[   71.429888][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[   71.432930][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:4621' (ED25519) to the list of known hosts.
2025/04/08 14:01:15 ignoring optional flag "sandboxArg"="0"
2025/04/08 14:01:16 parsed 1 programs
[   76.843153][   T40] audit: type=1400 audit(1744120878.686:144): avc:  denied  { unlink } for  pid=6119 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   77.753307][ T6119] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   79.480151][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.482360][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.499258][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.501526][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.798219][ T5306] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   79.801841][ T5306] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   79.805143][ T5306] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   79.810125][ T5306] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   79.816648][ T5306] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   79.994976][ T6158] chnl_net:caif_netlink_parms(): no params data found
[   80.072107][ T6158] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.074127][ T6158] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.076137][ T6158] bridge_slave_0: entered allmulticast mode
[   80.079140][ T6158] bridge_slave_0: entered promiscuous mode
[   80.083510][ T6158] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.086079][ T6158] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.088884][ T6158] bridge_slave_1: entered allmulticast mode
[   80.092054][ T6158] bridge_slave_1: entered promiscuous mode
[   80.129526][ T6158] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.133633][ T6158] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.165614][ T6158] team0: Port device team_slave_0 added
[   80.168831][ T6158] team0: Port device team_slave_1 added
[   80.198223][ T6158] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.200158][ T6158] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.207963][ T6158] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.211813][ T6158] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.213747][ T6158] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.220772][ T6158] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.256501][ T6158] hsr_slave_0: entered promiscuous mode
[   80.258462][ T6158] hsr_slave_1: entered promiscuous mode
[   80.342059][ T6158] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.424448][ T6158] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.485544][ T6158] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.545394][ T6158] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.641605][ T6158] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   80.645574][ T6158] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   80.649238][ T6158] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   80.653494][ T6158] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.696978][ T6158] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.705313][ T6158] 8021q: adding VLAN 0 to HW filter on device team0
[   80.710150][   T83] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.712222][   T83] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.717943][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.720519][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.811225][ T6158] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.835321][ T6158] veth0_vlan: entered promiscuous mode
[   80.841485][ T6158] veth1_vlan: entered promiscuous mode
[   80.854931][ T6158] veth0_macvtap: entered promiscuous mode
[   80.859515][ T6158] veth1_macvtap: entered promiscuous mode
[   80.867966][ T6158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.871043][ T6158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.874510][ T6158] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.880251][ T6158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.883274][ T6158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.886952][ T6158] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.891912][ T6158] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.895043][ T6158] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.898105][ T6158] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.901200][ T6158] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.046404][   T40] audit: type=1401 audit(1744120882.886:145): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   81.673833][   T10] cfg80211: failed to load regulatory.db
2025/04/08 14:01:24 executed programs: 0
[   82.193313][ T5306] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.195876][ T5306] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   82.199000][ T5306] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   82.201470][ T5306] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   82.203742][ T5306] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.293008][ T6218] chnl_net:caif_netlink_parms(): no params data found
[   82.353116][ T6218] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.355212][ T6218] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.357545][ T6218] bridge_slave_0: entered allmulticast mode
[   82.359989][ T6218] bridge_slave_0: entered promiscuous mode
[   82.362857][ T6218] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.364884][ T6218] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.366969][ T6218] bridge_slave_1: entered allmulticast mode
[   82.369417][ T6218] bridge_slave_1: entered promiscuous mode
[   82.400339][ T6218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.404449][ T6218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.435107][ T6218] team0: Port device team_slave_0 added
[   82.438639][ T6218] team0: Port device team_slave_1 added
[   82.468500][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.470463][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.478051][ T6218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.481852][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.483787][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.490776][ T6218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.528715][ T6218] hsr_slave_0: entered promiscuous mode
[   82.530729][ T6218] hsr_slave_1: entered promiscuous mode
[   82.532751][ T6218] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.534878][ T6218] Cannot create hsr debugfs directory
[   82.621194][ T6218] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.714123][ T6218] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.216997][ T5306] Bluetooth: hci0: command tx timeout
[   84.464122][ T6218] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.685155][ T6218] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.774349][ T6218] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.778656][ T6218] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.782487][ T6218] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.785890][ T6218] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.841833][ T6218] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.855875][ T6218] 8021q: adding VLAN 0 to HW filter on device team0
[   84.864134][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.866043][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.874128][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.876053][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.984655][ T6218] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.018662][ T6218] veth0_vlan: entered promiscuous mode
[   85.025453][ T6218] veth1_vlan: entered promiscuous mode
[   85.046117][ T6218] veth0_macvtap: entered promiscuous mode
[   85.051945][ T6218] veth1_macvtap: entered promiscuous mode
[   85.062807][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.067389][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.069994][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.072728][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.076160][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.081969][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.084757][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.087457][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.090193][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.093890][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.098873][ T6218] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.101098][ T6218] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.103369][ T6218] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.106514][ T6218] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.134387][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.136720][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.150679][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.152728][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.203487][   T40] audit: type=1400 audit(1744120887.046:146): avc:  denied  { prog_load } for  pid=6232 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   85.204155][ T6233] BUG: Bad page state in process syz.0.16  pfn:332df
[   85.209628][   T40] audit: type=1400 audit(1744120887.046:147): avc:  denied  { bpf } for  pid=6232 comm="syz.0.16" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   85.211328][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x332df
[   85.219003][   T40] audit: type=1400 audit(1744120887.046:148): avc:  denied  { perfmon } for  pid=6232 comm="syz.0.16" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   85.221615][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.228736][   T40] audit: type=1400 audit(1744120887.046:149): avc:  denied  { prog_run } for  pid=6232 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   85.230651][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   85.238640][ T6233] raw: ffffffffffffffff 3fffffffffffffff 00000000ffffffff 0000000000000000
[   85.240940][ T6233] page dumped because: page_pool leak
[   85.242223][ T6233] page_owner tracks the page as allocated
[   85.243757][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85204063814, free_ts 84905255497
[   85.248124][ T6233]  post_alloc_hook+0x181/0x1b0
[   85.249556][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   85.251069][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   85.252655][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   85.254218][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   85.255843][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   85.257522][ T6233]  page_pool_alloc_frag_netmem+0x21b/0x760
[   85.259259][ T6233]  skb_pp_cow_data+0x570/0xf00
[   85.260537][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   85.261896][ T6233]  do_xdp_generic+0x404/0xe80
[   85.263194][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.264460][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.265788][ T6233]  vfs_write+0x5ba/0x1180
[   85.267134][ T6233]  ksys_write+0x12a/0x240
[   85.268495][ T6233]  do_syscall_64+0xcd/0x260
[   85.269739][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.271339][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   85.272984][ T6233]  __free_frozen_pages+0x69d/0xff0
[   85.274371][ T6233]  __put_partials+0x16d/0x1c0
[   85.275633][ T6233]  qlist_free_all+0x4e/0x120
[   85.277053][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   85.278662][ T6233]  __kasan_slab_alloc+0x69/0x90
[   85.279990][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   85.281402][ T6233]  getname_flags.part.0+0x48/0x540
[   85.282757][ T6233]  getname_flags+0x93/0xf0
[   85.283984][ T6233]  do_sys_openat2+0xb8/0x1d0
[   85.285220][ T6233]  __x64_sys_openat+0x174/0x210
[   85.286642][ T6233]  do_syscall_64+0xcd/0x260
[   85.288006][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.289553][ T6233] Modules linked in:
[   85.290594][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Not tainted 6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   85.290608][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.290614][ T6233] Call Trace:
[   85.290619][ T6233]  <TASK>
[   85.290623][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   85.290639][ T6233]  bad_page+0xb3/0x1f0
[   85.290651][ T6233]  ? __pfx_bad_page+0x10/0x10
[   85.290664][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   85.290676][ T6233]  __free_frozen_pages+0x76e/0xff0
[   85.290695][ T6233]  page_frag_free+0x255/0x2a0
[   85.290707][ T6233]  __xdp_return+0x359/0xa40
[   85.290722][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   85.290733][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   85.290754][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   85.290780][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   85.290798][ T6233]  do_xdp_generic+0x719/0xe80
[   85.290811][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   85.290821][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   85.290833][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   85.290859][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.290878][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   85.290891][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   85.290907][ T6233]  ? find_held_lock+0x2b/0x80
[   85.290920][ T6233]  ? tun_get+0x191/0x370
[   85.290935][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.290949][ T6233]  vfs_write+0x5ba/0x1180
[   85.290962][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   85.290979][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   85.290987][ T6233]  ? find_held_lock+0x2b/0x80
[   85.291007][ T6233]  ksys_write+0x12a/0x240
[   85.291016][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   85.291024][ T6233]  ? rcu_is_watching+0x12/0xc0
[   85.291041][ T6233]  do_syscall_64+0xcd/0x260
[   85.291056][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.291066][ T6233] RIP: 0033:0x7f038f38bc1f
[   85.291075][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   85.291085][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   85.291095][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   85.291101][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   85.291107][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   85.291113][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   85.291119][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   85.291131][ T6233]  </TASK>
[   85.291135][ T6233] Disabling lock debugging due to kernel taint
[   85.359753][ T6233] BUG: Bad page state in process syz.0.16  pfn:332de
[   85.361523][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880332dfe00 pfn:0x332de
[   85.364144][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.366045][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   85.368415][ T6233] raw: ffff8880332dfe00 0000000000000001 00000000ffffffff 0000000000000000
[   85.370811][ T6233] page dumped because: page_pool leak
[   85.372265][ T6233] page_owner tracks the page as allocated
[   85.373825][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85204053023, free_ts 84905255497
[   85.378258][ T6233]  post_alloc_hook+0x181/0x1b0
[   85.379673][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   85.381156][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   85.382730][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   85.384264][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   85.385859][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   85.387447][ T6233]  skb_pp_cow_data+0x775/0xf00
[   85.388857][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   85.390253][ T6233]  do_xdp_generic+0x404/0xe80
[   85.391586][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.392938][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.394283][ T6233]  vfs_write+0x5ba/0x1180
[   85.395475][ T6233]  ksys_write+0x12a/0x240
[   85.396813][ T6233]  do_syscall_64+0xcd/0x260
[   85.398150][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.400113][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   85.401822][ T6233]  __free_frozen_pages+0x69d/0xff0
[   85.403238][ T6233]  __put_partials+0x16d/0x1c0
[   85.404564][ T6233]  qlist_free_all+0x4e/0x120
[   85.405833][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   85.407449][ T6233]  __kasan_slab_alloc+0x69/0x90
[   85.408939][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   85.410431][ T6233]  getname_flags.part.0+0x48/0x540
[   85.411827][ T6233]  getname_flags+0x93/0xf0
[   85.413074][ T6233]  do_sys_openat2+0xb8/0x1d0
[   85.414340][ T6233]  __x64_sys_openat+0x174/0x210
[   85.415662][ T6233]  do_syscall_64+0xcd/0x260
[   85.416970][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.418720][ T6233] Modules linked in:
[   85.419806][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   85.419821][ T6233] Tainted: [B]=BAD_PAGE
[   85.419825][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.419831][ T6233] Call Trace:
[   85.419835][ T6233]  <TASK>
[   85.419838][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   85.419859][ T6233]  bad_page+0xb3/0x1f0
[   85.419872][ T6233]  ? __pfx_bad_page+0x10/0x10
[   85.419884][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   85.419895][ T6233]  __free_frozen_pages+0x76e/0xff0
[   85.419912][ T6233]  page_frag_free+0x255/0x2a0
[   85.419924][ T6233]  __xdp_return+0x359/0xa40
[   85.419939][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   85.419949][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   85.419967][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   85.419976][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   85.419990][ T6233]  do_xdp_generic+0x719/0xe80
[   85.420006][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   85.420021][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   85.420037][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   85.420062][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.420082][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   85.420094][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   85.420108][ T6233]  ? find_held_lock+0x2b/0x80
[   85.420121][ T6233]  ? tun_get+0x191/0x370
[   85.420134][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.420147][ T6233]  vfs_write+0x5ba/0x1180
[   85.420156][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   85.420170][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   85.420178][ T6233]  ? find_held_lock+0x2b/0x80
[   85.420196][ T6233]  ksys_write+0x12a/0x240
[   85.420208][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   85.420220][ T6233]  ? rcu_is_watching+0x12/0xc0
[   85.420241][ T6233]  do_syscall_64+0xcd/0x260
[   85.420262][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.420277][ T6233] RIP: 0033:0x7f038f38bc1f
[   85.420288][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   85.420301][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   85.420310][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   85.420316][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   85.420322][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   85.420328][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   85.420334][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   85.420343][ T6233]  </TASK>
[   85.420349][ T6233] BUG: Bad page state in process syz.0.16  pfn:332dd
[   85.492521][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x332dd
[   85.495161][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.497086][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   85.499386][ T6233] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   85.501646][ T6233] page dumped because: page_pool leak
[   85.503125][ T6233] page_owner tracks the page as allocated
[   85.504662][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85204042098, free_ts 84905255497
[   85.509095][ T6233]  post_alloc_hook+0x181/0x1b0
[   85.510493][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   85.512044][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   85.513644][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   85.515201][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   85.516887][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   85.518400][ T6233]  skb_pp_cow_data+0x775/0xf00
[   85.519697][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   85.521038][ T6233]  do_xdp_generic+0x404/0xe80
[   85.522317][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.523595][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.524963][ T6233]  vfs_write+0x5ba/0x1180
[   85.526128][ T6233]  ksys_write+0x12a/0x240
[   85.527370][ T6233]  do_syscall_64+0xcd/0x260
[   85.528745][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.530349][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   85.532065][ T6233]  __free_frozen_pages+0x69d/0xff0
[   85.533472][ T6233]  __put_partials+0x16d/0x1c0
[   85.534783][ T6233]  qlist_free_all+0x4e/0x120
[   85.536052][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   85.537628][ T6233]  __kasan_slab_alloc+0x69/0x90
[   85.539061][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   85.540544][ T6233]  getname_flags.part.0+0x48/0x540
[   85.541967][ T6233]  getname_flags+0x93/0xf0
[   85.543225][ T6233]  do_sys_openat2+0xb8/0x1d0
[   85.544494][ T6233]  __x64_sys_openat+0x174/0x210
[   85.545838][ T6233]  do_syscall_64+0xcd/0x260
[   85.547178][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.548879][ T6233] Modules linked in:
[   85.549951][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   85.549967][ T6233] Tainted: [B]=BAD_PAGE
[   85.549971][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.549977][ T6233] Call Trace:
[   85.549980][ T6233]  <TASK>
[   85.549984][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   85.550000][ T6233]  bad_page+0xb3/0x1f0
[   85.550011][ T6233]  ? __pfx_bad_page+0x10/0x10
[   85.550023][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   85.550035][ T6233]  __free_frozen_pages+0x76e/0xff0
[   85.550053][ T6233]  page_frag_free+0x255/0x2a0
[   85.550069][ T6233]  __xdp_return+0x359/0xa40
[   85.550091][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   85.550106][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   85.550134][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   85.550145][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   85.550158][ T6233]  do_xdp_generic+0x719/0xe80
[   85.550169][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   85.550179][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   85.550190][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   85.550207][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.550222][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   85.550234][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   85.550248][ T6233]  ? find_held_lock+0x2b/0x80
[   85.550261][ T6233]  ? tun_get+0x191/0x370
[   85.550273][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.550287][ T6233]  vfs_write+0x5ba/0x1180
[   85.550295][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   85.550309][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   85.550317][ T6233]  ? find_held_lock+0x2b/0x80
[   85.550332][ T6233]  ksys_write+0x12a/0x240
[   85.550340][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   85.550349][ T6233]  ? rcu_is_watching+0x12/0xc0
