Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts.
2025/11/28 08:26:51 parsed 1 programs
[   92.023716][   T24] cfg80211: failed to load regulatory.db
[   92.773676][ T5830] cgroup: Unknown subsys name 'net'
[   92.885611][ T5830] cgroup: Unknown subsys name 'cpuset'
[   92.894724][ T5830] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   94.625811][ T5830] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   97.473853][ T5842] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.777636][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   97.866660][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.873982][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.881196][ T5847] bridge_slave_0: entered allmulticast mode
[   97.889314][ T5847] bridge_slave_0: entered promiscuous mode
[   97.898282][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.906120][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.913667][ T5847] bridge_slave_1: entered allmulticast mode
[   97.920901][ T5847] bridge_slave_1: entered promiscuous mode
[   97.953377][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.965132][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.000474][ T5847] team0: Port device team_slave_0 added
[   98.008723][ T5847] team0: Port device team_slave_1 added
[   98.040618][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.047711][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.073655][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.086314][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.093338][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.119343][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.168751][ T5847] hsr_slave_0: entered promiscuous mode
[   98.175294][ T5847] hsr_slave_1: entered promiscuous mode
[   98.332575][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.345257][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.355491][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.365616][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.397979][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.405211][ T5847] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.413193][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.420313][ T5847] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.479588][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.497786][ T1153] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.506715][ T1153] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.523340][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   98.537203][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.544536][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.558393][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.565552][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.749915][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.790988][ T5847] veth0_vlan: entered promiscuous mode
[   98.804489][ T5847] veth1_vlan: entered promiscuous mode
[   98.837726][ T5847] veth0_macvtap: entered promiscuous mode
[   98.849033][ T5847] veth1_macvtap: entered promiscuous mode
[   98.868190][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.882313][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.897468][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.907544][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.917909][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.926932][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.084907][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.187839][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.264070][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.342831][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.566603][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.575293][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.605801][   T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.614812][   T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.131038][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.142543][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.150724][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.159149][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.166999][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  101.545251][   T36] bridge_slave_1: left allmulticast mode
[  101.551096][   T36] bridge_slave_1: left promiscuous mode
[  101.572738][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.611150][   T36] bridge_slave_0: left allmulticast mode
[  101.617020][   T36] bridge_slave_0: left promiscuous mode
[  101.625189][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.995209][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.007544][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.019923][   T36] bond0 (unregistering): Released all slaves
[  102.160998][   T36] hsr_slave_0: left promiscuous mode
[  102.167542][   T36] hsr_slave_1: left promiscuous mode
[  102.174497][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.182272][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.191085][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.199541][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.216221][   T36] veth1_macvtap: left promiscuous mode
[  102.222851][   T36] veth0_macvtap: left promiscuous mode
[  102.228447][   T36] veth1_vlan: left promiscuous mode
[  102.234372][   T36] veth0_vlan: left promiscuous mode
[  102.521226][   T36] team0 (unregistering): Port device team_slave_1 removed
[  102.547498][   T36] team0 (unregistering): Port device team_slave_0 removed
2025/11/28 08:27:08 executed programs: 0
[  106.060579][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  106.070578][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  106.078244][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  106.086857][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  106.096017][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  106.291898][ T5998] chnl_net:caif_netlink_parms(): no params data found
