   93.130965][ T8082]  ? __pfx_do_futex+0x10/0x10
[   93.132163][ T8082]  ? fdget_pos+0x262/0x360
[   93.133333][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   93.134718][ T8082]  ? ksys_write+0x1ad/0x260
[   93.135852][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   93.137040][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.138142][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.139489][ T8082]  do_syscall_64+0xcd/0x250
[   93.140671][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.142237][ T8082] RIP: 0033:0x7f389a37e719
[   93.143414][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.148405][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.150561][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   93.152602][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   93.154652][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   93.156692][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.158749][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   93.160798][ T8082]  </TASK>
[   93.161655][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.163242][ T8082] BUG: Bad page state in process syz.0.755  pfn:237d7
[   93.164991][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x237d7
[   93.167307][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.169145][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   93.171371][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   93.173592][ T8082] page dumped because: page_pool leak
[   93.175030][ T8082] page_owner tracks the page as allocated
[   93.176508][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474964262, free_ts 89524717753
[   93.180864][ T8082]  post_alloc_hook+0x2d1/0x350
[   93.182128][ T8082]  get_page_from_freelist+0x101e/0x3070
[   93.183586][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   93.184962][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   93.186425][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   93.188018][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   93.189397][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   93.190778][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   93.192387][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.193764][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.195174][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.196307][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.197520][ T8082]  do_syscall_64+0xcd/0x250
[   93.198742][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.200298][ T8082] page last free pid 0 tgid 0 stack trace:
[   93.201806][ T8082]  free_unref_page+0x5f4/0xdc0
[   93.203076][ T8082]  __folio_put+0x30d/0x3d0
[   93.204237][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   93.205678][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   93.207069][ T8082]  rcu_core+0x79d/0x14d0
[   93.208221][ T8082]  handle_softirqs+0x213/0x8f0
[   93.209489][ T8082]  irq_exit_rcu+0xbb/0x120
[   93.210677][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.212156][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.213716][ T8082] Modules linked in:
[   93.214747][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   93.217740][ T8082] Tainted: [B]=BAD_PAGE
[   93.218811][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.221504][ T8082] Call Trace:
[   93.222378][ T8082]  <TASK>
[   93.223148][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   93.224349][ T8082]  bad_page+0xb3/0x1f0
[   93.225413][ T8082]  ? __pfx_bad_page+0x10/0x10
[   93.226658][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   93.227889][ T8082]  free_unref_page+0x657/0xdc0
[   93.229353][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   93.230947][ T8082]  ? __phys_addr+0xc6/0x150
[   93.232150][ T8082]  skb_free_head+0xa0/0x1d0
[   93.233364][ T8082]  skb_release_data+0x560/0x730
[   93.234667][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   93.236023][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   93.237804][ T8082]  ? kernel_text_address+0x8d/0x100
[   93.239290][ T8082]  ? hlock_class+0x4e/0x130
[   93.240499][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   93.241905][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   93.243829][ T8082]  ? hlock_class+0x4e/0x130
[   93.245070][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   93.246402][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   93.247762][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   93.249338][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   93.251053][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   93.252424][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.254081][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.255285][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.256929][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   93.258560][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   93.260290][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   93.261650][ T8082]  ? __build_skb_around+0x278/0x3b0
[   93.263015][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   93.264401][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   93.266030][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   93.267756][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   93.269219][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.270611][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   93.272136][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.273672][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   93.275224][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.276754][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   93.278146][ T8082]  ? 0xffffffffa0004340
[   93.279243][ T8082]  ? 0xffffffffa0004340
[   93.280330][ T8082]  ? 0xffffffffa0004340
[   93.281414][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.282964][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.284374][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.285577][ T8082]  ? __fget_files+0x40/0x3f0
[   93.286809][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.288338][ T8082]  ? fput+0x30/0x390
[   93.289368][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   93.290637][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.292160][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.293306][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   93.294568][ T8082]  ? __fget_files+0x23a/0x3f0
[   93.295803][ T8082]  ? do_futex+0x123/0x350
[   93.296943][ T8082]  ? __pfx_do_futex+0x10/0x10
[   93.298241][ T8082]  ? fdget_pos+0x262/0x360
[   93.299420][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   93.300799][ T8082]  ? ksys_write+0x1ad/0x260
[   93.301994][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   93.303283][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.304465][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.305839][ T8082]  do_syscall_64+0xcd/0x250
[   93.307056][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.308612][ T8082] RIP: 0033:0x7f389a37e719
[   93.309785][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.314793][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.316956][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   93.319032][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   93.321084][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   93.323179][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.325224][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   93.327289][ T8082]  </TASK>
[   93.328161][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.329750][ T8082] BUG: Bad page state in process syz.0.755  pfn:49e93
[   93.331509][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x105 pfn:0x49e93
[   93.333811][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.335655][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   93.337927][ T8082] raw: 0000000000000105 0000000000000001 00000000ffffffff 0000000000000000
[   93.340188][ T8082] page dumped because: page_pool leak
[   93.341589][ T8082] page_owner tracks the page as allocated
[   93.343069][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474959750, free_ts 89524723412
[   93.347379][ T8082]  post_alloc_hook+0x2d1/0x350
[   93.348657][ T8082]  get_page_from_freelist+0x101e/0x3070
[   93.350100][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   93.351496][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   93.352927][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   93.354464][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   93.355840][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   93.357225][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   93.358868][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.360255][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.361652][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.362796][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.363961][ T8082]  do_syscall_64+0xcd/0x250
[   93.365166][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.366785][ T8082] page last free pid 0 tgid 0 stack trace:
[   93.368313][ T8082]  free_unref_page+0x5f4/0xdc0
[   93.369577][ T8082]  __folio_put+0x30d/0x3d0
[   93.370764][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   93.372204][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   93.373560][ T8082]  rcu_core+0x79d/0x14d0
[   93.374686][ T8082]  handle_softirqs+0x213/0x8f0
[   93.375993][ T8082]  irq_exit_rcu+0xbb/0x120
[   93.377165][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.378657][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.380226][ T8082] Modules linked in:
[   93.381258][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   93.384311][ T8082] Tainted: [B]=BAD_PAGE
[   93.385341][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.388072][ T8082] Call Trace:
[   93.388877][ T8082]  <TASK>
[   93.389638][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   93.390864][ T8082]  bad_page+0xb3/0x1f0
[   93.391862][ T8082]  ? __pfx_bad_page+0x10/0x10
[   93.393097][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   93.394382][ T8082]  free_unref_page+0x657/0xdc0
[   93.395639][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   93.397204][ T8082]  ? __phys_addr+0xc6/0x150
[   93.398420][ T8082]  skb_free_head+0xa0/0x1d0
[   93.399616][ T8082]  skb_release_data+0x560/0x730
[   93.400893][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   93.402214][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   93.403961][ T8082]  ? kernel_text_address+0x8d/0x100
[   93.405323][ T8082]  ? hlock_class+0x4e/0x130
[   93.406529][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   93.407848][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   93.409688][ T8082]  ? hlock_class+0x4e/0x130
[   93.410879][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   93.412108][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   93.413451][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   93.414995][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   93.416682][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   93.418048][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.419636][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.420798][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.422442][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   93.424046][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   93.425716][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   93.427081][ T8082]  ? __build_skb_around+0x278/0x3b0
[   93.428441][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   93.429816][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   93.431441][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   93.433184][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   93.434622][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.435969][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   93.437436][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.438989][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   93.440540][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.442060][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   93.443429][ T8082]  ? 0xffffffffa0004340
[   93.444500][ T8082]  ? 0xffffffffa0004340
[   93.445586][ T8082]  ? 0xffffffffa0004340
[   93.446681][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.448238][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.449644][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.450894][ T8082]  ? __fget_files+0x40/0x3f0
[   93.452189][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.453739][ T8082]  ? fput+0x30/0x390
[   93.455184][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   93.456455][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.458006][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.459164][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   93.460427][ T8082]  ? __fget_files+0x23a/0x3f0
[   93.461656][ T8082]  ? do_futex+0x123/0x350
[   93.462806][ T8082]  ? __pfx_do_futex+0x10/0x10
[   93.464058][ T8082]  ? fdget_pos+0x262/0x360
[   93.465240][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   93.466643][ T8082]  ? ksys_write+0x1ad/0x260
[   93.467843][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   93.469129][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.470326][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.471699][ T8082]  do_syscall_64+0xcd/0x250
[   93.472896][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.474456][ T8082] RIP: 0033:0x7f389a37e719
[   93.475610][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.480580][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.482753][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   93.484813][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   93.486857][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   93.488905][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.490973][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   93.493024][ T8082]  </TASK>
[   93.493878][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.495469][ T8082] BUG: Bad page state in process syz.0.755  pfn:4d474
[   93.497192][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804d475e00 pfn:0x4d474
[   93.499807][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.501625][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   93.503839][ T8082] raw: ffff88804d475e00 0000000000000001 00000000ffffffff 0000000000000000
[   93.506112][ T8082] page dumped because: page_pool leak
[   93.507506][ T8082] page_owner tracks the page as allocated
[   93.508974][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474955367, free_ts 89524728379
[   93.513242][ T8082]  post_alloc_hook+0x2d1/0x350
[   93.514518][ T8082]  get_page_from_freelist+0x101e/0x3070
[   93.516014][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   93.517392][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   93.518846][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   93.520378][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   93.521752][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   93.523109][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   93.524711][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.526129][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.527529][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.528660][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.529830][ T8082]  do_syscall_64+0xcd/0x250
[   93.531029][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.532577][ T8082] page last free pid 0 tgid 0 stack trace:
[   93.534096][ T8082]  free_unref_page+0x5f4/0xdc0
[   93.535407][ T8082]  __folio_put+0x30d/0x3d0
[   93.536574][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   93.538018][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   93.539371][ T8082]  rcu_core+0x79d/0x14d0
[   93.540486][ T8082]  handle_softirqs+0x213/0x8f0
[   93.541749][ T8082]  irq_exit_rcu+0xbb/0x120
[   93.542926][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.544410][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.545904][ T8082] Modules linked in:
[   93.546941][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   93.550067][ T8082] Tainted: [B]=BAD_PAGE
[   93.551178][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.553943][ T8082] Call Trace:
[   93.554838][ T8082]  <TASK>
[   93.555623][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   93.556863][ T8082]  bad_page+0xb3/0x1f0
[   93.557939][ T8082]  ? __pfx_bad_page+0x10/0x10
[   93.559196][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   93.560469][ T8082]  free_unref_page+0x657/0xdc0
[   93.561719][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   93.563302][ T8082]  ? __phys_addr+0xc6/0x150
[   93.564501][ T8082]  skb_free_head+0xa0/0x1d0
[   93.565708][ T8082]  skb_release_data+0x560/0x730
[   93.567009][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   93.568332][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   93.570067][ T8082]  ? kernel_text_address+0x8d/0x100
[   93.571432][ T8082]  ? hlock_class+0x4e/0x130
[   93.572627][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   93.573951][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   93.575804][ T8082]  ? hlock_class+0x4e/0x130
[   93.577011][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   93.578344][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   93.579708][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   93.581275][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   93.582970][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   93.584333][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.585985][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.587198][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.588857][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   93.590488][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   93.592228][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   93.593595][ T8082]  ? __build_skb_around+0x278/0x3b0
[   93.594972][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   93.596382][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   93.598029][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   93.599759][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   93.601224][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.602620][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   93.604152][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.605711][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   93.607273][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.608801][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   93.610169][ T8082]  ? 0xffffffffa0004340
[   93.611262][ T8082]  ? 0xffffffffa0004340
[   93.612352][ T8082]  ? 0xffffffffa0004340
[   93.613442][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.614996][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.616409][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.617600][ T8082]  ? __fget_files+0x40/0x3f0
[   93.618839][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.620375][ T8082]  ? fput+0x30/0x390
[   93.621411][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   93.622677][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.624212][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.625371][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   93.626643][ T8082]  ? __fget_files+0x23a/0x3f0
[   93.627882][ T8082]  ? do_futex+0x123/0x350
[   93.629026][ T8082]  ? __pfx_do_futex+0x10/0x10
[   93.630273][ T8082]  ? fdget_pos+0x262/0x360
[   93.631454][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   93.632838][ T8082]  ? ksys_write+0x1ad/0x260
[   93.634037][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   93.635331][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.636503][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.637871][ T8082]  do_syscall_64+0xcd/0x250
[   93.639094][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.640645][ T8082] RIP: 0033:0x7f389a37e719
[   93.641823][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.646833][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.648996][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   93.651065][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   93.653138][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   93.655208][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.657276][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   93.659353][ T8082]  </TASK>
[   93.660213][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.661794][ T8082] BUG: Bad page state in process syz.0.755  pfn:5b345
[   93.663566][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xc34 pfn:0x5b345
[   93.665930][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.667784][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   93.670012][ T8082] raw: 0000000000000c34 0000000000000001 00000000ffffffff 0000000000000000
[   93.672268][ T8082] page dumped because: page_pool leak
[   93.673664][ T8082] page_owner tracks the page as allocated
[   93.675195][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474951143, free_ts 89524734234
[   93.679476][ T8082]  post_alloc_hook+0x2d1/0x350
[   93.680731][ T8082]  get_page_from_freelist+0x101e/0x3070
[   93.682173][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   93.683569][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   93.685066][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   93.686618][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   93.688035][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   93.689378][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   93.690991][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.692375][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.693832][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.694977][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.696150][ T8082]  do_syscall_64+0xcd/0x250
[   93.697354][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.698916][ T8082] page last free pid 0 tgid 0 stack trace:
[   93.700431][ T8082]  free_unref_page+0x5f4/0xdc0
[   93.701682][ T8082]  __folio_put+0x30d/0x3d0
[   93.702867][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   93.704368][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   93.705677][ T8082]  rcu_core+0x79d/0x14d0
[   93.706757][ T8082]  handle_softirqs+0x213/0x8f0
[   93.707969][ T8082]  irq_exit_rcu+0xbb/0x120
[   93.709115][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.710551][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.712081][ T8082] Modules linked in:
[   93.713089][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   93.716122][ T8082] Tainted: [B]=BAD_PAGE
[   93.717180][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.719975][ T8082] Call Trace:
[   93.720855][ T8082]  <TASK>
[   93.721632][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   93.722878][ T8082]  bad_page+0xb3/0x1f0
[   93.723949][ T8082]  ? __pfx_bad_page+0x10/0x10
[   93.725181][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   93.726466][ T8082]  free_unref_page+0x657/0xdc0
[   93.727721][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   93.729292][ T8082]  ? __phys_addr+0xc6/0x150
[   93.730494][ T8082]  skb_free_head+0xa0/0x1d0
[   93.731692][ T8082]  skb_release_data+0x560/0x730
[   93.732969][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   93.734315][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   93.736060][ T8082]  ? kernel_text_address+0x8d/0x100
[   93.737372][ T8082]  ? hlock_class+0x4e/0x130
[   93.738559][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   93.739844][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   93.741622][ T8082]  ? hlock_class+0x4e/0x130
[   93.742826][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   93.744129][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   93.745487][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   93.747070][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   93.748773][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   93.750133][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.751788][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.752973][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.754635][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   93.756245][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   93.757995][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   93.759362][ T8082]  ? __build_skb_around+0x278/0x3b0
[   93.760725][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   93.762104][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   93.763750][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   93.765462][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   93.766931][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.768315][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   93.769841][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.771391][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   93.772925][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.774435][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   93.775783][ T8082]  ? 0xffffffffa0004340
[   93.776875][ T8082]  ? 0xffffffffa0004340
[   93.777928][ T8082]  ? 0xffffffffa0004340
[   93.778981][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.780488][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.781892][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.783056][ T8082]  ? __fget_files+0x40/0x3f0
[   93.784240][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.785722][ T8082]  ? fput+0x30/0x390
[   93.786761][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   93.788022][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.789543][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.790690][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   93.791945][ T8082]  ? __fget_files+0x23a/0x3f0
[   93.793180][ T8082]  ? do_futex+0x123/0x350
[   93.794323][ T8082]  ? __pfx_do_futex+0x10/0x10
[   93.795560][ T8082]  ? fdget_pos+0x262/0x360
[   93.796733][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   93.798122][ T8082]  ? ksys_write+0x1ad/0x260
[   93.799320][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   93.800576][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.801718][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.803065][ T8082]  do_syscall_64+0xcd/0x250
[   93.804234][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.805756][ T8082] RIP: 0033:0x7f389a37e719
[   93.806933][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.811915][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.814073][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   93.816129][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   93.818191][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   93.820237][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.822289][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   93.824343][ T8082]  </TASK>
[   93.825201][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.826783][ T8082] BUG: Bad page state in process syz.0.755  pfn:2b65d
[   93.828522][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b65d
[   93.830791][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.832621][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   93.834889][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   93.837113][ T8082] page dumped because: page_pool leak
[   93.838520][ T8082] page_owner tracks the page as allocated
[   93.839991][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474946802, free_ts 89524739388
[   93.844304][ T8082]  post_alloc_hook+0x2d1/0x350
[   93.845558][ T8082]  get_page_from_freelist+0x101e/0x3070
[   93.847007][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   93.848390][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   93.849830][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   93.851380][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   93.852764][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   93.854184][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   93.855790][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.857167][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.858590][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.859717][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.860884][ T8082]  do_syscall_64+0xcd/0x250
[   93.862078][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.863681][ T8082] page last free pid 0 tgid 0 stack trace:
[   93.865191][ T8082]  free_unref_page+0x5f4/0xdc0
[   93.866458][ T8082]  __folio_put+0x30d/0x3d0
[   93.867633][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   93.869076][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   93.870440][ T8082]  rcu_core+0x79d/0x14d0
[   93.871548][ T8082]  handle_softirqs+0x213/0x8f0
[   93.872851][ T8082]  irq_exit_rcu+0xbb/0x120
[   93.874021][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.875509][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.877087][ T8082] Modules linked in:
[   93.878133][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   93.881215][ T8082] Tainted: [B]=BAD_PAGE
[   93.882307][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.885080][ T8082] Call Trace:
[   93.885958][ T8082]  <TASK>
[   93.886746][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   93.887982][ T8082]  bad_page+0xb3/0x1f0
[   93.889059][ T8082]  ? __pfx_bad_page+0x10/0x10
[   93.890297][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   93.891577][ T8082]  free_unref_page+0x657/0xdc0
[   93.892829][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   93.894409][ T8082]  ? __phys_addr+0xc6/0x150
[   93.895599][ T8082]  skb_free_head+0xa0/0x1d0
[   93.896794][ T8082]  skb_release_data+0x560/0x730
[   93.898081][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   93.899405][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   93.901135][ T8082]  ? kernel_text_address+0x8d/0x100
[   93.902494][ T8082]  ? hlock_class+0x4e/0x130
[   93.903683][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   93.904999][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   93.906835][ T8082]  ? hlock_class+0x4e/0x130
[   93.908025][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   93.909316][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   93.910675][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   93.912245][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   93.913931][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   93.915292][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.916933][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.918126][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   93.919774][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   93.921370][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   93.923109][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   93.924468][ T8082]  ? __build_skb_around+0x278/0x3b0
[   93.925829][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   93.927218][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   93.928844][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   93.930563][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   93.932013][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   93.933400][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   93.934939][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.936474][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   93.938021][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.939553][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   93.940922][ T8082]  ? 0xffffffffa0004340
[   93.942008][ T8082]  ? 0xffffffffa0004340
[   93.943109][ T8082]  ? 0xffffffffa0004340
[   93.944193][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   93.945727][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   93.947135][ T8082]  ? lock_acquire+0x2f/0xb0
[   93.948329][ T8082]  ? __fget_files+0x40/0x3f0
[   93.949545][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.951068][ T8082]  ? fput+0x30/0x390
[   93.952095][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   93.953351][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   93.954871][ T8082]  __sys_bpf+0xfc6/0x49a0
[   93.955986][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   93.957220][ T8082]  ? __fget_files+0x23a/0x3f0
[   93.958472][ T8082]  ? do_futex+0x123/0x350
[   93.959603][ T8082]  ? __pfx_do_futex+0x10/0x10
[   93.960839][ T8082]  ? fdget_pos+0x262/0x360
[   93.961977][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   93.963386][ T8082]  ? ksys_write+0x1ad/0x260
[   93.964575][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   93.965848][ T8082]  __x64_sys_bpf+0x78/0xc0
[   93.967029][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.968392][ T8082]  do_syscall_64+0xcd/0x250
[   93.969586][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.971134][ T8082] RIP: 0033:0x7f389a37e719
[   93.972303][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.977250][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.979424][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   93.981538][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   93.983604][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   93.985647][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   93.987698][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   93.989795][ T8082]  </TASK>
[   93.990669][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.992257][ T8082] BUG: Bad page state in process syz.0.755  pfn:4bb6c
[   93.994004][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4bb6c
[   93.996361][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   93.998236][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.000451][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   94.002737][ T8082] page dumped because: page_pool leak
[   94.004153][ T8082] page_owner tracks the page as allocated
[   94.005637][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474942418, free_ts 89524744332
[   94.009881][ T8082]  post_alloc_hook+0x2d1/0x350
[   94.011137][ T8082]  get_page_from_freelist+0x101e/0x3070
[   94.012626][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   94.013999][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   94.015436][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   94.016965][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   94.018356][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   94.019716][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   94.021322][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.022745][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.024135][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.025269][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.026439][ T8082]  do_syscall_64+0xcd/0x250
[   94.027637][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.029190][ T8082] page last free pid 0 tgid 0 stack trace:
[   94.030707][ T8082]  free_unref_page+0x5f4/0xdc0
[   94.032015][ T8082]  __folio_put+0x30d/0x3d0
[   94.033180][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   94.034639][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   94.035988][ T8082]  rcu_core+0x79d/0x14d0
[   94.037095][ T8082]  handle_softirqs+0x213/0x8f0
[   94.038412][ T8082]  irq_exit_rcu+0xbb/0x120
[   94.039582][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   94.041044][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   94.042665][ T8082] Modules linked in:
[   94.043690][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   94.046771][ T8082] Tainted: [B]=BAD_PAGE
[   94.047859][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.050670][ T8082] Call Trace:
[   94.051561][ T8082]  <TASK>
[   94.052342][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   94.053575][ T8082]  bad_page+0xb3/0x1f0
[   94.054662][ T8082]  ? __pfx_bad_page+0x10/0x10
[   94.055895][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   94.057166][ T8082]  free_unref_page+0x657/0xdc0
[   94.058438][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   94.060001][ T8082]  ? __phys_addr+0xc6/0x150
[   94.061227][ T8082]  skb_free_head+0xa0/0x1d0
[   94.062468][ T8082]  skb_release_data+0x560/0x730
[   94.063742][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   94.065081][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   94.066822][ T8082]  ? kernel_text_address+0x8d/0x100
[   94.068205][ T8082]  ? hlock_class+0x4e/0x130