[   85.550363][ T6233]  do_syscall_64+0xcd/0x260
[   85.550377][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.550388][ T6233] RIP: 0033:0x7f038f38bc1f
[   85.550396][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   85.550406][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   85.550415][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   85.550422][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   85.550428][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   85.550434][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   85.550439][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   85.550448][ T6233]  </TASK>
[   85.550455][ T6233] BUG: Bad page state in process syz.0.16  pfn:332dc
[   85.622803][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880332dd400 pfn:0x332dc
[   85.625497][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.627568][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   85.629911][ T6233] raw: ffff8880332dd400 0000000000000001 00000000ffffffff 0000000000000000
[   85.632216][ T6233] page dumped because: page_pool leak
[   85.633696][ T6233] page_owner tracks the page as allocated
[   85.635251][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85204031178, free_ts 84905255497
[   85.639686][ T6233]  post_alloc_hook+0x181/0x1b0
[   85.641083][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   85.642613][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   85.644254][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   85.645758][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   85.647473][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   85.649004][ T6233]  skb_pp_cow_data+0x775/0xf00
[   85.650300][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   85.651718][ T6233]  do_xdp_generic+0x404/0xe80
[   85.653064][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.654343][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.655696][ T6233]  vfs_write+0x5ba/0x1180
[   85.657064][ T6233]  ksys_write+0x12a/0x240
[   85.658349][ T6233]  do_syscall_64+0xcd/0x260
[   85.659598][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.661181][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   85.662886][ T6233]  __free_frozen_pages+0x69d/0xff0
[   85.664293][ T6233]  __put_partials+0x16d/0x1c0
[   85.665583][ T6233]  qlist_free_all+0x4e/0x120
[   85.666960][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   85.668528][ T6233]  __kasan_slab_alloc+0x69/0x90
[   85.669856][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   85.671350][ T6233]  getname_flags.part.0+0x48/0x540
[   85.672763][ T6233]  getname_flags+0x93/0xf0
[   85.673973][ T6233]  do_sys_openat2+0xb8/0x1d0
[   85.675255][ T6233]  __x64_sys_openat+0x174/0x210
[   85.676675][ T6233]  do_syscall_64+0xcd/0x260
[   85.678040][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.679633][ T6233] Modules linked in:
[   85.680686][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   85.680702][ T6233] Tainted: [B]=BAD_PAGE
[   85.680705][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.680712][ T6233] Call Trace:
[   85.680715][ T6233]  <TASK>
[   85.680719][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   85.680734][ T6233]  bad_page+0xb3/0x1f0
[   85.680746][ T6233]  ? __pfx_bad_page+0x10/0x10
[   85.680758][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   85.680769][ T6233]  __free_frozen_pages+0x76e/0xff0
[   85.680786][ T6233]  page_frag_free+0x255/0x2a0
[   85.680798][ T6233]  __xdp_return+0x359/0xa40
[   85.680813][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   85.680824][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   85.680842][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   85.680854][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   85.680868][ T6233]  do_xdp_generic+0x719/0xe80
[   85.680879][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   85.680889][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   85.680900][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   85.680917][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.680932][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   85.680945][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   85.680958][ T6233]  ? find_held_lock+0x2b/0x80
[   85.680971][ T6233]  ? tun_get+0x191/0x370
[   85.680983][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.680996][ T6233]  vfs_write+0x5ba/0x1180
[   85.681006][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   85.681019][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   85.681027][ T6233]  ? find_held_lock+0x2b/0x80
[   85.681043][ T6233]  ksys_write+0x12a/0x240
[   85.681051][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   85.681059][ T6233]  ? rcu_is_watching+0x12/0xc0
[   85.681073][ T6233]  do_syscall_64+0xcd/0x260
[   85.681087][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.681097][ T6233] RIP: 0033:0x7f038f38bc1f
[   85.681105][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   85.681115][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   85.681124][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   85.681131][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   85.681137][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   85.681143][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   85.681148][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   85.681158][ T6233]  </TASK>
[   85.681164][ T6233] BUG: Bad page state in process syz.0.16  pfn:332db
[   85.692229][   T40] audit: type=1400 audit(1744120887.536:150): avc:  denied  { rename } for  pid=5337 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   85.692699][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x332db
[   85.692716][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.692736][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   85.694014][   T40] audit: type=1400 audit(1744120887.536:151): avc:  denied  { unlink } for  pid=5337 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   85.695466][ T6233] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   85.697446][   T40] audit: type=1400 audit(1744120887.536:152): avc:  denied  { create } for  pid=5337 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   85.698626][ T6233] page dumped because: page_pool leak
[   85.698634][ T6233] page_owner tracks the page as allocated
[   85.698640][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85204020332, free_ts 84905255497
[   85.788216][ T6233]  post_alloc_hook+0x181/0x1b0
[   85.789514][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   85.790973][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   85.792584][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   85.794088][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   85.795689][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   85.797177][ T6233]  skb_pp_cow_data+0x775/0xf00
[   85.798475][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   85.799822][ T6233]  do_xdp_generic+0x404/0xe80
[   85.801087][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.802359][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.803715][ T6233]  vfs_write+0x5ba/0x1180
[   85.804874][ T6233]  ksys_write+0x12a/0x240
[   85.806017][ T6233]  do_syscall_64+0xcd/0x260
[   85.807299][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.808871][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   85.810526][ T6233]  __free_frozen_pages+0x69d/0xff0
[   85.811902][ T6233]  __put_partials+0x16d/0x1c0
[   85.813196][ T6233]  qlist_free_all+0x4e/0x120
[   85.814415][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   85.815849][ T6233]  __kasan_slab_alloc+0x69/0x90
[   85.817185][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   85.818627][ T6233]  getname_flags.part.0+0x48/0x540
[   85.820012][ T6233]  getname_flags+0x93/0xf0
[   85.821219][ T6233]  do_sys_openat2+0xb8/0x1d0
[   85.822483][ T6233]  __x64_sys_openat+0x174/0x210
[   85.823809][ T6233]  do_syscall_64+0xcd/0x260
[   85.825034][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.826627][ T6233] Modules linked in:
[   85.827692][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   85.827708][ T6233] Tainted: [B]=BAD_PAGE
[   85.827711][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.827718][ T6233] Call Trace:
[   85.827721][ T6233]  <TASK>
[   85.827725][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   85.827740][ T6233]  bad_page+0xb3/0x1f0
[   85.827752][ T6233]  ? __pfx_bad_page+0x10/0x10
[   85.827764][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   85.827776][ T6233]  __free_frozen_pages+0x76e/0xff0
[   85.827792][ T6233]  page_frag_free+0x255/0x2a0
[   85.827804][ T6233]  __xdp_return+0x359/0xa40
[   85.827818][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   85.827828][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   85.827849][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   85.827858][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   85.827872][ T6233]  do_xdp_generic+0x719/0xe80
[   85.827882][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   85.827892][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   85.827903][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   85.827919][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.827935][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   85.827947][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   85.827961][ T6233]  ? find_held_lock+0x2b/0x80
[   85.827974][ T6233]  ? tun_get+0x191/0x370
[   85.827986][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.828000][ T6233]  vfs_write+0x5ba/0x1180
[   85.828008][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   85.828022][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   85.828030][ T6233]  ? find_held_lock+0x2b/0x80
[   85.828045][ T6233]  ksys_write+0x12a/0x240
[   85.828053][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   85.828062][ T6233]  ? rcu_is_watching+0x12/0xc0
[   85.828076][ T6233]  do_syscall_64+0xcd/0x260
[   85.828090][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.828100][ T6233] RIP: 0033:0x7f038f38bc1f
[   85.828108][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   85.828118][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   85.828127][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   85.828133][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   85.828139][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   85.828145][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   85.828151][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   85.828159][ T6233]  </TASK>
[   85.828165][ T6233] BUG: Bad page state in process syz.0.16  pfn:332da
[   85.897758][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880332da380 pfn:0x332da
[   85.900397][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   85.902260][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   85.904526][ T6233] raw: ffff8880332da380 0000000000000001 00000000ffffffff 0000000000000000
[   85.906788][ T6233] page dumped because: page_pool leak
[   85.908229][ T6233] page_owner tracks the page as allocated
[   85.909743][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85204009829, free_ts 84905255497
[   85.914127][ T6233]  post_alloc_hook+0x181/0x1b0
[   85.915423][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   85.916941][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   85.918523][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   85.919992][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   85.921581][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   85.923062][ T6233]  skb_pp_cow_data+0x775/0xf00
[   85.924369][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   85.925725][ T6233]  do_xdp_generic+0x404/0xe80
[   85.926988][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.928244][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.929561][ T6233]  vfs_write+0x5ba/0x1180
[   85.930714][ T6233]  ksys_write+0x12a/0x240
[   85.931898][ T6233]  do_syscall_64+0xcd/0x260
[   85.933124][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.934692][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   85.936424][ T6233]  __free_frozen_pages+0x69d/0xff0
[   85.937807][ T6233]  __put_partials+0x16d/0x1c0
[   85.939084][ T6233]  qlist_free_all+0x4e/0x120
[   85.940349][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   85.941779][ T6233]  __kasan_slab_alloc+0x69/0x90
[   85.943132][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   85.944591][ T6233]  getname_flags.part.0+0x48/0x540
[   85.945974][ T6233]  getname_flags+0x93/0xf0
[   85.947243][ T6233]  do_sys_openat2+0xb8/0x1d0
[   85.948474][ T6233]  __x64_sys_openat+0x174/0x210
[   85.949772][ T6233]  do_syscall_64+0xcd/0x260
[   85.950990][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.952566][ T6233] Modules linked in:
[   85.953638][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   85.953654][ T6233] Tainted: [B]=BAD_PAGE
[   85.953658][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.953664][ T6233] Call Trace:
[   85.953668][ T6233]  <TASK>
[   85.953672][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   85.953687][ T6233]  bad_page+0xb3/0x1f0
[   85.953699][ T6233]  ? __pfx_bad_page+0x10/0x10
[   85.953710][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   85.953722][ T6233]  __free_frozen_pages+0x76e/0xff0
[   85.953739][ T6233]  page_frag_free+0x255/0x2a0
[   85.953750][ T6233]  __xdp_return+0x359/0xa40
[   85.953765][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   85.953774][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   85.953792][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   85.953801][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   85.953815][ T6233]  do_xdp_generic+0x719/0xe80
[   85.953826][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   85.953836][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   85.953850][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   85.953866][ T6233]  tun_get_user+0x1bc6/0x3b10
[   85.953881][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   85.953894][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   85.953907][ T6233]  ? find_held_lock+0x2b/0x80
[   85.953920][ T6233]  ? tun_get+0x191/0x370
[   85.953932][ T6233]  tun_chr_write_iter+0xdc/0x210
[   85.953946][ T6233]  vfs_write+0x5ba/0x1180
[   85.953954][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   85.953968][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   85.953976][ T6233]  ? find_held_lock+0x2b/0x80
[   85.953991][ T6233]  ksys_write+0x12a/0x240
[   85.954000][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   85.954008][ T6233]  ? rcu_is_watching+0x12/0xc0
[   85.954022][ T6233]  do_syscall_64+0xcd/0x260
[   85.954036][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.954046][ T6233] RIP: 0033:0x7f038f38bc1f
[   85.954054][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   85.954064][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   85.954073][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   85.954079][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   85.954085][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   85.954091][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   85.954096][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   85.954105][ T6233]  </TASK>
[   85.954112][ T6233] BUG: Bad page state in process syz.0.16  pfn:332d9
[   86.023703][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x332d9
[   86.026486][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.028470][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   86.030707][ T6233] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   86.032959][ T6233] page dumped because: page_pool leak
[   86.034368][ T6233] page_owner tracks the page as allocated
[   86.035903][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85203999271, free_ts 84905255497
[   86.040257][ T6233]  post_alloc_hook+0x181/0x1b0
[   86.041554][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   86.043043][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.044630][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.046104][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.047787][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   86.049234][ T6233]  skb_pp_cow_data+0x775/0xf00
[   86.050527][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   86.051894][ T6233]  do_xdp_generic+0x404/0xe80
[   86.053195][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.054448][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.055778][ T6233]  vfs_write+0x5ba/0x1180
[   86.056974][ T6233]  ksys_write+0x12a/0x240
[   86.058128][ T6233]  do_syscall_64+0xcd/0x260
[   86.059369][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.060930][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   86.062616][ T6233]  __free_frozen_pages+0x69d/0xff0
[   86.064021][ T6233]  __put_partials+0x16d/0x1c0
[   86.065288][ T6233]  qlist_free_all+0x4e/0x120
[   86.066574][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   86.068028][ T6233]  __kasan_slab_alloc+0x69/0x90
[   86.069350][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   86.070809][ T6233]  getname_flags.part.0+0x48/0x540
[   86.072210][ T6233]  getname_flags+0x93/0xf0
[   86.073459][ T6233]  do_sys_openat2+0xb8/0x1d0
[   86.074680][ T6233]  __x64_sys_openat+0x174/0x210
[   86.075977][ T6233]  do_syscall_64+0xcd/0x260
[   86.077258][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.078869][ T6233] Modules linked in:
[   86.079937][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.079954][ T6233] Tainted: [B]=BAD_PAGE
[   86.079957][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.079964][ T6233] Call Trace:
[   86.079967][ T6233]  <TASK>
[   86.079971][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   86.079986][ T6233]  bad_page+0xb3/0x1f0
[   86.079998][ T6233]  ? __pfx_bad_page+0x10/0x10
[   86.080009][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   86.080021][ T6233]  __free_frozen_pages+0x76e/0xff0
[   86.080038][ T6233]  page_frag_free+0x255/0x2a0
[   86.080049][ T6233]  __xdp_return+0x359/0xa40
[   86.080064][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   86.080074][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.080092][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.080101][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.080115][ T6233]  do_xdp_generic+0x719/0xe80
[   86.080125][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.080135][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   86.080146][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.080164][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.080179][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   86.080191][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.080205][ T6233]  ? find_held_lock+0x2b/0x80
[   86.080217][ T6233]  ? tun_get+0x191/0x370
[   86.080230][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.080243][ T6233]  vfs_write+0x5ba/0x1180
[   86.080251][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.080265][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   86.080273][ T6233]  ? find_held_lock+0x2b/0x80
[   86.080288][ T6233]  ksys_write+0x12a/0x240
[   86.080297][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   86.080305][ T6233]  ? rcu_is_watching+0x12/0xc0
[   86.080319][ T6233]  do_syscall_64+0xcd/0x260
[   86.080333][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.080343][ T6233] RIP: 0033:0x7f038f38bc1f
[   86.080350][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.080360][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.080369][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.080376][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.080381][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.080387][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.080393][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.080401][ T6233]  </TASK>
[   86.080408][ T6233] BUG: Bad page state in process syz.0.16  pfn:332d8
[   86.150391][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880332de000 pfn:0x332d8
[   86.153061][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.154952][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   86.157230][ T6233] raw: ffff8880332de000 0000000000000001 00000000ffffffff 0000000000000000
[   86.159491][ T6233] page dumped because: page_pool leak
[   86.160853][ T6233] page_owner tracks the page as allocated
[   86.162356][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85203988195, free_ts 84905255497
[   86.166701][ T6233]  post_alloc_hook+0x181/0x1b0
[   86.168002][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   86.169474][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.171042][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.172510][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.174083][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   86.175510][ T6233]  skb_pp_cow_data+0x775/0xf00
[   86.176852][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   86.178205][ T6233]  do_xdp_generic+0x404/0xe80
[   86.179478][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.180729][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.182046][ T6233]  vfs_write+0x5ba/0x1180
[   86.183215][ T6233]  ksys_write+0x12a/0x240
[   86.184375][ T6233]  do_syscall_64+0xcd/0x260
[   86.185594][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.187198][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   86.188887][ T6233]  __free_frozen_pages+0x69d/0xff0
[   86.190268][ T6233]  __put_partials+0x16d/0x1c0
[   86.191562][ T6233]  qlist_free_all+0x4e/0x120
[   86.192851][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   86.194281][ T6233]  __kasan_slab_alloc+0x69/0x90
[   86.195571][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   86.197066][ T6233]  getname_flags.part.0+0x48/0x540
[   86.198427][ T6233]  getname_flags+0x93/0xf0
[   86.199631][ T6233]  do_sys_openat2+0xb8/0x1d0
[   86.200871][ T6233]  __x64_sys_openat+0x174/0x210
[   86.202163][ T6233]  do_syscall_64+0xcd/0x260
[   86.203383][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.204953][ T6233] Modules linked in:
[   86.205969][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.205985][ T6233] Tainted: [B]=BAD_PAGE
[   86.205988][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.205995][ T6233] Call Trace:
[   86.205998][ T6233]  <TASK>
[   86.206002][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   86.206017][ T6233]  bad_page+0xb3/0x1f0
[   86.206028][ T6233]  ? __pfx_bad_page+0x10/0x10
[   86.206040][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   86.206052][ T6233]  __free_frozen_pages+0x76e/0xff0
[   86.206068][ T6233]  page_frag_free+0x255/0x2a0
[   86.206079][ T6233]  __xdp_return+0x359/0xa40
[   86.206094][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   86.206104][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.206122][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.206131][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.206144][ T6233]  do_xdp_generic+0x719/0xe80