[  106.367795][ T5998] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.375404][ T5998] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.383199][ T5998] bridge_slave_0: entered allmulticast mode
[  106.391935][ T5998] bridge_slave_0: entered promiscuous mode
[  106.400218][ T5998] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.407488][ T5998] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.414661][ T5998] bridge_slave_1: entered allmulticast mode
[  106.422337][ T5998] bridge_slave_1: entered promiscuous mode
[  106.454300][ T5998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.466072][ T5998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.500377][ T5998] team0: Port device team_slave_0 added
[  106.508777][ T5998] team0: Port device team_slave_1 added
[  106.540021][ T5998] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.547029][ T5998] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.572952][ T5998] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.585965][ T5998] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.593033][ T5998] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.619002][ T5998] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.665173][ T5998] hsr_slave_0: entered promiscuous mode
[  106.671907][ T5998] hsr_slave_1: entered promiscuous mode
[  107.186459][ T5998] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.200886][ T5998] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.212929][ T5998] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.224983][ T5998] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  107.338997][ T5998] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.365138][ T5998] 8021q: adding VLAN 0 to HW filter on device team0
[  107.379508][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.386743][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.417124][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.424319][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.718122][ T5998] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.777589][ T5998] veth0_vlan: entered promiscuous mode
[  107.793824][ T5998] veth1_vlan: entered promiscuous mode
[  107.845345][ T5998] veth0_macvtap: entered promiscuous mode
[  107.859033][ T5998] veth1_macvtap: entered promiscuous mode
[  107.884280][ T5998] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.899025][ T5998] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.918977][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.928378][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.951871][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.961052][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.037718][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.052449][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.090150][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.099526][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.179078][ T6054] BUG: Bad page state in process syz.0.17  pfn:7723a
[  108.185866][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723af50 pfn:0x7723a
[  108.192330][ T5147] Bluetooth: hci0: command tx timeout
[  108.196011][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  108.208543][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  108.217199][ T6054] raw: ffff88807723af50 3fffffffffffffff 00000000ffffffff 0000000000000000
[  108.225845][ T6054] page dumped because: page_pool leak
[  108.231277][ T6054] page_owner tracks the page as allocated
[  108.237072][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178898662, free_ts 108126402605
[  108.253994][ T6054]  post_alloc_hook+0x234/0x290
[  108.258818][ T6054]  get_page_from_freelist+0x2365/0x2440
[  108.264473][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  108.270308][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  108.275841][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  108.281984][ T6054]  page_pool_alloc_frag_netmem+0x421/0x9b0
[  108.287826][ T6054]  skb_pp_cow_data+0xb69/0x13e0
[  108.292772][ T6054]  do_xdp_generic+0x699/0x11a0
[  108.297568][ T6054]  tun_get_user+0x2527/0x3e90
[  108.302335][ T6054]  tun_chr_write_iter+0x113/0x200
[  108.307394][ T6054]  vfs_write+0x5c9/0xb30
[  108.311759][ T6054]  ksys_write+0x145/0x250
[  108.316137][ T6054]  do_syscall_64+0xfa/0xfa0
[  108.320683][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.326681][ T6054] page last free pid 36 tgid 36 stack trace:
[  108.332732][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  108.337888][ T6054]  __put_partials+0x146/0x170
[  108.342649][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  108.347454][ T6054]  __slab_free+0x2b9/0x390
[  108.351953][ T6054]  qlist_free_all+0x97/0x140
[  108.356584][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  108.362143][ T6054]  __kasan_slab_alloc+0x22/0x80
[  108.367038][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  108.372507][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  108.377746][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  108.383456][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  108.389645][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  108.395031][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  108.400185][ T6054]  process_scheduled_works+0xae1/0x17b0
[  108.405832][ T6054]  worker_thread+0x8a0/0xda0
[  108.410466][ T6054]  kthread+0x711/0x8a0
[  108.414654][ T6054] Modules linked in:
[  108.418600][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  108.418625][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.418646][ T6054] Call Trace:
[  108.418654][ T6054]  <TASK>
[  108.418663][ T6054]  dump_stack_lvl+0x189/0x250
[  108.418706][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.418736][ T6054]  ? __pfx_print_modules+0x10/0x10