[   94.069409][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   94.070746][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   94.072590][ T8082]  ? hlock_class+0x4e/0x130
[   94.073776][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   94.075073][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   94.076429][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   94.078003][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   94.079701][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   94.081053][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.082705][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.083894][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.085539][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   94.087155][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   94.088884][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   94.090248][ T8082]  ? __build_skb_around+0x278/0x3b0
[   94.091610][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   94.092993][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   94.094673][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   94.096396][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   94.097848][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.099244][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   94.100759][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.102299][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   94.103843][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.105365][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   94.106754][ T8082]  ? 0xffffffffa0004340
[   94.107848][ T8082]  ? 0xffffffffa0004340
[   94.108938][ T8082]  ? 0xffffffffa0004340
[   94.110031][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.111589][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.112992][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.114190][ T8082]  ? __fget_files+0x40/0x3f0
[   94.115433][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.116966][ T8082]  ? fput+0x30/0x390
[   94.118015][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   94.119296][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.120815][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.121949][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   94.123223][ T8082]  ? __fget_files+0x23a/0x3f0
[   94.124458][ T8082]  ? do_futex+0x123/0x350
[   94.125592][ T8082]  ? __pfx_do_futex+0x10/0x10
[   94.126828][ T8082]  ? fdget_pos+0x262/0x360
[   94.128002][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.129384][ T8082]  ? ksys_write+0x1ad/0x260
[   94.130592][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   94.131873][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.133043][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.134421][ T8082]  do_syscall_64+0xcd/0x250
[   94.135616][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.137165][ T8082] RIP: 0033:0x7f389a37e719
[   94.138347][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.143321][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.145478][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   94.147533][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   94.149582][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   94.151655][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.153708][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   94.155765][ T8082]  </TASK>
[   94.156628][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.158243][ T8082] BUG: Bad page state in process syz.0.755  pfn:57ea8
[   94.160006][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x57ea8
[   94.162349][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.164183][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.166405][ T8082] raw: 000000000000002d 0000000000000001 00000000ffffffff 0000000000000000
[   94.168653][ T8082] page dumped because: page_pool leak
[   94.170037][ T8082] page_owner tracks the page as allocated
[   94.171569][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474938281, free_ts 89524749702
[   94.175832][ T8082]  post_alloc_hook+0x2d1/0x350
[   94.177102][ T8082]  get_page_from_freelist+0x101e/0x3070
[   94.178564][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   94.179979][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   94.181468][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   94.183018][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   94.184428][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   94.185764][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   94.187380][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.188757][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.190164][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.191351][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.192517][ T8082]  do_syscall_64+0xcd/0x250
[   94.193711][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.195267][ T8082] page last free pid 0 tgid 0 stack trace:
[   94.196781][ T8082]  free_unref_page+0x5f4/0xdc0
[   94.198043][ T8082]  __folio_put+0x30d/0x3d0
[   94.199218][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   94.200700][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   94.202044][ T8082]  rcu_core+0x79d/0x14d0
[   94.203170][ T8082]  handle_softirqs+0x213/0x8f0
[   94.204422][ T8082]  irq_exit_rcu+0xbb/0x120
[   94.205589][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   94.207058][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   94.208621][ T8082] Modules linked in:
[   94.209656][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   94.212754][ T8082] Tainted: [B]=BAD_PAGE
[   94.213836][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.216612][ T8082] Call Trace:
[   94.217491][ T8082]  <TASK>
[   94.218322][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   94.219563][ T8082]  bad_page+0xb3/0x1f0
[   94.220640][ T8082]  ? __pfx_bad_page+0x10/0x10
[   94.221896][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   94.223189][ T8082]  free_unref_page+0x657/0xdc0
[   94.224453][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   94.226026][ T8082]  ? __phys_addr+0xc6/0x150
[   94.227222][ T8082]  skb_free_head+0xa0/0x1d0
[   94.228421][ T8082]  skb_release_data+0x560/0x730
[   94.229695][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   94.231023][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   94.232759][ T8082]  ? kernel_text_address+0x8d/0x100
[   94.234110][ T8082]  ? hlock_class+0x4e/0x130
[   94.235316][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   94.236857][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   94.238756][ T8082]  ? hlock_class+0x4e/0x130
[   94.239973][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   94.241311][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   94.242746][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   94.244344][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   94.246070][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   94.247454][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.249102][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.250314][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.251967][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   94.253569][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   94.255315][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   94.256675][ T8082]  ? __build_skb_around+0x278/0x3b0
[   94.258050][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   94.259497][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   94.261122][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   94.262844][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   94.264313][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.265698][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   94.267231][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.268774][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   94.270332][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.271859][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   94.273240][ T8082]  ? 0xffffffffa0004340
[   94.274343][ T8082]  ? 0xffffffffa0004340
[   94.275415][ T8082]  ? 0xffffffffa0004340
[   94.276497][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.278036][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.279449][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.280645][ T8082]  ? __fget_files+0x40/0x3f0
[   94.281862][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.283401][ T8082]  ? fput+0x30/0x390
[   94.284436][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   94.285703][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.287239][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.288379][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   94.289636][ T8082]  ? __fget_files+0x23a/0x3f0
[   94.290893][ T8082]  ? do_futex+0x123/0x350
[   94.292030][ T8082]  ? __pfx_do_futex+0x10/0x10
[   94.293258][ T8082]  ? fdget_pos+0x262/0x360
[   94.294439][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.295819][ T8082]  ? ksys_write+0x1ad/0x260
[   94.297016][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   94.298314][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.299484][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.300845][ T8082]  do_syscall_64+0xcd/0x250
[   94.302043][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.303596][ T8082] RIP: 0033:0x7f389a37e719
[   94.304764][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.309718][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.311883][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   94.313966][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   94.316186][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   94.318291][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.320369][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   94.322475][ T8082]  </TASK>
[   94.323357][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.324951][ T8082] BUG: Bad page state in process syz.0.755  pfn:288b1
[   94.326722][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x4 pfn:0x288b1
[   94.328998][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.330922][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.333142][ T8082] raw: 0000000000000004 0000000000000001 00000000ffffffff 0000000000000000
[   94.335378][ T8082] page dumped because: page_pool leak
[   94.336758][ T8082] page_owner tracks the page as allocated
[   94.338248][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474934072, free_ts 89524755067
[   94.342575][ T8082]  post_alloc_hook+0x2d1/0x350
[   94.343826][ T8082]  get_page_from_freelist+0x101e/0x3070
[   94.345266][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   94.346642][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   94.348078][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   94.349610][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   94.351035][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   94.352372][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   94.353969][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.355353][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.356739][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.357862][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.359059][ T8082]  do_syscall_64+0xcd/0x250
[   94.360297][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.361835][ T8082] page last free pid 0 tgid 0 stack trace:
[   94.363349][ T8082]  free_unref_page+0x5f4/0xdc0
[   94.364592][ T8082]  __folio_put+0x30d/0x3d0
[   94.365753][ T8082]  free_page_and_swap_cache+0x249/0x2c0
[   94.367218][ T8082]  tlb_remove_table_rcu+0x89/0xe0
[   94.368524][ T8082]  rcu_core+0x79d/0x14d0
[   94.369673][ T8082]  handle_softirqs+0x213/0x8f0
[   94.370924][ T8082]  irq_exit_rcu+0xbb/0x120
[   94.372094][ T8082]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   94.373517][ T8082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   94.375079][ T8082] Modules linked in:
[   94.376096][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   94.379173][ T8082] Tainted: [B]=BAD_PAGE
[   94.380210][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.382978][ T8082] Call Trace:
[   94.383855][ T8082]  <TASK>
[   94.384636][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   94.385866][ T8082]  bad_page+0xb3/0x1f0
[   94.386946][ T8082]  ? __pfx_bad_page+0x10/0x10
[   94.388188][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   94.389461][ T8082]  free_unref_page+0x657/0xdc0
[   94.390718][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   94.392278][ T8082]  ? __phys_addr+0xc6/0x150
[   94.393465][ T8082]  skb_free_head+0xa0/0x1d0
[   94.394665][ T8082]  skb_release_data+0x560/0x730
[   94.395928][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   94.397236][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   94.398976][ T8082]  ? kernel_text_address+0x8d/0x100
[   94.400329][ T8082]  ? hlock_class+0x4e/0x130
[   94.401515][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   94.402828][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   94.404657][ T8082]  ? hlock_class+0x4e/0x130
[   94.405840][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   94.407148][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   94.408497][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   94.410056][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   94.411749][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   94.413105][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.414729][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.415912][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.417557][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   94.419179][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   94.420907][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   94.422273][ T8082]  ? __build_skb_around+0x278/0x3b0
[   94.423605][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   94.424982][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   94.426613][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   94.428322][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   94.429780][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.431166][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   94.432685][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.434234][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   94.435779][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.437313][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   94.438712][ T8082]  ? 0xffffffffa0004340
[   94.439798][ T8082]  ? 0xffffffffa0004340
[   94.440882][ T8082]  ? 0xffffffffa0004340
[   94.441966][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.443514][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.444919][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.446114][ T8082]  ? __fget_files+0x40/0x3f0
[   94.447326][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.448817][ T8082]  ? fput+0x30/0x390
[   94.449832][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   94.451101][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.452616][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.453745][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   94.454997][ T8082]  ? __fget_files+0x23a/0x3f0
[   94.456233][ T8082]  ? do_futex+0x123/0x350
[   94.457363][ T8082]  ? __pfx_do_futex+0x10/0x10
[   94.458608][ T8082]  ? fdget_pos+0x262/0x360
[   94.459778][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.461156][ T8082]  ? ksys_write+0x1ad/0x260
[   94.462357][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   94.463633][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.464800][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.466137][ T8082]  do_syscall_64+0xcd/0x250
[   94.467338][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.468887][ T8082] RIP: 0033:0x7f389a37e719
[   94.470057][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.475032][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.477208][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   94.479276][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   94.481323][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   94.483373][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.485427][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   94.487482][ T8082]  </TASK>
[   94.488346][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.489933][ T8082] BUG: Bad page state in process syz.0.755  pfn:2d475
[   94.491678][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x46 pfn:0x2d475
[   94.493976][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.495814][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.498026][ T8082] raw: 0000000000000046 0000000000000001 00000000ffffffff 0000000000000000
[   94.500296][ T8082] page dumped because: page_pool leak
[   94.501689][ T8082] page_owner tracks the page as allocated
[   94.503170][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474929624, free_ts 89871811662
[   94.507413][ T8082]  post_alloc_hook+0x2d1/0x350
[   94.508677][ T8082]  get_page_from_freelist+0x101e/0x3070
[   94.510169][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   94.511554][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   94.512958][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   94.514520][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   94.515937][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   94.517270][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   94.518938][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.520318][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.521716][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.522851][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.524111][ T8082]  do_syscall_64+0xcd/0x250
[   94.525311][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.526877][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   94.528504][ T8082]  free_unref_page+0x5f4/0xdc0
[   94.529781][ T8082]  vfree+0x17a/0x890
[   94.530850][ T8082]  delayed_vfree_work+0x56/0x70
[   94.532168][ T8082]  process_one_work+0x9c5/0x1ba0
[   94.533470][ T8082]  worker_thread+0x6c8/0xf00
[   94.534696][ T8082]  kthread+0x2c1/0x3a0
[   94.535774][ T8082]  ret_from_fork+0x45/0x80
[   94.536952][ T8082]  ret_from_fork_asm+0x1a/0x30
[   94.538241][ T8082] Modules linked in:
[   94.539325][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   94.542438][ T8082] Tainted: [B]=BAD_PAGE
[   94.543527][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.546293][ T8082] Call Trace:
[   94.547179][ T8082]  <TASK>
[   94.547999][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   94.549263][ T8082]  bad_page+0xb3/0x1f0
[   94.550351][ T8082]  ? __pfx_bad_page+0x10/0x10
[   94.551593][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   94.552875][ T8082]  free_unref_page+0x657/0xdc0
[   94.554137][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   94.555719][ T8082]  ? __phys_addr+0xc6/0x150
[   94.556915][ T8082]  skb_free_head+0xa0/0x1d0
[   94.558133][ T8082]  skb_release_data+0x560/0x730
[   94.559416][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   94.560735][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   94.562479][ T8082]  ? kernel_text_address+0x8d/0x100
[   94.563833][ T8082]  ? hlock_class+0x4e/0x130
[   94.565031][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   94.566390][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   94.568231][ T8082]  ? hlock_class+0x4e/0x130
[   94.569428][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   94.570736][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   94.572104][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   94.573672][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   94.575365][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   94.576721][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.578381][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.579572][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.581219][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   94.582831][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   94.584565][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   94.585932][ T8082]  ? __build_skb_around+0x278/0x3b0
[   94.587306][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   94.588694][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   94.590332][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   94.592039][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   94.593505][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.594869][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   94.596359][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.597898][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   94.599459][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.600993][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   94.602397][ T8082]  ? 0xffffffffa0004340
[   94.603493][ T8082]  ? 0xffffffffa0004340
[   94.604584][ T8082]  ? 0xffffffffa0004340
[   94.605676][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.607237][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.608653][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.609846][ T8082]  ? __fget_files+0x40/0x3f0
[   94.611082][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.612611][ T8082]  ? fput+0x30/0x390
[   94.613620][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   94.614886][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.616404][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.617538][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   94.618818][ T8082]  ? __fget_files+0x23a/0x3f0
[   94.620060][ T8082]  ? do_futex+0x123/0x350
[   94.621206][ T8082]  ? __pfx_do_futex+0x10/0x10
[   94.622457][ T8082]  ? fdget_pos+0x262/0x360
[   94.623639][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.625023][ T8082]  ? ksys_write+0x1ad/0x260
[   94.626242][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   94.627535][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.628712][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.630077][ T8082]  do_syscall_64+0xcd/0x250
[   94.631282][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.632829][ T8082] RIP: 0033:0x7f389a37e719
[   94.633997][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.638998][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.641160][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   94.643222][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   94.645290][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   94.647350][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.649409][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   94.651475][ T8082]  </TASK>
[   94.652344][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.653924][ T8082] BUG: Bad page state in process syz.0.755  pfn:306ce
[   94.655682][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880306cef00 pfn:0x306ce
[   94.658360][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.660198][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.662431][ T8082] raw: ffff8880306cef00 0000000000000001 00000000ffffffff 0000000000000000
[   94.664674][ T8082] page dumped because: page_pool leak
[   94.666070][ T8082] page_owner tracks the page as allocated
[   94.667556][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474925205, free_ts 89871815202
[   94.671911][ T8082]  post_alloc_hook+0x2d1/0x350
[   94.673173][ T8082]  get_page_from_freelist+0x101e/0x3070
[   94.674645][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   94.676033][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   94.677484][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   94.679110][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   94.680487][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   94.681861][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   94.683475][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.684859][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.686279][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.687403][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.688629][ T8082]  do_syscall_64+0xcd/0x250
[   94.689827][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.691384][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   94.693021][ T8082]  free_unref_page+0x5f4/0xdc0
[   94.694282][ T8082]  vfree+0x17a/0x890
[   94.695310][ T8082]  delayed_vfree_work+0x56/0x70
[   94.696581][ T8082]  process_one_work+0x9c5/0x1ba0
[   94.697926][ T8082]  worker_thread+0x6c8/0xf00
[   94.699163][ T8082]  kthread+0x2c1/0x3a0
[   94.700244][ T8082]  ret_from_fork+0x45/0x80
[   94.701428][ T8082]  ret_from_fork_asm+0x1a/0x30
[   94.702692][ T8082] Modules linked in:
[   94.703722][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   94.706806][ T8082] Tainted: [B]=BAD_PAGE
[   94.707902][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.710681][ T8082] Call Trace:
[   94.711562][ T8082]  <TASK>
[   94.712343][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   94.713584][ T8082]  bad_page+0xb3/0x1f0
[   94.714666][ T8082]  ? __pfx_bad_page+0x10/0x10
[   94.715909][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   94.717225][ T8082]  free_unref_page+0x657/0xdc0
[   94.718501][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   94.720073][ T8082]  ? __phys_addr+0xc6/0x150
[   94.721268][ T8082]  skb_free_head+0xa0/0x1d0
[   94.722471][ T8082]  skb_release_data+0x560/0x730
[   94.723749][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   94.725069][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   94.726820][ T8082]  ? kernel_text_address+0x8d/0x100
[   94.728185][ T8082]  ? hlock_class+0x4e/0x130
[   94.729379][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   94.730699][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   94.732535][ T8082]  ? hlock_class+0x4e/0x130
[   94.733730][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   94.735042][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   94.736402][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   94.738033][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   94.739734][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   94.741102][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.742757][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.743954][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.745612][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   94.747240][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   94.748978][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   94.750349][ T8082]  ? __build_skb_around+0x278/0x3b0
[   94.751717][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   94.753109][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   94.754755][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   94.756474][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   94.757944][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.759346][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   94.760875][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.762452][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   94.763998][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.765533][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   94.766923][ T8082]  ? 0xffffffffa0004340
[   94.768052][ T8082]  ? 0xffffffffa0004340
[   94.769149][ T8082]  ? 0xffffffffa0004340
[   94.770249][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.771797][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.773215][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.774420][ T8082]  ? __fget_files+0x40/0x3f0
[   94.775643][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.777176][ T8082]  ? fput+0x30/0x390
[   94.778233][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   94.779498][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.781026][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.782169][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   94.783437][ T8082]  ? __fget_files+0x23a/0x3f0
[   94.784679][ T8082]  ? do_futex+0x123/0x350
[   94.785823][ T8082]  ? __pfx_do_futex+0x10/0x10
[   94.787084][ T8082]  ? fdget_pos+0x262/0x360
[   94.788268][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.789656][ T8082]  ? ksys_write+0x1ad/0x260
[   94.790865][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   94.792164][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.793340][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.794715][ T8082]  do_syscall_64+0xcd/0x250
[   94.795918][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.797474][ T8082] RIP: 0033:0x7f389a37e719
[   94.798672][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.803649][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.805814][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   94.807883][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   94.809947][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   94.812015][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.814067][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   94.816131][ T8082]  </TASK>
[   94.816993][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.818594][ T8082] BUG: Bad page state in process syz.0.755  pfn:2ee61
[   94.820357][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x68 pfn:0x2ee61
[   94.822669][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.824505][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.826730][ T8082] raw: 0000000000000068 0000000000000001 00000000ffffffff 0000000000000000
[   94.828992][ T8082] page dumped because: page_pool leak
[   94.830407][ T8082] page_owner tracks the page as allocated
[   94.831877][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474921005, free_ts 89871819531
[   94.836107][ T8082]  post_alloc_hook+0x2d1/0x350
[   94.837379][ T8082]  get_page_from_freelist+0x101e/0x3070
[   94.838831][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   94.840204][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   94.841639][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   94.843187][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   94.844561][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   94.845892][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   94.847556][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.848947][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.850354][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.851486][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.852663][ T8082]  do_syscall_64+0xcd/0x250
[   94.853859][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.855408][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   94.857090][ T8082]  free_unref_page+0x5f4/0xdc0
[   94.858368][ T8082]  vfree+0x17a/0x890
[   94.859401][ T8082]  delayed_vfree_work+0x56/0x70
[   94.860676][ T8082]  process_one_work+0x9c5/0x1ba0
[   94.861971][ T8082]  worker_thread+0x6c8/0xf00
[   94.863197][ T8082]  kthread+0x2c1/0x3a0
[   94.864313][ T8082]  ret_from_fork+0x45/0x80
[   94.865488][ T8082]  ret_from_fork_asm+0x1a/0x30
[   94.866809][ T8082] Modules linked in:
[   94.867855][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   94.870971][ T8082] Tainted: [B]=BAD_PAGE
[   94.872058][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.874840][ T8082] Call Trace:
[   94.875708][ T8082]  <TASK>
[   94.876501][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   94.877737][ T8082]  bad_page+0xb3/0x1f0
[   94.878835][ T8082]  ? __pfx_bad_page+0x10/0x10
[   94.880074][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   94.881421][ T8082]  free_unref_page+0x657/0xdc0
[   94.882755][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   94.884341][ T8082]  ? __phys_addr+0xc6/0x150
[   94.885544][ T8082]  skb_free_head+0xa0/0x1d0
[   94.886762][ T8082]  skb_release_data+0x560/0x730
[   94.888047][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   94.889361][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   94.891117][ T8082]  ? kernel_text_address+0x8d/0x100
[   94.892481][ T8082]  ? hlock_class+0x4e/0x130
[   94.893679][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   94.895015][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   94.896866][ T8082]  ? hlock_class+0x4e/0x130
[   94.898080][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   94.899392][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   94.900756][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   94.902338][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   94.904032][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   94.905398][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.907059][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.908251][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   94.909901][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   94.911508][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   94.913282][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   94.914660][ T8082]  ? __build_skb_around+0x278/0x3b0
[   94.916028][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   94.917423][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   94.919073][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   94.920793][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   94.922281][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   94.923672][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   94.925203][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.926747][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   94.928290][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.929819][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   94.931209][ T8082]  ? 0xffffffffa0004340
[   94.932302][ T8082]  ? 0xffffffffa0004340
[   94.933393][ T8082]  ? 0xffffffffa0004340
[   94.934530][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   94.936073][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   94.937484][ T8082]  ? lock_acquire+0x2f/0xb0
[   94.938695][ T8082]  ? __fget_files+0x40/0x3f0
[   94.939918][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.941451][ T8082]  ? fput+0x30/0x390
[   94.942500][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   94.943765][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.945301][ T8082]  __sys_bpf+0xfc6/0x49a0
[   94.946450][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   94.947714][ T8082]  ? __fget_files+0x23a/0x3f0
[   94.948958][ T8082]  ? do_futex+0x123/0x350
[   94.950103][ T8082]  ? __pfx_do_futex+0x10/0x10
[   94.951355][ T8082]  ? fdget_pos+0x262/0x360
[   94.952537][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   94.953928][ T8082]  ? ksys_write+0x1ad/0x260
[   94.955135][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   94.956424][ T8082]  __x64_sys_bpf+0x78/0xc0
[   94.957602][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.958986][ T8082]  do_syscall_64+0xcd/0x250
[   94.960191][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.961740][ T8082] RIP: 0033:0x7f389a37e719
[   94.962920][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.967910][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.970076][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   94.972121][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   94.974166][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   94.976225][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.978288][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   94.980344][ T8082]  </TASK>
[   94.981200][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.982779][ T8082] BUG: Bad page state in process syz.0.755  pfn:4e198
[   94.984518][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x79 pfn:0x4e198
[   94.986847][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   94.988683][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   94.990894][ T8082] raw: 0000000000000079 0000000000000001 00000000ffffffff 0000000000000000
[   94.993100][ T8082] page dumped because: page_pool leak
[   94.994501][ T8082] page_owner tracks the page as allocated
[   94.996036][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474916937, free_ts 89871823229
[   95.000316][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.001577][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.003028][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.004409][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.005902][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.007456][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.008839][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.010181][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.011802][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.013220][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.014638][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.015822][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.016991][ T8082]  do_syscall_64+0xcd/0x250