[   86.206155][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.206165][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   86.206176][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.206193][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.206207][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   86.206220][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.206234][ T6233]  ? find_held_lock+0x2b/0x80
[   86.206247][ T6233]  ? tun_get+0x191/0x370
[   86.206260][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.206273][ T6233]  vfs_write+0x5ba/0x1180
[   86.206282][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.206295][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   86.206303][ T6233]  ? find_held_lock+0x2b/0x80
[   86.206329][ T6233]  ksys_write+0x12a/0x240
[   86.206338][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   86.206346][ T6233]  ? rcu_is_watching+0x12/0xc0
[   86.206360][ T6233]  do_syscall_64+0xcd/0x260
[   86.206374][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.206384][ T6233] RIP: 0033:0x7f038f38bc1f
[   86.206393][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.206402][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.206412][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.206418][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.206424][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.206430][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.206436][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.206444][ T6233]  </TASK>
[   86.275033][ T6233] BUG: Bad page state in process syz.0.16  pfn:403b7
[   86.276855][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f89c37c4 pfn:0x403b7
[   86.279409][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.281284][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   86.283571][ T6233] raw: 00000007f89c37c4 0000000000000001 00000000ffffffff 0000000000000000
[   86.285841][ T6233] page dumped because: page_pool leak
[   86.287347][ T6233] page_owner tracks the page as allocated
[   86.288866][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85203977666, free_ts 84905506660
[   86.293179][ T6233]  post_alloc_hook+0x181/0x1b0
[   86.294447][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   86.295942][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.296560][ T5306] Bluetooth: hci0: command tx timeout
[   86.297558][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.301627][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.303233][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   86.307728][ T6233]  skb_pp_cow_data+0x775/0xf00
[   86.309806][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   86.311201][ T6233]  do_xdp_generic+0x404/0xe80
[   86.312521][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.313815][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.315141][ T6233]  vfs_write+0x5ba/0x1180
[   86.316308][ T6233]  ksys_write+0x12a/0x240
[   86.317570][ T6233]  do_syscall_64+0xcd/0x260
[   86.318824][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.320400][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   86.322081][ T6233]  __free_frozen_pages+0x69d/0xff0
[   86.323469][ T6233]  __put_partials+0x16d/0x1c0
[   86.324738][ T6233]  qlist_free_all+0x4e/0x120
[   86.325990][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   86.327522][ T6233]  __kasan_slab_alloc+0x69/0x90
[   86.328862][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   86.330351][ T6233]  getname_flags.part.0+0x48/0x540
[   86.331722][ T6233]  getname_flags+0x93/0xf0
[   86.332944][ T6233]  do_sys_openat2+0xb8/0x1d0
[   86.334161][ T6233]  __x64_sys_openat+0x174/0x210
[   86.335486][ T6233]  do_syscall_64+0xcd/0x260
[   86.336746][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.338270][ T6233] Modules linked in:
[   86.339337][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.339352][ T6233] Tainted: [B]=BAD_PAGE
[   86.339356][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.339362][ T6233] Call Trace:
[   86.339367][ T6233]  <TASK>
[   86.339371][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   86.339385][ T6233]  bad_page+0xb3/0x1f0
[   86.339397][ T6233]  ? __pfx_bad_page+0x10/0x10
[   86.339409][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   86.339421][ T6233]  __free_frozen_pages+0x76e/0xff0
[   86.339437][ T6233]  page_frag_free+0x255/0x2a0
[   86.339448][ T6233]  __xdp_return+0x359/0xa40
[   86.339464][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   86.339473][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.339492][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.339505][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.339519][ T6233]  do_xdp_generic+0x719/0xe80
[   86.339530][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.339540][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   86.339550][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.339568][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.339583][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   86.339595][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.339609][ T6233]  ? find_held_lock+0x2b/0x80
[   86.339621][ T6233]  ? tun_get+0x191/0x370
[   86.339634][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.339647][ T6233]  vfs_write+0x5ba/0x1180
[   86.339656][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.339670][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   86.339678][ T6233]  ? find_held_lock+0x2b/0x80
[   86.339693][ T6233]  ksys_write+0x12a/0x240
[   86.339701][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   86.339709][ T6233]  ? rcu_is_watching+0x12/0xc0
[   86.339724][ T6233]  do_syscall_64+0xcd/0x260
[   86.339737][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.339747][ T6233] RIP: 0033:0x7f038f38bc1f
[   86.339755][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.339765][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.339775][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.339781][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.339787][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.339793][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.339799][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.339808][ T6233]  </TASK>
[   86.339814][ T6233] BUG: Bad page state in process syz.0.16  pfn:403b6
[   86.409737][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f89c37c3 pfn:0x403b6
[   86.412237][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.414162][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   86.416538][ T6233] raw: 00000007f89c37c3 0000000000000001 00000000ffffffff 0000000000000000
[   86.418910][ T6233] page dumped because: page_pool leak
[   86.420362][ T6233] page_owner tracks the page as allocated
[   86.421897][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85203967234, free_ts 84905506660
[   86.426382][ T6233]  post_alloc_hook+0x181/0x1b0
[   86.427720][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   86.429219][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.430814][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.432302][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.433923][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   86.435391][ T6233]  skb_pp_cow_data+0x775/0xf00
[   86.436686][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   86.437996][ T6233]  do_xdp_generic+0x404/0xe80
[   86.439207][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.440452][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.441741][ T6233]  vfs_write+0x5ba/0x1180
[   86.442887][ T6233]  ksys_write+0x12a/0x240
[   86.444035][ T6233]  do_syscall_64+0xcd/0x260
[   86.445206][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.446830][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   86.448450][ T6233]  __free_frozen_pages+0x69d/0xff0
[   86.449766][ T6233]  __put_partials+0x16d/0x1c0
[   86.451010][ T6233]  qlist_free_all+0x4e/0x120
[   86.452189][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   86.453632][ T6233]  __kasan_slab_alloc+0x69/0x90
[   86.454896][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   86.456394][ T6233]  getname_flags.part.0+0x48/0x540
[   86.457731][ T6233]  getname_flags+0x93/0xf0
[   86.458896][ T6233]  do_sys_openat2+0xb8/0x1d0
[   86.460172][ T6233]  __x64_sys_openat+0x174/0x210
[   86.461470][ T6233]  do_syscall_64+0xcd/0x260
[   86.462689][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.464283][ T6233] Modules linked in:
[   86.465352][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.465368][ T6233] Tainted: [B]=BAD_PAGE
[   86.465371][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.465378][ T6233] Call Trace:
[   86.465382][ T6233]  <TASK>
[   86.465386][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   86.465401][ T6233]  bad_page+0xb3/0x1f0
[   86.465413][ T6233]  ? __pfx_bad_page+0x10/0x10
[   86.465424][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   86.465436][ T6233]  __free_frozen_pages+0x76e/0xff0
[   86.465453][ T6233]  page_frag_free+0x255/0x2a0
[   86.465465][ T6233]  __xdp_return+0x359/0xa40
[   86.465479][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   86.465489][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.465512][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.465521][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.465535][ T6233]  do_xdp_generic+0x719/0xe80
[   86.465546][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.465556][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   86.465566][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.465583][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.465598][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   86.465611][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.465625][ T6233]  ? find_held_lock+0x2b/0x80
[   86.465637][ T6233]  ? tun_get+0x191/0x370
[   86.465650][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.465663][ T6233]  vfs_write+0x5ba/0x1180
[   86.465672][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.465686][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   86.465694][ T6233]  ? find_held_lock+0x2b/0x80
[   86.465709][ T6233]  ksys_write+0x12a/0x240
[   86.465718][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   86.465726][ T6233]  ? rcu_is_watching+0x12/0xc0
[   86.465740][ T6233]  do_syscall_64+0xcd/0x260
[   86.465754][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.465764][ T6233] RIP: 0033:0x7f038f38bc1f
[   86.465772][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.465781][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.465791][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.465797][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.465803][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.465809][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.465814][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.465823][ T6233]  </TASK>
[   86.465829][ T6233] BUG: Bad page state in process syz.0.16  pfn:403b5
[   86.536561][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f89c37c2 pfn:0x403b5
[   86.539099][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.541008][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   86.543283][ T6233] raw: 00000007f89c37c2 0000000000000001 00000000ffffffff 0000000000000000
[   86.545545][ T6233] page dumped because: page_pool leak
[   86.547049][ T6233] page_owner tracks the page as allocated
[   86.548675][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85203956533, free_ts 84905506660
[   86.553155][ T6233]  post_alloc_hook+0x181/0x1b0
[   86.554466][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   86.555982][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.557623][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.559137][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.560712][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   86.562150][ T6233]  skb_pp_cow_data+0x775/0xf00
[   86.563467][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   86.564835][ T6233]  do_xdp_generic+0x404/0xe80
[   86.566104][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.567449][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.568791][ T6233]  vfs_write+0x5ba/0x1180
[   86.569982][ T6233]  ksys_write+0x12a/0x240
[   86.571174][ T6233]  do_syscall_64+0xcd/0x260
[   86.572398][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.573999][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   86.575706][ T6233]  __free_frozen_pages+0x69d/0xff0
[   86.577158][ T6233]  __put_partials+0x16d/0x1c0
[   86.578454][ T6233]  qlist_free_all+0x4e/0x120
[   86.579718][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   86.581160][ T6233]  __kasan_slab_alloc+0x69/0x90
[   86.582468][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   86.583934][ T6233]  getname_flags.part.0+0x48/0x540
[   86.585325][ T6233]  getname_flags+0x93/0xf0
[   86.586581][ T6233]  do_sys_openat2+0xb8/0x1d0
[   86.587835][ T6233]  __x64_sys_openat+0x174/0x210
[   86.589096][ T6233]  do_syscall_64+0xcd/0x260
[   86.590287][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.591828][ T6233] Modules linked in:
[   86.592865][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.592881][ T6233] Tainted: [B]=BAD_PAGE
[   86.592885][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.592891][ T6233] Call Trace:
[   86.592896][ T6233]  <TASK>
[   86.592901][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   86.592915][ T6233]  bad_page+0xb3/0x1f0
[   86.592927][ T6233]  ? __pfx_bad_page+0x10/0x10
[   86.592939][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   86.592950][ T6233]  __free_frozen_pages+0x76e/0xff0
[   86.592967][ T6233]  page_frag_free+0x255/0x2a0
[   86.592978][ T6233]  __xdp_return+0x359/0xa40
[   86.592993][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   86.593002][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.593021][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.593029][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.593044][ T6233]  do_xdp_generic+0x719/0xe80
[   86.593054][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.593064][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   86.593075][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.593092][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.593106][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   86.593119][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.593133][ T6233]  ? find_held_lock+0x2b/0x80
[   86.593146][ T6233]  ? tun_get+0x191/0x370
[   86.593158][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.593172][ T6233]  vfs_write+0x5ba/0x1180
[   86.593180][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.593194][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   86.593202][ T6233]  ? find_held_lock+0x2b/0x80
[   86.593217][ T6233]  ksys_write+0x12a/0x240
[   86.593225][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   86.593233][ T6233]  ? rcu_is_watching+0x12/0xc0
[   86.593248][ T6233]  do_syscall_64+0xcd/0x260
[   86.593261][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.593271][ T6233] RIP: 0033:0x7f038f38bc1f
[   86.593280][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.593290][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.593299][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.593305][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.593311][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.593317][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.593323][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.593331][ T6233]  </TASK>
[   86.593338][ T6233] BUG: Bad page state in process syz.0.16  pfn:403b4
[   86.662146][ T6233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f89c37c1 pfn:0x403b4
[   86.664619][ T6233] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.666503][ T6233] raw: 00fff00000000000 dead000000000040 ffff888020e95000 0000000000000000
[   86.668761][ T6233] raw: 00000007f89c37c1 0000000000000001 00000000ffffffff 0000000000000000
[   86.671019][ T6233] page dumped because: page_pool leak
[   86.672410][ T6233] page_owner tracks the page as allocated
[   86.673895][ T6233] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6233, tgid 6232 (syz.0.16), ts 85203946116, free_ts 84905506660
[   86.678114][ T6233]  post_alloc_hook+0x181/0x1b0
[   86.679405][ T6233]  get_page_from_freelist+0x1193/0x39b0
[   86.680879][ T6233]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.682448][ T6233]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.683932][ T6233]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.685488][ T6233]  page_pool_alloc_netmems+0xc4/0x190
[   86.686932][ T6233]  skb_pp_cow_data+0x775/0xf00
[   86.688241][ T6233]  skb_cow_data_for_xdp+0x88/0xb0
[   86.689583][ T6233]  do_xdp_generic+0x404/0xe80
[   86.690849][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.692117][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.693463][ T6233]  vfs_write+0x5ba/0x1180
[   86.694615][ T6233]  ksys_write+0x12a/0x240
[   86.695759][ T6233]  do_syscall_64+0xcd/0x260
[   86.697015][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.698584][ T6233] page last free pid 6226 tgid 6226 stack trace:
[   86.700249][ T6233]  __free_frozen_pages+0x69d/0xff0
[   86.701618][ T6233]  __put_partials+0x16d/0x1c0
[   86.702902][ T6233]  qlist_free_all+0x4e/0x120
[   86.704162][ T6233]  kasan_quarantine_reduce+0x195/0x1e0
[   86.705596][ T6233]  __kasan_slab_alloc+0x69/0x90
[   86.706942][ T6233]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[   86.708429][ T6233]  getname_flags.part.0+0x48/0x540
[   86.709811][ T6233]  getname_flags+0x93/0xf0
[   86.710999][ T6233]  do_sys_openat2+0xb8/0x1d0
[   86.712234][ T6233]  __x64_sys_openat+0x174/0x210
[   86.713564][ T6233]  do_syscall_64+0xcd/0x260
[   86.714777][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.716401][ T6233] Modules linked in:
[   86.717454][ T6233] CPU: 2 UID: 0 PID: 6233 Comm: syz.0.16 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.717470][ T6233] Tainted: [B]=BAD_PAGE
[   86.717473][ T6233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.717479][ T6233] Call Trace:
[   86.717484][ T6233]  <TASK>
[   86.717488][ T6233]  dump_stack_lvl+0x16c/0x1f0
[   86.717502][ T6233]  bad_page+0xb3/0x1f0
[   86.717514][ T6233]  ? __pfx_bad_page+0x10/0x10
[   86.717525][ T6233]  ? page_bad_reason+0x9d/0x1e0
[   86.717541][ T6233]  __free_frozen_pages+0x76e/0xff0
[   86.717557][ T6233]  page_frag_free+0x255/0x2a0
[   86.717568][ T6233]  __xdp_return+0x359/0xa40
[   86.717583][ T6233]  ? kmem_cache_free+0x2d4/0x4d0
[   86.717593][ T6233]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.717611][ T6233]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.717620][ T6233]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.717634][ T6233]  do_xdp_generic+0x719/0xe80
[   86.717645][ T6233]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.717655][ T6233]  ? __lock_acquire+0x5ca/0x1ba0
[   86.717665][ T6233]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.717682][ T6233]  tun_get_user+0x1bc6/0x3b10
[   86.717697][ T6233]  ? __pfx_tun_get_user+0x10/0x10
[   86.717709][ T6233]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.717723][ T6233]  ? find_held_lock+0x2b/0x80
[   86.717736][ T6233]  ? tun_get+0x191/0x370
[   86.717749][ T6233]  tun_chr_write_iter+0xdc/0x210
[   86.717762][ T6233]  vfs_write+0x5ba/0x1180
[   86.717771][ T6233]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.717784][ T6233]  ? __pfx_vfs_write+0x10/0x10
[   86.717792][ T6233]  ? find_held_lock+0x2b/0x80
[   86.717808][ T6233]  ksys_write+0x12a/0x240
[   86.717816][ T6233]  ? __pfx_ksys_write+0x10/0x10
[   86.717824][ T6233]  ? rcu_is_watching+0x12/0xc0
[   86.717838][ T6233]  do_syscall_64+0xcd/0x260
[   86.717852][ T6233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.717862][ T6233] RIP: 0033:0x7f038f38bc1f
[   86.717870][ T6233] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.717880][ T6233] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.717889][ T6233] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.717895][ T6233] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.717901][ T6233] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.717907][ T6233] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.717912][ T6233] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.717921][ T6233]  </TASK>
[   86.817809][ T6235] BUG: Bad page state in process syz.0.17  pfn:51719
[   86.819626][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51719
[   86.821943][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.823847][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   86.826019][ T6235] raw: 0000000000000000 3fffffffffffffff 00000000ffffffff 0000000000000000
[   86.828445][ T6235] page dumped because: page_pool leak
[   86.829921][ T6235] page_owner tracks the page as allocated
[   86.831415][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817777238, free_ts 0
[   86.835597][ T6235]  post_alloc_hook+0x181/0x1b0
[   86.836952][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   86.838409][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.839978][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.841502][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.843113][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   86.844583][ T6235]  page_pool_alloc_frag_netmem+0x21b/0x760
[   86.846147][ T6235]  skb_pp_cow_data+0x570/0xf00
[   86.847509][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   86.848878][ T6235]  do_xdp_generic+0x404/0xe80
[   86.850166][ T6235]  tun_get_user+0x1bc6/0x3b10
[   86.851471][ T6235]  tun_chr_write_iter+0xdc/0x210
[   86.852846][ T6235]  vfs_write+0x5ba/0x1180
[   86.854034][ T6235]  ksys_write+0x12a/0x240
[   86.855240][ T6235]  do_syscall_64+0xcd/0x260
[   86.856536][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.858119][ T6235] page_owner free stack trace missing
[   86.859587][ T6235] Modules linked in:
[   86.860633][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.860649][ T6235] Tainted: [B]=BAD_PAGE
[   86.860652][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.860659][ T6235] Call Trace:
[   86.860663][ T6235]  <TASK>
[   86.860667][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   86.860682][ T6235]  bad_page+0xb3/0x1f0
[   86.860695][ T6235]  ? __pfx_bad_page+0x10/0x10
[   86.860707][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   86.860718][ T6235]  __free_frozen_pages+0x76e/0xff0
[   86.860735][ T6235]  page_frag_free+0x255/0x2a0
[   86.860746][ T6235]  __xdp_return+0x359/0xa40
[   86.860761][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   86.860771][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.860790][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.860798][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.860813][ T6235]  do_xdp_generic+0x719/0xe80
[   86.860824][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.860833][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   86.860846][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.860864][ T6235]  tun_get_user+0x1bc6/0x3b10
[   86.860879][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   86.860891][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.860905][ T6235]  ? tun_get+0x191/0x370
[   86.860916][ T6235]  ? rcu_is_watching+0x12/0xc0