[  108.418776][ T6054]  bad_page+0x180/0x1c0
[  108.418803][ T6054]  __free_frozen_pages+0xce2/0xd30
[  108.418846][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  108.418898][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  108.418927][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  108.418951][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  108.419012][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  108.419054][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  108.419095][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  108.419128][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  108.419161][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  108.419189][ T6054]  tun_get_user+0x2527/0x3e90
[  108.419238][ T6054]  ? aa_file_perm+0x44d/0x1550
[  108.419259][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  108.419291][ T6054]  ? __lock_acquire+0xab9/0xd20
[  108.419326][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  108.419346][ T6054]  ? __lock_acquire+0xab9/0xd20
[  108.419368][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  108.419396][ T6054]  ? tun_get+0x1c/0x2f0
[  108.419428][ T6054]  ? tun_get+0x1c/0x2f0
[  108.419453][ T6054]  ? tun_get+0x1c/0x2f0
[  108.419485][ T6054]  tun_chr_write_iter+0x113/0x200
[  108.419514][ T6054]  vfs_write+0x5c9/0xb30
[  108.419550][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  108.419577][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  108.419611][ T6054]  ? __pfx_do_futex+0x10/0x10
[  108.419661][ T6054]  ksys_write+0x145/0x250
[  108.419702][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  108.419737][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  108.419773][ T6054]  do_syscall_64+0xfa/0xfa0
[  108.419802][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  108.419834][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.419855][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  108.419881][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.419902][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  108.419920][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  108.419938][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  108.419960][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  108.419975][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  108.419989][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  108.420002][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  108.420014][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  108.420049][ T6054]  </TASK>
[  108.420057][ T6054] Disabling lock debugging due to kernel taint
[  108.710931][ T6054] BUG: Bad page state in process syz.0.17  pfn:7723b
[  108.717701][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723bf50 pfn:0x7723b
[  108.727826][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  108.735015][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  108.743662][ T6054] raw: ffff88807723bf50 0000000000000001 00000000ffffffff 0000000000000000
[  108.752309][ T6054] page dumped because: page_pool leak
[  108.757694][ T6054] page_owner tracks the page as allocated
[  108.763474][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178878973, free_ts 108126476282
[  108.780391][ T6054]  post_alloc_hook+0x234/0x290
[  108.785238][ T6054]  get_page_from_freelist+0x2365/0x2440
[  108.790898][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  108.796776][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  108.802286][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  108.808431][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  108.813353][ T6054]  do_xdp_generic+0x699/0x11a0
[  108.818147][ T6054]  tun_get_user+0x2527/0x3e90
[  108.822908][ T6054]  tun_chr_write_iter+0x113/0x200
[  108.827962][ T6054]  vfs_write+0x5c9/0xb30
[  108.832277][ T6054]  ksys_write+0x145/0x250
[  108.836645][ T6054]  do_syscall_64+0xfa/0xfa0
[  108.841187][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.847150][ T6054] page last free pid 36 tgid 36 stack trace:
[  108.853191][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  108.858348][ T6054]  __put_partials+0x146/0x170
[  108.863091][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  108.867882][ T6054]  __slab_free+0x2b9/0x390
[  108.872379][ T6054]  qlist_free_all+0x97/0x140
[  108.877010][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  108.882560][ T6054]  __kasan_slab_alloc+0x22/0x80
[  108.887449][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  108.892884][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  108.898113][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  108.903821][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  108.910010][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  108.915381][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  108.920517][ T6054]  process_scheduled_works+0xae1/0x17b0
[  108.926116][ T6054]  worker_thread+0x8a0/0xda0
[  108.930728][ T6054]  kthread+0x711/0x8a0
[  108.934883][ T6054] Modules linked in:
[  108.938804][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  108.938833][ T6054] Tainted: [B]=BAD_PAGE
[  108.938840][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.938852][ T6054] Call Trace:
[  108.938859][ T6054]  <TASK>
[  108.938867][ T6054]  dump_stack_lvl+0x189/0x250
[  108.938899][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.938926][ T6054]  ? __pfx_print_modules+0x10/0x10
[  108.938954][ T6054]  bad_page+0x180/0x1c0
[  108.938978][ T6054]  __free_frozen_pages+0xce2/0xd30