[   95.018238][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.019786][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   95.021437][ T8082]  free_unref_page+0x5f4/0xdc0
[   95.022705][ T8082]  vfree+0x17a/0x890
[   95.023735][ T8082]  delayed_vfree_work+0x56/0x70
[   95.025021][ T8082]  process_one_work+0x9c5/0x1ba0
[   95.026382][ T8082]  worker_thread+0x6c8/0xf00
[   95.027588][ T8082]  kthread+0x2c1/0x3a0
[   95.028658][ T8082]  ret_from_fork+0x45/0x80
[   95.029854][ T8082]  ret_from_fork_asm+0x1a/0x30
[   95.031114][ T8082] Modules linked in:
[   95.032135][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   95.035055][ T8082] Tainted: [B]=BAD_PAGE
[   95.036174][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.039102][ T8082] Call Trace:
[   95.039985][ T8082]  <TASK>
[   95.040770][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   95.042014][ T8082]  bad_page+0xb3/0x1f0
[   95.043104][ T8082]  ? __pfx_bad_page+0x10/0x10
[   95.044349][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   95.045634][ T8082]  free_unref_page+0x657/0xdc0
[   95.046931][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   95.048504][ T8082]  ? __phys_addr+0xc6/0x150
[   95.049705][ T8082]  skb_free_head+0xa0/0x1d0
[   95.050897][ T8082]  skb_release_data+0x560/0x730
[   95.052183][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   95.053514][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   95.055256][ T8082]  ? kernel_text_address+0x8d/0x100
[   95.056623][ T8082]  ? hlock_class+0x4e/0x130
[   95.057824][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   95.059163][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   95.060994][ T8082]  ? hlock_class+0x4e/0x130
[   95.062195][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   95.063513][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   95.064878][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   95.066460][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   95.068163][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   95.069528][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.071225][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.072419][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.074070][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   95.075699][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   95.077443][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   95.078827][ T8082]  ? __build_skb_around+0x278/0x3b0
[   95.080189][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   95.081571][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   95.083172][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   95.084878][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   95.086351][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.087731][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   95.089257][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.090818][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   95.092364][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   95.093833][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   95.095222][ T8082]  ? 0xffffffffa0004340
[   95.096311][ T8082]  ? 0xffffffffa0004340
[   95.097399][ T8082]  ? 0xffffffffa0004340
[   95.098501][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.100044][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.101452][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.102649][ T8082]  ? __fget_files+0x40/0x3f0
[   95.103866][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.105369][ T8082]  ? fput+0x30/0x390
[   95.106377][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   95.107636][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.109165][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.110310][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   95.111569][ T8082]  ? __fget_files+0x23a/0x3f0
[   95.112808][ T8082]  ? do_futex+0x123/0x350
[   95.113946][ T8082]  ? __pfx_do_futex+0x10/0x10
[   95.115186][ T8082]  ? fdget_pos+0x262/0x360
[   95.116337][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   95.117718][ T8082]  ? ksys_write+0x1ad/0x260
[   95.118934][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   95.120221][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.121394][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.122783][ T8082]  do_syscall_64+0xcd/0x250
[   95.123985][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.125537][ T8082] RIP: 0033:0x7f389a37e719
[   95.126730][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.131660][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.133824][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   95.135903][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   95.137979][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   95.140044][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.142095][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   95.144170][ T8082]  </TASK>
[   95.145032][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.146645][ T8082] BUG: Bad page state in process syz.0.755  pfn:2d559
[   95.148396][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x6b pfn:0x2d559
[   95.150761][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   95.152609][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   95.154848][ T8082] raw: 000000000000006b 0000000000000001 00000000ffffffff 0000000000000000
[   95.157132][ T8082] page dumped because: page_pool leak
[   95.158570][ T8082] page_owner tracks the page as allocated
[   95.160051][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474912561, free_ts 89871826342
[   95.164352][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.165673][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.167125][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.168511][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.169952][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.171497][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.172870][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.174151][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.175808][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.177189][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.178632][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.179767][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.180939][ T8082]  do_syscall_64+0xcd/0x250
[   95.182134][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.183691][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   95.185376][ T8082]  free_unref_page+0x5f4/0xdc0
[   95.186634][ T8082]  vfree+0x17a/0x890
[   95.187657][ T8082]  delayed_vfree_work+0x56/0x70
[   95.188932][ T8082]  process_one_work+0x9c5/0x1ba0
[   95.190237][ T8082]  worker_thread+0x6c8/0xf00
[   95.191469][ T8082]  kthread+0x2c1/0x3a0
[   95.192536][ T8082]  ret_from_fork+0x45/0x80
[   95.193702][ T8082]  ret_from_fork_asm+0x1a/0x30
[   95.195018][ T8082] Modules linked in:
[   95.196045][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   95.199106][ T8082] Tainted: [B]=BAD_PAGE
[   95.200153][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.202920][ T8082] Call Trace:
[   95.203818][ T8082]  <TASK>
[   95.204601][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   95.205803][ T8082]  bad_page+0xb3/0x1f0
[   95.206866][ T8082]  ? __pfx_bad_page+0x10/0x10
[   95.208096][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   95.209371][ T8082]  free_unref_page+0x657/0xdc0
[   95.210578][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   95.212001][ T8082]  ? __phys_addr+0xc6/0x150
[   95.213117][ T8082]  skb_free_head+0xa0/0x1d0
[   95.214258][ T8082]  skb_release_data+0x560/0x730
[   95.215473][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   95.216732][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   95.218315][ T8082]  ? kernel_text_address+0x8d/0x100
[   95.219559][ T8082]  ? hlock_class+0x4e/0x130
[   95.220735][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   95.222020][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   95.223778][ T8082]  ? hlock_class+0x4e/0x130
[   95.224939][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   95.226194][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   95.227539][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   95.229028][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   95.230634][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   95.231940][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.233502][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.234630][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.236208][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   95.237930][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   95.239644][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   95.240998][ T8082]  ? __build_skb_around+0x278/0x3b0
[   95.242366][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   95.243705][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   95.245340][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   95.246996][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   95.248419][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.249782][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   95.251273][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.252763][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   95.254280][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   95.255740][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   95.257089][ T8082]  ? 0xffffffffa0004340
[   95.258147][ T8082]  ? 0xffffffffa0004340
[   95.259204][ T8082]  ? 0xffffffffa0004340
[   95.260257][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.261774][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.263118][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.264212][ T8082]  ? __fget_files+0x40/0x3f0
[   95.265395][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.266882][ T8082]  ? fput+0x30/0x390
[   95.267902][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   95.269104][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.270563][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.271680][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   95.272900][ T8082]  ? __fget_files+0x23a/0x3f0
[   95.274123][ T8082]  ? do_futex+0x123/0x350
[   95.275274][ T8082]  ? __pfx_do_futex+0x10/0x10
[   95.276519][ T8082]  ? fdget_pos+0x262/0x360
[   95.277700][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   95.279109][ T8082]  ? ksys_write+0x1ad/0x260
[   95.280325][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   95.281614][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.282809][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.284183][ T8082]  do_syscall_64+0xcd/0x250
[   95.285388][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.286953][ T8082] RIP: 0033:0x7f389a37e719
[   95.288137][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.293146][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.295321][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   95.297399][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   95.299478][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   95.301551][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.303658][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   95.305665][ T8082]  </TASK>
[   95.306524][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.308118][ T8082] BUG: Bad page state in process syz.0.755  pfn:512c3
[   95.309865][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x67 pfn:0x512c3
[   95.312139][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   95.313988][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   95.316203][ T8082] raw: 0000000000000067 0000000000000001 00000000ffffffff 0000000000000000
[   95.318441][ T8082] page dumped because: page_pool leak
[   95.319832][ T8082] page_owner tracks the page as allocated
[   95.321278][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474908192, free_ts 89871840054
[   95.325592][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.326800][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.328260][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.329590][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.331049][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.332591][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.334031][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.335367][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.336975][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.338371][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.339776][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.340914][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.342097][ T8082]  do_syscall_64+0xcd/0x250
[   95.343315][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.344920][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   95.346573][ T8082]  free_unref_page+0x5f4/0xdc0
[   95.347828][ T8082]  vfree+0x17a/0x890
[   95.348856][ T8082]  delayed_vfree_work+0x56/0x70
[   95.350134][ T8082]  process_one_work+0x9c5/0x1ba0
[   95.351445][ T8082]  worker_thread+0x6c8/0xf00
[   95.352658][ T8082]  kthread+0x2c1/0x3a0
[   95.353789][ T8082]  ret_from_fork+0x45/0x80
[   95.354977][ T8082]  ret_from_fork_asm+0x1a/0x30
[   95.356242][ T8082] Modules linked in:
[   95.357273][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   95.360376][ T8082] Tainted: [B]=BAD_PAGE
[   95.361472][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.364258][ T8082] Call Trace:
[   95.365140][ T8082]  <TASK>
[   95.365923][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   95.367177][ T8082]  bad_page+0xb3/0x1f0
[   95.368257][ T8082]  ? __pfx_bad_page+0x10/0x10
[   95.369500][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   95.370798][ T8082]  free_unref_page+0x657/0xdc0
[   95.372064][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   95.373634][ T8082]  ? __phys_addr+0xc6/0x150
[   95.374825][ T8082]  skb_free_head+0xa0/0x1d0
[   95.375997][ T8082]  skb_release_data+0x560/0x730
[   95.377281][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   95.378635][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   95.380287][ T8082]  ? kernel_text_address+0x8d/0x100
[   95.381639][ T8082]  ? hlock_class+0x4e/0x130
[   95.382847][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   95.384171][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   95.385986][ T8082]  ? hlock_class+0x4e/0x130
[   95.387155][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   95.388482][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   95.389841][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   95.391420][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   95.393122][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   95.394494][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.396151][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.397334][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.398963][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   95.400507][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   95.402229][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   95.403570][ T8082]  ? __build_skb_around+0x278/0x3b0
[   95.404868][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   95.406250][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   95.407885][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   95.409603][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   95.411027][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.412401][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   95.413924][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.415456][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   95.417003][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   95.418549][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   95.419931][ T8082]  ? 0xffffffffa0004340
[   95.421023][ T8082]  ? 0xffffffffa0004340
[   95.422114][ T8082]  ? 0xffffffffa0004340
[   95.423209][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.424758][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.426171][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.427367][ T8082]  ? __fget_files+0x40/0x3f0
[   95.428580][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.430101][ T8082]  ? fput+0x30/0x390
[   95.431130][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   95.432386][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.433907][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.435049][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   95.436280][ T8082]  ? __fget_files+0x23a/0x3f0
[   95.437516][ T8082]  ? do_futex+0x123/0x350
[   95.438660][ T8082]  ? __pfx_do_futex+0x10/0x10
[   95.439870][ T8082]  ? fdget_pos+0x262/0x360
[   95.441040][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   95.442422][ T8082]  ? ksys_write+0x1ad/0x260
[   95.443617][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   95.444877][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.446025][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.447336][ T8082]  do_syscall_64+0xcd/0x250
[   95.448480][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.449961][ T8082] RIP: 0033:0x7f389a37e719
[   95.451053][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.455590][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.457585][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   95.459525][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   95.461527][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   95.463569][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.465515][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   95.467478][ T8082]  </TASK>
[   95.468273][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.469800][ T8082] BUG: Bad page state in process syz.0.755  pfn:25d4b
[   95.471430][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7a pfn:0x25d4b
[   95.473621][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   95.475379][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   95.477512][ T8082] raw: 000000000000007a 0000000000000001 00000000ffffffff 0000000000000000
[   95.479691][ T8082] page dumped because: page_pool leak
[   95.481033][ T8082] page_owner tracks the page as allocated
[   95.482472][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474903558, free_ts 89871844393
[   95.486761][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.488009][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.489444][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.490830][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.492278][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.493843][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.495168][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.496409][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.497922][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.499204][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.500510][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.501585][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.502760][ T8082]  do_syscall_64+0xcd/0x250
[   95.503997][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.505530][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   95.507167][ T8082]  free_unref_page+0x5f4/0xdc0
[   95.508410][ T8082]  vfree+0x17a/0x890
[   95.509438][ T8082]  delayed_vfree_work+0x56/0x70
[   95.510741][ T8082]  process_one_work+0x9c5/0x1ba0
[   95.512033][ T8082]  worker_thread+0x6c8/0xf00
[   95.513288][ T8082]  kthread+0x2c1/0x3a0
[   95.514357][ T8082]  ret_from_fork+0x45/0x80
[   95.515477][ T8082]  ret_from_fork_asm+0x1a/0x30
[   95.516701][ T8082] Modules linked in:
[   95.517722][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   95.520711][ T8082] Tainted: [B]=BAD_PAGE
[   95.521791][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.524538][ T8082] Call Trace:
[   95.525402][ T8082]  <TASK>
[   95.526173][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   95.527377][ T8082]  bad_page+0xb3/0x1f0
[   95.528413][ T8082]  ? __pfx_bad_page+0x10/0x10
[   95.529617][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   95.530876][ T8082]  free_unref_page+0x657/0xdc0
[   95.532066][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   95.533521][ T8082]  ? __phys_addr+0xc6/0x150
[   95.534664][ T8082]  skb_free_head+0xa0/0x1d0
[   95.535808][ T8082]  skb_release_data+0x560/0x730
[   95.537076][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   95.538381][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   95.540076][ T8082]  ? kernel_text_address+0x8d/0x100
[   95.541428][ T8082]  ? hlock_class+0x4e/0x130
[   95.542543][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   95.543767][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   95.545602][ T8082]  ? hlock_class+0x4e/0x130
[   95.546766][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   95.548013][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   95.549334][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   95.550876][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   95.552506][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   95.553771][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.555367][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.556520][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.558114][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   95.559621][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   95.561234][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   95.562514][ T8082]  ? __build_skb_around+0x278/0x3b0
[   95.563831][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   95.565198][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   95.566821][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   95.568467][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   95.569863][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.571213][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   95.572711][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.574219][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   95.575740][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   95.577271][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   95.578671][ T8082]  ? 0xffffffffa0004340
[   95.579758][ T8082]  ? 0xffffffffa0004340
[   95.580839][ T8082]  ? 0xffffffffa0004340
[   95.581924][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.583466][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.584856][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.586042][ T8082]  ? __fget_files+0x40/0x3f0
[   95.587256][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.588736][ T8082]  ? fput+0x30/0x390
[   95.589762][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   95.591026][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.592544][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.593670][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   95.594925][ T8082]  ? __fget_files+0x23a/0x3f0
[   95.596157][ T8082]  ? do_futex+0x123/0x350
[   95.597290][ T8082]  ? __pfx_do_futex+0x10/0x10
[   95.598533][ T8082]  ? fdget_pos+0x262/0x360
[   95.599701][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   95.601073][ T8082]  ? ksys_write+0x1ad/0x260
[   95.602252][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   95.603488][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.604626][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.605964][ T8082]  do_syscall_64+0xcd/0x250
[   95.607171][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.608716][ T8082] RIP: 0033:0x7f389a37e719
[   95.609883][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.614844][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.616989][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   95.619051][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   95.620972][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   95.622970][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.625021][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   95.627122][ T8082]  </TASK>
[   95.627981][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.629559][ T8082] BUG: Bad page state in process syz.0.755  pfn:4c43c
[   95.631320][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804c43c000 pfn:0x4c43c
[   95.633970][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   95.635815][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   95.638049][ T8082] raw: ffff88804c43c000 0000000000000001 00000000ffffffff 0000000000000000
[   95.640283][ T8082] page dumped because: page_pool leak
[   95.641679][ T8082] page_owner tracks the page as allocated
[   95.643248][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474899455, free_ts 89911499753
[   95.647518][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.648782][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.650235][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.651615][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.653101][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.654640][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.656019][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.657354][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.659035][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.660416][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.661844][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.663054][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.664231][ T8082]  do_syscall_64+0xcd/0x250
[   95.665416][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.666977][ T8082] page last free pid 5994 tgid 5994 stack trace:
[   95.668616][ T8082]  free_unref_page+0x5f4/0xdc0
[   95.669871][ T8082]  vfree+0x17a/0x890
[   95.670911][ T8082]  delayed_vfree_work+0x56/0x70
[   95.672246][ T8082]  process_one_work+0x9c5/0x1ba0
[   95.673543][ T8082]  worker_thread+0x6c8/0xf00
[   95.674757][ T8082]  kthread+0x2c1/0x3a0
[   95.675716][ T8082]  ret_from_fork+0x45/0x80
[   95.676784][ T8082]  ret_from_fork_asm+0x1a/0x30
[   95.678060][ T8082] Modules linked in:
[   95.679110][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   95.682219][ T8082] Tainted: [B]=BAD_PAGE
[   95.683306][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.686086][ T8082] Call Trace:
[   95.686970][ T8082]  <TASK>
[   95.687746][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   95.688992][ T8082]  bad_page+0xb3/0x1f0
[   95.690066][ T8082]  ? __pfx_bad_page+0x10/0x10
[   95.691310][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   95.692623][ T8082]  free_unref_page+0x657/0xdc0
[   95.693874][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   95.695452][ T8082]  ? __phys_addr+0xc6/0x150
[   95.696640][ T8082]  skb_free_head+0xa0/0x1d0
[   95.697835][ T8082]  skb_release_data+0x560/0x730
[   95.699154][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   95.700473][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   95.702216][ T8082]  ? kernel_text_address+0x8d/0x100
[   95.703577][ T8082]  ? hlock_class+0x4e/0x130
[   95.704772][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   95.706096][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   95.707942][ T8082]  ? hlock_class+0x4e/0x130
[   95.709143][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   95.710445][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   95.711804][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   95.713372][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   95.715068][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   95.716437][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.718095][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.719307][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.720957][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   95.722599][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   95.724329][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   95.725692][ T8082]  ? __build_skb_around+0x278/0x3b0
[   95.727076][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   95.728463][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   95.730095][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   95.731810][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   95.733277][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.734663][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   95.736187][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.737740][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   95.739324][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   95.740838][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   95.742216][ T8082]  ? 0xffffffffa0004340
[   95.743298][ T8082]  ? 0xffffffffa0004340
[   95.744383][ T8082]  ? 0xffffffffa0004340
[   95.745444][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.746980][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.748379][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.749561][ T8082]  ? __fget_files+0x40/0x3f0
[   95.750778][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.752297][ T8082]  ? fput+0x30/0x390
[   95.753324][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   95.754580][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.756100][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.757225][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   95.758488][ T8082]  ? __fget_files+0x23a/0x3f0
[   95.759717][ T8082]  ? do_futex+0x123/0x350
[   95.760844][ T8082]  ? __pfx_do_futex+0x10/0x10
[   95.762087][ T8082]  ? fdget_pos+0x262/0x360
[   95.763268][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   95.764645][ T8082]  ? ksys_write+0x1ad/0x260
[   95.765836][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   95.767126][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.768299][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.769660][ T8082]  do_syscall_64+0xcd/0x250
[   95.770856][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.772396][ T8082] RIP: 0033:0x7f389a37e719
[   95.773557][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.778489][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.780624][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   95.782657][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   95.784686][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   95.786722][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.788754][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   95.790793][ T8082]  </TASK>
[   95.791654][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.793227][ T8082] BUG: Bad page state in process syz.0.755  pfn:2a55e
[   95.794982][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xb pfn:0x2a55e
[   95.797235][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   95.799090][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   95.801368][ T8082] raw: 000000000000000b 0000000000000001 00000000ffffffff 0000000000000000
[   95.803587][ T8082] page dumped because: page_pool leak
[   95.804985][ T8082] page_owner tracks the page as allocated
[   95.806469][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474895296, free_ts 90468396067
[   95.810766][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.812064][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.813504][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.814891][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.816335][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.817884][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.819278][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.820619][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.822284][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.823665][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.825087][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.826212][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.827372][ T8082]  do_syscall_64+0xcd/0x250
[   95.828561][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.830092][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   95.831934][ T8082]  free_unref_page+0x5f4/0xdc0
[   95.833237][ T8082]  vfree+0x17a/0x890
[   95.834269][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   95.835634][ T8082]  cleanup_entry+0x19f/0x3a0
[   95.836834][ T8082]  translate_table+0xddd/0x17b0
[   95.838105][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   95.839356][ T8082]  nf_setsockopt+0x8a/0xf0
[   95.840533][ T8082]  ipv6_setsockopt+0x135/0x170
[   95.841840][ T8082]  rawv6_setsockopt+0xd7/0x680
[   95.843109][ T8082]  do_sock_setsockopt+0x222/0x480
[   95.844427][ T8082]  __sys_setsockopt+0x1a4/0x270
[   95.845702][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   95.847047][ T8082]  do_syscall_64+0xcd/0x250
[   95.848242][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.849781][ T8082] Modules linked in:
[   95.850831][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   95.853910][ T8082] Tainted: [B]=BAD_PAGE
[   95.855003][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.857758][ T8082] Call Trace:
[   95.858654][ T8082]  <TASK>
[   95.859431][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   95.860664][ T8082]  bad_page+0xb3/0x1f0
[   95.861734][ T8082]  ? __pfx_bad_page+0x10/0x10
[   95.862985][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   95.864262][ T8082]  free_unref_page+0x657/0xdc0
[   95.865513][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   95.867085][ T8082]  ? __phys_addr+0xc6/0x150
[   95.868278][ T8082]  skb_free_head+0xa0/0x1d0
[   95.869472][ T8082]  skb_release_data+0x560/0x730
[   95.870743][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   95.872057][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   95.873789][ T8082]  ? kernel_text_address+0x8d/0x100
[   95.875152][ T8082]  ? hlock_class+0x4e/0x130
[   95.876339][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   95.877649][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   95.879488][ T8082]  ? hlock_class+0x4e/0x130
[   95.880676][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   95.881969][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   95.883333][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   95.884896][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   95.886589][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   95.887943][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.889584][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.890782][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   95.892424][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   95.894027][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   95.895758][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   95.897118][ T8082]  ? __build_skb_around+0x278/0x3b0
[   95.898489][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   95.899867][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   95.901493][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   95.903207][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   95.904666][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.906045][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   95.907573][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.909110][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   95.910661][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   95.912184][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   95.913561][ T8082]  ? 0xffffffffa0004340
[   95.914656][ T8082]  ? 0xffffffffa0004340
[   95.915734][ T8082]  ? 0xffffffffa0004340
[   95.916809][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   95.918385][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.919780][ T8082]  ? lock_acquire+0x2f/0xb0
[   95.920963][ T8082]  ? __fget_files+0x40/0x3f0
[   95.922169][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.923684][ T8082]  ? fput+0x30/0x390
[   95.924704][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   95.925947][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   95.927458][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.928580][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   95.929822][ T8082]  ? __fget_files+0x23a/0x3f0
[   95.931057][ T8082]  ? do_futex+0x123/0x350