[   86.860929][ T6235]  ? lock_release+0x201/0x2f0
[   86.860939][ T6235]  tun_chr_write_iter+0xdc/0x210
[   86.860953][ T6235]  vfs_write+0x5ba/0x1180
[   86.860962][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.860975][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   86.860984][ T6235]  ? lock_release+0x201/0x2f0
[   86.860995][ T6235]  ksys_write+0x12a/0x240
[   86.861004][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   86.861012][ T6235]  ? rcu_is_watching+0x12/0xc0
[   86.861024][ T6235]  ? rcu_is_watching+0x12/0xc0
[   86.861038][ T6235]  do_syscall_64+0xcd/0x260
[   86.861052][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.861063][ T6235] RIP: 0033:0x7f038f38bc1f
[   86.861071][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.861081][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.861090][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.861097][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.861103][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.861108][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.861114][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.861123][ T6235]  </TASK>
[   86.861129][ T6235] BUG: Bad page state in process syz.0.17  pfn:51718
[   86.934925][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51718
[   86.937175][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.939088][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   86.941262][ T6235] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   86.943567][ T6235] page dumped because: page_pool leak
[   86.944962][ T6235] page_owner tracks the page as allocated
[   86.946526][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817773075, free_ts 0
[   86.950595][ T6235]  post_alloc_hook+0x181/0x1b0
[   86.951905][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   86.953373][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   86.954972][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   86.956499][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   86.958104][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   86.959527][ T6235]  skb_pp_cow_data+0x775/0xf00
[   86.960811][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   86.962149][ T6235]  do_xdp_generic+0x404/0xe80
[   86.963471][ T6235]  tun_get_user+0x1bc6/0x3b10
[   86.964817][ T6235]  tun_chr_write_iter+0xdc/0x210
[   86.966189][ T6235]  vfs_write+0x5ba/0x1180
[   86.967427][ T6235]  ksys_write+0x12a/0x240
[   86.968586][ T6235]  do_syscall_64+0xcd/0x260
[   86.969796][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.971350][ T6235] page_owner free stack trace missing
[   86.972767][ T6235] Modules linked in:
[   86.973826][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   86.973842][ T6235] Tainted: [B]=BAD_PAGE
[   86.973845][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.973852][ T6235] Call Trace:
[   86.973857][ T6235]  <TASK>
[   86.973861][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   86.973876][ T6235]  bad_page+0xb3/0x1f0
[   86.973889][ T6235]  ? __pfx_bad_page+0x10/0x10
[   86.973900][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   86.973912][ T6235]  __free_frozen_pages+0x76e/0xff0
[   86.973929][ T6235]  page_frag_free+0x255/0x2a0
[   86.973940][ T6235]  __xdp_return+0x359/0xa40
[   86.973955][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   86.973966][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   86.973984][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   86.973993][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   86.974007][ T6235]  do_xdp_generic+0x719/0xe80
[   86.974018][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   86.974028][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   86.974041][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   86.974058][ T6235]  tun_get_user+0x1bc6/0x3b10
[   86.974073][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   86.974086][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   86.974100][ T6235]  ? tun_get+0x191/0x370
[   86.974111][ T6235]  ? rcu_is_watching+0x12/0xc0
[   86.974124][ T6235]  ? lock_release+0x201/0x2f0
[   86.974134][ T6235]  tun_chr_write_iter+0xdc/0x210
[   86.974148][ T6235]  vfs_write+0x5ba/0x1180
[   86.974156][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   86.974170][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   86.974179][ T6235]  ? lock_release+0x201/0x2f0
[   86.974192][ T6235]  ksys_write+0x12a/0x240
[   86.974205][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   86.974215][ T6235]  ? rcu_is_watching+0x12/0xc0
[   86.974231][ T6235]  ? rcu_is_watching+0x12/0xc0
[   86.974248][ T6235]  do_syscall_64+0xcd/0x260
[   86.974267][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.974282][ T6235] RIP: 0033:0x7f038f38bc1f
[   86.974293][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   86.974306][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   86.974319][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   86.974328][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   86.974337][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   86.974346][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   86.974353][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   86.974363][ T6235]  </TASK>
[   86.974370][ T6235] BUG: Bad page state in process syz.0.17  pfn:51717
[   87.049170][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51717
[   87.051765][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.054059][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.057144][ T6235] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   87.060249][ T6235] page dumped because: page_pool leak
[   87.062252][ T6235] page_owner tracks the page as allocated
[   87.064347][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817769243, free_ts 0
[   87.070117][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.071913][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.073982][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.076210][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.078320][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.080591][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.082589][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.084569][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.086542][ T6235]  do_xdp_generic+0x404/0xe80
[   87.088346][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.089919][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.091309][ T6235]  vfs_write+0x5ba/0x1180
[   87.092572][ T6235]  ksys_write+0x12a/0x240
[   87.093830][ T6235]  do_syscall_64+0xcd/0x260
[   87.095155][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.096922][ T6235] page_owner free stack trace missing
[   87.098385][ T6235] Modules linked in:
[   87.099482][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.099498][ T6235] Tainted: [B]=BAD_PAGE
[   87.099502][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.099508][ T6235] Call Trace:
[   87.099512][ T6235]  <TASK>
[   87.099516][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.099532][ T6235]  bad_page+0xb3/0x1f0
[   87.099545][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.099557][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.099570][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.099587][ T6235]  page_frag_free+0x255/0x2a0
[   87.099598][ T6235]  __xdp_return+0x359/0xa40
[   87.099613][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.099623][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.099642][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.099650][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.099664][ T6235]  do_xdp_generic+0x719/0xe80
[   87.099675][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.099685][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.099699][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.099716][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.099732][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.099745][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.099758][ T6235]  ? tun_get+0x191/0x370
[   87.099769][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.099782][ T6235]  ? lock_release+0x201/0x2f0
[   87.099793][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.099807][ T6235]  vfs_write+0x5ba/0x1180
[   87.099816][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.099835][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.099844][ T6235]  ? lock_release+0x201/0x2f0
[   87.099856][ T6235]  ksys_write+0x12a/0x240
[   87.099864][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.099873][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.099885][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.099898][ T6235]  do_syscall_64+0xcd/0x260
[   87.099913][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.099923][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.099931][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.099942][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.099952][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.099958][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.099965][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.099970][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.099976][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.099985][ T6235]  </TASK>
[   87.099991][ T6235] BUG: Bad page state in process syz.0.17  pfn:51716
[   87.182146][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51716
[   87.185230][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.187924][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.190935][ T6235] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   87.193895][ T6235] page dumped because: page_pool leak
[   87.195734][ T6235] page_owner tracks the page as allocated
[   87.197753][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817765430, free_ts 86815490056
[   87.202202][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.203966][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.205810][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.207445][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.209074][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.211207][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.213089][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.214942][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.216943][ T6235]  do_xdp_generic+0x404/0xe80
[   87.218611][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.219932][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.221267][ T6235]  vfs_write+0x5ba/0x1180
[   87.222678][ T6235]  ksys_write+0x12a/0x240
[   87.224383][ T6235]  do_syscall_64+0xcd/0x260
[   87.226100][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.228402][ T6235] page last free pid 6235 tgid 6234 stack trace:
[   87.230770][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.232705][ T6235]  vfree+0x176/0x960
[   87.234210][ T6235]  bpf_prog_calc_tag+0x531/0x720
[   87.236078][ T6235]  resolve_pseudo_ldimm64+0xd3/0x1a80
[   87.238139][ T6235]  bpf_check+0x63ca/0xbbc0
[   87.239375][ T6235]  bpf_prog_load+0xe41/0x2490
[   87.240929][ T6235]  __sys_bpf+0x433c/0x4d80
[   87.242476][ T6235]  __x64_sys_bpf+0x78/0xc0
[   87.244146][ T6235]  do_syscall_64+0xcd/0x260
[   87.245662][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.247322][ T6235] Modules linked in:
[   87.248427][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.248443][ T6235] Tainted: [B]=BAD_PAGE
[   87.248447][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.248453][ T6235] Call Trace:
[   87.248457][ T6235]  <TASK>
[   87.248462][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.248477][ T6235]  bad_page+0xb3/0x1f0
[   87.248488][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.248500][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.248512][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.248529][ T6235]  page_frag_free+0x255/0x2a0
[   87.248540][ T6235]  __xdp_return+0x359/0xa40
[   87.248556][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.248566][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.248584][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.248593][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.248607][ T6235]  do_xdp_generic+0x719/0xe80
[   87.248618][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.248629][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.248642][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.248660][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.248675][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.248688][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.248702][ T6235]  ? tun_get+0x191/0x370
[   87.248713][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.248726][ T6235]  ? lock_release+0x201/0x2f0
[   87.248737][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.248750][ T6235]  vfs_write+0x5ba/0x1180
[   87.248759][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.248773][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.248782][ T6235]  ? lock_release+0x201/0x2f0
[   87.248793][ T6235]  ksys_write+0x12a/0x240
[   87.248802][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.248810][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.248826][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.248840][ T6235]  do_syscall_64+0xcd/0x260
[   87.248854][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.248865][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.248873][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.248883][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.248893][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.248899][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.248906][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.248912][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.248918][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.248927][ T6235]  </TASK>
[   87.248933][ T6235] BUG: Bad page state in process syz.0.17  pfn:51715
[   87.327715][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51715
[   87.330032][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.331945][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.334280][ T6235] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   87.336567][ T6235] page dumped because: page_pool leak
[   87.338027][ T6235] page_owner tracks the page as allocated
[   87.339591][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817761682, free_ts 86815579162
[   87.343942][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.345240][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.346762][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.348343][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.349806][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.351350][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.352976][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.354274][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.355653][ T6235]  do_xdp_generic+0x404/0xe80
[   87.356977][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.358244][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.359596][ T6235]  vfs_write+0x5ba/0x1180
[   87.360729][ T6235]  ksys_write+0x12a/0x240
[   87.361877][ T6235]  do_syscall_64+0xcd/0x260
[   87.363100][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.364649][ T6235] page last free pid 6235 tgid 6234 stack trace:
[   87.366276][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.367686][ T6235]  vfree+0x176/0x960
[   87.368757][ T6235]  bpf_check+0x88a/0xbbc0
[   87.369927][ T6235]  bpf_prog_load+0xe41/0x2490
[   87.371145][ T6235]  __sys_bpf+0x433c/0x4d80
[   87.372335][ T6235]  __x64_sys_bpf+0x78/0xc0
[   87.373570][ T6235]  do_syscall_64+0xcd/0x260
[   87.374773][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.376381][ T6235] Modules linked in:
[   87.377432][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.377448][ T6235] Tainted: [B]=BAD_PAGE
[   87.377452][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.377458][ T6235] Call Trace:
[   87.377463][ T6235]  <TASK>
[   87.377467][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.377482][ T6235]  bad_page+0xb3/0x1f0
[   87.377493][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.377506][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.377521][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.377537][ T6235]  page_frag_free+0x255/0x2a0
[   87.377549][ T6235]  __xdp_return+0x359/0xa40
[   87.377564][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.377574][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.377593][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.377602][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.377616][ T6235]  do_xdp_generic+0x719/0xe80
[   87.377626][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.377636][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.377650][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.377667][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.377683][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.377695][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.377709][ T6235]  ? tun_get+0x191/0x370
[   87.377720][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.377733][ T6235]  ? lock_release+0x201/0x2f0
[   87.377743][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.377757][ T6235]  vfs_write+0x5ba/0x1180
[   87.377766][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.377780][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.377789][ T6235]  ? lock_release+0x201/0x2f0
[   87.377800][ T6235]  ksys_write+0x12a/0x240
[   87.377808][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.377816][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.377829][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.377842][ T6235]  do_syscall_64+0xcd/0x260
[   87.377856][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.377866][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.377874][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.377884][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.377894][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.377901][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.377907][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.377913][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.377919][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.377928][ T6235]  </TASK>
[   87.377934][ T6235] BUG: Bad page state in process syz.0.17  pfn:40993
[   87.451810][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f89c3da0 pfn:0x40993
[   87.454336][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.456501][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.458794][ T6235] raw: 00000007f89c3da0 0000000000000001 00000000ffffffff 0000000000000000
[   87.461084][ T6235] page dumped because: page_pool leak
[   87.462493][ T6235] page_owner tracks the page as allocated
[   87.464028][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817757687, free_ts 86816619280
[   87.468334][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.469628][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.471093][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.472651][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.474180][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.475776][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.477235][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.478488][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.479853][ T6235]  do_xdp_generic+0x404/0xe80
[   87.481058][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.482294][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.483674][ T6235]  vfs_write+0x5ba/0x1180
[   87.484812][ T6235]  ksys_write+0x12a/0x240
[   87.485982][ T6235]  do_syscall_64+0xcd/0x260
[   87.487247][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.488847][ T6235] page last free pid 33 tgid 33 stack trace:
[   87.490430][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.491821][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   87.493249][ T6235]  rcu_core+0x799/0x14e0
[   87.494379][ T6235]  handle_softirqs+0x216/0x8e0
[   87.495659][ T6235]  run_ksoftirqd+0x3a/0x60
[   87.496924][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   87.498228][ T6235]  kthread+0x3c2/0x780
[   87.499313][ T6235]  ret_from_fork+0x45/0x80
[   87.500536][ T6235]  ret_from_fork_asm+0x1a/0x30
[   87.501764][ T6235] Modules linked in:
[   87.502842][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.502858][ T6235] Tainted: [B]=BAD_PAGE
[   87.502862][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.502869][ T6235] Call Trace:
[   87.502874][ T6235]  <TASK>
[   87.502879][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.502894][ T6235]  bad_page+0xb3/0x1f0
[   87.502907][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.502918][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.502930][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.502947][ T6235]  page_frag_free+0x255/0x2a0
[   87.502958][ T6235]  __xdp_return+0x359/0xa40
[   87.502973][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.502983][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.503002][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.503011][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.503025][ T6235]  do_xdp_generic+0x719/0xe80
[   87.503036][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.503046][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.503060][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.503077][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.503093][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.503105][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.503119][ T6235]  ? tun_get+0x191/0x370
[   87.503130][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.503143][ T6235]  ? lock_release+0x201/0x2f0
[   87.503154][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.503168][ T6235]  vfs_write+0x5ba/0x1180
[   87.503178][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.503192][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.503200][ T6235]  ? lock_release+0x201/0x2f0
[   87.503212][ T6235]  ksys_write+0x12a/0x240
[   87.503220][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.503229][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.503241][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.503255][ T6235]  do_syscall_64+0xcd/0x260
[   87.503269][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.503280][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.503288][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.503299][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.503308][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.503315][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.503321][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.503327][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.503333][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.503342][ T6235]  </TASK>
[   87.503349][ T6235] BUG: Bad page state in process syz.0.17  pfn:40992