[  108.939013][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  108.939049][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  108.939073][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  108.939090][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  108.939130][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  108.939161][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  108.939193][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  108.939219][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  108.939247][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  108.939271][ T6054]  tun_get_user+0x2527/0x3e90
[  108.939305][ T6054]  ? aa_file_perm+0x44d/0x1550
[  108.939324][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  108.939350][ T6054]  ? __lock_acquire+0xab9/0xd20
[  108.939375][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  108.939394][ T6054]  ? __lock_acquire+0xab9/0xd20
[  108.939413][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  108.939435][ T6054]  ? tun_get+0x1c/0x2f0
[  108.939461][ T6054]  ? tun_get+0x1c/0x2f0
[  108.939484][ T6054]  ? tun_get+0x1c/0x2f0
[  108.939509][ T6054]  tun_chr_write_iter+0x113/0x200
[  108.939534][ T6054]  vfs_write+0x5c9/0xb30
[  108.939582][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  108.939607][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  108.939637][ T6054]  ? __pfx_do_futex+0x10/0x10
[  108.939683][ T6054]  ksys_write+0x145/0x250
[  108.939713][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  108.939745][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  108.939777][ T6054]  do_syscall_64+0xfa/0xfa0
[  108.939808][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  108.939839][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.939859][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  108.939882][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.939903][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  108.939919][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  108.939937][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  108.939958][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  108.939972][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  108.939986][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  108.939999][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  108.940012][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  108.940035][ T6054]  </TASK>
[  108.940047][ T6054] BUG: Bad page state in process syz.0.17  pfn:7723c
[  109.237959][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723cf50 pfn:0x7723c
[  109.248081][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  109.255251][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  109.263919][ T6054] raw: ffff88807723cf50 0000000000000001 00000000ffffffff 0000000000000000
[  109.272543][ T6054] page dumped because: page_pool leak
[  109.277939][ T6054] page_owner tracks the page as allocated
[  109.283712][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178860452, free_ts 108126511683
[  109.300616][ T6054]  post_alloc_hook+0x234/0x290
[  109.305464][ T6054]  get_page_from_freelist+0x2365/0x2440
[  109.311038][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  109.316929][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  109.322447][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  109.328558][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  109.333494][ T6054]  do_xdp_generic+0x699/0x11a0
[  109.338288][ T6054]  tun_get_user+0x2527/0x3e90
[  109.343039][ T6054]  tun_chr_write_iter+0x113/0x200
[  109.348094][ T6054]  vfs_write+0x5c9/0xb30
[  109.352424][ T6054]  ksys_write+0x145/0x250
[  109.356782][ T6054]  do_syscall_64+0xfa/0xfa0
[  109.361353][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.367268][ T6054] page last free pid 36 tgid 36 stack trace:
[  109.373312][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  109.378465][ T6054]  __put_partials+0x146/0x170
[  109.383210][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  109.388002][ T6054]  __slab_free+0x2b9/0x390
[  109.392498][ T6054]  qlist_free_all+0x97/0x140
[  109.397116][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  109.402670][ T6054]  __kasan_slab_alloc+0x22/0x80
[  109.407557][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  109.413020][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  109.418249][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  109.423963][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  109.430169][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  109.435522][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  109.440669][ T6054]  process_scheduled_works+0xae1/0x17b0
[  109.446285][ T6054]  worker_thread+0x8a0/0xda0
[  109.450901][ T6054]  kthread+0x711/0x8a0
[  109.455130][ T6054] Modules linked in:
[  109.459056][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  109.459087][ T6054] Tainted: [B]=BAD_PAGE
[  109.459095][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  109.459108][ T6054] Call Trace:
[  109.459116][ T6054]  <TASK>
[  109.459124][ T6054]  dump_stack_lvl+0x189/0x250
[  109.459156][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.459184][ T6054]  ? __pfx_print_modules+0x10/0x10
[  109.459214][ T6054]  bad_page+0x180/0x1c0
[  109.459239][ T6054]  __free_frozen_pages+0xce2/0xd30
[  109.459275][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  109.459313][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  109.459337][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  109.459355][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  109.459397][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  109.459429][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  109.459461][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  109.459489][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  109.459518][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  109.459543][ T6054]  tun_get_user+0x2527/0x3e90
[  109.459585][ T6054]  ? aa_file_perm+0x44d/0x1550
[  109.459606][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  109.459632][ T6054]  ? __lock_acquire+0xab9/0xd20