[   95.932183][ T8082]  ? __pfx_do_futex+0x10/0x10
[   95.933410][ T8082]  ? fdget_pos+0x262/0x360
[   95.934582][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   95.935955][ T8082]  ? ksys_write+0x1ad/0x260
[   95.937143][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   95.938432][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.939595][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.940948][ T8082]  do_syscall_64+0xcd/0x250
[   95.942139][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.943672][ T8082] RIP: 0033:0x7f389a37e719
[   95.944828][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.949765][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.951923][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   95.953964][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   95.956017][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   95.958062][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.960106][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   95.962133][ T8082]  </TASK>
[   95.962997][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.964564][ T8082] BUG: Bad page state in process syz.0.755  pfn:27bcd
[   95.966310][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27bcd
[   95.968553][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   95.970430][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   95.972630][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   95.974863][ T8082] page dumped because: page_pool leak
[   95.976246][ T8082] page_owner tracks the page as allocated
[   95.977705][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474890965, free_ts 90468402172
[   95.981979][ T8082]  post_alloc_hook+0x2d1/0x350
[   95.983235][ T8082]  get_page_from_freelist+0x101e/0x3070
[   95.984670][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   95.986044][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   95.987496][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   95.989043][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   95.990474][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   95.991805][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   95.993416][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   95.994805][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   95.996206][ T8082]  __sys_bpf+0xfc6/0x49a0
[   95.997334][ T8082]  __x64_sys_bpf+0x78/0xc0
[   95.998525][ T8082]  do_syscall_64+0xcd/0x250
[   95.999713][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.001306][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   96.002942][ T8082]  free_unref_page+0x5f4/0xdc0
[   96.004193][ T8082]  vfree+0x17a/0x890
[   96.005217][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   96.006618][ T8082]  cleanup_entry+0x19f/0x3a0
[   96.007856][ T8082]  translate_table+0xddd/0x17b0
[   96.009133][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   96.010429][ T8082]  nf_setsockopt+0x8a/0xf0
[   96.011593][ T8082]  ipv6_setsockopt+0x135/0x170
[   96.012838][ T8082]  rawv6_setsockopt+0xd7/0x680
[   96.014082][ T8082]  do_sock_setsockopt+0x222/0x480
[   96.015397][ T8082]  __sys_setsockopt+0x1a4/0x270
[   96.016661][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   96.018013][ T8082]  do_syscall_64+0xcd/0x250
[   96.019208][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.020785][ T8082] Modules linked in:
[   96.021812][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   96.024897][ T8082] Tainted: [B]=BAD_PAGE
[   96.025975][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.028737][ T8082] Call Trace:
[   96.029611][ T8082]  <TASK>
[   96.030382][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   96.031613][ T8082]  bad_page+0xb3/0x1f0
[   96.032676][ T8082]  ? __pfx_bad_page+0x10/0x10
[   96.033900][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   96.035177][ T8082]  free_unref_page+0x657/0xdc0
[   96.036401][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.037945][ T8082]  ? __phys_addr+0xc6/0x150
[   96.039127][ T8082]  skb_free_head+0xa0/0x1d0
[   96.040307][ T8082]  skb_release_data+0x560/0x730
[   96.041563][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   96.042870][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   96.044580][ T8082]  ? kernel_text_address+0x8d/0x100
[   96.045915][ T8082]  ? hlock_class+0x4e/0x130
[   96.047098][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   96.048394][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   96.050210][ T8082]  ? hlock_class+0x4e/0x130
[   96.051385][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   96.052662][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   96.054006][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   96.055560][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   96.057186][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   96.058499][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.060071][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.061218][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.062862][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   96.064418][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   96.066144][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   96.067460][ T8082]  ? __build_skb_around+0x278/0x3b0
[   96.068785][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   96.070166][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   96.071791][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   96.073491][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   96.074946][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.076320][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   96.077832][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.079372][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   96.080902][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   96.082429][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   96.083753][ T8082]  ? 0xffffffffa0004340
[   96.084830][ T8082]  ? 0xffffffffa0004340
[   96.085911][ T8082]  ? 0xffffffffa0004340
[   96.087004][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.088527][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.089914][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.091103][ T8082]  ? __fget_files+0x40/0x3f0
[   96.092312][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.093823][ T8082]  ? fput+0x30/0x390
[   96.094851][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   96.096099][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.097611][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.098758][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   96.100010][ T8082]  ? __fget_files+0x23a/0x3f0
[   96.101277][ T8082]  ? do_futex+0x123/0x350
[   96.102418][ T8082]  ? __pfx_do_futex+0x10/0x10
[   96.103653][ T8082]  ? fdget_pos+0x262/0x360
[   96.104833][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   96.106214][ T8082]  ? ksys_write+0x1ad/0x260
[   96.107408][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   96.108677][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.109846][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.111212][ T8082]  do_syscall_64+0xcd/0x250
[   96.112548][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.114103][ T8082] RIP: 0033:0x7f389a37e719
[   96.115289][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.120279][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.122448][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   96.124507][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   96.126560][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   96.128608][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.130657][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   96.132720][ T8082]  </TASK>
[   96.133554][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.135189][ T8082] BUG: Bad page state in process syz.0.755  pfn:31669
[   96.136932][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x31669
[   96.139576][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   96.141397][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   96.143618][ T8082] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[   96.145834][ T8082] page dumped because: page_pool leak
[   96.147240][ T8082] page_owner tracks the page as allocated
[   96.148717][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474886804, free_ts 90468406369
[   96.153014][ T8082]  post_alloc_hook+0x2d1/0x350
[   96.154278][ T8082]  get_page_from_freelist+0x101e/0x3070
[   96.155715][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   96.157116][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   96.158569][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   96.160149][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   96.161518][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   96.162858][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   96.164460][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.165837][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.167254][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.168385][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.169600][ T8082]  do_syscall_64+0xcd/0x250
[   96.170817][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.172363][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   96.174035][ T8082]  free_unref_page+0x5f4/0xdc0
[   96.175302][ T8082]  vfree+0x17a/0x890
[   96.176332][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   96.177709][ T8082]  cleanup_entry+0x19f/0x3a0
[   96.178925][ T8082]  translate_table+0xddd/0x17b0
[   96.180238][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   96.181490][ T8082]  nf_setsockopt+0x8a/0xf0
[   96.182676][ T8082]  ipv6_setsockopt+0x135/0x170
[   96.183923][ T8082]  rawv6_setsockopt+0xd7/0x680
[   96.185177][ T8082]  do_sock_setsockopt+0x222/0x480
[   96.186512][ T8082]  __sys_setsockopt+0x1a4/0x270
[   96.187782][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   96.189199][ T8082]  do_syscall_64+0xcd/0x250
[   96.190411][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.191950][ T8082] Modules linked in:
[   96.192978][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   96.196063][ T8082] Tainted: [B]=BAD_PAGE
[   96.197145][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.199928][ T8082] Call Trace:
[   96.200804][ T8082]  <TASK>
[   96.201581][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   96.202824][ T8082]  bad_page+0xb3/0x1f0
[   96.203901][ T8082]  ? __pfx_bad_page+0x10/0x10
[   96.205145][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   96.206428][ T8082]  free_unref_page+0x657/0xdc0
[   96.207665][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.209215][ T8082]  ? __phys_addr+0xc6/0x150
[   96.210404][ T8082]  skb_free_head+0xa0/0x1d0
[   96.211597][ T8082]  skb_release_data+0x560/0x730
[   96.212865][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   96.214182][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   96.215918][ T8082]  ? kernel_text_address+0x8d/0x100
[   96.217270][ T8082]  ? hlock_class+0x4e/0x130
[   96.218471][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   96.219771][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   96.221588][ T8082]  ? hlock_class+0x4e/0x130
[   96.222788][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   96.224077][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   96.225429][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   96.226993][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   96.228671][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   96.230031][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.231678][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.232862][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.234519][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   96.236157][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   96.237905][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   96.239456][ T8082]  ? __build_skb_around+0x278/0x3b0
[   96.240839][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   96.242303][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   96.243965][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   96.245732][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   96.247257][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.248667][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   96.250231][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.251800][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   96.253355][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   96.254909][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   96.256303][ T8082]  ? 0xffffffffa0004340
[   96.257402][ T8082]  ? 0xffffffffa0004340
[   96.258524][ T8082]  ? 0xffffffffa0004340
[   96.259662][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.261225][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.262652][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.263853][ T8082]  ? __fget_files+0x40/0x3f0
[   96.265089][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.266632][ T8082]  ? fput+0x30/0x390
[   96.267677][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   96.268947][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.270493][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.271637][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   96.272903][ T8082]  ? __fget_files+0x23a/0x3f0
[   96.274151][ T8082]  ? do_futex+0x123/0x350
[   96.275303][ T8082]  ? __pfx_do_futex+0x10/0x10
[   96.276549][ T8082]  ? fdget_pos+0x262/0x360
[   96.277733][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   96.279147][ T8082]  ? ksys_write+0x1ad/0x260
[   96.280354][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   96.281644][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.282834][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.284206][ T8082]  do_syscall_64+0xcd/0x250
[   96.285411][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.286978][ T8082] RIP: 0033:0x7f389a37e719
[   96.288164][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.293189][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.295384][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   96.297458][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   96.299548][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   96.301615][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.303695][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   96.305765][ T8082]  </TASK>
[   96.306649][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.308249][ T8082] BUG: Bad page state in process syz.0.755  pfn:49f03
[   96.310040][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x19 pfn:0x49f03
[   96.312338][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   96.314065][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   96.316305][ T8082] raw: 0000000000000019 0000000000000001 00000000ffffffff 0000000000000000
[   96.318605][ T8082] page dumped because: page_pool leak
[   96.319990][ T8082] page_owner tracks the page as allocated
[   96.321468][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474882114, free_ts 90468410081
[   96.325751][ T8082]  post_alloc_hook+0x2d1/0x350
[   96.327027][ T8082]  get_page_from_freelist+0x101e/0x3070
[   96.328527][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   96.329913][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   96.331365][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   96.332979][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   96.334380][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   96.335717][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   96.337336][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.338804][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.340212][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.341356][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.342538][ T8082]  do_syscall_64+0xcd/0x250
[   96.343743][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.345304][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   96.346964][ T8082]  free_unref_page+0x5f4/0xdc0
[   96.348292][ T8082]  vfree+0x17a/0x890
[   96.349340][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   96.350730][ T8082]  cleanup_entry+0x19f/0x3a0
[   96.351938][ T8082]  translate_table+0xddd/0x17b0
[   96.353210][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   96.354468][ T8082]  nf_setsockopt+0x8a/0xf0
[   96.355667][ T8082]  ipv6_setsockopt+0x135/0x170
[   96.356915][ T8082]  rawv6_setsockopt+0xd7/0x680
[   96.358233][ T8082]  do_sock_setsockopt+0x222/0x480
[   96.359545][ T8082]  __sys_setsockopt+0x1a4/0x270
[   96.360813][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   96.362142][ T8082]  do_syscall_64+0xcd/0x250
[   96.363343][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.364874][ T8082] Modules linked in:
[   96.365895][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   96.368983][ T8082] Tainted: [B]=BAD_PAGE
[   96.370063][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.372834][ T8082] Call Trace:
[   96.373708][ T8082]  <TASK>
[   96.374487][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   96.375722][ T8082]  bad_page+0xb3/0x1f0
[   96.376792][ T8082]  ? __pfx_bad_page+0x10/0x10
[   96.378038][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   96.379302][ T8082]  free_unref_page+0x657/0xdc0
[   96.380550][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.382113][ T8082]  ? __phys_addr+0xc6/0x150
[   96.383309][ T8082]  skb_free_head+0xa0/0x1d0
[   96.384501][ T8082]  skb_release_data+0x560/0x730
[   96.385684][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   96.387001][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   96.388743][ T8082]  ? kernel_text_address+0x8d/0x100
[   96.390111][ T8082]  ? hlock_class+0x4e/0x130
[   96.391313][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   96.392630][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   96.394479][ T8082]  ? hlock_class+0x4e/0x130
[   96.395676][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   96.396978][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   96.398359][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   96.399926][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   96.401623][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   96.402995][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.404649][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.405839][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.407502][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   96.409119][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   96.410864][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   96.412234][ T8082]  ? __build_skb_around+0x278/0x3b0
[   96.413600][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   96.414974][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   96.416610][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   96.418352][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   96.419820][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.421207][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   96.422744][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.424292][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   96.425842][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   96.427380][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   96.428759][ T8082]  ? 0xffffffffa0004340
[   96.429837][ T8082]  ? 0xffffffffa0004340
[   96.430911][ T8082]  ? 0xffffffffa0004340
[   96.431990][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.433518][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.434891][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.436087][ T8082]  ? __fget_files+0x40/0x3f0
[   96.437307][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.438847][ T8082]  ? fput+0x30/0x390
[   96.439882][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   96.441147][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.442658][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.443749][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   96.445008][ T8082]  ? __fget_files+0x23a/0x3f0
[   96.446259][ T8082]  ? do_futex+0x123/0x350
[   96.447396][ T8082]  ? __pfx_do_futex+0x10/0x10
[   96.448668][ T8082]  ? fdget_pos+0x262/0x360
[   96.449848][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   96.451249][ T8082]  ? ksys_write+0x1ad/0x260
[   96.452451][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   96.453734][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.454932][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.456307][ T8082]  do_syscall_64+0xcd/0x250
[   96.457481][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.459009][ T8082] RIP: 0033:0x7f389a37e719
[   96.460186][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.465098][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.467272][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   96.469354][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   96.471413][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   96.473473][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.475533][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   96.477589][ T8082]  </TASK>
[   96.478477][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.480061][ T8082] BUG: Bad page state in process syz.0.755  pfn:5b015
[   96.481808][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x5b015
[   96.484078][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   96.485913][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   96.488201][ T8082] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[   96.490428][ T8082] page dumped because: page_pool leak
[   96.491825][ T8082] page_owner tracks the page as allocated
[   96.493309][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474877250, free_ts 90468414014
[   96.497628][ T8082]  post_alloc_hook+0x2d1/0x350
[   96.498907][ T8082]  get_page_from_freelist+0x101e/0x3070
[   96.500354][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   96.501733][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   96.503194][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   96.504766][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   96.506153][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   96.507545][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   96.509157][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.510539][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.511940][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.513079][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.514254][ T8082]  do_syscall_64+0xcd/0x250
[   96.515461][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.517003][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   96.518712][ T8082]  free_unref_page+0x5f4/0xdc0
[   96.519971][ T8082]  vfree+0x17a/0x890
[   96.521035][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   96.522420][ T8082]  cleanup_entry+0x19f/0x3a0
[   96.523637][ T8082]  translate_table+0xddd/0x17b0
[   96.524915][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   96.526182][ T8082]  nf_setsockopt+0x8a/0xf0
[   96.527452][ T8082]  ipv6_setsockopt+0x135/0x170
[   96.528708][ T8082]  rawv6_setsockopt+0xd7/0x680
[   96.529962][ T8082]  do_sock_setsockopt+0x222/0x480
[   96.531294][ T8082]  __sys_setsockopt+0x1a4/0x270
[   96.532583][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   96.533917][ T8082]  do_syscall_64+0xcd/0x250
[   96.535119][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.536634][ T8082] Modules linked in:
[   96.537715][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   96.540822][ T8082] Tainted: [B]=BAD_PAGE
[   96.541910][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.544693][ T8082] Call Trace:
[   96.545573][ T8082]  <TASK>
[   96.546369][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   96.547618][ T8082]  bad_page+0xb3/0x1f0
[   96.548698][ T8082]  ? __pfx_bad_page+0x10/0x10
[   96.549937][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   96.551235][ T8082]  free_unref_page+0x657/0xdc0
[   96.552495][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.554066][ T8082]  ? __phys_addr+0xc6/0x150
[   96.555293][ T8082]  skb_free_head+0xa0/0x1d0
[   96.556497][ T8082]  skb_release_data+0x560/0x730
[   96.557773][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   96.559105][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   96.560836][ T8082]  ? kernel_text_address+0x8d/0x100
[   96.562206][ T8082]  ? hlock_class+0x4e/0x130
[   96.563405][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   96.564720][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   96.566566][ T8082]  ? hlock_class+0x4e/0x130
[   96.567765][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   96.569063][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   96.570431][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   96.571982][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   96.573650][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   96.575020][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.576678][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.577873][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.579544][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   96.581174][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   96.582913][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   96.584282][ T8082]  ? __build_skb_around+0x278/0x3b0
[   96.585646][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   96.587039][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   96.588673][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   96.590393][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   96.591864][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.593255][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   96.594798][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.596359][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   96.597915][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   96.599478][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   96.600863][ T8082]  ? 0xffffffffa0004340
[   96.601962][ T8082]  ? 0xffffffffa0004340
[   96.603064][ T8082]  ? 0xffffffffa0004340
[   96.604153][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.605696][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.607106][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.608301][ T8082]  ? __fget_files+0x40/0x3f0
[   96.609518][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.611056][ T8082]  ? fput+0x30/0x390
[   96.612088][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   96.613343][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.614872][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.616020][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   96.617277][ T8082]  ? __fget_files+0x23a/0x3f0
[   96.618532][ T8082]  ? do_futex+0x123/0x350
[   96.619671][ T8082]  ? __pfx_do_futex+0x10/0x10
[   96.620908][ T8082]  ? fdget_pos+0x262/0x360
[   96.622085][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   96.623463][ T8082]  ? ksys_write+0x1ad/0x260
[   96.624664][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   96.625942][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.627124][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.628491][ T8082]  do_syscall_64+0xcd/0x250
[   96.629690][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.631247][ T8082] RIP: 0033:0x7f389a37e719
[   96.632418][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.637403][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.639569][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   96.641616][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   96.643680][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   96.645734][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.647808][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   96.649865][ T8082]  </TASK>
[   96.650731][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.652313][ T8082] BUG: Bad page state in process syz.0.755  pfn:31dd1
[   96.654091][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x155 pfn:0x31dd1
[   96.656392][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   96.658282][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   96.660495][ T8082] raw: 0000000000000155 0000000000000001 00000000ffffffff 0000000000000000
[   96.662721][ T8082] page dumped because: page_pool leak
[   96.664120][ T8082] page_owner tracks the page as allocated
[   96.665598][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474873235, free_ts 90468418321
[   96.669942][ T8082]  post_alloc_hook+0x2d1/0x350
[   96.671216][ T8082]  get_page_from_freelist+0x101e/0x3070
[   96.672661][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   96.674048][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   96.675499][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   96.677093][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   96.678486][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   96.679825][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   96.681431][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.682790][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.684169][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.685316][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.686554][ T8082]  do_syscall_64+0xcd/0x250
[   96.687756][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.689310][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   96.690954][ T8082]  free_unref_page+0x5f4/0xdc0
[   96.692219][ T8082]  vfree+0x17a/0x890
[   96.693252][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   96.694652][ T8082]  cleanup_entry+0x19f/0x3a0
[   96.695869][ T8082]  translate_table+0xddd/0x17b0
[   96.697195][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   96.698470][ T8082]  nf_setsockopt+0x8a/0xf0
[   96.699643][ T8082]  ipv6_setsockopt+0x135/0x170
[   96.700901][ T8082]  rawv6_setsockopt+0xd7/0x680
[   96.702156][ T8082]  do_sock_setsockopt+0x222/0x480
[   96.703508][ T8082]  __sys_setsockopt+0x1a4/0x270
[   96.704785][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   96.706126][ T8082]  do_syscall_64+0xcd/0x250
[   96.707380][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.708922][ T8082] Modules linked in:
[   96.709952][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   96.713044][ T8082] Tainted: [B]=BAD_PAGE
[   96.714130][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.716913][ T8082] Call Trace:
[   96.717792][ T8082]  <TASK>
[   96.718589][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   96.719833][ T8082]  bad_page+0xb3/0x1f0
[   96.720908][ T8082]  ? __pfx_bad_page+0x10/0x10
[   96.722147][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   96.723444][ T8082]  free_unref_page+0x657/0xdc0
[   96.724702][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.726278][ T8082]  ? __phys_addr+0xc6/0x150
[   96.727469][ T8082]  skb_free_head+0xa0/0x1d0
[   96.728665][ T8082]  skb_release_data+0x560/0x730
[   96.729938][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   96.731262][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   96.732991][ T8082]  ? kernel_text_address+0x8d/0x100
[   96.734365][ T8082]  ? hlock_class+0x4e/0x130
[   96.735563][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   96.736878][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   96.738786][ T8082]  ? hlock_class+0x4e/0x130
[   96.739980][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   96.741265][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   96.742630][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   96.744198][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   96.745886][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   96.747260][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.748902][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.750093][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.751751][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   96.753369][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   96.755114][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   96.756483][ T8082]  ? __build_skb_around+0x278/0x3b0
[   96.757848][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   96.759257][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   96.760885][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   96.762605][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   96.764069][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.765449][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   96.766982][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.768523][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   96.770061][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   96.771592][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   96.772968][ T8082]  ? 0xffffffffa0004340
[   96.774066][ T8082]  ? 0xffffffffa0004340
[   96.775158][ T8082]  ? 0xffffffffa0004340
[   96.776244][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.777783][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.779216][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.780401][ T8082]  ? __fget_files+0x40/0x3f0
[   96.781622][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.783159][ T8082]  ? fput+0x30/0x390
[   96.784191][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   96.785445][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.786971][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.788102][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   96.789351][ T8082]  ? __fget_files+0x23a/0x3f0
[   96.790592][ T8082]  ? do_futex+0x123/0x350
[   96.791728][ T8082]  ? __pfx_do_futex+0x10/0x10
[   96.792964][ T8082]  ? fdget_pos+0x262/0x360
[   96.794142][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   96.795532][ T8082]  ? ksys_write+0x1ad/0x260
[   96.796727][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   96.798017][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.799191][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.800549][ T8082]  do_syscall_64+0xcd/0x250
[   96.801746][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.803305][ T8082] RIP: 0033:0x7f389a37e719
[   96.804477][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.809475][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.811644][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   96.813695][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   96.815754][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   96.817807][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.819864][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   96.821913][ T8082]  </TASK>
[   96.822753][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.824307][ T8082] BUG: Bad page state in process syz.0.755  pfn:296b0
[   96.826139][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880296b6600 pfn:0x296b0
[   96.828738][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   96.830583][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   96.832834][ T8082] raw: ffff8880296b6600 0000000000000001 00000000ffffffff 0000000000000000
[   96.835059][ T8082] page dumped because: page_pool leak
[   96.836517][ T8082] page_owner tracks the page as allocated
[   96.838011][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474869070, free_ts 90468422153
[   96.842287][ T8082]  post_alloc_hook+0x2d1/0x350
[   96.843548][ T8082]  get_page_from_freelist+0x101e/0x3070
[   96.845005][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   96.846442][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   96.847889][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   96.849433][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   96.850822][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   96.852171][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   96.853802][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.855208][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.856656][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.857795][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.858979][ T8082]  do_syscall_64+0xcd/0x250
[   96.860181][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.861726][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   96.863371][ T8082]  free_unref_page+0x5f4/0xdc0
[   96.864622][ T8082]  vfree+0x17a/0x890
[   96.865691][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   96.867080][ T8082]  cleanup_entry+0x19f/0x3a0