[   87.577430][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x700000000 pfn:0x40992
[   87.579926][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.581781][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.584063][ T6235] raw: 0000000700000000 0000000000000001 00000000ffffffff 0000000000000000
[   87.586421][ T6235] page dumped because: page_pool leak
[   87.587912][ T6235] page_owner tracks the page as allocated
[   87.589420][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817753895, free_ts 86816624891
[   87.593790][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.595120][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.596733][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.598775][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.600270][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.601854][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.603356][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.604664][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.606010][ T6235]  do_xdp_generic+0x404/0xe80
[   87.607339][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.608620][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.609966][ T6235]  vfs_write+0x5ba/0x1180
[   87.611143][ T6235]  ksys_write+0x12a/0x240
[   87.612303][ T6235]  do_syscall_64+0xcd/0x260
[   87.613575][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.615165][ T6235] page last free pid 33 tgid 33 stack trace:
[   87.616844][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.618234][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   87.619675][ T6235]  rcu_core+0x799/0x14e0
[   87.620818][ T6235]  handle_softirqs+0x216/0x8e0
[   87.622123][ T6235]  run_ksoftirqd+0x3a/0x60
[   87.623369][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   87.624715][ T6235]  kthread+0x3c2/0x780
[   87.625820][ T6235]  ret_from_fork+0x45/0x80
[   87.627127][ T6235]  ret_from_fork_asm+0x1a/0x30
[   87.628577][ T6235] Modules linked in:
[   87.629660][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.629676][ T6235] Tainted: [B]=BAD_PAGE
[   87.629680][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.629687][ T6235] Call Trace:
[   87.629690][ T6235]  <TASK>
[   87.629695][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.629710][ T6235]  bad_page+0xb3/0x1f0
[   87.629722][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.629734][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.629746][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.629763][ T6235]  page_frag_free+0x255/0x2a0
[   87.629775][ T6235]  __xdp_return+0x359/0xa40
[   87.629790][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.629800][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.629819][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.629827][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.629842][ T6235]  do_xdp_generic+0x719/0xe80
[   87.629853][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.629863][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.629877][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.629895][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.629910][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.629923][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.629937][ T6235]  ? tun_get+0x191/0x370
[   87.629948][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.629961][ T6235]  ? lock_release+0x201/0x2f0
[   87.629972][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.629986][ T6235]  vfs_write+0x5ba/0x1180
[   87.629996][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.630010][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.630019][ T6235]  ? lock_release+0x201/0x2f0
[   87.630030][ T6235]  ksys_write+0x12a/0x240
[   87.630038][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.630046][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.630059][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.630072][ T6235]  do_syscall_64+0xcd/0x260
[   87.630087][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.630098][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.630106][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.630116][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.630126][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.630132][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.630138][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.630144][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.630150][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.630159][ T6235]  </TASK>
[   87.630165][ T6235] BUG: Bad page state in process syz.0.17  pfn:2cd70
[   87.703445][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802cd702d0 pfn:0x2cd70
[   87.706107][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.708042][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.710303][ T6235] raw: ffff88802cd702d0 0000000000000001 00000000ffffffff 0000000000000000
[   87.712585][ T6235] page dumped because: page_pool leak
[   87.714024][ T6235] page_owner tracks the page as allocated
[   87.715495][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817749448, free_ts 86816629974
[   87.719852][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.721138][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.722626][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.724224][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.725690][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.727343][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.728812][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.730115][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.731480][ T6235]  do_xdp_generic+0x404/0xe80
[   87.732763][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.734036][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.735385][ T6235]  vfs_write+0x5ba/0x1180
[   87.736587][ T6235]  ksys_write+0x12a/0x240
[   87.737758][ T6235]  do_syscall_64+0xcd/0x260
[   87.738980][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.740560][ T6235] page last free pid 33 tgid 33 stack trace:
[   87.742200][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.743630][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   87.745034][ T6235]  rcu_core+0x799/0x14e0
[   87.746189][ T6235]  handle_softirqs+0x216/0x8e0
[   87.747565][ T6235]  run_ksoftirqd+0x3a/0x60
[   87.748771][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   87.750126][ T6235]  kthread+0x3c2/0x780
[   87.751253][ T6235]  ret_from_fork+0x45/0x80
[   87.752463][ T6235]  ret_from_fork_asm+0x1a/0x30
[   87.753764][ T6235] Modules linked in:
[   87.754854][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.754870][ T6235] Tainted: [B]=BAD_PAGE
[   87.754874][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.754881][ T6235] Call Trace:
[   87.754887][ T6235]  <TASK>
[   87.754891][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.754907][ T6235]  bad_page+0xb3/0x1f0
[   87.754919][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.754931][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.754943][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.754960][ T6235]  page_frag_free+0x255/0x2a0
[   87.754971][ T6235]  __xdp_return+0x359/0xa40
[   87.754986][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.754996][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.755015][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.755024][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.755038][ T6235]  do_xdp_generic+0x719/0xe80
[   87.755049][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.755059][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.755072][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.755090][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.755105][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.755117][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.755131][ T6235]  ? tun_get+0x191/0x370
[   87.755142][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.755156][ T6235]  ? lock_release+0x201/0x2f0
[   87.755167][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.755180][ T6235]  vfs_write+0x5ba/0x1180
[   87.755189][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.755203][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.755212][ T6235]  ? lock_release+0x201/0x2f0
[   87.755224][ T6235]  ksys_write+0x12a/0x240
[   87.755232][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.755240][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.755253][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.755266][ T6235]  do_syscall_64+0xcd/0x260
[   87.755281][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.755292][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.755301][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.755311][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.755321][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.755327][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.755334][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.755339][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.755345][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.755355][ T6235]  </TASK>
[   87.755361][ T6235] BUG: Bad page state in process syz.0.17  pfn:351d0
[   87.828618][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x351d0
[   87.831280][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.833139][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.835400][ T6235] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[   87.837942][ T6235] page dumped because: page_pool leak
[   87.839388][ T6235] page_owner tracks the page as allocated
[   87.840907][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817745695, free_ts 86816634494
[   87.845184][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.846556][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.848059][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.849690][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.851190][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.852748][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.854172][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.855468][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.856881][ T6235]  do_xdp_generic+0x404/0xe80
[   87.858146][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.859421][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.860749][ T6235]  vfs_write+0x5ba/0x1180
[   87.861918][ T6235]  ksys_write+0x12a/0x240
[   87.863081][ T6235]  do_syscall_64+0xcd/0x260
[   87.864387][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.866075][ T6235] page last free pid 33 tgid 33 stack trace:
[   87.867923][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.869291][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   87.870689][ T6235]  rcu_core+0x799/0x14e0
[   87.871833][ T6235]  handle_softirqs+0x216/0x8e0
[   87.873106][ T6235]  run_ksoftirqd+0x3a/0x60
[   87.874280][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   87.875630][ T6235]  kthread+0x3c2/0x780
[   87.876773][ T6235]  ret_from_fork+0x45/0x80
[   87.877972][ T6235]  ret_from_fork_asm+0x1a/0x30
[   87.879243][ T6235] Modules linked in:
[   87.880306][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   87.880322][ T6235] Tainted: [B]=BAD_PAGE
[   87.880325][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.880332][ T6235] Call Trace:
[   87.880336][ T6235]  <TASK>
[   87.880341][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   87.880356][ T6235]  bad_page+0xb3/0x1f0
[   87.880369][ T6235]  ? __pfx_bad_page+0x10/0x10
[   87.880381][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   87.880393][ T6235]  __free_frozen_pages+0x76e/0xff0
[   87.880410][ T6235]  page_frag_free+0x255/0x2a0
[   87.880421][ T6235]  __xdp_return+0x359/0xa40
[   87.880437][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   87.880447][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   87.880466][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   87.880475][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   87.880493][ T6235]  do_xdp_generic+0x719/0xe80
[   87.880504][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   87.880514][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   87.880528][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   87.880545][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.880560][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   87.880573][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   87.880587][ T6235]  ? tun_get+0x191/0x370
[   87.880598][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.880611][ T6235]  ? lock_release+0x201/0x2f0
[   87.880621][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.880635][ T6235]  vfs_write+0x5ba/0x1180
[   87.880644][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   87.880658][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   87.880667][ T6235]  ? lock_release+0x201/0x2f0
[   87.880679][ T6235]  ksys_write+0x12a/0x240
[   87.880687][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   87.880696][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.880708][ T6235]  ? rcu_is_watching+0x12/0xc0
[   87.880721][ T6235]  do_syscall_64+0xcd/0x260
[   87.880736][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.880746][ T6235] RIP: 0033:0x7f038f38bc1f
[   87.880755][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.880766][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.880775][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   87.880782][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   87.880788][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   87.880794][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   87.880800][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   87.880809][ T6235]  </TASK>
[   87.880815][ T6235] BUG: Bad page state in process syz.0.17  pfn:29df0
[   87.955478][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888029df0000 pfn:0x29df0
[   87.958664][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.960610][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   87.962890][ T6235] raw: ffff888029df0000 0000000000000001 00000000ffffffff 0000000000000000
[   87.965131][ T6235] page dumped because: page_pool leak
[   87.966671][ T6235] page_owner tracks the page as allocated
[   87.968540][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817741877, free_ts 86816637376
[   87.972884][ T6235]  post_alloc_hook+0x181/0x1b0
[   87.974186][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   87.975609][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   87.977488][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   87.979422][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   87.981014][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   87.982445][ T6235]  skb_pp_cow_data+0x775/0xf00
[   87.983765][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   87.985182][ T6235]  do_xdp_generic+0x404/0xe80
[   87.986563][ T6235]  tun_get_user+0x1bc6/0x3b10
[   87.987912][ T6235]  tun_chr_write_iter+0xdc/0x210
[   87.989296][ T6235]  vfs_write+0x5ba/0x1180
[   87.990521][ T6235]  ksys_write+0x12a/0x240
[   87.991752][ T6235]  do_syscall_64+0xcd/0x260
[   87.993006][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.994631][ T6235] page last free pid 33 tgid 33 stack trace:
[   87.996230][ T6235]  __free_frozen_pages+0x69d/0xff0
[   87.998130][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   87.999690][ T6235]  rcu_core+0x799/0x14e0
[   88.000826][ T6235]  handle_softirqs+0x216/0x8e0
[   88.002111][ T6235]  run_ksoftirqd+0x3a/0x60
[   88.003318][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   88.004657][ T6235]  kthread+0x3c2/0x780
[   88.005765][ T6235]  ret_from_fork+0x45/0x80
[   88.007264][ T6235]  ret_from_fork_asm+0x1a/0x30
[   88.008594][ T6235] Modules linked in:
[   88.009676][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.009692][ T6235] Tainted: [B]=BAD_PAGE
[   88.009695][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.009710][ T6235] Call Trace:
[   88.009716][ T6235]  <TASK>
[   88.009720][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   88.009736][ T6235]  bad_page+0xb3/0x1f0
[   88.009749][ T6235]  ? __pfx_bad_page+0x10/0x10
[   88.009761][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   88.009773][ T6235]  __free_frozen_pages+0x76e/0xff0
[   88.009790][ T6235]  page_frag_free+0x255/0x2a0
[   88.009801][ T6235]  __xdp_return+0x359/0xa40
[   88.009817][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   88.009827][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.009847][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.009856][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.009870][ T6235]  do_xdp_generic+0x719/0xe80
[   88.009881][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.009891][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   88.009905][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.009922][ T6235]  tun_get_user+0x1bc6/0x3b10
[   88.009937][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   88.009950][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.009964][ T6235]  ? tun_get+0x191/0x370
[   88.009975][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.009987][ T6235]  ? lock_release+0x201/0x2f0
[   88.009998][ T6235]  tun_chr_write_iter+0xdc/0x210
[   88.010012][ T6235]  vfs_write+0x5ba/0x1180
[   88.010021][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.010035][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   88.010044][ T6235]  ? lock_release+0x201/0x2f0
[   88.010056][ T6235]  ksys_write+0x12a/0x240
[   88.010064][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   88.010072][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.010085][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.010098][ T6235]  do_syscall_64+0xcd/0x260
[   88.010112][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.010123][ T6235] RIP: 0033:0x7f038f38bc1f
[   88.010131][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.010142][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.010152][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.010158][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.010164][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.010170][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.010176][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.010185][ T6235]  </TASK>
[   88.010200][ T6235] BUG: Bad page state in process syz.0.17  pfn:24795
[   88.085156][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x24795
[   88.088098][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.089970][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   88.092243][ T6235] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   88.094521][ T6235] page dumped because: page_pool leak
[   88.095931][ T6235] page_owner tracks the page as allocated
[   88.097870][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817737926, free_ts 86816641985
[   88.102231][ T6235]  post_alloc_hook+0x181/0x1b0
[   88.103532][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   88.105014][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.106700][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.108297][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.109908][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   88.111335][ T6235]  skb_pp_cow_data+0x775/0xf00
[   88.112635][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   88.114008][ T6235]  do_xdp_generic+0x404/0xe80
[   88.115291][ T6235]  tun_get_user+0x1bc6/0x3b10
[   88.116686][ T6235]  tun_chr_write_iter+0xdc/0x210
[   88.118426][ T6235]  vfs_write+0x5ba/0x1180
[   88.119610][ T6235]  ksys_write+0x12a/0x240
[   88.120757][ T6235]  do_syscall_64+0xcd/0x260
[   88.121978][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.123564][ T6235] page last free pid 33 tgid 33 stack trace:
[   88.125148][ T6235]  __free_frozen_pages+0x69d/0xff0
[   88.126575][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   88.127984][ T6235]  rcu_core+0x799/0x14e0
[   88.129122][ T6235]  handle_softirqs+0x216/0x8e0
[   88.130393][ T6235]  run_ksoftirqd+0x3a/0x60
[   88.131604][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   88.132972][ T6235]  kthread+0x3c2/0x780
[   88.134102][ T6235]  ret_from_fork+0x45/0x80
[   88.135313][ T6235]  ret_from_fork_asm+0x1a/0x30
[   88.136663][ T6235] Modules linked in:
[   88.137707][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.137723][ T6235] Tainted: [B]=BAD_PAGE
[   88.137727][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.137733][ T6235] Call Trace:
[   88.137737][ T6235]  <TASK>
[   88.137741][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   88.137757][ T6235]  bad_page+0xb3/0x1f0
[   88.137769][ T6235]  ? __pfx_bad_page+0x10/0x10
[   88.137781][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   88.137793][ T6235]  __free_frozen_pages+0x76e/0xff0
[   88.137810][ T6235]  page_frag_free+0x255/0x2a0
[   88.137821][ T6235]  __xdp_return+0x359/0xa40
[   88.137836][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   88.137846][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.137865][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.137874][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.137889][ T6235]  do_xdp_generic+0x719/0xe80
[   88.137900][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.137910][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   88.137923][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.137940][ T6235]  tun_get_user+0x1bc6/0x3b10
[   88.137956][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   88.137968][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.137983][ T6235]  ? tun_get+0x191/0x370
[   88.137994][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.138006][ T6235]  ? lock_release+0x201/0x2f0
[   88.138017][ T6235]  tun_chr_write_iter+0xdc/0x210
[   88.138030][ T6235]  vfs_write+0x5ba/0x1180
[   88.138039][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.138053][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   88.138062][ T6235]  ? lock_release+0x201/0x2f0
[   88.138074][ T6235]  ksys_write+0x12a/0x240
[   88.138082][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   88.138091][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.138103][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.138117][ T6235]  do_syscall_64+0xcd/0x260
[   88.138131][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.138142][ T6235] RIP: 0033:0x7f038f38bc1f
[   88.138150][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.138161][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.138171][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.138178][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.138184][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.138190][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.138196][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.138205][ T6235]  </TASK>
[   88.138211][ T6235] BUG: Bad page state in process syz.0.17  pfn:28227
[   88.211225][ T6235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x28227
[   88.213895][ T6235] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.215747][ T6235] raw: 00fff00000000000 dead000000000040 ffff888020e97000 0000000000000000