[  109.459657][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  109.459677][ T6054]  ? __lock_acquire+0xab9/0xd20
[  109.459697][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  109.459719][ T6054]  ? tun_get+0x1c/0x2f0
[  109.459745][ T6054]  ? tun_get+0x1c/0x2f0
[  109.459767][ T6054]  ? tun_get+0x1c/0x2f0
[  109.459792][ T6054]  tun_chr_write_iter+0x113/0x200
[  109.459829][ T6054]  vfs_write+0x5c9/0xb30
[  109.459858][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  109.459882][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  109.459910][ T6054]  ? __pfx_do_futex+0x10/0x10
[  109.459946][ T6054]  ksys_write+0x145/0x250
[  109.459974][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  109.460003][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  109.460035][ T6054]  do_syscall_64+0xfa/0xfa0
[  109.460064][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  109.460094][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.460114][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  109.460136][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.460155][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  109.460172][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  109.460190][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  109.460211][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  109.460226][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  109.460239][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  109.460252][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  109.460264][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  109.460286][ T6054]  </TASK>
[  109.460298][ T6054] BUG: Bad page state in process syz.0.17  pfn:7723d
[  109.757632][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723df50 pfn:0x7723d
[  109.767783][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  109.774968][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  109.783646][ T6054] raw: ffff88807723df50 0000000000000001 00000000ffffffff 0000000000000000
[  109.792266][ T6054] page dumped because: page_pool leak
[  109.797652][ T6054] page_owner tracks the page as allocated
[  109.803426][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178842082, free_ts 108126529607
[  109.820365][ T6054]  post_alloc_hook+0x234/0x290
[  109.825210][ T6054]  get_page_from_freelist+0x2365/0x2440
[  109.830778][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  109.836664][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  109.842187][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  109.848290][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  109.853355][ T6054]  do_xdp_generic+0x699/0x11a0
[  109.858151][ T6054]  tun_get_user+0x2527/0x3e90
[  109.862914][ T6054]  tun_chr_write_iter+0x113/0x200
[  109.867970][ T6054]  vfs_write+0x5c9/0xb30
[  109.872301][ T6054]  ksys_write+0x145/0x250
[  109.876668][ T6054]  do_syscall_64+0xfa/0xfa0
[  109.881208][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.887173][ T6054] page last free pid 36 tgid 36 stack trace:
[  109.893201][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  109.898343][ T6054]  __put_partials+0x146/0x170
[  109.903112][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  109.907903][ T6054]  __slab_free+0x2b9/0x390
[  109.912407][ T6054]  qlist_free_all+0x97/0x140
[  109.917030][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  109.922584][ T6054]  __kasan_slab_alloc+0x22/0x80
[  109.927474][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  109.932930][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  109.938249][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  109.944060][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  109.950248][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  109.955652][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  109.960803][ T6054]  process_scheduled_works+0xae1/0x17b0
[  109.966430][ T6054]  worker_thread+0x8a0/0xda0
[  109.971054][ T6054]  kthread+0x711/0x8a0
[  109.975217][ T6054] Modules linked in:
[  109.979139][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  109.979169][ T6054] Tainted: [B]=BAD_PAGE
[  109.979177][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  109.979189][ T6054] Call Trace:
[  109.979197][ T6054]  <TASK>
[  109.979205][ T6054]  dump_stack_lvl+0x189/0x250
[  109.979240][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.979268][ T6054]  ? __pfx_print_modules+0x10/0x10
[  109.979297][ T6054]  bad_page+0x180/0x1c0
[  109.979321][ T6054]  __free_frozen_pages+0xce2/0xd30
[  109.979357][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  109.979396][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  109.979427][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  109.979445][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  109.979494][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  109.979536][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  109.979568][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  109.979596][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  109.979628][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  109.979653][ T6054]  tun_get_user+0x2527/0x3e90
[  109.979686][ T6054]  ? aa_file_perm+0x44d/0x1550
[  109.979711][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  109.979736][ T6054]  ? __lock_acquire+0xab9/0xd20
[  109.979769][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  109.979788][ T6054]  ? __lock_acquire+0xab9/0xd20
[  109.979807][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  109.979828][ T6054]  ? tun_get+0x1c/0x2f0
[  109.979854][ T6054]  ? tun_get+0x1c/0x2f0
[  109.979877][ T6054]  ? tun_get+0x1c/0x2f0
[  109.979901][ T6054]  tun_chr_write_iter+0x113/0x200
[  109.979927][ T6054]  vfs_write+0x5c9/0xb30