[   96.868297][ T8082]  translate_table+0xddd/0x17b0
[   96.869601][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   96.870864][ T8082]  nf_setsockopt+0x8a/0xf0
[   96.872041][ T8082]  ipv6_setsockopt+0x135/0x170
[   96.873298][ T8082]  rawv6_setsockopt+0xd7/0x680
[   96.874557][ T8082]  do_sock_setsockopt+0x222/0x480
[   96.875960][ T8082]  __sys_setsockopt+0x1a4/0x270
[   96.877247][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   96.878596][ T8082]  do_syscall_64+0xcd/0x250
[   96.879785][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.881330][ T8082] Modules linked in:
[   96.882375][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   96.885483][ T8082] Tainted: [B]=BAD_PAGE
[   96.886575][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.889339][ T8082] Call Trace:
[   96.890221][ T8082]  <TASK>
[   96.891006][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   96.892252][ T8082]  bad_page+0xb3/0x1f0
[   96.893324][ T8082]  ? __pfx_bad_page+0x10/0x10
[   96.894564][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   96.895840][ T8082]  free_unref_page+0x657/0xdc0
[   96.897095][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.898673][ T8082]  ? __phys_addr+0xc6/0x150
[   96.899860][ T8082]  skb_free_head+0xa0/0x1d0
[   96.901066][ T8082]  skb_release_data+0x560/0x730
[   96.902355][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   96.903670][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   96.905421][ T8082]  ? kernel_text_address+0x8d/0x100
[   96.906816][ T8082]  ? hlock_class+0x4e/0x130
[   96.908010][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   96.909325][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   96.911177][ T8082]  ? hlock_class+0x4e/0x130
[   96.912370][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   96.913666][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   96.915029][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   96.916595][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   96.918308][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   96.919658][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.921307][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.922501][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   96.924152][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   96.925758][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   96.927502][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   96.928861][ T8082]  ? __build_skb_around+0x278/0x3b0
[   96.930240][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   96.931628][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   96.933262][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   96.934963][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   96.936430][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   96.937811][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   96.939344][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.940884][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   96.942426][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   96.943948][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   96.945328][ T8082]  ? 0xffffffffa0004340
[   96.946421][ T8082]  ? 0xffffffffa0004340
[   96.947510][ T8082]  ? 0xffffffffa0004340
[   96.948600][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   96.950141][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   96.951551][ T8082]  ? lock_acquire+0x2f/0xb0
[   96.952741][ T8082]  ? __fget_files+0x40/0x3f0
[   96.953958][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.955489][ T8082]  ? fput+0x30/0x390
[   96.956518][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   96.957773][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   96.959306][ T8082]  __sys_bpf+0xfc6/0x49a0
[   96.960432][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   96.961679][ T8082]  ? __fget_files+0x23a/0x3f0
[   96.962919][ T8082]  ? do_futex+0x123/0x350
[   96.964053][ T8082]  ? __pfx_do_futex+0x10/0x10
[   96.965288][ T8082]  ? fdget_pos+0x262/0x360
[   96.966466][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   96.967849][ T8082]  ? ksys_write+0x1ad/0x260
[   96.969041][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   96.970323][ T8082]  __x64_sys_bpf+0x78/0xc0
[   96.971494][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.972850][ T8082]  do_syscall_64+0xcd/0x250
[   96.974048][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.975617][ T8082] RIP: 0033:0x7f389a37e719
[   96.976785][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.981751][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.983919][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   96.985971][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   96.988026][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   96.990063][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.992121][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   96.994173][ T8082]  </TASK>
[   96.995044][    C1] vkms_vblank_simulate: vblank timer overrun
[   96.996623][ T8082] BUG: Bad page state in process syz.0.755  pfn:4e29b
[   96.998380][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804e29be88 pfn:0x4e29b
[   97.000955][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.002872][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   97.005141][ T8082] raw: ffff88804e29be88 0000000000000001 00000000ffffffff 0000000000000000
[   97.007486][ T8082] page dumped because: page_pool leak
[   97.008882][ T8082] page_owner tracks the page as allocated
[   97.010377][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474864594, free_ts 90468425801
[   97.014702][ T8082]  post_alloc_hook+0x2d1/0x350
[   97.016107][ T8082]  get_page_from_freelist+0x101e/0x3070
[   97.017568][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   97.018999][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   97.020458][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   97.021998][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   97.023385][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   97.024782][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   97.026400][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.027776][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.029191][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.030342][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.031513][ T8082]  do_syscall_64+0xcd/0x250
[   97.032715][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.034278][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   97.035978][ T8082]  free_unref_page+0x5f4/0xdc0
[   97.037242][ T8082]  vfree+0x17a/0x890
[   97.038319][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   97.039709][ T8082]  cleanup_entry+0x19f/0x3a0
[   97.040937][ T8082]  translate_table+0xddd/0x17b0
[   97.042244][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   97.043501][ T8082]  nf_setsockopt+0x8a/0xf0
[   97.044735][ T8082]  ipv6_setsockopt+0x135/0x170
[   97.045999][ T8082]  rawv6_setsockopt+0xd7/0x680
[   97.047270][ T8082]  do_sock_setsockopt+0x222/0x480
[   97.048594][ T8082]  __sys_setsockopt+0x1a4/0x270
[   97.049876][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   97.051256][ T8082]  do_syscall_64+0xcd/0x250
[   97.052454][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.054004][ T8082] Modules linked in:
[   97.055095][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   97.058206][ T8082] Tainted: [B]=BAD_PAGE
[   97.059287][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.062059][ T8082] Call Trace:
[   97.062945][ T8082]  <TASK>
[   97.063722][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   97.064944][ T8082]  bad_page+0xb3/0x1f0
[   97.066011][ T8082]  ? __pfx_bad_page+0x10/0x10
[   97.067258][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   97.068539][ T8082]  free_unref_page+0x657/0xdc0
[   97.069798][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.071385][ T8082]  ? __phys_addr+0xc6/0x150
[   97.072581][ T8082]  skb_free_head+0xa0/0x1d0
[   97.073790][ T8082]  skb_release_data+0x560/0x730
[   97.075080][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   97.076412][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   97.078167][ T8082]  ? kernel_text_address+0x8d/0x100
[   97.079535][ T8082]  ? hlock_class+0x4e/0x130
[   97.080731][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   97.082051][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   97.083905][ T8082]  ? hlock_class+0x4e/0x130
[   97.085107][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   97.086413][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   97.087776][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   97.089349][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   97.091050][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   97.092414][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.094066][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.095263][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.096911][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   97.098532][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   97.100260][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   97.101621][ T8082]  ? __build_skb_around+0x278/0x3b0
[   97.102993][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   97.104382][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   97.106010][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   97.107730][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   97.109191][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.110583][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   97.112111][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.113650][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   97.115199][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   97.116718][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   97.118103][ T8082]  ? 0xffffffffa0004340
[   97.119191][ T8082]  ? 0xffffffffa0004340
[   97.120286][ T8082]  ? 0xffffffffa0004340
[   97.121375][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.122920][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.124331][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.125522][ T8082]  ? __fget_files+0x40/0x3f0
[   97.126745][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.128274][ T8082]  ? fput+0x30/0x390
[   97.129296][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   97.130562][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.132086][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.133235][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   97.134623][ T8082]  ? __fget_files+0x23a/0x3f0
[   97.135887][ T8082]  ? do_futex+0x123/0x350
[   97.137065][ T8082]  ? __pfx_do_futex+0x10/0x10
[   97.138354][ T8082]  ? fdget_pos+0x262/0x360
[   97.139546][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   97.140943][ T8082]  ? ksys_write+0x1ad/0x260
[   97.142159][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   97.143454][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.144636][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.146006][ T8082]  do_syscall_64+0xcd/0x250
[   97.147221][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.148775][ T8082] RIP: 0033:0x7f389a37e719
[   97.149955][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.154970][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.157137][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   97.159206][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   97.161253][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   97.163316][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.165392][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   97.167509][ T8082]  </TASK>
[   97.168416][    C1] vkms_vblank_simulate: vblank timer overrun
[   97.170019][ T8082] BUG: Bad page state in process syz.0.755  pfn:2d61e
[   97.171794][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802d61e0f8 pfn:0x2d61e
[   97.174464][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.176300][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   97.178545][ T8082] raw: ffff88802d61e0f8 0000000000000001 00000000ffffffff 0000000000000000
[   97.180748][ T8082] page dumped because: page_pool leak
[   97.182145][ T8082] page_owner tracks the page as allocated
[   97.183633][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474860157, free_ts 90468429497
[   97.188009][ T8082]  post_alloc_hook+0x2d1/0x350
[   97.189263][ T8082]  get_page_from_freelist+0x101e/0x3070
[   97.190714][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   97.192100][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   97.193548][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   97.195140][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   97.196518][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   97.197845][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   97.199472][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.200900][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.202318][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.203460][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.204679][ T8082]  do_syscall_64+0xcd/0x250
[   97.205880][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.207434][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   97.209074][ T8082]  free_unref_page+0x5f4/0xdc0
[   97.210340][ T8082]  vfree+0x17a/0x890
[   97.211370][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   97.212754][ T8082]  cleanup_entry+0x19f/0x3a0
[   97.214015][ T8082]  translate_table+0xddd/0x17b0
[   97.215301][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   97.216561][ T8082]  nf_setsockopt+0x8a/0xf0
[   97.217762][ T8082]  ipv6_setsockopt+0x135/0x170
[   97.219027][ T8082]  rawv6_setsockopt+0xd7/0x680
[   97.220278][ T8082]  do_sock_setsockopt+0x222/0x480
[   97.221598][ T8082]  __sys_setsockopt+0x1a4/0x270
[   97.222880][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   97.224274][ T8082]  do_syscall_64+0xcd/0x250
[   97.225474][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.227033][ T8082] Modules linked in:
[   97.228067][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   97.231155][ T8082] Tainted: [B]=BAD_PAGE
[   97.232241][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.235037][ T8082] Call Trace:
[   97.235919][ T8082]  <TASK>
[   97.236706][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   97.237968][ T8082]  bad_page+0xb3/0x1f0
[   97.239060][ T8082]  ? __pfx_bad_page+0x10/0x10
[   97.240353][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   97.241667][ T8082]  free_unref_page+0x657/0xdc0
[   97.242979][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.244583][ T8082]  ? __phys_addr+0xc6/0x150
[   97.245796][ T8082]  skb_free_head+0xa0/0x1d0
[   97.247048][ T8082]  skb_release_data+0x560/0x730
[   97.248338][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   97.249668][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   97.251423][ T8082]  ? kernel_text_address+0x8d/0x100
[   97.252793][ T8082]  ? hlock_class+0x4e/0x130
[   97.253993][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   97.255325][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   97.257169][ T8082]  ? hlock_class+0x4e/0x130
[   97.258413][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   97.259722][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   97.261089][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   97.262663][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   97.264364][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   97.265732][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.267402][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.268605][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.270275][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   97.271898][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   97.273644][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   97.275026][ T8082]  ? __build_skb_around+0x278/0x3b0
[   97.276404][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   97.277800][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   97.279460][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   97.281191][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   97.282657][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.284032][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   97.285568][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.287130][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   97.288684][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   97.290218][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   97.291614][ T8082]  ? 0xffffffffa0004340
[   97.292714][ T8082]  ? 0xffffffffa0004340
[   97.293812][ T8082]  ? 0xffffffffa0004340
[   97.294915][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.296475][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.297891][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.299120][ T8082]  ? __fget_files+0x40/0x3f0
[   97.300350][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.301887][ T8082]  ? fput+0x30/0x390
[   97.302933][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   97.304184][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.305680][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.306840][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   97.308111][ T8082]  ? __fget_files+0x23a/0x3f0
[   97.309363][ T8082]  ? do_futex+0x123/0x350
[   97.310520][ T8082]  ? __pfx_do_futex+0x10/0x10
[   97.311766][ T8082]  ? fdget_pos+0x262/0x360
[   97.312952][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   97.314356][ T8082]  ? ksys_write+0x1ad/0x260
[   97.315560][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   97.316850][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.318044][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.319433][ T8082]  do_syscall_64+0xcd/0x250
[   97.320638][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.322229][ T8082] RIP: 0033:0x7f389a37e719
[   97.323418][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.328481][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.330664][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   97.332727][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   97.334795][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   97.336860][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.338948][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   97.341024][ T8082]  </TASK>
[   97.341902][    C1] vkms_vblank_simulate: vblank timer overrun
[   97.343509][ T8082] BUG: Bad page state in process syz.0.755  pfn:57fa1
[   97.345259][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x8 pfn:0x57fa1
[   97.347529][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.349375][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   97.351625][ T8082] raw: 0000000000000008 0000000000000001 00000000ffffffff 0000000000000000
[   97.353898][ T8082] page dumped because: page_pool leak
[   97.355307][ T8082] page_owner tracks the page as allocated
[   97.356782][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474855889, free_ts 90468433166
[   97.361054][ T8082]  post_alloc_hook+0x2d1/0x350
[   97.362321][ T8082]  get_page_from_freelist+0x101e/0x3070
[   97.363811][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   97.365199][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   97.366684][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   97.368231][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   97.369611][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   97.370969][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   97.372589][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.374023][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.375431][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.376571][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.377746][ T8082]  do_syscall_64+0xcd/0x250
[   97.378974][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.380527][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   97.382179][ T8082]  free_unref_page+0x5f4/0xdc0
[   97.383505][ T8082]  vfree+0x17a/0x890
[   97.384538][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   97.385927][ T8082]  cleanup_entry+0x19f/0x3a0
[   97.387159][ T8082]  translate_table+0xddd/0x17b0
[   97.388442][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   97.389699][ T8082]  nf_setsockopt+0x8a/0xf0
[   97.390893][ T8082]  ipv6_setsockopt+0x135/0x170
[   97.392156][ T8082]  rawv6_setsockopt+0xd7/0x680
[   97.393461][ T8082]  do_sock_setsockopt+0x222/0x480
[   97.394795][ T8082]  __sys_setsockopt+0x1a4/0x270
[   97.396079][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   97.397422][ T8082]  do_syscall_64+0xcd/0x250
[   97.398660][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.400247][ T8082] Modules linked in:
[   97.401287][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   97.404409][ T8082] Tainted: [B]=BAD_PAGE
[   97.405502][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.408295][ T8082] Call Trace:
[   97.409177][ T8082]  <TASK>
[   97.409962][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   97.411225][ T8082]  bad_page+0xb3/0x1f0
[   97.412310][ T8082]  ? __pfx_bad_page+0x10/0x10
[   97.413557][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   97.414831][ T8082]  free_unref_page+0x657/0xdc0
[   97.416102][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.417677][ T8082]  ? __phys_addr+0xc6/0x150
[   97.418922][ T8082]  skb_free_head+0xa0/0x1d0
[   97.420130][ T8082]  skb_release_data+0x560/0x730
[   97.421415][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   97.422757][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   97.424508][ T8082]  ? kernel_text_address+0x8d/0x100
[   97.425872][ T8082]  ? hlock_class+0x4e/0x130
[   97.427087][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   97.428411][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   97.430263][ T8082]  ? hlock_class+0x4e/0x130
[   97.431466][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   97.432774][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   97.434143][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   97.435736][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   97.437439][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   97.438848][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.440512][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.441711][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.443390][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   97.445004][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   97.446749][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   97.448119][ T8082]  ? __build_skb_around+0x278/0x3b0
[   97.449489][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   97.450890][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   97.452532][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   97.454255][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   97.455730][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.457119][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   97.458668][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.460221][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   97.461769][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   97.463306][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   97.464688][ T8082]  ? 0xffffffffa0004340
[   97.465786][ T8082]  ? 0xffffffffa0004340
[   97.466883][ T8082]  ? 0xffffffffa0004340
[   97.467982][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.469527][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.470942][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.472137][ T8082]  ? __fget_files+0x40/0x3f0
[   97.473358][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.474892][ T8082]  ? fput+0x30/0x390
[   97.475929][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   97.477196][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.478759][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.479900][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   97.481164][ T8082]  ? __fget_files+0x23a/0x3f0
[   97.482417][ T8082]  ? do_futex+0x123/0x350
[   97.483562][ T8082]  ? __pfx_do_futex+0x10/0x10
[   97.484803][ T8082]  ? fdget_pos+0x262/0x360
[   97.485986][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   97.487381][ T8082]  ? ksys_write+0x1ad/0x260
[   97.488585][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   97.489867][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.491054][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.492420][ T8082]  do_syscall_64+0xcd/0x250
[   97.493625][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.495181][ T8082] RIP: 0033:0x7f389a37e719
[   97.496358][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.501361][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.503537][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   97.505593][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   97.507664][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   97.509721][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.511784][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   97.513845][ T8082]  </TASK>
[   97.514718][    C1] vkms_vblank_simulate: vblank timer overrun
[   97.516339][ T8082] BUG: Bad page state in process syz.0.755  pfn:29e68
[   97.518099][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x63 pfn:0x29e68
[   97.520414][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.522322][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   97.524541][ T8082] raw: 0000000000000063 0000000000000001 00000000ffffffff 0000000000000000
[   97.526788][ T8082] page dumped because: page_pool leak
[   97.528192][ T8082] page_owner tracks the page as allocated
[   97.529672][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474851761, free_ts 90468437792
[   97.534010][ T8082]  post_alloc_hook+0x2d1/0x350
[   97.535277][ T8082]  get_page_from_freelist+0x101e/0x3070
[   97.536730][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   97.538130][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   97.539595][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   97.541145][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   97.542580][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   97.543901][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   97.545518][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.546913][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.548329][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.549492][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.550670][ T8082]  do_syscall_64+0xcd/0x250
[   97.551915][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.553462][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   97.555122][ T8082]  free_unref_page+0x5f4/0xdc0
[   97.556379][ T8082]  vfree+0x17a/0x890
[   97.557411][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   97.558850][ T8082]  cleanup_entry+0x19f/0x3a0
[   97.560070][ T8082]  translate_table+0xddd/0x17b0
[   97.561352][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   97.562669][ T8082]  nf_setsockopt+0x8a/0xf0
[   97.563811][ T8082]  ipv6_setsockopt+0x135/0x170
[   97.565080][ T8082]  rawv6_setsockopt+0xd7/0x680
[   97.566375][ T8082]  do_sock_setsockopt+0x222/0x480
[   97.567700][ T8082]  __sys_setsockopt+0x1a4/0x270
[   97.568978][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   97.570328][ T8082]  do_syscall_64+0xcd/0x250
[   97.571533][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.573171][ T8082] Modules linked in:
[   97.574212][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   97.577314][ T8082] Tainted: [B]=BAD_PAGE
[   97.578429][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.581213][ T8082] Call Trace:
[   97.582109][ T8082]  <TASK>
[   97.582897][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   97.584145][ T8082]  bad_page+0xb3/0x1f0
[   97.585228][ T8082]  ? __pfx_bad_page+0x10/0x10
[   97.586473][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   97.587762][ T8082]  free_unref_page+0x657/0xdc0
[   97.589021][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.590604][ T8082]  ? __phys_addr+0xc6/0x150
[   97.591803][ T8082]  skb_free_head+0xa0/0x1d0
[   97.593006][ T8082]  skb_release_data+0x560/0x730
[   97.594288][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   97.595610][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   97.597354][ T8082]  ? kernel_text_address+0x8d/0x100
[   97.598731][ T8082]  ? hlock_class+0x4e/0x130
[   97.599930][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   97.601256][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   97.603107][ T8082]  ? hlock_class+0x4e/0x130
[   97.604305][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   97.605604][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   97.606972][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   97.608546][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   97.610245][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   97.611607][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.613268][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.614466][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.616116][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   97.617721][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   97.619482][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   97.620852][ T8082]  ? __build_skb_around+0x278/0x3b0
[   97.622226][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   97.623613][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   97.625248][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   97.626975][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   97.628448][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.629832][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   97.631378][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.632933][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   97.634500][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   97.636036][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   97.637419][ T8082]  ? 0xffffffffa0004340
[   97.638528][ T8082]  ? 0xffffffffa0004340
[   97.639618][ T8082]  ? 0xffffffffa0004340
[   97.640709][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.642265][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.643680][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.644876][ T8082]  ? __fget_files+0x40/0x3f0
[   97.646102][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.647647][ T8082]  ? fput+0x30/0x390
[   97.648681][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   97.649948][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.651486][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.652635][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   97.653901][ T8082]  ? __fget_files+0x23a/0x3f0
[   97.655161][ T8082]  ? do_futex+0x123/0x350
[   97.656304][ T8082]  ? __pfx_do_futex+0x10/0x10
[   97.657554][ T8082]  ? fdget_pos+0x262/0x360
[   97.658755][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   97.660152][ T8082]  ? ksys_write+0x1ad/0x260
[   97.661362][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   97.662665][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.663847][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.665220][ T8082]  do_syscall_64+0xcd/0x250
[   97.666432][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.667986][ T8082] RIP: 0033:0x7f389a37e719
[   97.669163][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.674114][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.676293][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   97.678387][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   97.680438][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   97.682502][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.684561][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   97.686630][ T8082]  </TASK>
[   97.687493][    C1] vkms_vblank_simulate: vblank timer overrun
[   97.689079][ T8082] BUG: Bad page state in process syz.0.755  pfn:51483
[   97.690833][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x533 pfn:0x51483
[   97.693195][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.695034][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   97.697252][ T8082] raw: 0000000000000533 0000000000000001 00000000ffffffff 0000000000000000
[   97.699531][ T8082] page dumped because: page_pool leak
[   97.700926][ T8082] page_owner tracks the page as allocated
[   97.702463][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474847550, free_ts 90468441731
[   97.706722][ T8082]  post_alloc_hook+0x2d1/0x350
[   97.707989][ T8082]  get_page_from_freelist+0x101e/0x3070
[   97.709441][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   97.710840][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   97.712326][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   97.713868][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   97.715283][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   97.716619][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   97.718248][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.719638][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.721094][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.722231][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.723406][ T8082]  do_syscall_64+0xcd/0x250
[   97.724609][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.726163][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   97.727820][ T8082]  free_unref_page+0x5f4/0xdc0
[   97.729080][ T8082]  vfree+0x17a/0x890
[   97.730112][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   97.731566][ T8082]  cleanup_entry+0x19f/0x3a0
[   97.732786][ T8082]  translate_table+0xddd/0x17b0
[   97.734077][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   97.735340][ T8082]  nf_setsockopt+0x8a/0xf0
[   97.736517][ T8082]  ipv6_setsockopt+0x135/0x170
[   97.737774][ T8082]  rawv6_setsockopt+0xd7/0x680
[   97.739072][ T8082]  do_sock_setsockopt+0x222/0x480
[   97.740481][ T8082]  __sys_setsockopt+0x1a4/0x270
[   97.741818][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   97.743173][ T8082]  do_syscall_64+0xcd/0x250
[   97.744374][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.745920][ T8082] Modules linked in:
[   97.746959][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   97.750057][ T8082] Tainted: [B]=BAD_PAGE
[   97.751155][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.753936][ T8082] Call Trace:
[   97.754824][ T8082]  <TASK>
[   97.755607][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   97.756852][ T8082]  bad_page+0xb3/0x1f0
[   97.757943][ T8082]  ? __pfx_bad_page+0x10/0x10
[   97.759218][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   97.760499][ T8082]  free_unref_page+0x657/0xdc0
[   97.761756][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.763343][ T8082]  ? __phys_addr+0xc6/0x150
[   97.764545][ T8082]  skb_free_head+0xa0/0x1d0
[   97.765750][ T8082]  skb_release_data+0x560/0x730
[   97.767046][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   97.768370][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   97.770108][ T8082]  ? kernel_text_address+0x8d/0x100
[   97.771472][ T8082]  ? hlock_class+0x4e/0x130
[   97.772668][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   97.773987][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   97.775835][ T8082]  ? hlock_class+0x4e/0x130
[   97.777034][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   97.778356][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   97.779722][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   97.781337][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   97.783048][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   97.784414][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.786071][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.787282][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.788941][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   97.790572][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   97.792326][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   97.793699][ T8082]  ? __build_skb_around+0x278/0x3b0