[   88.218164][ T6235] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   88.220385][ T6235] page dumped because: page_pool leak
[   88.221800][ T6235] page_owner tracks the page as allocated
[   88.223323][ T6235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6235, tgid 6234 (syz.0.17), ts 86817734177, free_ts 86816646422
[   88.229044][ T6235]  post_alloc_hook+0x181/0x1b0
[   88.230869][ T6235]  get_page_from_freelist+0x1193/0x39b0
[   88.232923][ T6235]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.235027][ T6235]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.237058][ T6235]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.239194][ T6235]  page_pool_alloc_netmems+0xc4/0x190
[   88.241236][ T6235]  skb_pp_cow_data+0x775/0xf00
[   88.243009][ T6235]  skb_cow_data_for_xdp+0x88/0xb0
[   88.244866][ T6235]  do_xdp_generic+0x404/0xe80
[   88.246665][ T6235]  tun_get_user+0x1bc6/0x3b10
[   88.248417][ T6235]  tun_chr_write_iter+0xdc/0x210
[   88.250216][ T6235]  vfs_write+0x5ba/0x1180
[   88.251652][ T6235]  ksys_write+0x12a/0x240
[   88.252859][ T6235]  do_syscall_64+0xcd/0x260
[   88.254157][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.255759][ T6235] page last free pid 33 tgid 33 stack trace:
[   88.257457][ T6235]  __free_frozen_pages+0x69d/0xff0
[   88.258825][ T6235]  tlb_remove_table_rcu+0x116/0x1a0
[   88.260222][ T6235]  rcu_core+0x799/0x14e0
[   88.261375][ T6235]  handle_softirqs+0x216/0x8e0
[   88.262762][ T6235]  run_ksoftirqd+0x3a/0x60
[   88.264117][ T6235]  smpboot_thread_fn+0x3f4/0xae0
[   88.265520][ T6235]  kthread+0x3c2/0x780
[   88.266715][ T6235]  ret_from_fork+0x45/0x80
[   88.267939][ T6235]  ret_from_fork_asm+0x1a/0x30
[   88.269214][ T6235] Modules linked in:
[   88.270271][ T6235] CPU: 3 UID: 0 PID: 6235 Comm: syz.0.17 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.270287][ T6235] Tainted: [B]=BAD_PAGE
[   88.270291][ T6235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.270298][ T6235] Call Trace:
[   88.270302][ T6235]  <TASK>
[   88.270306][ T6235]  dump_stack_lvl+0x16c/0x1f0
[   88.270321][ T6235]  bad_page+0xb3/0x1f0
[   88.270334][ T6235]  ? __pfx_bad_page+0x10/0x10
[   88.270346][ T6235]  ? page_bad_reason+0x9d/0x1e0
[   88.270358][ T6235]  __free_frozen_pages+0x76e/0xff0
[   88.270375][ T6235]  page_frag_free+0x255/0x2a0
[   88.270387][ T6235]  __xdp_return+0x359/0xa40
[   88.270403][ T6235]  ? kmem_cache_free+0x2d4/0x4d0
[   88.270413][ T6235]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.270432][ T6235]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.270441][ T6235]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.270455][ T6235]  do_xdp_generic+0x719/0xe80
[   88.270466][ T6235]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.270476][ T6235]  ? __pfx__copy_from_iter+0x10/0x10
[   88.270489][ T6235]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.270507][ T6235]  tun_get_user+0x1bc6/0x3b10
[   88.270522][ T6235]  ? __pfx_tun_get_user+0x10/0x10
[   88.270535][ T6235]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.270549][ T6235]  ? tun_get+0x191/0x370
[   88.270559][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.270575][ T6235]  ? lock_release+0x201/0x2f0
[   88.270586][ T6235]  tun_chr_write_iter+0xdc/0x210
[   88.270600][ T6235]  vfs_write+0x5ba/0x1180
[   88.270609][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.270623][ T6235]  ? __pfx_vfs_write+0x10/0x10
[   88.270632][ T6235]  ? lock_release+0x201/0x2f0
[   88.270644][ T6235]  ksys_write+0x12a/0x240
[   88.270652][ T6235]  ? __pfx_ksys_write+0x10/0x10
[   88.270661][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.270673][ T6235]  ? rcu_is_watching+0x12/0xc0
[   88.270686][ T6235]  do_syscall_64+0xcd/0x260
[   88.270701][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.270712][ T6235] RIP: 0033:0x7f038f38bc1f
[   88.270721][ T6235] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.270731][ T6235] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.270760][ T6235] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.270767][ T6235] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.270773][ T6235] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.270779][ T6235] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.270785][ T6235] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.270795][ T6235]  </TASK>
2025/04/08 14:01:30 executed programs: 3
[   88.363916][ T6237] BUG: Bad page state in process syz.0.18  pfn:268a0
[   88.366382][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880268a1100 pfn:0x268a0
[   88.369841][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.372351][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   88.375350][ T6237] raw: ffff8880268a1100 3fffffffffffffff 00000000ffffffff 0000000000000000
[   88.378349][ T6237] page dumped because: page_pool leak
[   88.380244][ T6237] page_owner tracks the page as allocated
[   88.382239][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363861637, free_ts 88107084142
[   88.388102][ T6237]  post_alloc_hook+0x181/0x1b0
[   88.389822][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   88.391837][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.393960][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.395906][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.398121][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   88.400069][ T6237]  page_pool_alloc_frag_netmem+0x21b/0x760
[   88.402148][ T6237]  skb_pp_cow_data+0x570/0xf00
[   88.403943][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   88.405742][ T6237]  do_xdp_generic+0x404/0xe80
[   88.407563][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.409260][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.411094][ T6237]  vfs_write+0x5ba/0x1180
[   88.412638][ T6237]  ksys_write+0x12a/0x240
[   88.414265][ T6237]  do_syscall_64+0xcd/0x260
[   88.415916][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.418086][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   88.419976][ T6237]  __free_frozen_pages+0x69d/0xff0
[   88.421348][ T6237]  qlist_free_all+0x4e/0x120
[   88.422588][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   88.424059][ T6237]  __kasan_slab_alloc+0x69/0x90
[   88.425356][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   88.426985][ T6237]  __alloc_skb+0x2b2/0x380
[   88.428220][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   88.429577][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   88.430953][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   88.432294][ T6237]  __sys_sendto+0x495/0x510
[   88.433530][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   88.434833][ T6237]  do_syscall_64+0xcd/0x260
[   88.436037][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.437643][ T6237] Modules linked in:
[   88.438708][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.438725][ T6237] Tainted: [B]=BAD_PAGE
[   88.438728][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.438748][ T6237] Call Trace:
[   88.438752][ T6237]  <TASK>
[   88.438756][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   88.438771][ T6237]  bad_page+0xb3/0x1f0
[   88.438783][ T6237]  ? __pfx_bad_page+0x10/0x10
[   88.438799][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   88.438811][ T6237]  __free_frozen_pages+0x76e/0xff0
[   88.438827][ T6237]  page_frag_free+0x255/0x2a0
[   88.438839][ T6237]  __xdp_return+0x359/0xa40
[   88.438854][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   88.438865][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.438883][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.438892][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.438906][ T6237]  do_xdp_generic+0x719/0xe80
[   88.438917][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.438927][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   88.438941][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.438959][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.438975][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   88.438987][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.439001][ T6237]  ? tun_get+0x191/0x370
[   88.439012][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.439025][ T6237]  ? lock_release+0x201/0x2f0
[   88.439037][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.439050][ T6237]  vfs_write+0x5ba/0x1180
[   88.439059][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.439073][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   88.439082][ T6237]  ? lock_release+0x201/0x2f0
[   88.439093][ T6237]  ksys_write+0x12a/0x240
[   88.439102][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   88.439111][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.439124][ T6237]  do_syscall_64+0xcd/0x260
[   88.439138][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.439149][ T6237] RIP: 0033:0x7f038f38bc1f
[   88.439156][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.439167][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.439176][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.439183][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.439189][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.439195][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.439201][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.439210][ T6237]  </TASK>
[   88.439217][ T6237] BUG: Bad page state in process syz.0.18  pfn:3610f
[   88.510070][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3610f
[   88.512355][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.514211][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   88.516489][ T6237] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   88.518715][ T6237] page dumped because: page_pool leak
[   88.520157][ T6237] page_owner tracks the page as allocated
[   88.521666][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363854367, free_ts 88107102190
[   88.525954][ T6237]  post_alloc_hook+0x181/0x1b0
[   88.527296][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   88.528770][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.530371][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.531853][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.533446][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   88.534892][ T6237]  skb_pp_cow_data+0x775/0xf00
[   88.536181][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   88.537565][ T6237]  do_xdp_generic+0x404/0xe80
[   88.538836][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.540087][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.541379][ T6237]  vfs_write+0x5ba/0x1180
[   88.542545][ T6237]  ksys_write+0x12a/0x240
[   88.543737][ T6237]  do_syscall_64+0xcd/0x260
[   88.545004][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.546711][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   88.548436][ T6237]  __free_frozen_pages+0x69d/0xff0
[   88.549796][ T6237]  qlist_free_all+0x4e/0x120
[   88.551037][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   88.552519][ T6237]  __kasan_slab_alloc+0x69/0x90
[   88.553864][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   88.555475][ T6237]  __alloc_skb+0x2b2/0x380
[   88.556723][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   88.558084][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   88.559466][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   88.560837][ T6237]  __sys_sendto+0x495/0x510
[   88.562041][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   88.563402][ T6237]  do_syscall_64+0xcd/0x260
[   88.564632][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.566205][ T6237] Modules linked in:
[   88.567374][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.567390][ T6237] Tainted: [B]=BAD_PAGE
[   88.567394][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.567401][ T6237] Call Trace:
[   88.567404][ T6237]  <TASK>
[   88.567409][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   88.567424][ T6237]  bad_page+0xb3/0x1f0
[   88.567436][ T6237]  ? __pfx_bad_page+0x10/0x10
[   88.567448][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   88.567461][ T6237]  __free_frozen_pages+0x76e/0xff0
[   88.567478][ T6237]  page_frag_free+0x255/0x2a0
[   88.567489][ T6237]  __xdp_return+0x359/0xa40
[   88.567504][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   88.567514][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.567533][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.567542][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.567556][ T6237]  do_xdp_generic+0x719/0xe80
[   88.567567][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.567577][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   88.567590][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.567607][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.567622][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   88.567635][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.567649][ T6237]  ? tun_get+0x191/0x370
[   88.567659][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.567672][ T6237]  ? lock_release+0x201/0x2f0
[   88.567683][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.567697][ T6237]  vfs_write+0x5ba/0x1180
[   88.567706][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.567720][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   88.567729][ T6237]  ? lock_release+0x201/0x2f0
[   88.567740][ T6237]  ksys_write+0x12a/0x240
[   88.567749][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   88.567758][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.567771][ T6237]  do_syscall_64+0xcd/0x260
[   88.567785][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.567799][ T6237] RIP: 0033:0x7f038f38bc1f
[   88.567807][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.567818][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.567828][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.567834][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.567840][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.567846][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.567852][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.567861][ T6237]  </TASK>
[   88.567868][ T6237] BUG: Bad page state in process syz.0.18  pfn:3610e
[   88.638846][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3610e
[   88.641210][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.643060][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   88.645359][ T6237] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   88.647688][ T6237] page dumped because: page_pool leak
[   88.649109][ T6237] page_owner tracks the page as allocated
[   88.650601][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363847185, free_ts 88107102190
[   88.654929][ T6237]  post_alloc_hook+0x181/0x1b0
[   88.656229][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   88.657741][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.659333][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.660834][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.662406][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   88.663867][ T6237]  skb_pp_cow_data+0x775/0xf00
[   88.665138][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   88.666528][ T6237]  do_xdp_generic+0x404/0xe80
[   88.667836][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.669098][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.670429][ T6237]  vfs_write+0x5ba/0x1180
[   88.671606][ T6237]  ksys_write+0x12a/0x240
[   88.672768][ T6237]  do_syscall_64+0xcd/0x260
[   88.673975][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.675533][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   88.677236][ T6237]  __free_frozen_pages+0x69d/0xff0
[   88.678634][ T6237]  qlist_free_all+0x4e/0x120
[   88.679931][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   88.681382][ T6237]  __kasan_slab_alloc+0x69/0x90
[   88.682681][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   88.684256][ T6237]  __alloc_skb+0x2b2/0x380
[   88.685439][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   88.686869][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   88.688267][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   88.689635][ T6237]  __sys_sendto+0x495/0x510
[   88.690897][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   88.692180][ T6237]  do_syscall_64+0xcd/0x260
[   88.693445][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.695048][ T6237] Modules linked in:
[   88.696133][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.696149][ T6237] Tainted: [B]=BAD_PAGE
[   88.696152][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.696159][ T6237] Call Trace:
[   88.696163][ T6237]  <TASK>
[   88.696168][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   88.696183][ T6237]  bad_page+0xb3/0x1f0
[   88.696195][ T6237]  ? __pfx_bad_page+0x10/0x10
[   88.696206][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   88.696218][ T6237]  __free_frozen_pages+0x76e/0xff0
[   88.696236][ T6237]  page_frag_free+0x255/0x2a0
[   88.696247][ T6237]  __xdp_return+0x359/0xa40
[   88.696261][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   88.696271][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.696289][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.696298][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.696321][ T6237]  do_xdp_generic+0x719/0xe80
[   88.696334][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.696344][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   88.696358][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.696375][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.696390][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   88.696403][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.696417][ T6237]  ? tun_get+0x191/0x370
[   88.696427][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.696441][ T6237]  ? lock_release+0x201/0x2f0
[   88.696451][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.696465][ T6237]  vfs_write+0x5ba/0x1180
[   88.696474][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.696488][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   88.696497][ T6237]  ? lock_release+0x201/0x2f0
[   88.696508][ T6237]  ksys_write+0x12a/0x240
[   88.696517][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   88.696526][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.696539][ T6237]  do_syscall_64+0xcd/0x260
[   88.696553][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.696563][ T6237] RIP: 0033:0x7f038f38bc1f
[   88.696571][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.696581][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.696591][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.696597][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.696603][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.696609][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.696615][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.696624][ T6237]  </TASK>
[   88.765261][ T6237] BUG: Bad page state in process syz.0.18  pfn:3610d
[   88.767057][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3610d
[   88.769310][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.771168][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   88.773433][ T6237] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   88.775679][ T6237] page dumped because: page_pool leak
[   88.777146][ T6237] page_owner tracks the page as allocated
[   88.778638][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363840108, free_ts 88107102190
[   88.782883][ T6237]  post_alloc_hook+0x181/0x1b0
[   88.784196][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   88.785681][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.787291][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.788835][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.790392][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   88.791840][ T6237]  skb_pp_cow_data+0x775/0xf00
[   88.793163][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   88.794541][ T6237]  do_xdp_generic+0x404/0xe80
[   88.795823][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.797173][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.798519][ T6237]  vfs_write+0x5ba/0x1180
[   88.799693][ T6237]  ksys_write+0x12a/0x240
[   88.800894][ T6237]  do_syscall_64+0xcd/0x260
[   88.802153][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.803753][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   88.805404][ T6237]  __free_frozen_pages+0x69d/0xff0
[   88.806829][ T6237]  qlist_free_all+0x4e/0x120
[   88.808118][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   88.809578][ T6237]  __kasan_slab_alloc+0x69/0x90
[   88.810914][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   88.812532][ T6237]  __alloc_skb+0x2b2/0x380
[   88.813780][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   88.815181][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   88.816630][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   88.818005][ T6237]  __sys_sendto+0x495/0x510
[   88.819218][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   88.820468][ T6237]  do_syscall_64+0xcd/0x260
[   88.821679][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.823251][ T6237] Modules linked in:
[   88.824272][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.824288][ T6237] Tainted: [B]=BAD_PAGE
[   88.824292][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.824298][ T6237] Call Trace:
[   88.824302][ T6237]  <TASK>
[   88.824306][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   88.824320][ T6237]  bad_page+0xb3/0x1f0
[   88.824332][ T6237]  ? __pfx_bad_page+0x10/0x10
[   88.824344][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   88.824356][ T6237]  __free_frozen_pages+0x76e/0xff0
[   88.824373][ T6237]  page_frag_free+0x255/0x2a0
[   88.824384][ T6237]  __xdp_return+0x359/0xa40
[   88.824399][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   88.824409][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.824428][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.824436][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.824451][ T6237]  do_xdp_generic+0x719/0xe80
[   88.824462][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.824471][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   88.824485][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.824502][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.824518][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   88.824530][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.824544][ T6237]  ? tun_get+0x191/0x370
[   88.824555][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.824568][ T6237]  ? lock_release+0x201/0x2f0
[   88.824579][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.824593][ T6237]  vfs_write+0x5ba/0x1180
[   88.824602][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.824615][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   88.824624][ T6237]  ? lock_release+0x201/0x2f0
[   88.824636][ T6237]  ksys_write+0x12a/0x240
[   88.824644][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   88.824653][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.824666][ T6237]  do_syscall_64+0xcd/0x260
[   88.824680][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.824691][ T6237] RIP: 0033:0x7f038f38bc1f