[  109.979958][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  109.979982][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  109.980010][ T6054]  ? __pfx_do_futex+0x10/0x10
[  109.980048][ T6054]  ksys_write+0x145/0x250
[  109.980076][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  109.980103][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  109.980135][ T6054]  do_syscall_64+0xfa/0xfa0
[  109.980164][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  109.980193][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.980213][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  109.980235][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.980261][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  109.980279][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  109.980295][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  109.980317][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  109.980331][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  109.980344][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  109.980357][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  109.980369][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  109.980391][ T6054]  </TASK>
[  109.980402][ T6054] BUG: Bad page state in process syz.0.17  pfn:7723e
[  110.271388][ T5147] Bluetooth: hci0: command tx timeout
[  110.271546][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723ef50 pfn:0x7723e
[  110.293704][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  110.300851][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  110.309520][ T6054] raw: ffff88807723ef50 0000000000000001 00000000ffffffff 0000000000000000
[  110.318383][ T6054] page dumped because: page_pool leak
[  110.323828][ T6054] page_owner tracks the page as allocated
[  110.329554][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178823252, free_ts 108126547011
[  110.346466][ T6054]  post_alloc_hook+0x234/0x290
[  110.351296][ T6054]  get_page_from_freelist+0x2365/0x2440
[  110.356865][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  110.362746][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  110.368224][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  110.374378][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  110.379247][ T6054]  do_xdp_generic+0x699/0x11a0
[  110.384084][ T6054]  tun_get_user+0x2527/0x3e90
[  110.388783][ T6054]  tun_chr_write_iter+0x113/0x200
[  110.393885][ T6054]  vfs_write+0x5c9/0xb30
[  110.398161][ T6054]  ksys_write+0x145/0x250
[  110.402575][ T6054]  do_syscall_64+0xfa/0xfa0
[  110.407111][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.413072][ T6054] page last free pid 36 tgid 36 stack trace:
[  110.419062][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  110.424258][ T6054]  __put_partials+0x146/0x170
[  110.428955][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  110.433788][ T6054]  __slab_free+0x2b9/0x390
[  110.438228][ T6054]  qlist_free_all+0x97/0x140
[  110.442897][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  110.448386][ T6054]  __kasan_slab_alloc+0x22/0x80
[  110.453322][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  110.458725][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  110.463998][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  110.469666][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  110.475906][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  110.481224][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  110.486415][ T6054]  process_scheduled_works+0xae1/0x17b0
[  110.492023][ T6054]  worker_thread+0x8a0/0xda0
[  110.496640][ T6054]  kthread+0x711/0x8a0
[  110.500737][ T6054] Modules linked in:
[  110.504714][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  110.504744][ T6054] Tainted: [B]=BAD_PAGE
[  110.504752][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  110.504764][ T6054] Call Trace:
[  110.504772][ T6054]  <TASK>
[  110.504780][ T6054]  dump_stack_lvl+0x189/0x250
[  110.504813][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  110.504842][ T6054]  ? __pfx_print_modules+0x10/0x10
[  110.504871][ T6054]  bad_page+0x180/0x1c0
[  110.504895][ T6054]  __free_frozen_pages+0xce2/0xd30
[  110.504929][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  110.504965][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  110.504988][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  110.505005][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  110.505046][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  110.505078][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  110.505110][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  110.505138][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  110.505165][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  110.505190][ T6054]  tun_get_user+0x2527/0x3e90
[  110.505225][ T6054]  ? aa_file_perm+0x44d/0x1550
[  110.505245][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  110.505272][ T6054]  ? __lock_acquire+0xab9/0xd20
[  110.505299][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  110.505318][ T6054]  ? __lock_acquire+0xab9/0xd20
[  110.505338][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  110.505361][ T6054]  ? tun_get+0x1c/0x2f0
[  110.505388][ T6054]  ? tun_get+0x1c/0x2f0
[  110.505411][ T6054]  ? tun_get+0x1c/0x2f0
[  110.505436][ T6054]  tun_chr_write_iter+0x113/0x200
[  110.505462][ T6054]  vfs_write+0x5c9/0xb30
[  110.505502][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  110.505528][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  110.505558][ T6054]  ? __pfx_do_futex+0x10/0x10
[  110.505596][ T6054]  ksys_write+0x145/0x250
[  110.505627][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  110.505658][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  110.505691][ T6054]  do_syscall_64+0xfa/0xfa0