[   97.795080][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   97.796476][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   97.798142][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   97.799875][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   97.801350][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.802756][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   97.804291][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.805840][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   97.807399][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   97.808934][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   97.810337][ T8082]  ? 0xffffffffa0004340
[   97.811434][ T8082]  ? 0xffffffffa0004340
[   97.812532][ T8082]  ? 0xffffffffa0004340
[   97.813628][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.815190][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.816607][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.817806][ T8082]  ? __fget_files+0x40/0x3f0
[   97.819048][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.820587][ T8082]  ? fput+0x30/0x390
[   97.821627][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   97.822900][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.824431][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.825573][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   97.826842][ T8082]  ? __fget_files+0x23a/0x3f0
[   97.828093][ T8082]  ? do_futex+0x123/0x350
[   97.829235][ T8082]  ? __pfx_do_futex+0x10/0x10
[   97.830488][ T8082]  ? fdget_pos+0x262/0x360
[   97.831669][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   97.833061][ T8082]  ? ksys_write+0x1ad/0x260
[   97.834272][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   97.835556][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.836736][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.838119][ T8082]  do_syscall_64+0xcd/0x250
[   97.839327][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.840902][ T8082] RIP: 0033:0x7f389a37e719
[   97.842081][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.847085][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.849259][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   97.851427][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   97.853487][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   97.855558][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.857623][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   97.859704][ T8082]  </TASK>
[   97.860536][    C1] vkms_vblank_simulate: vblank timer overrun
[   97.862151][ T8082] BUG: Bad page state in process syz.0.755  pfn:51482
[   97.863930][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x532 pfn:0x51482
[   97.866236][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   97.868070][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   97.870339][ T8082] raw: 0000000000000532 0000000000000001 00000000ffffffff 0000000000000000
[   97.872572][ T8082] page dumped because: page_pool leak
[   97.873965][ T8082] page_owner tracks the page as allocated
[   97.875436][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474843374, free_ts 90468445340
[   97.879717][ T8082]  post_alloc_hook+0x2d1/0x350
[   97.881032][ T8082]  get_page_from_freelist+0x101e/0x3070
[   97.882485][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   97.883871][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   97.885326][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   97.886873][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   97.888258][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   97.889593][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   97.891271][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.892652][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.894058][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.895207][ T8082]  __x64_sys_bpf+0x78/0xc0
[   97.896383][ T8082]  do_syscall_64+0xcd/0x250
[   97.897616][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.899178][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   97.900862][ T8082]  free_unref_page+0x5f4/0xdc0
[   97.902117][ T8082]  vfree+0x17a/0x890
[   97.903160][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   97.904547][ T8082]  cleanup_entry+0x19f/0x3a0
[   97.905768][ T8082]  translate_table+0xddd/0x17b0
[   97.907056][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   97.908317][ T8082]  nf_setsockopt+0x8a/0xf0
[   97.909487][ T8082]  ipv6_setsockopt+0x135/0x170
[   97.910792][ T8082]  rawv6_setsockopt+0xd7/0x680
[   97.912049][ T8082]  do_sock_setsockopt+0x222/0x480
[   97.913347][ T8082]  __sys_setsockopt+0x1a4/0x270
[   97.914633][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   97.915944][ T8082]  do_syscall_64+0xcd/0x250
[   97.917140][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.918703][ T8082] Modules linked in:
[   97.919735][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   97.922785][ T8082] Tainted: [B]=BAD_PAGE
[   97.923868][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.926636][ T8082] Call Trace:
[   97.927512][ T8082]  <TASK>
[   97.928289][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   97.929523][ T8082]  bad_page+0xb3/0x1f0
[   97.930623][ T8082]  ? __pfx_bad_page+0x10/0x10
[   97.931858][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   97.933140][ T8082]  free_unref_page+0x657/0xdc0
[   97.934400][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.935962][ T8082]  ? __phys_addr+0xc6/0x150
[   97.937151][ T8082]  skb_free_head+0xa0/0x1d0
[   97.938362][ T8082]  skb_release_data+0x560/0x730
[   97.939640][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   97.940921][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   97.942643][ T8082]  ? kernel_text_address+0x8d/0x100
[   97.944004][ T8082]  ? hlock_class+0x4e/0x130
[   97.945201][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   97.946525][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   97.948362][ T8082]  ? hlock_class+0x4e/0x130
[   97.949560][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   97.950859][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   97.952220][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   97.953790][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   97.955486][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   97.956848][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.958514][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.959709][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   97.961300][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   97.962911][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   97.964644][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   97.966012][ T8082]  ? __build_skb_around+0x278/0x3b0
[   97.967385][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   97.968769][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   97.970409][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   97.972128][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   97.973605][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   97.974996][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   97.976516][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.978063][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   97.979659][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   97.981193][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   97.982583][ T8082]  ? 0xffffffffa0004340
[   97.983677][ T8082]  ? 0xffffffffa0004340
[   97.984772][ T8082]  ? 0xffffffffa0004340
[   97.985865][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   97.987411][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   97.988803][ T8082]  ? lock_acquire+0x2f/0xb0
[   97.989972][ T8082]  ? __fget_files+0x40/0x3f0
[   97.991205][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.992727][ T8082]  ? fput+0x30/0x390
[   97.993751][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   97.995000][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   97.996523][ T8082]  __sys_bpf+0xfc6/0x49a0
[   97.997662][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   97.998935][ T8082]  ? __fget_files+0x23a/0x3f0
[   98.000178][ T8082]  ? do_futex+0x123/0x350
[   98.001315][ T8082]  ? __pfx_do_futex+0x10/0x10
[   98.002558][ T8082]  ? fdget_pos+0x262/0x360
[   98.003747][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   98.005097][ T8082]  ? ksys_write+0x1ad/0x260
[   98.006299][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   98.007644][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.008852][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.010218][ T8082]  do_syscall_64+0xcd/0x250
[   98.011426][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.012957][ T8082] RIP: 0033:0x7f389a37e719
[   98.014131][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.019051][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.021167][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   98.023226][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   98.025284][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   98.027360][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.029439][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   98.031566][ T8082]  </TASK>
[   98.032434][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.034028][ T8082] BUG: Bad page state in process syz.0.755  pfn:31719
[   98.035798][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888031719e58 pfn:0x31719
[   98.038425][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   98.040335][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   98.042549][ T8082] raw: ffff888031719e58 0000000000000001 00000000ffffffff 0000000000000000
[   98.044771][ T8082] page dumped because: page_pool leak
[   98.046206][ T8082] page_owner tracks the page as allocated
[   98.047695][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474839193, free_ts 90468448878
[   98.052036][ T8082]  post_alloc_hook+0x2d1/0x350
[   98.053295][ T8082]  get_page_from_freelist+0x101e/0x3070
[   98.054770][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   98.056162][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   98.057622][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   98.059202][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   98.060641][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   98.061988][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   98.063635][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.065018][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.066430][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.067565][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.068742][ T8082]  do_syscall_64+0xcd/0x250
[   98.069986][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.071571][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   98.073218][ T8082]  free_unref_page+0x5f4/0xdc0
[   98.074481][ T8082]  vfree+0x17a/0x890
[   98.075518][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   98.076906][ T8082]  cleanup_entry+0x19f/0x3a0
[   98.078164][ T8082]  translate_table+0xddd/0x17b0
[   98.079542][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   98.080849][ T8082]  nf_setsockopt+0x8a/0xf0
[   98.082029][ T8082]  ipv6_setsockopt+0x135/0x170
[   98.083297][ T8082]  rawv6_setsockopt+0xd7/0x680
[   98.084489][ T8082]  do_sock_setsockopt+0x222/0x480
[   98.085811][ T8082]  __sys_setsockopt+0x1a4/0x270
[   98.087086][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   98.088406][ T8082]  do_syscall_64+0xcd/0x250
[   98.089639][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.091135][ T8082] Modules linked in:
[   98.092155][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   98.095162][ T8082] Tainted: [B]=BAD_PAGE
[   98.096230][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.098987][ T8082] Call Trace:
[   98.099878][ T8082]  <TASK>
[   98.100660][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   98.101923][ T8082]  bad_page+0xb3/0x1f0
[   98.103024][ T8082]  ? __pfx_bad_page+0x10/0x10
[   98.104268][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   98.105524][ T8082]  free_unref_page+0x657/0xdc0
[   98.106765][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.108334][ T8082]  ? __phys_addr+0xc6/0x150
[   98.109532][ T8082]  skb_free_head+0xa0/0x1d0
[   98.110737][ T8082]  skb_release_data+0x560/0x730
[   98.112075][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   98.113403][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   98.115153][ T8082]  ? kernel_text_address+0x8d/0x100
[   98.116513][ T8082]  ? hlock_class+0x4e/0x130
[   98.117714][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   98.119048][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   98.120885][ T8082]  ? hlock_class+0x4e/0x130
[   98.122087][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   98.123401][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   98.124756][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   98.126328][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   98.128017][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   98.129396][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.131056][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.132262][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.133918][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   98.135549][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   98.137287][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   98.138672][ T8082]  ? __build_skb_around+0x278/0x3b0
[   98.140045][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   98.141440][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   98.143100][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   98.144818][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   98.146288][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.147673][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   98.149198][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.150748][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   98.152272][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   98.153799][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   98.155193][ T8082]  ? 0xffffffffa0004340
[   98.156284][ T8082]  ? 0xffffffffa0004340
[   98.157390][ T8082]  ? 0xffffffffa0004340
[   98.158442][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.159985][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.161392][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.162595][ T8082]  ? __fget_files+0x40/0x3f0
[   98.163810][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.165324][ T8082]  ? fput+0x30/0x390
[   98.166376][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   98.167637][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.169179][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.170334][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   98.171569][ T8082]  ? __fget_files+0x23a/0x3f0
[   98.172802][ T8082]  ? do_futex+0x123/0x350
[   98.173910][ T8082]  ? __pfx_do_futex+0x10/0x10
[   98.175106][ T8082]  ? fdget_pos+0x262/0x360
[   98.176263][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   98.177618][ T8082]  ? ksys_write+0x1ad/0x260
[   98.178846][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   98.180154][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.181333][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.182709][ T8082]  do_syscall_64+0xcd/0x250
[   98.183897][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.185403][ T8082] RIP: 0033:0x7f389a37e719
[   98.186531][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.191426][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.193589][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   98.195668][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   98.197735][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   98.199849][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.201911][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   98.203988][ T8082]  </TASK>
[   98.204832][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.206470][ T8082] BUG: Bad page state in process syz.0.755  pfn:5ae7e
[   98.208217][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x4d90 pfn:0x5ae7e
[   98.210590][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   98.212446][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   98.214666][ T8082] raw: 0000000000004d90 0000000000000001 00000000ffffffff 0000000000000000
[   98.216896][ T8082] page dumped because: page_pool leak
[   98.218351][ T8082] page_owner tracks the page as allocated
[   98.219878][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474834255, free_ts 90468454857
[   98.224172][ T8082]  post_alloc_hook+0x2d1/0x350
[   98.225431][ T8082]  get_page_from_freelist+0x101e/0x3070
[   98.226880][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   98.228266][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   98.229763][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   98.231288][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   98.232669][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   98.234006][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   98.235618][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.236968][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.238397][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.239543][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.240752][ T8082]  do_syscall_64+0xcd/0x250
[   98.241993][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.243604][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   98.245320][ T8082]  free_unref_page+0x5f4/0xdc0
[   98.246586][ T8082]  vfree+0x17a/0x890
[   98.247615][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   98.249056][ T8082]  cleanup_entry+0x19f/0x3a0
[   98.250262][ T8082]  translate_table+0xddd/0x17b0
[   98.251549][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   98.252817][ T8082]  nf_setsockopt+0x8a/0xf0
[   98.254001][ T8082]  ipv6_setsockopt+0x135/0x170
[   98.255288][ T8082]  rawv6_setsockopt+0xd7/0x680
[   98.256554][ T8082]  do_sock_setsockopt+0x222/0x480
[   98.257886][ T8082]  __sys_setsockopt+0x1a4/0x270
[   98.259249][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   98.260590][ T8082]  do_syscall_64+0xcd/0x250
[   98.261827][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.263398][ T8082] Modules linked in:
[   98.264430][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   98.267538][ T8082] Tainted: [B]=BAD_PAGE
[   98.268639][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.271429][ T8082] Call Trace:
[   98.272313][ T8082]  <TASK>
[   98.273095][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   98.274359][ T8082]  bad_page+0xb3/0x1f0
[   98.275394][ T8082]  ? __pfx_bad_page+0x10/0x10
[   98.276628][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   98.277923][ T8082]  free_unref_page+0x657/0xdc0
[   98.279180][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.280712][ T8082]  ? __phys_addr+0xc6/0x150
[   98.281899][ T8082]  skb_free_head+0xa0/0x1d0
[   98.283101][ T8082]  skb_release_data+0x560/0x730
[   98.284377][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   98.285695][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   98.287476][ T8082]  ? kernel_text_address+0x8d/0x100
[   98.288836][ T8082]  ? hlock_class+0x4e/0x130
[   98.290035][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   98.291358][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   98.293193][ T8082]  ? hlock_class+0x4e/0x130
[   98.294387][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   98.295681][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   98.297046][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   98.298631][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   98.300320][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   98.301674][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.303331][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.304524][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.306188][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   98.307808][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   98.309542][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   98.310910][ T8082]  ? __build_skb_around+0x278/0x3b0
[   98.312277][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   98.313669][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   98.315318][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   98.317037][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   98.318548][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.319930][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   98.321424][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.322969][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   98.324488][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   98.326013][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   98.327385][ T8082]  ? 0xffffffffa0004340
[   98.328462][ T8082]  ? 0xffffffffa0004340
[   98.329517][ T8082]  ? 0xffffffffa0004340
[   98.330575][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.332125][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.333540][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.334741][ T8082]  ? __fget_files+0x40/0x3f0
[   98.335965][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.337497][ T8082]  ? fput+0x30/0x390
[   98.338561][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   98.339829][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.341361][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.342517][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   98.343772][ T8082]  ? __fget_files+0x23a/0x3f0
[   98.345017][ T8082]  ? do_futex+0x123/0x350
[   98.346162][ T8082]  ? __pfx_do_futex+0x10/0x10
[   98.347454][ T8082]  ? fdget_pos+0x262/0x360
[   98.348587][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   98.349915][ T8082]  ? ksys_write+0x1ad/0x260
[   98.351074][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   98.352255][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.353319][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.354568][ T8082]  do_syscall_64+0xcd/0x250
[   98.355733][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.357195][ T8082] RIP: 0033:0x7f389a37e719
[   98.358362][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.363142][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.365235][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   98.367273][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   98.369255][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   98.371247][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.373272][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   98.375306][ T8082]  </TASK>
[   98.376184][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.377767][ T8082] BUG: Bad page state in process syz.0.755  pfn:51481
[   98.379638][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x8 pfn:0x51481
[   98.381905][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   98.383758][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   98.386015][ T8082] raw: 0000000000000008 0000000000000001 00000000ffffffff 0000000000000000
[   98.388309][ T8082] page dumped because: page_pool leak
[   98.389722][ T8082] page_owner tracks the page as allocated
[   98.391231][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474830048, free_ts 90468459364
[   98.395557][ T8082]  post_alloc_hook+0x2d1/0x350
[   98.396830][ T8082]  get_page_from_freelist+0x101e/0x3070
[   98.398352][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   98.399750][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   98.401205][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   98.402765][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   98.404148][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   98.405487][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   98.407113][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.408550][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.409959][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.411132][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.412265][ T8082]  do_syscall_64+0xcd/0x250
[   98.413434][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.414939][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   98.416493][ T8082]  free_unref_page+0x5f4/0xdc0
[   98.417764][ T8082]  vfree+0x17a/0x890
[   98.418833][ T8082]  hashlimit_mt_destroy_v1+0x78/0x90
[   98.420221][ T8082]  cleanup_entry+0x19f/0x3a0
[   98.421378][ T8082]  translate_table+0xddd/0x17b0
[   98.422659][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   98.423930][ T8082]  nf_setsockopt+0x8a/0xf0
[   98.425096][ T8082]  ipv6_setsockopt+0x135/0x170
[   98.426336][ T8082]  rawv6_setsockopt+0xd7/0x680
[   98.427585][ T8082]  do_sock_setsockopt+0x222/0x480
[   98.428967][ T8082]  __sys_setsockopt+0x1a4/0x270
[   98.430256][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   98.431594][ T8082]  do_syscall_64+0xcd/0x250
[   98.432796][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.434345][ T8082] Modules linked in:
[   98.435379][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   98.438523][ T8082] Tainted: [B]=BAD_PAGE
[   98.439664][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.442524][ T8082] Call Trace:
[   98.443406][ T8082]  <TASK>
[   98.444190][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   98.445441][ T8082]  bad_page+0xb3/0x1f0
[   98.446531][ T8082]  ? __pfx_bad_page+0x10/0x10
[   98.447779][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   98.449066][ T8082]  free_unref_page+0x657/0xdc0
[   98.450334][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.451903][ T8082]  ? __phys_addr+0xc6/0x150
[   98.453099][ T8082]  skb_free_head+0xa0/0x1d0
[   98.454304][ T8082]  skb_release_data+0x560/0x730
[   98.455589][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   98.456909][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   98.458666][ T8082]  ? kernel_text_address+0x8d/0x100
[   98.460051][ T8082]  ? hlock_class+0x4e/0x130
[   98.461246][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   98.462568][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   98.464405][ T8082]  ? hlock_class+0x4e/0x130
[   98.465603][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   98.466912][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   98.468263][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   98.469828][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   98.471475][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   98.472814][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.474468][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.475677][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.477341][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   98.478978][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   98.480716][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   98.482081][ T8082]  ? __build_skb_around+0x278/0x3b0
[   98.483461][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   98.484851][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   98.486496][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   98.488217][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   98.489687][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.491082][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   98.492611][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.494161][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   98.495720][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   98.497260][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   98.498662][ T8082]  ? 0xffffffffa0004340
[   98.499759][ T8082]  ? 0xffffffffa0004340
[   98.500856][ T8082]  ? 0xffffffffa0004340
[   98.501944][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.503493][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.504909][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.506063][ T8082]  ? __fget_files+0x40/0x3f0
[   98.507250][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.508692][ T8082]  ? fput+0x30/0x390
[   98.509711][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   98.510916][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.512359][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.513474][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   98.514682][ T8082]  ? __fget_files+0x23a/0x3f0
[   98.515899][ T8082]  ? do_futex+0x123/0x350
[   98.517043][ T8082]  ? __pfx_do_futex+0x10/0x10
[   98.518294][ T8082]  ? fdget_pos+0x262/0x360
[   98.519386][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   98.520710][ T8082]  ? ksys_write+0x1ad/0x260
[   98.521851][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   98.523060][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.524139][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.525425][ T8082]  do_syscall_64+0xcd/0x250
[   98.526596][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.528111][ T8082] RIP: 0033:0x7f389a37e719
[   98.529291][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.534335][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.536506][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   98.538614][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   98.540686][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   98.542762][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.544822][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   98.546898][ T8082]  </TASK>
[   98.547775][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.549366][ T8082] BUG: Bad page state in process syz.0.755  pfn:4b9be
[   98.551156][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b9be
[   98.553422][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   98.555269][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   98.557518][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   98.559723][ T8082] page dumped because: page_pool leak
[   98.561107][ T8082] page_owner tracks the page as allocated
[   98.562560][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474825783, free_ts 90472040781
[   98.566906][ T8082]  post_alloc_hook+0x2d1/0x350
[   98.568236][ T8082]  get_page_from_freelist+0x101e/0x3070
[   98.569693][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   98.571090][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   98.572546][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   98.574111][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   98.575512][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   98.576871][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   98.578587][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.579983][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.581402][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.582541][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.583717][ T8082]  do_syscall_64+0xcd/0x250
[   98.584916][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.586486][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   98.588188][ T8082]  free_unref_page+0x5f4/0xdc0
[   98.589456][ T8082]  vfree+0x17a/0x890
[   98.590535][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   98.591872][ T8082]  cleanup_entry+0x19f/0x3a0
[   98.593097][ T8082]  translate_table+0xddd/0x17b0
[   98.594415][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   98.595676][ T8082]  nf_setsockopt+0x8a/0xf0
[   98.596912][ T8082]  ipv6_setsockopt+0x135/0x170
[   98.598196][ T8082]  rawv6_setsockopt+0xd7/0x680
[   98.599473][ T8082]  do_sock_setsockopt+0x222/0x480
[   98.600808][ T8082]  __sys_setsockopt+0x1a4/0x270
[   98.602091][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   98.603441][ T8082]  do_syscall_64+0xcd/0x250
[   98.604641][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.606210][ T8082] Modules linked in:
[   98.607319][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   98.610449][ T8082] Tainted: [B]=BAD_PAGE
[   98.611543][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.614321][ T8082] Call Trace:
[   98.615200][ T8082]  <TASK>
[   98.615981][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   98.617167][ T8082]  bad_page+0xb3/0x1f0
[   98.618268][ T8082]  ? __pfx_bad_page+0x10/0x10
[   98.619519][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   98.620806][ T8082]  free_unref_page+0x657/0xdc0
[   98.622065][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.623639][ T8082]  ? __phys_addr+0xc6/0x150
[   98.624842][ T8082]  skb_free_head+0xa0/0x1d0
[   98.626058][ T8082]  skb_release_data+0x560/0x730
[   98.627364][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   98.628695][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   98.630453][ T8082]  ? kernel_text_address+0x8d/0x100
[   98.631821][ T8082]  ? hlock_class+0x4e/0x130
[   98.633021][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   98.634283][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   98.636091][ T8082]  ? hlock_class+0x4e/0x130
[   98.637298][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   98.638640][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   98.639952][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   98.641608][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   98.643353][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   98.644727][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.646319][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.647527][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.649192][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   98.650765][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   98.652523][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   98.653903][ T8082]  ? __build_skb_around+0x278/0x3b0
[   98.655290][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   98.656683][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   98.658385][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   98.660074][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   98.661460][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.662796][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   98.664267][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.665762][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   98.667310][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   98.668854][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   98.670256][ T8082]  ? 0xffffffffa0004340
[   98.671381][ T8082]  ? 0xffffffffa0004340
[   98.672485][ T8082]  ? 0xffffffffa0004340
[   98.673583][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.675164][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.676583][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.677783][ T8082]  ? __fget_files+0x40/0x3f0
[   98.679041][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.680577][ T8082]  ? fput+0x30/0x390
[   98.681621][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   98.682905][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.684442][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.685595][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   98.686869][ T8082]  ? __fget_files+0x23a/0x3f0
[   98.688105][ T8082]  ? do_futex+0x123/0x350
[   98.689224][ T8082]  ? __pfx_do_futex+0x10/0x10
[   98.690496][ T8082]  ? fdget_pos+0x262/0x360
[   98.691687][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   98.693087][ T8082]  ? ksys_write+0x1ad/0x260
[   98.694307][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   98.695575][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.696724][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.698107][ T8082]  do_syscall_64+0xcd/0x250
[   98.699278][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.700820][ T8082] RIP: 0033:0x7f389a37e719
[   98.702000][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.707009][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.709181][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   98.711252][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   98.713323][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   98.715396][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.717438][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   98.719516][ T8082]  </TASK>
[   98.720351][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.721973][ T8082] BUG: Bad page state in process syz.0.755  pfn:30ac9
[   98.723717][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x30ac9
[   98.725870][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   98.727746][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   98.729945][ T8082] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000
[   98.732061][ T8082] page dumped because: page_pool leak
[   98.733442][ T8082] page_owner tracks the page as allocated