[   88.824698][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.824708][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.824718][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.824724][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.824730][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.824736][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.824742][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.824751][ T6237]  </TASK>
[   88.824757][ T6237] BUG: Bad page state in process syz.0.18  pfn:3610c
[   88.895842][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3610c
[   88.898080][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.899891][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   88.902128][ T6237] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   88.904371][ T6237] page dumped because: page_pool leak
[   88.905812][ T6237] page_owner tracks the page as allocated
[   88.907342][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363833313, free_ts 88107102190
[   88.911510][ T6237]  post_alloc_hook+0x181/0x1b0
[   88.912820][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   88.914246][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   88.915761][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   88.917243][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   88.918679][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   88.920095][ T6237]  skb_pp_cow_data+0x775/0xf00
[   88.921326][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   88.922631][ T6237]  do_xdp_generic+0x404/0xe80
[   88.923875][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.925095][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.926432][ T6237]  vfs_write+0x5ba/0x1180
[   88.927600][ T6237]  ksys_write+0x12a/0x240
[   88.928679][ T6237]  do_syscall_64+0xcd/0x260
[   88.929889][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.931438][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   88.933082][ T6237]  __free_frozen_pages+0x69d/0xff0
[   88.934430][ T6237]  qlist_free_all+0x4e/0x120
[   88.935667][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   88.937157][ T6237]  __kasan_slab_alloc+0x69/0x90
[   88.938419][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   88.939941][ T6237]  __alloc_skb+0x2b2/0x380
[   88.941083][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   88.942409][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   88.943797][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   88.945098][ T6237]  __sys_sendto+0x495/0x510
[   88.946292][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   88.947612][ T6237]  do_syscall_64+0xcd/0x260
[   88.948785][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.950357][ T6237] Modules linked in:
[   88.951417][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   88.951432][ T6237] Tainted: [B]=BAD_PAGE
[   88.951436][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.951443][ T6237] Call Trace:
[   88.951446][ T6237]  <TASK>
[   88.951450][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   88.951464][ T6237]  bad_page+0xb3/0x1f0
[   88.951476][ T6237]  ? __pfx_bad_page+0x10/0x10
[   88.951488][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   88.951500][ T6237]  __free_frozen_pages+0x76e/0xff0
[   88.951517][ T6237]  page_frag_free+0x255/0x2a0
[   88.951529][ T6237]  __xdp_return+0x359/0xa40
[   88.951543][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   88.951552][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   88.951571][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   88.951580][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   88.951595][ T6237]  do_xdp_generic+0x719/0xe80
[   88.951606][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   88.951616][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   88.951630][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   88.951647][ T6237]  tun_get_user+0x1bc6/0x3b10
[   88.951662][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   88.951675][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   88.951688][ T6237]  ? tun_get+0x191/0x370
[   88.951699][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.951712][ T6237]  ? lock_release+0x201/0x2f0
[   88.951723][ T6237]  tun_chr_write_iter+0xdc/0x210
[   88.951736][ T6237]  vfs_write+0x5ba/0x1180
[   88.951745][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   88.951759][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   88.951768][ T6237]  ? lock_release+0x201/0x2f0
[   88.951780][ T6237]  ksys_write+0x12a/0x240
[   88.951788][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   88.951802][ T6237]  ? rcu_is_watching+0x12/0xc0
[   88.951816][ T6237]  do_syscall_64+0xcd/0x260
[   88.951830][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.951840][ T6237] RIP: 0033:0x7f038f38bc1f
[   88.951847][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.951858][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.951867][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   88.951873][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   88.951879][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   88.951885][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   88.951891][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   88.951900][ T6237]  </TASK>
[   88.951906][ T6237] BUG: Bad page state in process syz.0.18  pfn:3610b
[   89.021806][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3610b
[   89.024000][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.025761][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.028009][ T6237] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   89.030254][ T6237] page dumped because: page_pool leak
[   89.031716][ T6237] page_owner tracks the page as allocated
[   89.033299][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363826466, free_ts 88107102190
[   89.037657][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.039015][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.040507][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.042085][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.043606][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.045176][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.046637][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.047954][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.049298][ T6237]  do_xdp_generic+0x404/0xe80
[   89.050552][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.051799][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.053169][ T6237]  vfs_write+0x5ba/0x1180
[   89.054372][ T6237]  ksys_write+0x12a/0x240
[   89.055556][ T6237]  do_syscall_64+0xcd/0x260
[   89.056864][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.058486][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.060169][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.061537][ T6237]  qlist_free_all+0x4e/0x120
[   89.062807][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.064265][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.065556][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.067257][ T6237]  __alloc_skb+0x2b2/0x380
[   89.068520][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.069899][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.071310][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.072716][ T6237]  __sys_sendto+0x495/0x510
[   89.074011][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.075315][ T6237]  do_syscall_64+0xcd/0x260
[   89.076617][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.078217][ T6237] Modules linked in:
[   89.079270][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.079286][ T6237] Tainted: [B]=BAD_PAGE
[   89.079290][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.079296][ T6237] Call Trace:
[   89.079300][ T6237]  <TASK>
[   89.079304][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.079319][ T6237]  bad_page+0xb3/0x1f0
[   89.079331][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.079343][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.079355][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.079372][ T6237]  page_frag_free+0x255/0x2a0
[   89.079383][ T6237]  __xdp_return+0x359/0xa40
[   89.079398][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.079408][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.079427][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.079435][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.079450][ T6237]  do_xdp_generic+0x719/0xe80
[   89.079461][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.079471][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.079484][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.079502][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.079517][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.079530][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.079543][ T6237]  ? tun_get+0x191/0x370
[   89.079554][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.079567][ T6237]  ? lock_release+0x201/0x2f0
[   89.079578][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.079592][ T6237]  vfs_write+0x5ba/0x1180
[   89.079601][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.079615][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.079623][ T6237]  ? lock_release+0x201/0x2f0
[   89.079635][ T6237]  ksys_write+0x12a/0x240
[   89.079644][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.079653][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.079666][ T6237]  do_syscall_64+0xcd/0x260
[   89.079680][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.079690][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.079698][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.079708][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.079717][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.079724][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.079730][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.079736][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.079742][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.079751][ T6237]  </TASK>
[   89.079757][ T6237] BUG: Bad page state in process syz.0.18  pfn:3610a
[   89.151227][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3610a
[   89.153554][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.155410][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.157703][ T6237] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[   89.159982][ T6237] page dumped because: page_pool leak
[   89.161416][ T6237] page_owner tracks the page as allocated
[   89.162933][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363819567, free_ts 88107102190
[   89.167274][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.168562][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.170009][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.171588][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.173063][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.174633][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.176076][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.177404][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.178755][ T6237]  do_xdp_generic+0x404/0xe80
[   89.180058][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.181336][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.182671][ T6237]  vfs_write+0x5ba/0x1180
[   89.183890][ T6237]  ksys_write+0x12a/0x240
[   89.185056][ T6237]  do_syscall_64+0xcd/0x260
[   89.186283][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.187936][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.189610][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.190996][ T6237]  qlist_free_all+0x4e/0x120
[   89.192262][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.193739][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.195056][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.196682][ T6237]  __alloc_skb+0x2b2/0x380
[   89.197914][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.199349][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.200748][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.202125][ T6237]  __sys_sendto+0x495/0x510
[   89.203373][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.204662][ T6237]  do_syscall_64+0xcd/0x260
[   89.205867][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.207503][ T6237] Modules linked in:
[   89.208565][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.208581][ T6237] Tainted: [B]=BAD_PAGE
[   89.208584][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.208591][ T6237] Call Trace:
[   89.208595][ T6237]  <TASK>
[   89.208599][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.208614][ T6237]  bad_page+0xb3/0x1f0
[   89.208626][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.208638][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.208650][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.208666][ T6237]  page_frag_free+0x255/0x2a0
[   89.208678][ T6237]  __xdp_return+0x359/0xa40
[   89.208692][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.208702][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.208721][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.208729][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.208743][ T6237]  do_xdp_generic+0x719/0xe80
[   89.208754][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.208764][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.208778][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.208800][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.208815][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.208828][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.208841][ T6237]  ? tun_get+0x191/0x370
[   89.208852][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.208865][ T6237]  ? lock_release+0x201/0x2f0
[   89.208876][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.208890][ T6237]  vfs_write+0x5ba/0x1180
[   89.208899][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.208912][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.208921][ T6237]  ? lock_release+0x201/0x2f0
[   89.208933][ T6237]  ksys_write+0x12a/0x240
[   89.208941][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.208950][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.208964][ T6237]  do_syscall_64+0xcd/0x260
[   89.208978][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.208988][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.208996][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.209006][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.209016][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.209022][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.209028][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.209034][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.209040][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.209049][ T6237]  </TASK>
[   89.209055][ T6237] BUG: Bad page state in process syz.0.18  pfn:36109
[   89.280351][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x36109
[   89.283088][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.284994][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.287324][ T6237] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   89.289616][ T6237] page dumped because: page_pool leak
[   89.291069][ T6237] page_owner tracks the page as allocated
[   89.292574][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363812463, free_ts 88107102190
[   89.296972][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.298259][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.299760][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.301349][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.302842][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.304450][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.305874][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.307243][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.308597][ T6237]  do_xdp_generic+0x404/0xe80
[   89.309857][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.311141][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.312482][ T6237]  vfs_write+0x5ba/0x1180
[   89.313702][ T6237]  ksys_write+0x12a/0x240
[   89.314886][ T6237]  do_syscall_64+0xcd/0x260
[   89.316109][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.317720][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.319417][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.320798][ T6237]  qlist_free_all+0x4e/0x120
[   89.322084][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.323564][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.324877][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.326504][ T6237]  __alloc_skb+0x2b2/0x380
[   89.327744][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.329122][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.330502][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.331875][ T6237]  __sys_sendto+0x495/0x510
[   89.333171][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.334450][ T6237]  do_syscall_64+0xcd/0x260
[   89.335719][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.337382][ T6237] Modules linked in:
[   89.338444][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.338460][ T6237] Tainted: [B]=BAD_PAGE
[   89.338464][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.338470][ T6237] Call Trace:
[   89.338474][ T6237]  <TASK>
[   89.338478][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.338493][ T6237]  bad_page+0xb3/0x1f0
[   89.338506][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.338521][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.338533][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.338550][ T6237]  page_frag_free+0x255/0x2a0
[   89.338561][ T6237]  __xdp_return+0x359/0xa40
[   89.338576][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.338586][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.338605][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.338613][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.338628][ T6237]  do_xdp_generic+0x719/0xe80
[   89.338639][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.338649][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.338663][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.338681][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.338696][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.338709][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.338738][ T6237]  ? tun_get+0x191/0x370
[   89.338752][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.338765][ T6237]  ? lock_release+0x201/0x2f0
[   89.338776][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.338790][ T6237]  vfs_write+0x5ba/0x1180
[   89.338799][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.338813][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.338822][ T6237]  ? lock_release+0x201/0x2f0
[   89.338833][ T6237]  ksys_write+0x12a/0x240
[   89.338842][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.338851][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.338864][ T6237]  do_syscall_64+0xcd/0x260
[   89.338885][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.338896][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.338905][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.338916][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.338927][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.338933][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.338939][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.338945][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.338951][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.338960][ T6237]  </TASK>
[   89.338967][ T6237] BUG: Bad page state in process syz.0.18  pfn:36108
[   89.410412][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888036109100 pfn:0x36108
[   89.412998][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.414932][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.417228][ T6237] raw: ffff888036109100 0000000000000001 00000000ffffffff 0000000000000000
[   89.419463][ T6237] page dumped because: page_pool leak
[   89.420903][ T6237] page_owner tracks the page as allocated
[   89.422416][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363805226, free_ts 88107102190
[   89.426808][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.428133][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.429591][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.431205][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.432682][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.434282][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.435716][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.437039][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.438389][ T6237]  do_xdp_generic+0x404/0xe80
[   89.439662][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.440915][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.442225][ T6237]  vfs_write+0x5ba/0x1180
[   89.443416][ T6237]  ksys_write+0x12a/0x240
[   89.444568][ T6237]  do_syscall_64+0xcd/0x260
[   89.445800][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.447439][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.449114][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.450494][ T6237]  qlist_free_all+0x4e/0x120
[   89.451776][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.453266][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.454581][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.456173][ T6237]  __alloc_skb+0x2b2/0x380
[   89.457413][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.458774][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.460173][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.461546][ T6237]  __sys_sendto+0x495/0x510
[   89.462796][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.464202][ T6237]  do_syscall_64+0xcd/0x260
[   89.465491][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.467134][ T6237] Modules linked in:
[   89.468210][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.468225][ T6237] Tainted: [B]=BAD_PAGE
[   89.468229][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.468236][ T6237] Call Trace:
[   89.468239][ T6237]  <TASK>
[   89.468243][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.468257][ T6237]  bad_page+0xb3/0x1f0
[   89.468269][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.468281][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.468293][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.468309][ T6237]  page_frag_free+0x255/0x2a0
[   89.468321][ T6237]  __xdp_return+0x359/0xa40
[   89.468336][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.468346][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.468364][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.468373][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.468387][ T6237]  do_xdp_generic+0x719/0xe80
[   89.468398][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.468407][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.468421][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.468438][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.468454][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.468466][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.468480][ T6237]  ? tun_get+0x191/0x370