[  110.505720][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  110.505751][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.505772][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  110.505795][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.505815][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  110.505833][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  110.505850][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  110.505872][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  110.505889][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  110.505903][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  110.505916][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  110.505928][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  110.505952][ T6054]  </TASK>
[  110.505963][ T6054] BUG: Bad page state in process syz.0.17  pfn:7723f
[  110.803429][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723ff50 pfn:0x7723f
[  110.813568][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  110.820703][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  110.829348][ T6054] raw: ffff88807723ff50 0000000000000001 00000000ffffffff 0000000000000000
[  110.837994][ T6054] page dumped because: page_pool leak
[  110.843651][ T6054] page_owner tracks the page as allocated
[  110.849389][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178804945, free_ts 108126565240
[  110.866332][ T6054]  post_alloc_hook+0x234/0x290
[  110.871132][ T6054]  get_page_from_freelist+0x2365/0x2440
[  110.876798][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  110.882672][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  110.888165][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  110.894327][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  110.899203][ T6054]  do_xdp_generic+0x699/0x11a0
[  110.904055][ T6054]  tun_get_user+0x2527/0x3e90
[  110.908762][ T6054]  tun_chr_write_iter+0x113/0x200
[  110.913869][ T6054]  vfs_write+0x5c9/0xb30
[  110.918141][ T6054]  ksys_write+0x145/0x250
[  110.922547][ T6054]  do_syscall_64+0xfa/0xfa0
[  110.927086][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.933054][ T6054] page last free pid 36 tgid 36 stack trace:
[  110.939045][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  110.944230][ T6054]  __put_partials+0x146/0x170
[  110.948938][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  110.953760][ T6054]  __slab_free+0x2b9/0x390
[  110.958202][ T6054]  qlist_free_all+0x97/0x140
[  110.962863][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  110.968361][ T6054]  __kasan_slab_alloc+0x22/0x80
[  110.973296][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  110.978739][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  110.984023][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  110.989689][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  110.995929][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  111.001278][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  111.006450][ T6054]  process_scheduled_works+0xae1/0x17b0
[  111.012082][ T6054]  worker_thread+0x8a0/0xda0
[  111.016710][ T6054]  kthread+0x711/0x8a0
[  111.020817][ T6054] Modules linked in:
[  111.024790][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  111.024819][ T6054] Tainted: [B]=BAD_PAGE
[  111.024826][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  111.024838][ T6054] Call Trace:
[  111.024845][ T6054]  <TASK>
[  111.024852][ T6054]  dump_stack_lvl+0x189/0x250
[  111.024885][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.024912][ T6054]  ? __pfx_print_modules+0x10/0x10
[  111.024941][ T6054]  bad_page+0x180/0x1c0
[  111.024966][ T6054]  __free_frozen_pages+0xce2/0xd30
[  111.025002][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  111.025041][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  111.025065][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  111.025084][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  111.025126][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  111.025158][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  111.025191][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  111.025219][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  111.025248][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  111.025274][ T6054]  tun_get_user+0x2527/0x3e90
[  111.025309][ T6054]  ? aa_file_perm+0x44d/0x1550
[  111.025329][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  111.025355][ T6054]  ? __lock_acquire+0xab9/0xd20
[  111.025381][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  111.025401][ T6054]  ? __lock_acquire+0xab9/0xd20
[  111.025421][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  111.025444][ T6054]  ? tun_get+0x1c/0x2f0
[  111.025471][ T6054]  ? tun_get+0x1c/0x2f0
[  111.025494][ T6054]  ? tun_get+0x1c/0x2f0
[  111.025521][ T6054]  tun_chr_write_iter+0x113/0x200
[  111.025547][ T6054]  vfs_write+0x5c9/0xb30
[  111.025579][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  111.025605][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  111.025635][ T6054]  ? __pfx_do_futex+0x10/0x10
[  111.025681][ T6054]  ksys_write+0x145/0x250
[  111.025712][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  111.025743][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  111.025777][ T6054]  do_syscall_64+0xfa/0xfa0
[  111.025807][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.025838][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.025859][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  111.025882][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.025903][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  111.025920][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  111.025938][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  111.025960][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  111.025975][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  111.025989][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  111.026002][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  111.026015][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  111.026038][ T6054]  </TASK>