[   98.734934][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474821645, free_ts 90472050559
[   98.739316][ T8082]  post_alloc_hook+0x2d1/0x350
[   98.740586][ T8082]  get_page_from_freelist+0x101e/0x3070
[   98.742100][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   98.743529][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   98.744981][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   98.746582][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   98.747965][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   98.749318][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   98.750855][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.752245][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.753648][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.754790][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.755960][ T8082]  do_syscall_64+0xcd/0x250
[   98.757207][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.758798][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   98.760474][ T8082]  free_unref_page+0x5f4/0xdc0
[   98.761733][ T8082]  vfree+0x17a/0x890
[   98.762775][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   98.764106][ T8082]  cleanup_entry+0x19f/0x3a0
[   98.765327][ T8082]  translate_table+0xddd/0x17b0
[   98.766692][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   98.767954][ T8082]  nf_setsockopt+0x8a/0xf0
[   98.769143][ T8082]  ipv6_setsockopt+0x135/0x170
[   98.770410][ T8082]  rawv6_setsockopt+0xd7/0x680
[   98.771671][ T8082]  do_sock_setsockopt+0x222/0x480
[   98.773000][ T8082]  __sys_setsockopt+0x1a4/0x270
[   98.774284][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   98.775623][ T8082]  do_syscall_64+0xcd/0x250
[   98.776877][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.778468][ T8082] Modules linked in:
[   98.779499][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   98.782598][ T8082] Tainted: [B]=BAD_PAGE
[   98.783685][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.786496][ T8082] Call Trace:
[   98.787381][ T8082]  <TASK>
[   98.788166][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   98.789410][ T8082]  bad_page+0xb3/0x1f0
[   98.790503][ T8082]  ? __pfx_bad_page+0x10/0x10
[   98.791746][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   98.793032][ T8082]  free_unref_page+0x657/0xdc0
[   98.794306][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.795885][ T8082]  ? __phys_addr+0xc6/0x150
[   98.797087][ T8082]  skb_free_head+0xa0/0x1d0
[   98.798340][ T8082]  skb_release_data+0x560/0x730
[   98.799620][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   98.800952][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   98.802702][ T8082]  ? kernel_text_address+0x8d/0x100
[   98.804064][ T8082]  ? hlock_class+0x4e/0x130
[   98.805264][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   98.806598][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   98.808437][ T8082]  ? hlock_class+0x4e/0x130
[   98.809602][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   98.810935][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   98.812325][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   98.813940][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   98.815639][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   98.817015][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.818699][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.819888][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.821543][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   98.823160][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   98.824898][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   98.826289][ T8082]  ? __build_skb_around+0x278/0x3b0
[   98.827653][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   98.829046][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   98.830687][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   98.832403][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   98.833873][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.835260][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   98.836779][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.838363][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   98.839906][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   98.841440][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   98.842840][ T8082]  ? 0xffffffffa0004340
[   98.843942][ T8082]  ? 0xffffffffa0004340
[   98.845029][ T8082]  ? 0xffffffffa0004340
[   98.846123][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   98.847676][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.849092][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.850332][ T8082]  ? __fget_files+0x40/0x3f0
[   98.851555][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.853078][ T8082]  ? fput+0x30/0x390
[   98.854114][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   98.855404][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   98.856929][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.858081][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   98.859354][ T8082]  ? __fget_files+0x23a/0x3f0
[   98.860590][ T8082]  ? do_futex+0x123/0x350
[   98.861726][ T8082]  ? __pfx_do_futex+0x10/0x10
[   98.862968][ T8082]  ? fdget_pos+0x262/0x360
[   98.864150][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   98.865524][ T8082]  ? ksys_write+0x1ad/0x260
[   98.866724][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   98.868007][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.869179][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.870549][ T8082]  do_syscall_64+0xcd/0x250
[   98.871747][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.873297][ T8082] RIP: 0033:0x7f389a37e719
[   98.874475][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.879511][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.881671][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   98.883741][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   98.885808][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   98.887868][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.889920][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   98.892006][ T8082]  </TASK>
[   98.892863][    C1] vkms_vblank_simulate: vblank timer overrun
[   98.894453][ T8082] BUG: Bad page state in process syz.0.755  pfn:4e2b4
[   98.896235][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x17 pfn:0x4e2b4
[   98.898553][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   98.900366][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   98.902592][ T8082] raw: 0000000000000017 0000000000000001 00000000ffffffff 0000000000000000
[   98.904778][ T8082] page dumped because: page_pool leak
[   98.906245][ T8082] page_owner tracks the page as allocated
[   98.907725][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474817628, free_ts 90472054876
[   98.912019][ T8082]  post_alloc_hook+0x2d1/0x350
[   98.913276][ T8082]  get_page_from_freelist+0x101e/0x3070
[   98.914724][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   98.916124][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   98.917572][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   98.919135][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   98.920498][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   98.921840][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   98.923473][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   98.924857][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   98.926306][ T8082]  __sys_bpf+0xfc6/0x49a0
[   98.927431][ T8082]  __x64_sys_bpf+0x78/0xc0
[   98.928577][ T8082]  do_syscall_64+0xcd/0x250
[   98.929761][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.931257][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   98.932876][ T8082]  free_unref_page+0x5f4/0xdc0
[   98.934131][ T8082]  vfree+0x17a/0x890
[   98.935163][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   98.936505][ T8082]  cleanup_entry+0x19f/0x3a0
[   98.937684][ T8082]  translate_table+0xddd/0x17b0
[   98.939084][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   98.940326][ T8082]  nf_setsockopt+0x8a/0xf0
[   98.941493][ T8082]  ipv6_setsockopt+0x135/0x170
[   98.942769][ T8082]  rawv6_setsockopt+0xd7/0x680
[   98.944022][ T8082]  do_sock_setsockopt+0x222/0x480
[   98.945374][ T8082]  __sys_setsockopt+0x1a4/0x270
[   98.946632][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   98.947967][ T8082]  do_syscall_64+0xcd/0x250
[   98.949137][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.950682][ T8082] Modules linked in:
[   98.951703][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   98.954731][ T8082] Tainted: [B]=BAD_PAGE
[   98.955787][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.958496][ T8082] Call Trace:
[   98.959347][ T8082]  <TASK>
[   98.960103][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   98.961312][ T8082]  bad_page+0xb3/0x1f0
[   98.962378][ T8082]  ? __pfx_bad_page+0x10/0x10
[   98.963611][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   98.964852][ T8082]  free_unref_page+0x657/0xdc0
[   98.966075][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.967618][ T8082]  ? __phys_addr+0xc6/0x150
[   98.968798][ T8082]  skb_free_head+0xa0/0x1d0
[   98.969978][ T8082]  skb_release_data+0x560/0x730
[   98.971227][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   98.972506][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   98.974232][ T8082]  ? kernel_text_address+0x8d/0x100
[   98.975569][ T8082]  ? hlock_class+0x4e/0x130
[   98.976738][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   98.978054][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   98.979850][ T8082]  ? hlock_class+0x4e/0x130
[   98.981017][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   98.982291][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   98.983620][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   98.985135][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   98.986799][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   98.988133][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.989786][ T8082]  ? lock_acquire+0x2f/0xb0
[   98.990986][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   98.992634][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   98.994252][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   98.995989][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   98.997360][ T8082]  ? __build_skb_around+0x278/0x3b0
[   98.998736][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   99.000123][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   99.001758][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   99.003509][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   99.004977][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.006492][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   99.008018][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.009560][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   99.011085][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   99.012608][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   99.013989][ T8082]  ? 0xffffffffa0004340
[   99.015063][ T8082]  ? 0xffffffffa0004340
[   99.016127][ T8082]  ? 0xffffffffa0004340
[   99.017203][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.018756][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.020168][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.021363][ T8082]  ? __fget_files+0x40/0x3f0
[   99.022591][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.024125][ T8082]  ? fput+0x30/0x390
[   99.025159][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   99.026428][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.027951][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.029054][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   99.030262][ T8082]  ? __fget_files+0x23a/0x3f0
[   99.031454][ T8082]  ? do_futex+0x123/0x350
[   99.032589][ T8082]  ? __pfx_do_futex+0x10/0x10
[   99.033828][ T8082]  ? fdget_pos+0x262/0x360
[   99.035013][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   99.036393][ T8082]  ? ksys_write+0x1ad/0x260
[   99.037583][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   99.038879][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.040048][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.041396][ T8082]  do_syscall_64+0xcd/0x250
[   99.042599][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.044142][ T8082] RIP: 0033:0x7f389a37e719
[   99.045313][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.050282][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.052438][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   99.054493][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   99.056536][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   99.058679][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.060689][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   99.062728][ T8082]  </TASK>
[   99.063593][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.065201][ T8082] BUG: Bad page state in process syz.0.755  pfn:49f33
[   99.066955][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49f33
[   99.069204][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.071077][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   99.073281][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   99.075573][ T8082] page dumped because: page_pool leak
[   99.076969][ T8082] page_owner tracks the page as allocated
[   99.078489][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474813469, free_ts 90472058779
[   99.082754][ T8082]  post_alloc_hook+0x2d1/0x350
[   99.084020][ T8082]  get_page_from_freelist+0x101e/0x3070
[   99.085511][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   99.086900][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   99.088346][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   99.089891][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   99.091319][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   99.092656][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   99.094277][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.095568][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.096974][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.098123][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.099314][ T8082]  do_syscall_64+0xcd/0x250
[   99.100513][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.102061][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   99.103641][ T8082]  free_unref_page+0x5f4/0xdc0
[   99.104947][ T8082]  vfree+0x17a/0x890
[   99.105977][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   99.107301][ T8082]  cleanup_entry+0x19f/0x3a0
[   99.108540][ T8082]  translate_table+0xddd/0x17b0
[   99.109804][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   99.111073][ T8082]  nf_setsockopt+0x8a/0xf0
[   99.112211][ T8082]  ipv6_setsockopt+0x135/0x170
[   99.113385][ T8082]  rawv6_setsockopt+0xd7/0x680
[   99.114690][ T8082]  do_sock_setsockopt+0x222/0x480
[   99.116017][ T8082]  __sys_setsockopt+0x1a4/0x270
[   99.117297][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   99.118680][ T8082]  do_syscall_64+0xcd/0x250
[   99.119879][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.121432][ T8082] Modules linked in:
[   99.122470][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   99.125499][ T8082] Tainted: [B]=BAD_PAGE
[   99.126530][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.129074][ T8082] Call Trace:
[   99.129897][ T8082]  <TASK>
[   99.130646][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   99.131847][ T8082]  bad_page+0xb3/0x1f0
[   99.132888][ T8082]  ? __pfx_bad_page+0x10/0x10
[   99.134032][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   99.135222][ T8082]  free_unref_page+0x657/0xdc0
[   99.136495][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.138076][ T8082]  ? __phys_addr+0xc6/0x150
[   99.139303][ T8082]  skb_free_head+0xa0/0x1d0
[   99.140506][ T8082]  skb_release_data+0x560/0x730
[   99.141788][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   99.143127][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   99.144863][ T8082]  ? kernel_text_address+0x8d/0x100
[   99.146235][ T8082]  ? hlock_class+0x4e/0x130
[   99.147440][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   99.148752][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   99.150597][ T8082]  ? hlock_class+0x4e/0x130
[   99.151791][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   99.153071][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   99.154406][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   99.155967][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   99.157637][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   99.159029][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.160656][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.161809][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.163394][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   99.164905][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   99.166577][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   99.167919][ T8082]  ? __build_skb_around+0x278/0x3b0
[   99.169235][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   99.170584][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   99.172124][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   99.173753][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   99.175220][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.176603][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   99.178146][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.179718][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   99.181253][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   99.182780][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   99.184158][ T8082]  ? 0xffffffffa0004340
[   99.185249][ T8082]  ? 0xffffffffa0004340
[   99.186339][ T8082]  ? 0xffffffffa0004340
[   99.187428][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.188985][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.190397][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.191579][ T8082]  ? __fget_files+0x40/0x3f0
[   99.192790][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.194321][ T8082]  ? fput+0x30/0x390
[   99.195346][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   99.196597][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.198129][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.199272][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   99.200528][ T8082]  ? __fget_files+0x23a/0x3f0
[   99.201758][ T8082]  ? do_futex+0x123/0x350
[   99.202895][ T8082]  ? __pfx_do_futex+0x10/0x10
[   99.204130][ T8082]  ? fdget_pos+0x262/0x360
[   99.205297][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   99.206676][ T8082]  ? ksys_write+0x1ad/0x260
[   99.207873][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   99.209160][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.210333][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.211688][ T8082]  do_syscall_64+0xcd/0x250
[   99.212882][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.214416][ T8082] RIP: 0033:0x7f389a37e719
[   99.215531][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.220328][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.222485][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   99.224524][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   99.226579][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   99.228631][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.230678][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   99.232736][ T8082]  </TASK>
[   99.233563][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.235190][ T8082] BUG: Bad page state in process syz.0.755  pfn:314ae
[   99.236935][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x314ae
[   99.239229][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.241131][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   99.243597][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   99.245917][ T8082] page dumped because: page_pool leak
[   99.247332][ T8082] page_owner tracks the page as allocated
[   99.248809][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474809340, free_ts 90472062434
[   99.253069][ T8082]  post_alloc_hook+0x2d1/0x350
[   99.254389][ T8082]  get_page_from_freelist+0x101e/0x3070
[   99.255846][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   99.257255][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   99.258707][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   99.260246][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   99.261616][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   99.262963][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   99.264611][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.265987][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.267394][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.268527][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.269698][ T8082]  do_syscall_64+0xcd/0x250
[   99.270900][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.272441][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   99.274138][ T8082]  free_unref_page+0x5f4/0xdc0
[   99.275445][ T8082]  vfree+0x17a/0x890
[   99.276468][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   99.277777][ T8082]  cleanup_entry+0x19f/0x3a0
[   99.279022][ T8082]  translate_table+0xddd/0x17b0
[   99.280294][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   99.281554][ T8082]  nf_setsockopt+0x8a/0xf0
[   99.282742][ T8082]  ipv6_setsockopt+0x135/0x170
[   99.284053][ T8082]  rawv6_setsockopt+0xd7/0x680
[   99.285304][ T8082]  do_sock_setsockopt+0x222/0x480
[   99.286624][ T8082]  __sys_setsockopt+0x1a4/0x270
[   99.287898][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   99.289237][ T8082]  do_syscall_64+0xcd/0x250
[   99.290468][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.292001][ T8082] Modules linked in:
[   99.293032][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   99.296126][ T8082] Tainted: [B]=BAD_PAGE
[   99.297202][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.299988][ T8082] Call Trace:
[   99.300862][ T8082]  <TASK>
[   99.301639][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   99.302890][ T8082]  bad_page+0xb3/0x1f0
[   99.304005][ T8082]  ? __pfx_bad_page+0x10/0x10
[   99.305236][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   99.306512][ T8082]  free_unref_page+0x657/0xdc0
[   99.307759][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.309502][ T8082]  ? __phys_addr+0xc6/0x150
[   99.310743][ T8082]  skb_free_head+0xa0/0x1d0
[   99.311988][ T8082]  skb_release_data+0x560/0x730
[   99.313277][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   99.314613][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   99.316373][ T8082]  ? kernel_text_address+0x8d/0x100
[   99.317753][ T8082]  ? hlock_class+0x4e/0x130
[   99.319006][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   99.320338][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   99.322317][ T8082]  ? hlock_class+0x4e/0x130
[   99.323513][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   99.324823][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   99.326197][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   99.327774][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   99.329487][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   99.330856][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.332506][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.333699][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.335354][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   99.336962][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   99.338735][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   99.340275][ T8082]  ? __build_skb_around+0x278/0x3b0
[   99.341718][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   99.343121][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   99.344754][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   99.346490][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   99.347952][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.349336][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   99.350874][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.352426][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   99.353971][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   99.355507][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   99.356895][ T8082]  ? 0xffffffffa0004340
[   99.357998][ T8082]  ? 0xffffffffa0004340
[   99.359113][ T8082]  ? 0xffffffffa0004340
[   99.360202][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.361742][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.363155][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.364342][ T8082]  ? __fget_files+0x40/0x3f0
[   99.365552][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.367128][ T8082]  ? fput+0x30/0x390
[   99.368158][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   99.369415][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.370973][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.372113][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   99.373371][ T8082]  ? __fget_files+0x23a/0x3f0
[   99.374613][ T8082]  ? do_futex+0x123/0x350
[   99.375748][ T8082]  ? __pfx_do_futex+0x10/0x10
[   99.376989][ T8082]  ? fdget_pos+0x262/0x360
[   99.378191][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   99.379587][ T8082]  ? ksys_write+0x1ad/0x260
[   99.380785][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   99.382068][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.383251][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.384615][ T8082]  do_syscall_64+0xcd/0x250
[   99.385813][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.387373][ T8082] RIP: 0033:0x7f389a37e719
[   99.388543][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.393511][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.395668][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   99.397714][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   99.399795][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   99.401838][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.403892][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   99.405945][ T8082]  </TASK>
[   99.406817][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.408400][ T8082] BUG: Bad page state in process syz.0.755  pfn:4ef89
[   99.410147][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804ef89f00 pfn:0x4ef89
[   99.412741][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.414598][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   99.416815][ T8082] raw: ffff88804ef89f00 0000000000000001 00000000ffffffff 0000000000000000
[   99.419056][ T8082] page dumped because: page_pool leak
[   99.420448][ T8082] page_owner tracks the page as allocated
[   99.421924][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474805367, free_ts 90472066172
[   99.426253][ T8082]  post_alloc_hook+0x2d1/0x350
[   99.427508][ T8082]  get_page_from_freelist+0x101e/0x3070
[   99.428950][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   99.430334][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   99.431769][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   99.433355][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   99.434751][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   99.436089][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   99.437696][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.439118][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.440557][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.441689][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.442864][ T8082]  do_syscall_64+0xcd/0x250
[   99.444158][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.445705][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   99.447355][ T8082]  free_unref_page+0x5f4/0xdc0
[   99.448608][ T8082]  vfree+0x17a/0x890
[   99.449636][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   99.450962][ T8082]  cleanup_entry+0x19f/0x3a0
[   99.452166][ T8082]  translate_table+0xddd/0x17b0
[   99.453491][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   99.454755][ T8082]  nf_setsockopt+0x8a/0xf0
[   99.455931][ T8082]  ipv6_setsockopt+0x135/0x170
[   99.457219][ T8082]  rawv6_setsockopt+0xd7/0x680
[   99.458489][ T8082]  do_sock_setsockopt+0x222/0x480
[   99.459805][ T8082]  __sys_setsockopt+0x1a4/0x270
[   99.461090][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   99.462441][ T8082]  do_syscall_64+0xcd/0x250
[   99.463674][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.465257][ T8082] Modules linked in:
[   99.466310][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   99.469399][ T8082] Tainted: [B]=BAD_PAGE
[   99.470494][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.473290][ T8082] Call Trace:
[   99.474179][ T8082]  <TASK>
[   99.474958][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   99.476196][ T8082]  bad_page+0xb3/0x1f0
[   99.477272][ T8082]  ? __pfx_bad_page+0x10/0x10
[   99.478546][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   99.479828][ T8082]  free_unref_page+0x657/0xdc0
[   99.481086][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.482662][ T8082]  ? __phys_addr+0xc6/0x150
[   99.483860][ T8082]  skb_free_head+0xa0/0x1d0
[   99.485061][ T8082]  skb_release_data+0x560/0x730
[   99.486357][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   99.487665][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   99.489406][ T8082]  ? kernel_text_address+0x8d/0x100
[   99.490774][ T8082]  ? hlock_class+0x4e/0x130
[   99.491973][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   99.493225][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   99.495066][ T8082]  ? hlock_class+0x4e/0x130
[   99.496253][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   99.497544][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   99.498934][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   99.500502][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   99.502215][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   99.503585][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.505237][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.506483][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.508132][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   99.509743][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   99.511487][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   99.512849][ T8082]  ? __build_skb_around+0x278/0x3b0
[   99.514226][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   99.515611][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   99.517253][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   99.519011][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   99.520485][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.521872][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   99.523412][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.524965][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   99.526512][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   99.528047][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   99.529429][ T8082]  ? 0xffffffffa0004340
[   99.530526][ T8082]  ? 0xffffffffa0004340
[   99.531617][ T8082]  ? 0xffffffffa0004340
[   99.532707][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.534263][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.535671][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.536865][ T8082]  ? __fget_files+0x40/0x3f0
[   99.538099][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.539644][ T8082]  ? fput+0x30/0x390
[   99.540679][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   99.541936][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.543463][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.544597][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   99.545856][ T8082]  ? __fget_files+0x23a/0x3f0
[   99.547101][ T8082]  ? do_futex+0x123/0x350
[   99.548234][ T8082]  ? __pfx_do_futex+0x10/0x10
[   99.549478][ T8082]  ? fdget_pos+0x262/0x360
[   99.550656][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   99.552037][ T8082]  ? ksys_write+0x1ad/0x260
[   99.553228][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   99.554521][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.555659][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.556967][ T8082]  do_syscall_64+0xcd/0x250
[   99.558197][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.559752][ T8082] RIP: 0033:0x7f389a37e719
[   99.560933][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.565935][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.568116][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   99.570175][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   99.572218][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   99.574272][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.576331][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   99.578416][ T8082]  </TASK>
[   99.579250][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.580872][ T8082] BUG: Bad page state in process syz.0.755  pfn:49c11
[   99.582668][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x10 pfn:0x49c11
[   99.584939][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.586772][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   99.589012][ T8082] raw: 0000000000000010 0000000000000001 00000000ffffffff 0000000000000000
[   99.591241][ T8082] page dumped because: page_pool leak
[   99.592694][ T8082] page_owner tracks the page as allocated
[   99.594191][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474801069, free_ts 90472070789
[   99.598516][ T8082]  post_alloc_hook+0x2d1/0x350
[   99.599779][ T8082]  get_page_from_freelist+0x101e/0x3070
[   99.601237][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   99.602681][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   99.604124][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   99.605695][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   99.607101][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   99.608431][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   99.610047][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.611440][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.612898][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.614040][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.615220][ T8082]  do_syscall_64+0xcd/0x250
[   99.616426][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.617990][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   99.619654][ T8082]  free_unref_page+0x5f4/0xdc0
[   99.620924][ T8082]  vfree+0x17a/0x890
[   99.621952][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   99.623337][ T8082]  cleanup_entry+0x19f/0x3a0
[   99.624549][ T8082]  translate_table+0xddd/0x17b0
[   99.625828][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   99.627098][ T8082]  nf_setsockopt+0x8a/0xf0
[   99.628280][ T8082]  ipv6_setsockopt+0x135/0x170
[   99.629541][ T8082]  rawv6_setsockopt+0xd7/0x680
[   99.630808][ T8082]  do_sock_setsockopt+0x222/0x480
[   99.632144][ T8082]  __sys_setsockopt+0x1a4/0x270
[   99.633471][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   99.634809][ T8082]  do_syscall_64+0xcd/0x250
[   99.636009][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.637560][ T8082] Modules linked in:
[   99.638641][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   99.641754][ T8082] Tainted: [B]=BAD_PAGE
[   99.642856][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.645640][ T8082] Call Trace:
[   99.646528][ T8082]  <TASK>
[   99.647313][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   99.648564][ T8082]  bad_page+0xb3/0x1f0
[   99.649638][ T8082]  ? __pfx_bad_page+0x10/0x10
[   99.650892][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   99.652177][ T8082]  free_unref_page+0x657/0xdc0
[   99.653433][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.655018][ T8082]  ? __phys_addr+0xc6/0x150
[   99.656223][ T8082]  skb_free_head+0xa0/0x1d0
[   99.657428][ T8082]  skb_release_data+0x560/0x730
[   99.658740][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   99.660074][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   99.661823][ T8082]  ? kernel_text_address+0x8d/0x100
[   99.663156][ T8082]  ? hlock_class+0x4e/0x130