[   89.468491][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.468504][ T6237]  ? lock_release+0x201/0x2f0
[   89.468518][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.468532][ T6237]  vfs_write+0x5ba/0x1180
[   89.468541][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.468555][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.468564][ T6237]  ? lock_release+0x201/0x2f0
[   89.468575][ T6237]  ksys_write+0x12a/0x240
[   89.468583][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.468592][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.468606][ T6237]  do_syscall_64+0xcd/0x260
[   89.468620][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.468630][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.468638][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.468649][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.468659][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.468665][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.468671][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.468677][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.468683][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.468692][ T6237]  </TASK>
[   89.468699][ T6237] BUG: Bad page state in process syz.0.18  pfn:35267
[   89.539252][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffff00000000 pfn:0x35267
[   89.541896][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.543779][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.546011][ T6237] raw: ffffffff00000000 0000000000000001 00000000ffffffff 0000000000000000
[   89.548303][ T6237] page dumped because: page_pool leak
[   89.549748][ T6237] page_owner tracks the page as allocated
[   89.551336][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363793423, free_ts 88107122627
[   89.555865][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.557259][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.558800][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.560436][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.561995][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.563619][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.565081][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.566442][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.567811][ T6237]  do_xdp_generic+0x404/0xe80
[   89.569123][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.570412][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.571779][ T6237]  vfs_write+0x5ba/0x1180
[   89.572970][ T6237]  ksys_write+0x12a/0x240
[   89.574179][ T6237]  do_syscall_64+0xcd/0x260
[   89.575425][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.577087][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.578803][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.580196][ T6237]  qlist_free_all+0x4e/0x120
[   89.581453][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.583036][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.584419][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.586055][ T6237]  __alloc_skb+0x2b2/0x380
[   89.587391][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.588814][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.590230][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.591620][ T6237]  __sys_sendto+0x495/0x510
[   89.592865][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.594201][ T6237]  do_syscall_64+0xcd/0x260
[   89.595435][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.597081][ T6237] Modules linked in:
[   89.598165][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.598181][ T6237] Tainted: [B]=BAD_PAGE
[   89.598185][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.598192][ T6237] Call Trace:
[   89.598196][ T6237]  <TASK>
[   89.598200][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.598215][ T6237]  bad_page+0xb3/0x1f0
[   89.598227][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.598239][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.598251][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.598268][ T6237]  page_frag_free+0x255/0x2a0
[   89.598279][ T6237]  __xdp_return+0x359/0xa40
[   89.598294][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.598304][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.598322][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.598331][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.598345][ T6237]  do_xdp_generic+0x719/0xe80
[   89.598356][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.598366][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.598380][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.598397][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.598413][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.598425][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.598439][ T6237]  ? tun_get+0x191/0x370
[   89.598450][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.598463][ T6237]  ? lock_release+0x201/0x2f0
[   89.598473][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.598487][ T6237]  vfs_write+0x5ba/0x1180
[   89.598496][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.598514][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.598523][ T6237]  ? lock_release+0x201/0x2f0
[   89.598535][ T6237]  ksys_write+0x12a/0x240
[   89.598544][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.598552][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.598566][ T6237]  do_syscall_64+0xcd/0x260
[   89.598580][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.598590][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.598598][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.598609][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.598619][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.598625][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.598631][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.598637][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.598643][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.598652][ T6237]  </TASK>
[   89.598658][ T6237] BUG: Bad page state in process syz.0.18  pfn:35266
[   89.669884][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x35266
[   89.672542][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.674412][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.676724][ T6237] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[   89.678992][ T6237] page dumped because: page_pool leak
[   89.680433][ T6237] page_owner tracks the page as allocated
[   89.681940][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363786196, free_ts 88107122627
[   89.686301][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.687648][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.689094][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.690659][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.692145][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.693748][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.695181][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.696513][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.697865][ T6237]  do_xdp_generic+0x404/0xe80
[   89.699124][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.700385][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.701717][ T6237]  vfs_write+0x5ba/0x1180
[   89.702883][ T6237]  ksys_write+0x12a/0x240
[   89.704067][ T6237]  do_syscall_64+0xcd/0x260
[   89.705279][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.706885][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.708553][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.709928][ T6237]  qlist_free_all+0x4e/0x120
[   89.711164][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.712621][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.713918][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.715491][ T6237]  __alloc_skb+0x2b2/0x380
[   89.716725][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.718102][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.719486][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.720840][ T6237]  __sys_sendto+0x495/0x510
[   89.722057][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.723348][ T6237]  do_syscall_64+0xcd/0x260
[   89.724567][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.726141][ T6237] Modules linked in:
[   89.727249][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.727266][ T6237] Tainted: [B]=BAD_PAGE
[   89.727269][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.727276][ T6237] Call Trace:
[   89.727280][ T6237]  <TASK>
[   89.727285][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.727299][ T6237]  bad_page+0xb3/0x1f0
[   89.727312][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.727324][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.727336][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.727363][ T6237]  page_frag_free+0x255/0x2a0
[   89.727375][ T6237]  __xdp_return+0x359/0xa40
[   89.727389][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.727400][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.727419][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.727427][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.727442][ T6237]  do_xdp_generic+0x719/0xe80
[   89.727453][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.727463][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.727476][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.727497][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.727513][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.727525][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.727539][ T6237]  ? tun_get+0x191/0x370
[   89.727550][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.727563][ T6237]  ? lock_release+0x201/0x2f0
[   89.727574][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.727587][ T6237]  vfs_write+0x5ba/0x1180
[   89.727596][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.727610][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.727619][ T6237]  ? lock_release+0x201/0x2f0
[   89.727630][ T6237]  ksys_write+0x12a/0x240
[   89.727639][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.727648][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.727663][ T6237]  do_syscall_64+0xcd/0x260
[   89.727679][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.727689][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.727698][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.727708][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.727718][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.727724][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.727731][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.727736][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.727743][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.727752][ T6237]  </TASK>
[   89.727758][ T6237] BUG: Bad page state in process syz.0.18  pfn:35265
[   89.800177][ T6237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x35265
[   89.802909][ T6237] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.804878][ T6237] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.807285][ T6237] raw: ffffffffffffffff 0000000000000001 00000000ffffffff 0000000000000000
[   89.809648][ T6237] page dumped because: page_pool leak
[   89.811140][ T6237] page_owner tracks the page as allocated
[   89.812715][ T6237] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363779191, free_ts 88107122627
[   89.817273][ T6237]  post_alloc_hook+0x181/0x1b0
[   89.818627][ T6237]  get_page_from_freelist+0x1193/0x39b0
[   89.820183][ T6237]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.821833][ T6237]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.823389][ T6237]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.825023][ T6237]  page_pool_alloc_netmems+0xc4/0x190
[   89.826568][ T6237]  skb_pp_cow_data+0x775/0xf00
[   89.827920][ T6237]  skb_cow_data_for_xdp+0x88/0xb0
[   89.829332][ T6237]  do_xdp_generic+0x404/0xe80
[   89.830654][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.831985][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.833401][ T6237]  vfs_write+0x5ba/0x1180
[   89.834610][ T6237]  ksys_write+0x12a/0x240
[   89.835836][ T6237]  do_syscall_64+0xcd/0x260
[   89.837162][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.838816][ T6237] page last free pid 5344 tgid 5344 stack trace:
[   89.840563][ T6237]  __free_frozen_pages+0x69d/0xff0
[   89.841990][ T6237]  qlist_free_all+0x4e/0x120
[   89.843324][ T6237]  kasan_quarantine_reduce+0x195/0x1e0
[   89.844832][ T6237]  __kasan_slab_alloc+0x69/0x90
[   89.846191][ T6237]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.847887][ T6237]  __alloc_skb+0x2b2/0x380
[   89.849140][ T6237]  alloc_skb_with_frags+0xe0/0x860
[   89.850568][ T6237]  sock_alloc_send_pskb+0x7fb/0x990
[   89.852026][ T6237]  unix_dgram_sendmsg+0x463/0x1910
[   89.853484][ T6237]  __sys_sendto+0x495/0x510
[   89.854761][ T6237]  __x64_sys_sendto+0xe0/0x1c0
[   89.856098][ T6237]  do_syscall_64+0xcd/0x260
[   89.857486][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.859128][ T6237] Modules linked in:
[   89.860225][ T6237] CPU: 1 UID: 0 PID: 6237 Comm: syz.0.18 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.860241][ T6237] Tainted: [B]=BAD_PAGE
[   89.860245][ T6237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.860251][ T6237] Call Trace:
[   89.860255][ T6237]  <TASK>
[   89.860259][ T6237]  dump_stack_lvl+0x16c/0x1f0
[   89.860274][ T6237]  bad_page+0xb3/0x1f0
[   89.860286][ T6237]  ? __pfx_bad_page+0x10/0x10
[   89.860298][ T6237]  ? page_bad_reason+0x9d/0x1e0
[   89.860310][ T6237]  __free_frozen_pages+0x76e/0xff0
[   89.860327][ T6237]  page_frag_free+0x255/0x2a0
[   89.860338][ T6237]  __xdp_return+0x359/0xa40
[   89.860352][ T6237]  ? kmem_cache_free+0x2d4/0x4d0
[   89.860362][ T6237]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   89.860381][ T6237]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   89.860389][ T6237]  bpf_prog_run_generic_xdp+0x626/0x1530
[   89.860403][ T6237]  do_xdp_generic+0x719/0xe80
[   89.860414][ T6237]  ? __pfx_do_xdp_generic+0x10/0x10
[   89.860424][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[   89.860437][ T6237]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   89.860458][ T6237]  tun_get_user+0x1bc6/0x3b10
[   89.860474][ T6237]  ? __pfx_tun_get_user+0x10/0x10
[   89.860490][ T6237]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   89.860507][ T6237]  ? tun_get+0x191/0x370
[   89.860518][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.860531][ T6237]  ? lock_release+0x201/0x2f0
[   89.860542][ T6237]  tun_chr_write_iter+0xdc/0x210
[   89.860556][ T6237]  vfs_write+0x5ba/0x1180
[   89.860565][ T6237]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   89.860579][ T6237]  ? __pfx_vfs_write+0x10/0x10
[   89.860587][ T6237]  ? lock_release+0x201/0x2f0
[   89.860599][ T6237]  ksys_write+0x12a/0x240
[   89.860607][ T6237]  ? __pfx_ksys_write+0x10/0x10
[   89.860616][ T6237]  ? rcu_is_watching+0x12/0xc0
[   89.860630][ T6237]  do_syscall_64+0xcd/0x260
[   89.860644][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.860654][ T6237] RIP: 0033:0x7f038f38bc1f
[   89.860663][ T6237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.860673][ T6237] RSP: 002b:00007f0390156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.860683][ T6237] RAX: ffffffffffffffda RBX: 00007f038f5a5fa0 RCX: 00007f038f38bc1f
[   89.860689][ T6237] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   89.860696][ T6237] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.860701][ T6237] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   89.860707][ T6237] R13: 0000000000000000 R14: 00007f038f5a5fa0 R15: 00007ffdf6214488
[   89.860717][ T6237]  </TASK>
[   89.861150][ T5306] Bluetooth: hci0: command tx timeout
[   89.923950][ T6240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880268a1100 pfn:0x268a0
[   89.938588][ T6240] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   89.940378][ T6240] raw: 00fff00000000000 dead000000000040 ffff888020e93000 0000000000000000
[   89.942503][ T6240] raw: ffff8880268a1100 3fffffffffffffff 00000000ffffffff 0000000000000000
[   89.944617][ T6240] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[   89.946559][ T6240] page_owner tracks the page as allocated
[   89.947994][ T6240] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6237, tgid 6236 (syz.0.18), ts 88363861637, free_ts 88107084142
[   89.952090][ T6240]  post_alloc_hook+0x181/0x1b0
[   89.953324][ T6240]  get_page_from_freelist+0x1193/0x39b0
[   89.954690][ T6240]  __alloc_frozen_pages_noprof+0x263/0x23a0
[   89.956160][ T6240]  alloc_pages_bulk_noprof+0x703/0x13b0
[   89.957599][ T6240]  __page_pool_alloc_pages_slow+0x190/0xc20
[   89.959067][ T6240]  page_pool_alloc_netmems+0xc4/0x190
[   89.960397][ T6240]  page_pool_alloc_frag_netmem+0x21b/0x760
[   89.961861][ T6240]  skb_pp_cow_data+0x570/0xf00
[   89.963078][ T6240]  skb_cow_data_for_xdp+0x88/0xb0
[   89.964325][ T6240]  do_xdp_generic+0x404/0xe80
[   89.965487][ T6240]  tun_get_user+0x1bc6/0x3b10
[   89.966780][ T6240]  tun_chr_write_iter+0xdc/0x210
[   89.968026][ T6240]  vfs_write+0x5ba/0x1180
[   89.969097][ T6240]  ksys_write+0x12a/0x240
[   89.970166][ T6240]  do_syscall_64+0xcd/0x260
[   89.971304][ T6240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.972786][ T6240] page last free pid 5344 tgid 5344 stack trace:
[   89.974523][ T6240]  __free_frozen_pages+0x69d/0xff0
[   89.975838][ T6240]  qlist_free_all+0x4e/0x120
[   89.977090][ T6240]  kasan_quarantine_reduce+0x195/0x1e0
[   89.978456][ T6240]  __kasan_slab_alloc+0x69/0x90
[   89.979698][ T6240]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[   89.981197][ T6240]  __alloc_skb+0x2b2/0x380
[   89.982356][ T6240]  alloc_skb_with_frags+0xe0/0x860
[   89.983684][ T6240]  sock_alloc_send_pskb+0x7fb/0x990
[   89.985016][ T6240]  unix_dgram_sendmsg+0x463/0x1910
[   89.986374][ T6240]  __sys_sendto+0x495/0x510
[   89.987771][ T6240]  __x64_sys_sendto+0xe0/0x1c0
[   89.989056][ T6240]  do_syscall_64+0xcd/0x260
[   89.990287][ T6240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.991990][ T6240] ------------[ cut here ]------------
[   89.993425][ T6240] kernel BUG at ./include/linux/mm.h:1241!
[   89.994898][ T6240] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[   89.996535][ T6240] CPU: 1 UID: 0 PID: 6240 Comm: syz.0.19 Tainted: G    B               6.15.0-rc1-syzkaller-g0af2f6be1b42 #0 PREEMPT(full) 
[   89.999709][ T6240] Tainted: [B]=BAD_PAGE
[   90.000744][ T6240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.003467][ T6240] RIP: 0010:page_frag_free+0x1d6/0x2a0
[   90.004840][ T6240] Code: 0f 84 c9 fe ff ff e8 69 d2 a6 ff 49 8d 5c 24 ff e9 ba fe ff ff e8 5a d2 a6 ff 48 c7 c6 00 0c 9c 8b 48 89 df e8 2b 88 ef ff 90 <0f> 0b e8 43 d2 a6 ff be 08 00 00 00 48 89 df e8 26 40 0c 00 48 89
[   90.009689][ T6240] RSP: 0018:ffffc900040af760 EFLAGS: 00010293
[   90.011215][ T6240] RAX: 0000000000000000 RBX: ffffea00009a2800 RCX: ffffffff822c0977
[   90.013246][ T6240] RDX: ffff888028494880 RSI: ffffffff82146b75 RDI: ffff888028494cc4
[   90.015247][ T6240] RBP: ffffea00009a2834 R08: 0000000000000005 R09: 0000000000000000
[   90.017225][ T6240] R10: 0000000000000000 R11: 535f7972746e6520 R12: 0000000000000000
[   90.019220][ T6240] R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000f
[   90.021209][ T6240] FS:  00007f03901356c0(0000) GS:ffff8880d6ab3000(0000) knlGS:0000000000000000
[   90.023681][ T6240] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   90.025556][ T6240] CR2: 0000200000010000 CR3: 000000004a942000 CR4: 0000000000352ef0
[   90.027866][ T6240] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   90.030064][ T6240] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   90.032389][ T6240] Call Trace:
[   90.033364][ T6240]  <TASK>
[   90.034214][ T6240]  __xdp_return+0x359/0xa40
[   90.035527][ T6240]  ? kmem_cache_free+0x2d4/0x4d0
[   90.037061][ T6240]  bpf_xdp_adjust_tail+0x9e0/0xf80
[   90.038794][ T6240]  bpf_prog_f476d5219b92964a+0x1e/0x20
[   90.040598][ T6240]  bpf_prog_run_generic_xdp+0x626/0x1530
[   90.042456][ T6240]  do_xdp_generic+0x719/0xe80
[   90.044118][ T6240]  ? __pfx_do_xdp_generic+0x10/0x10
[   90.045867][ T6240]  ? __pfx__copy_from_iter+0x10/0x10
[   90.047650][ T6240]  ? virtio_net_hdr_to_skb+0x57c/0x1410
[   90.049504][ T6240]  tun_get_user+0x1bc6/0x3b10
[   90.051102][ T6240]  ? __pfx_tun_get_user+0x10/0x10
[   90.052848][ T6240]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   90.054694][ T6240]  ? tun_get+0x191/0x370
[   90.056123][ T6240]  ? rcu_is_watching+0x12/0xc0
[   90.057752][ T6240]  ? lock_release+0x201/0x2f0
[   90.059339][ T6240]  tun_chr_write_iter+0xdc/0x210
[   90.060980][ T6240]  vfs_write+0x5ba/0x1180
[   90.062420][ T6240]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   90.064339][ T6240]  ? __pfx_vfs_write+0x10/0x10
[   90.065948][ T6240]  ? lock_release+0x201/0x2f0
[   90.067542][ T6240]  ksys_write+0x12a/0x240
[   90.068985][ T6240]  ? __pfx_ksys_write+0x10/0x10
[   90.070610][ T6240]  do_syscall_64+0xcd/0x260
[   90.072137][ T6240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.074147][ T6240] RIP: 0033:0x7f038f38bc1f
[   90.075644][ T6240] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   90.081872][ T6240] RSP: 002b:00007f0390135000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   90.084669][ T6240] RAX: ffffffffffffffda RBX: 00007f038f5a6080 RCX: 00007f038f38bc1f
[   90.087266][ T6240] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[   90.089849][ T6240] RBP: 00007f038f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   90.092443][ T6240] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   90.095048][ T6240] R13: 0000000000000001 R14: 00007f038f5a6080 R15: 00007ffdf6214488
[   90.097660][ T6240]  </TASK>
[   90.098692][ T6240] Modules linked in:
[   90.100080][ T6240] ---[ end trace 0000000000000000 ]---
[   90.102201][ T6240] RIP: 0010:page_frag_free+0x1d6/0x2a0
[   90.104147][ T6240] Code: 0f 84 c9 fe ff ff e8 69 d2 a6 ff 49 8d 5c 24 ff e9 ba fe ff ff e8 5a d2 a6 ff 48 c7 c6 00 0c 9c 8b 48 89 df e8 2b 88 ef ff 90 <0f> 0b e8 43 d2 a6 ff be 08 00 00 00 48 89 df e8 26 40 0c 00 48 89
[   90.109525][ T6240] RSP: 0018:ffffc900040af760 EFLAGS: 00010293
[   90.111296][ T6240] RAX: 0000000000000000 RBX: ffffea00009a2800 RCX: ffffffff822c0977
[   90.113499][ T6240] RDX: ffff888028494880 RSI: ffffffff82146b75 RDI: ffff888028494cc4
[   90.115740][ T6240] RBP: ffffea00009a2834 R08: 0000000000000005 R09: 0000000000000000
[   90.118012][ T6240] R10: 0000000000000000 R11: 535f7972746e6520 R12: 0000000000000000
[   90.120285][ T6240] R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000f
[   90.122469][ T6240] FS:  00007f03901356c0(0000) GS:ffff8880d6ab3000(0000) knlGS:0000000000000000
[   90.124962][ T6240] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   90.126899][ T6240] CR2: 0000200000010000 CR3: 000000004a942000 CR4: 0000000000352ef0
[   90.129196][ T6240] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   90.131408][ T6240] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   90.133636][ T6240] Kernel panic - not syncing: Fatal exception in interrupt
[   90.136165][ T6240] Kernel Offset: disabled
[   90.137396][ T6240] Rebooting in 86400 seconds..