[   99.664321][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   99.665648][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   99.667507][ T8082]  ? hlock_class+0x4e/0x130
[   99.668708][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   99.670019][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   99.671394][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   99.672971][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   99.674687][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   99.676063][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.677718][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.678932][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.680582][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   99.682204][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   99.683944][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   99.685320][ T8082]  ? __build_skb_around+0x278/0x3b0
[   99.686699][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   99.688091][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   99.689729][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   99.691463][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   99.692939][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.694338][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   99.695870][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.697418][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   99.698987][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   99.700515][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   99.701897][ T8082]  ? 0xffffffffa0004340
[   99.703014][ T8082]  ? 0xffffffffa0004340
[   99.704107][ T8082]  ? 0xffffffffa0004340
[   99.705201][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.706766][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.708173][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.709368][ T8082]  ? __fget_files+0x40/0x3f0
[   99.710591][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.712129][ T8082]  ? fput+0x30/0x390
[   99.713163][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   99.714439][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.715977][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.717078][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   99.718279][ T8082]  ? __fget_files+0x23a/0x3f0
[   99.719505][ T8082]  ? do_futex+0x123/0x350
[   99.720649][ T8082]  ? __pfx_do_futex+0x10/0x10
[   99.721858][ T8082]  ? fdget_pos+0x262/0x360
[   99.723036][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   99.724330][ T8082]  ? ksys_write+0x1ad/0x260
[   99.725466][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   99.726738][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.727886][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.729217][ T8082]  do_syscall_64+0xcd/0x250
[   99.730387][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.731947][ T8082] RIP: 0033:0x7f389a37e719
[   99.733123][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.738140][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.740319][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   99.742463][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   99.744514][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   99.746577][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.748634][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   99.750697][ T8082]  </TASK>
[   99.751525][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.753147][ T8082] BUG: Bad page state in process syz.0.755  pfn:51480
[   99.754934][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888051486000 pfn:0x51480
[   99.757508][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.759367][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   99.761582][ T8082] raw: ffff888051486000 0000000000000001 00000000ffffffff 0000000000000000
[   99.763854][ T8082] page dumped because: page_pool leak
[   99.765258][ T8082] page_owner tracks the page as allocated
[   99.766756][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474796766, free_ts 90472074694
[   99.771010][ T8082]  post_alloc_hook+0x2d1/0x350
[   99.772322][ T8082]  get_page_from_freelist+0x101e/0x3070
[   99.773770][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   99.775155][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   99.776595][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   99.778144][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   99.779544][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   99.780876][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   99.782540][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.783921][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.785321][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.786465][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.787635][ T8082]  do_syscall_64+0xcd/0x250
[   99.788862][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.790413][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   99.792110][ T8082]  free_unref_page+0x5f4/0xdc0
[   99.793359][ T8082]  vfree+0x17a/0x890
[   99.794396][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   99.795713][ T8082]  cleanup_entry+0x19f/0x3a0
[   99.796923][ T8082]  translate_table+0xddd/0x17b0
[   99.798225][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   99.799482][ T8082]  nf_setsockopt+0x8a/0xf0
[   99.800655][ T8082]  ipv6_setsockopt+0x135/0x170
[   99.801957][ T8082]  rawv6_setsockopt+0xd7/0x680
[   99.803221][ T8082]  do_sock_setsockopt+0x222/0x480
[   99.804542][ T8082]  __sys_setsockopt+0x1a4/0x270
[   99.805841][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   99.807149][ T8082]  do_syscall_64+0xcd/0x250
[   99.808311][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.809829][ T8082] Modules linked in:
[   99.810821][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   99.813835][ T8082] Tainted: [B]=BAD_PAGE
[   99.814872][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.817530][ T8082] Call Trace:
[   99.818451][ T8082]  <TASK>
[   99.819229][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   99.820467][ T8082]  bad_page+0xb3/0x1f0
[   99.821546][ T8082]  ? __pfx_bad_page+0x10/0x10
[   99.822788][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   99.824070][ T8082]  free_unref_page+0x657/0xdc0
[   99.825325][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.826837][ T8082]  ? __phys_addr+0xc6/0x150
[   99.827964][ T8082]  skb_free_head+0xa0/0x1d0
[   99.829160][ T8082]  skb_release_data+0x560/0x730
[   99.830446][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[   99.831797][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[   99.833527][ T8082]  ? kernel_text_address+0x8d/0x100
[   99.834891][ T8082]  ? hlock_class+0x4e/0x130
[   99.836090][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[   99.837405][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[   99.839277][ T8082]  ? hlock_class+0x4e/0x130
[   99.840472][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[   99.841765][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[   99.843131][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[   99.844696][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[   99.846399][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[   99.847756][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.849410][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.850605][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[   99.852259][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[   99.853869][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[   99.855611][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[   99.856977][ T8082]  ? __build_skb_around+0x278/0x3b0
[   99.858377][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[   99.859769][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[   99.861404][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[   99.863131][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[   99.864598][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.865987][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   99.867535][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.869090][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   99.870646][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   99.872169][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   99.873550][ T8082]  ? 0xffffffffa0004340
[   99.874642][ T8082]  ? 0xffffffffa0004340
[   99.875729][ T8082]  ? 0xffffffffa0004340
[   99.876815][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[   99.878387][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.879786][ T8082]  ? lock_acquire+0x2f/0xb0
[   99.880983][ T8082]  ? __fget_files+0x40/0x3f0
[   99.882173][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.883654][ T8082]  ? fput+0x30/0x390
[   99.884663][ T8082]  ? __bpf_prog_get+0xa0/0x290
[   99.885893][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   99.887396][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.888504][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[   99.889754][ T8082]  ? __fget_files+0x23a/0x3f0
[   99.890970][ T8082]  ? do_futex+0x123/0x350
[   99.892048][ T8082]  ? __pfx_do_futex+0x10/0x10
[   99.893232][ T8082]  ? fdget_pos+0x262/0x360
[   99.894369][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[   99.895731][ T8082]  ? ksys_write+0x1ad/0x260
[   99.896909][ T8082]  ? __pfx_ksys_write+0x10/0x10
[   99.898229][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.899406][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.900769][ T8082]  do_syscall_64+0xcd/0x250
[   99.901969][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.903511][ T8082] RIP: 0033:0x7f389a37e719
[   99.904678][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.909641][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.911811][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[   99.913862][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[   99.915919][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[   99.917921][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.919951][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[   99.921853][ T8082]  </TASK>
[   99.922726][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.924310][ T8082] BUG: Bad page state in process syz.0.755  pfn:2557a
[   99.926058][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802557a1f0 pfn:0x2557a
[   99.928653][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.930500][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[   99.932760][ T8082] raw: ffff88802557a1f0 0000000000000001 00000000ffffffff 0000000000000000
[   99.934977][ T8082] page dumped because: page_pool leak
[   99.936376][ T8082] page_owner tracks the page as allocated
[   99.937874][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474792556, free_ts 90472078489
[   99.942220][ T8082]  post_alloc_hook+0x2d1/0x350
[   99.943465][ T8082]  get_page_from_freelist+0x101e/0x3070
[   99.944880][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[   99.946272][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[   99.947687][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[   99.949222][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[   99.950602][ T8082]  page_pool_alloc_pages+0x1a/0x60
[   99.951983][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[   99.953591][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[   99.955003][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[   99.956397][ T8082]  __sys_bpf+0xfc6/0x49a0
[   99.957529][ T8082]  __x64_sys_bpf+0x78/0xc0
[   99.958732][ T8082]  do_syscall_64+0xcd/0x250
[   99.959929][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.961524][ T8082] page last free pid 8082 tgid 8081 stack trace:
[   99.963163][ T8082]  free_unref_page+0x5f4/0xdc0
[   99.964419][ T8082]  vfree+0x17a/0x890
[   99.965450][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[   99.966780][ T8082]  cleanup_entry+0x19f/0x3a0
[   99.967999][ T8082]  translate_table+0xddd/0x17b0
[   99.969242][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[   99.970471][ T8082]  nf_setsockopt+0x8a/0xf0
[   99.971672][ T8082]  ipv6_setsockopt+0x135/0x170
[   99.972893][ T8082]  rawv6_setsockopt+0xd7/0x680
[   99.974120][ T8082]  do_sock_setsockopt+0x222/0x480
[   99.975377][ T8082]  __sys_setsockopt+0x1a4/0x270
[   99.976617][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[   99.977918][ T8082]  do_syscall_64+0xcd/0x250
[   99.979115][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.980667][ T8082] Modules linked in:
[   99.981743][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[   99.984833][ T8082] Tainted: [B]=BAD_PAGE
[   99.985925][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.988709][ T8082] Call Trace:
[   99.989574][ T8082]  <TASK>
[   99.990329][ T8082]  dump_stack_lvl+0x16c/0x1f0
[   99.991543][ T8082]  bad_page+0xb3/0x1f0
[   99.992631][ T8082]  ? __pfx_bad_page+0x10/0x10
[   99.993863][ T8082]  ? page_bad_reason+0x9d/0x1e0
[   99.995104][ T8082]  free_unref_page+0x657/0xdc0
[   99.996335][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.997860][ T8082]  ? __phys_addr+0xc6/0x150
[   99.999046][ T8082]  skb_free_head+0xa0/0x1d0
[  100.000207][ T8082]  skb_release_data+0x560/0x730
[  100.001464][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[  100.002758][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  100.004467][ T8082]  ? kernel_text_address+0x8d/0x100
[  100.005825][ T8082]  ? hlock_class+0x4e/0x130
[  100.007028][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[  100.008306][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  100.010120][ T8082]  ? hlock_class+0x4e/0x130
[  100.011349][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[  100.012646][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[  100.014008][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[  100.015583][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  100.017267][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[  100.018659][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  100.020303][ T8082]  ? lock_acquire+0x2f/0xb0
[  100.021473][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  100.023141][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[  100.024750][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  100.026494][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[  100.027841][ T8082]  ? __build_skb_around+0x278/0x3b0
[  100.029188][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[  100.030528][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  100.032150][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  100.033780][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[  100.035219][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[  100.036599][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  100.038130][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  100.039678][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  100.041216][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  100.042689][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  100.043996][ T8082]  ? 0xffffffffa0004340
[  100.045038][ T8082]  ? 0xffffffffa0004340
[  100.046068][ T8082]  ? 0xffffffffa0004340
[  100.047135][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  100.048660][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[  100.050061][ T8082]  ? lock_acquire+0x2f/0xb0
[  100.051263][ T8082]  ? __fget_files+0x40/0x3f0
[  100.052477][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  100.054003][ T8082]  ? fput+0x30/0x390
[  100.055038][ T8082]  ? __bpf_prog_get+0xa0/0x290
[  100.056296][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  100.057816][ T8082]  __sys_bpf+0xfc6/0x49a0
[  100.058967][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[  100.060221][ T8082]  ? __fget_files+0x23a/0x3f0
[  100.061459][ T8082]  ? do_futex+0x123/0x350
[  100.062598][ T8082]  ? __pfx_do_futex+0x10/0x10
[  100.063838][ T8082]  ? fdget_pos+0x262/0x360
[  100.065017][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[  100.066399][ T8082]  ? ksys_write+0x1ad/0x260
[  100.067574][ T8082]  ? __pfx_ksys_write+0x10/0x10
[  100.068820][ T8082]  __x64_sys_bpf+0x78/0xc0
[  100.069982][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[  100.071392][ T8082]  do_syscall_64+0xcd/0x250
[  100.072590][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.074090][ T8082] RIP: 0033:0x7f389a37e719
[  100.075282][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.080260][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.082426][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[  100.084474][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  100.086551][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[  100.088592][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.090606][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[  100.092652][ T8082]  </TASK>
[  100.093481][    C1] vkms_vblank_simulate: vblank timer overrun
[  100.095090][ T8082] BUG: Bad page state in process syz.0.755  pfn:4d957
[  100.096819][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4d957
[  100.099056][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  100.100841][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[  100.102982][ T8082] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[  100.105130][ T8082] page dumped because: page_pool leak
[  100.106501][ T8082] page_owner tracks the page as allocated
[  100.107980][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474788528, free_ts 90472082524
[  100.112277][ T8082]  post_alloc_hook+0x2d1/0x350
[  100.113495][ T8082]  get_page_from_freelist+0x101e/0x3070
[  100.114952][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[  100.116336][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[  100.117779][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[  100.119336][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[  100.120730][ T8082]  page_pool_alloc_pages+0x1a/0x60
[  100.122063][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  100.123670][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[  100.125052][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[  100.126460][ T8082]  __sys_bpf+0xfc6/0x49a0
[  100.127583][ T8082]  __x64_sys_bpf+0x78/0xc0
[  100.128749][ T8082]  do_syscall_64+0xcd/0x250
[  100.129935][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.131535][ T8082] page last free pid 8082 tgid 8081 stack trace:
[  100.133173][ T8082]  free_unref_page+0x5f4/0xdc0
[  100.134438][ T8082]  vfree+0x17a/0x890
[  100.135477][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[  100.136825][ T8082]  cleanup_entry+0x19f/0x3a0
[  100.138058][ T8082]  translate_table+0xddd/0x17b0
[  100.139355][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[  100.140659][ T8082]  nf_setsockopt+0x8a/0xf0
[  100.141833][ T8082]  ipv6_setsockopt+0x135/0x170
[  100.143105][ T8082]  rawv6_setsockopt+0xd7/0x680
[  100.144364][ T8082]  do_sock_setsockopt+0x222/0x480
[  100.145689][ T8082]  __sys_setsockopt+0x1a4/0x270
[  100.146970][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[  100.148302][ T8082]  do_syscall_64+0xcd/0x250
[  100.149498][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.151104][ T8082] Modules linked in:
[  100.152132][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[  100.155157][ T8082] Tainted: [B]=BAD_PAGE
[  100.156213][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.158990][ T8082] Call Trace:
[  100.159866][ T8082]  <TASK>
[  100.160638][ T8082]  dump_stack_lvl+0x16c/0x1f0
[  100.161873][ T8082]  bad_page+0xb3/0x1f0
[  100.162987][ T8082]  ? __pfx_bad_page+0x10/0x10
[  100.164216][ T8082]  ? page_bad_reason+0x9d/0x1e0
[  100.165492][ T8082]  free_unref_page+0x657/0xdc0
[  100.166748][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  100.168302][ T8082]  ? __phys_addr+0xc6/0x150
[  100.169484][ T8082]  skb_free_head+0xa0/0x1d0
[  100.170681][ T8082]  skb_release_data+0x560/0x730
[  100.171960][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[  100.173269][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  100.175009][ T8082]  ? kernel_text_address+0x8d/0x100
[  100.176364][ T8082]  ? hlock_class+0x4e/0x130
[  100.177533][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[  100.178821][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  100.180607][ T8082]  ? hlock_class+0x4e/0x130
[  100.181766][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[  100.183034][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[  100.184501][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[  100.186138][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  100.187862][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[  100.189248][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  100.190933][ T8082]  ? lock_acquire+0x2f/0xb0
[  100.192141][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  100.193820][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[  100.195468][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  100.197226][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[  100.198626][ T8082]  ? __build_skb_around+0x278/0x3b0
[  100.200017][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[  100.201412][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  100.203043][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  100.204767][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[  100.206345][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[  100.207752][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  100.209237][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  100.210760][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  100.212301][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  100.213822][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  100.215211][ T8082]  ? 0xffffffffa0004340
[  100.216311][ T8082]  ? 0xffffffffa0004340
[  100.217397][ T8082]  ? 0xffffffffa0004340
[  100.218544][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  100.220081][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[  100.221502][ T8082]  ? lock_acquire+0x2f/0xb0
[  100.222719][ T8082]  ? __fget_files+0x40/0x3f0
[  100.223938][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  100.225467][ T8082]  ? fput+0x30/0x390
[  100.226505][ T8082]  ? __bpf_prog_get+0xa0/0x290
[  100.227776][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  100.229308][ T8082]  __sys_bpf+0xfc6/0x49a0
[  100.230449][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[  100.231703][ T8082]  ? __fget_files+0x23a/0x3f0
[  100.232956][ T8082]  ? do_futex+0x123/0x350
[  100.234096][ T8082]  ? __pfx_do_futex+0x10/0x10
[  100.235342][ T8082]  ? fdget_pos+0x262/0x360
[  100.236521][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[  100.237916][ T8082]  ? ksys_write+0x1ad/0x260
[  100.239155][ T8082]  ? __pfx_ksys_write+0x10/0x10
[  100.240435][ T8082]  __x64_sys_bpf+0x78/0xc0
[  100.241631][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[  100.243078][ T8082]  do_syscall_64+0xcd/0x250
[  100.244277][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.245820][ T8082] RIP: 0033:0x7f389a37e719
[  100.246997][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.251952][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.254129][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[  100.256178][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  100.258272][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[  100.260318][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.262385][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[  100.264440][ T8082]  </TASK>
[  100.265274][    C1] vkms_vblank_simulate: vblank timer overrun
[  100.266932][ T8082] BUG: Bad page state in process syz.0.755  pfn:25d2e
[  100.268672][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888025d2e300 pfn:0x25d2e
[  100.271313][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  100.273138][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[  100.275348][ T8082] raw: ffff888025d2e300 0000000000000001 00000000ffffffff 0000000000000000
[  100.277542][ T8082] page dumped because: page_pool leak
[  100.278971][ T8082] page_owner tracks the page as allocated
[  100.280525][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474784199, free_ts 90472086561
[  100.284755][ T8082]  post_alloc_hook+0x2d1/0x350
[  100.286012][ T8082]  get_page_from_freelist+0x101e/0x3070
[  100.287388][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[  100.288715][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[  100.290138][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[  100.291680][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[  100.293051][ T8082]  page_pool_alloc_pages+0x1a/0x60
[  100.294392][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  100.295959][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[  100.297333][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[  100.298736][ T8082]  __sys_bpf+0xfc6/0x49a0
[  100.299884][ T8082]  __x64_sys_bpf+0x78/0xc0
[  100.301042][ T8082]  do_syscall_64+0xcd/0x250
[  100.302253][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.303845][ T8082] page last free pid 8082 tgid 8081 stack trace:
[  100.305487][ T8082]  free_unref_page+0x5f4/0xdc0
[  100.306747][ T8082]  vfree+0x17a/0x890
[  100.307773][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[  100.309097][ T8082]  cleanup_entry+0x19f/0x3a0
[  100.310366][ T8082]  translate_table+0xddd/0x17b0
[  100.311638][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[  100.312891][ T8082]  nf_setsockopt+0x8a/0xf0
[  100.314065][ T8082]  ipv6_setsockopt+0x135/0x170
[  100.315334][ T8082]  rawv6_setsockopt+0xd7/0x680
[  100.316590][ T8082]  do_sock_setsockopt+0x222/0x480
[  100.317923][ T8082]  __sys_setsockopt+0x1a4/0x270
[  100.319293][ T8082]  __x64_sys_setsockopt+0xbd/0x160
[  100.320641][ T8082]  do_syscall_64+0xcd/0x250
[  100.321849][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.323419][ T8082] Modules linked in:
[  100.324444][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.0.755 Tainted: G    B              6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[  100.327544][ T8082] Tainted: [B]=BAD_PAGE
[  100.328631][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.331399][ T8082] Call Trace:
[  100.332289][ T8082]  <TASK>
[  100.333102][ T8082]  dump_stack_lvl+0x16c/0x1f0
[  100.334348][ T8082]  bad_page+0xb3/0x1f0
[  100.335463][ T8082]  ? __pfx_bad_page+0x10/0x10
[  100.336758][ T8082]  ? page_bad_reason+0x9d/0x1e0
[  100.338062][ T8082]  free_unref_page+0x657/0xdc0
[  100.339311][ T8082]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  100.340828][ T8082]  ? __phys_addr+0xc6/0x150
[  100.341984][ T8082]  skb_free_head+0xa0/0x1d0
[  100.343162][ T8082]  skb_release_data+0x560/0x730
[  100.344438][ T8082]  sk_skb_reason_drop+0x129/0x1a0
[  100.345762][ T8082]  __netif_receive_skb_core.constprop.0+0x592/0x4330
[  100.347493][ T8082]  ? kernel_text_address+0x8d/0x100
[  100.348867][ T8082]  ? hlock_class+0x4e/0x130
[  100.350064][ T8082]  ? __lock_acquire+0x163e/0x3ce0
[  100.351382][ T8082]  ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10
[  100.353230][ T8082]  ? hlock_class+0x4e/0x130
[  100.354424][ T8082]  ? __lock_acquire+0xbdd/0x3ce0
[  100.355725][ T8082]  ? __pfx___lock_acquire+0x10/0x10
[  100.357084][ T8082]  __netif_receive_skb_list_core+0x357/0x950
[  100.358655][ T8082]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  100.360310][ T8082]  ? trace_lock_acquire+0x14a/0x1d0
[  100.361623][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  100.363247][ T8082]  ? lock_acquire+0x2f/0xb0
[  100.364431][ T8082]  ? netif_receive_skb_list_internal+0x359/0xdb0
[  100.366072][ T8082]  netif_receive_skb_list_internal+0x753/0xdb0
[  100.367674][ T8082]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  100.369462][ T8082]  ? __pfx_eth_type_trans+0x10/0x10
[  100.370824][ T8082]  ? __build_skb_around+0x278/0x3b0
[  100.372191][ T8082]  netif_receive_skb_list+0x4f/0x4a0
[  100.373533][ T8082]  xdp_test_run_batch.constprop.0+0x138d/0x1960
[  100.375111][ T8082]  ? __pfx_xdp_test_run_batch.constprop.0+0x10/0x10
[  100.376752][ T8082]  ? bpf_test_timer_continue+0x150/0x3d0
[  100.378269][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[  100.379647][ T8082]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  100.381165][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  100.382701][ T8082]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  100.384233][ T8082]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  100.385776][ T8082]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  100.387150][ T8082]  ? 0xffffffffa0004340
[  100.388249][ T8082]  ? 0xffffffffa0004340
[  100.389328][ T8082]  ? 0xffffffffa0004340
[  100.390413][ T8082]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  100.391940][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[  100.393336][ T8082]  ? lock_acquire+0x2f/0xb0
[  100.394525][ T8082]  ? __fget_files+0x40/0x3f0
[  100.395758][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  100.397273][ T8082]  ? fput+0x30/0x390
[  100.398319][ T8082]  ? __bpf_prog_get+0xa0/0x290
[  100.399574][ T8082]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  100.401093][ T8082]  __sys_bpf+0xfc6/0x49a0
[  100.402234][ T8082]  ? __pfx___sys_bpf+0x10/0x10
[  100.403487][ T8082]  ? __fget_files+0x23a/0x3f0
[  100.404714][ T8082]  ? do_futex+0x123/0x350
[  100.405844][ T8082]  ? __pfx_do_futex+0x10/0x10
[  100.407090][ T8082]  ? fdget_pos+0x262/0x360
[  100.408260][ T8082]  ? __pfx___x64_sys_futex+0x10/0x10
[  100.409629][ T8082]  ? ksys_write+0x1ad/0x260
[  100.410822][ T8082]  ? __pfx_ksys_write+0x10/0x10
[  100.412100][ T8082]  __x64_sys_bpf+0x78/0xc0
[  100.413263][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[  100.414589][ T8082]  do_syscall_64+0xcd/0x250
[  100.415786][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.417362][ T8082] RIP: 0033:0x7f389a37e719
[  100.418558][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.423512][ T8082] RSP: 002b:00007f3899dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.425686][ T8082] RAX: ffffffffffffffda RBX: 00007f389a535f80 RCX: 00007f389a37e719
[  100.427704][ T8082] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  100.429715][ T8082] RBP: 00007f389a3f132e R08: 0000000000000000 R09: 0000000000000000
[  100.431765][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.433778][ T8082] R13: 0000000000000000 R14: 00007f389a535f80 R15: 00007fff62d59638
[  100.435798][ T8082]  </TASK>
[  100.436662][    C1] vkms_vblank_simulate: vblank timer overrun
[  100.438231][ T8082] BUG: Bad page state in process syz.0.755  pfn:49ba9
[  100.439958][ T8082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888049ba94d8 pfn:0x49ba9
[  100.442523][ T8082] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  100.444366][ T8082] raw: 00fff00000000000 dead000000000040 ffff888021627000 0000000000000000
[  100.446585][ T8082] raw: ffff888049ba94d8 0000000000000001 00000000ffffffff 0000000000000000
[  100.448844][ T8082] page dumped because: page_pool leak
[  100.450234][ T8082] page_owner tracks the page as allocated
[  100.451711][ T8082] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 8082, tgid 8081 (syz.0.755), ts 90474779610, free_ts 90472091411
[  100.455984][ T8082]  post_alloc_hook+0x2d1/0x350
[  100.457241][ T8082]  get_page_from_freelist+0x101e/0x3070
[  100.458758][ T8082]  __alloc_pages_noprof+0x223/0x25a0
[  100.460132][ T8082]  alloc_pages_bulk_noprof+0x77c/0x1110
[  100.461571][ T8082]  __page_pool_alloc_pages_slow+0x18f/0x770
[  100.463126][ T8082]  page_pool_alloc_netmem+0xc4/0x160
[  100.464508][ T8082]  page_pool_alloc_pages+0x1a/0x60
[  100.465827][ T8082]  xdp_test_run_batch.constprop.0+0x3a8/0x1960
[  100.467387][ T8082]  bpf_test_run_xdp_live+0x365/0x500
[  100.468791][ T8082]  bpf_prog_test_run_xdp+0x827/0x1580
[  100.470166][ T8082]  __sys_bpf+0xfc6/0x49a0
[  100.471268][ T8082]  __x64_sys_bpf+0x78/0xc0
[  100.472442][ T8082]  do_syscall_64+0xcd/0x250
[  100.473639][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.475190][ T8082] page last free pid 8082 tgid 8081 stack trace:
[  100.476861][ T8082]  free_unref_page+0x5f4/0xdc0
[  100.478125][ T8082]  vfree+0x17a/0x890
[  100.479226][ T8082]  hashlimit_mt_destroy+0x7e/0xa0
[  100.480541][ T8082]  cleanup_entry+0x19f/0x3a0
[  100.481768][ T8082]  translate_table+0xddd/0x17b0
[  100.483052][ T8082]  do_ip6t_set_ctl+0x605/0xc40
[  100.484305][ T8082]  nf_setsockopt+0x8a/0xf0

VM DIAGNOSIS:
05:14:21  Registers:
info registers vcpu 0

CPU#0
RAX=00000000001e6039 RBX=0000000000000000 RCX=ffffffff8b2315d9 RDX=0000000000000000
RSI=ffffffff8b6cd040 RDI=ffffffff8bd1adc0 RBP=fffffbfff1bd2af8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed100d4c7025 R10=ffff88806a63812b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de957c0 R14=ffffffff905f5208 R15=0000000000000000
RIP=ffffffff8b2329bf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055555a51a808 CR3=000000002f954000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe26dbe680 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21cb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21d8
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21e6
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f226c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f234a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000006e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850b5025 RDI=ffffffff9aae7c00 RBP=ffffffff9aae7bc0 RSP=ffffc900033c6990
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006e R14=ffffffff850b4fc0 R15=0000000000000000
RIP=ffffffff850b504f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3899dff6c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000494ec000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffffff8 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a3f21cb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a3f21d8
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a3f21d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a3f21e6
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a3f226c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a3f234a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a50c488 00007f389a50c480 00007f389a50c478 00007f389a50c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389b06d100 00007f389a50c440 00007f389a50c458 00007f389a50c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389a50c498 00007f389a50c490 00007f389a50c488 00007f389a50c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000032d8eb RBX=0000000000000002 RCX=ffffffff8b2315d9 RDX=0000000000000000
RSI=ffffffff8b6cd040 RDI=ffffffff8bd1adc0 RBP=ffffed1003b5b000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000
R12=0000000000000002 R13=ffff88801dad8000 R14=ffffffff905f5208 R15=0000000000000000
RIP=ffffffff8b2329bf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f42549241e8 CR3=000000003566e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000054 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21cb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21d8
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21e6
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f226c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f234a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f425490c488 00007f425490c480 00007f425490c478 00007f425490c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f425546d100 00007f425490c440 00007f4254900004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f425490c498 00007f425490c490 00007f425490c488 00007f425490c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002f8053 RBX=0000000000000003 RCX=ffffffff8b2315d9 RDX=0000000000000000
RSI=ffffffff8b6cd040 RDI=ffffffff8bd1adc0 RBP=ffffed1003b5b488 RSP=ffffc900001a7e08
R8 =0000000000000001 R9 =ffffed100d527025 R10=ffff88806a93812b R11=0000000000000000
R12=0000000000000003 R13=ffff88801dada440 R14=ffffffff905f5208 R15=0000000000000000
RIP=ffffffff8b2329bf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4255507f98 CR3=000000003566e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21cb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21d8
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f21e6
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f226c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42547f234a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f425490c488 00007f425490c480 00007f425490c478 00007f425490c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f425546d100 00007f425490c440 00007f425490c458 00007f425490c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f425490c498 00007f425490c490 00007f425490c488 00007f425490c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000