[  111.026050][ T6054] BUG: Bad page state in process syz.0.17  pfn:7bb38
[  111.322449][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807bb38f50 pfn:0x7bb38
[  111.332560][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.339686][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  111.348307][ T6054] raw: ffff88807bb38f50 0000000000000001 00000000ffffffff 0000000000000000
[  111.356953][ T6054] page dumped because: page_pool leak
[  111.362354][ T6054] page_owner tracks the page as allocated
[  111.368077][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178786660, free_ts 108126582918
[  111.385133][ T6054]  post_alloc_hook+0x234/0x290
[  111.389920][ T6054]  get_page_from_freelist+0x2365/0x2440
[  111.395505][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  111.401348][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  111.406801][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.412904][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  111.417768][ T6054]  do_xdp_generic+0x699/0x11a0
[  111.422585][ T6054]  tun_get_user+0x2527/0x3e90
[  111.427298][ T6054]  tun_chr_write_iter+0x113/0x200
[  111.432372][ T6054]  vfs_write+0x5c9/0xb30
[  111.436633][ T6054]  ksys_write+0x145/0x250
[  111.440964][ T6054]  do_syscall_64+0xfa/0xfa0
[  111.445515][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.451448][ T6054] page last free pid 36 tgid 36 stack trace:
[  111.457484][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  111.462635][ T6054]  __put_partials+0x146/0x170
[  111.467325][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  111.472127][ T6054]  __slab_free+0x2b9/0x390
[  111.476560][ T6054]  qlist_free_all+0x97/0x140
[  111.481151][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  111.486651][ T6054]  __kasan_slab_alloc+0x22/0x80
[  111.491547][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  111.496922][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  111.502193][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  111.507845][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  111.514034][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  111.519338][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  111.524662][ T6054]  process_scheduled_works+0xae1/0x17b0
[  111.530242][ T6054]  worker_thread+0x8a0/0xda0
[  111.534862][ T6054]  kthread+0x711/0x8a0
[  111.538951][ T6054] Modules linked in:
[  111.542905][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  111.542934][ T6054] Tainted: [B]=BAD_PAGE
[  111.542941][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  111.542953][ T6054] Call Trace:
[  111.542961][ T6054]  <TASK>
[  111.542969][ T6054]  dump_stack_lvl+0x189/0x250
[  111.543002][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.543030][ T6054]  ? __pfx_print_modules+0x10/0x10
[  111.543059][ T6054]  bad_page+0x180/0x1c0
[  111.543084][ T6054]  __free_frozen_pages+0xce2/0xd30
[  111.543131][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  111.543169][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  111.543192][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  111.543210][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  111.543251][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  111.543283][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  111.543315][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  111.543342][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  111.543371][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  111.543395][ T6054]  tun_get_user+0x2527/0x3e90
[  111.543429][ T6054]  ? aa_file_perm+0x44d/0x1550
[  111.543457][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  111.543483][ T6054]  ? __lock_acquire+0xab9/0xd20
[  111.543510][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  111.543528][ T6054]  ? __lock_acquire+0xab9/0xd20
[  111.543548][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  111.543570][ T6054]  ? tun_get+0x1c/0x2f0
[  111.543596][ T6054]  ? tun_get+0x1c/0x2f0
[  111.543619][ T6054]  ? tun_get+0x1c/0x2f0
[  111.543644][ T6054]  tun_chr_write_iter+0x113/0x200
[  111.543670][ T6054]  vfs_write+0x5c9/0xb30
[  111.543699][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  111.543723][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  111.543753][ T6054]  ? __pfx_do_futex+0x10/0x10
[  111.543790][ T6054]  ksys_write+0x145/0x250
[  111.543820][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  111.543850][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  111.543882][ T6054]  do_syscall_64+0xfa/0xfa0
[  111.543911][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.543940][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.543960][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  111.543983][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.544002][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  111.544020][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  111.544037][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  111.544058][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  111.544071][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  111.544083][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  111.544095][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  111.544107][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  111.544129][ T6054]  </TASK>
[  111.544141][ T6054] BUG: Bad page state in process syz.0.17  pfn:7bb39
[  111.840317][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807bb39f50 pfn:0x7bb39
[  111.850408][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.857626][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  111.866263][ T6054] raw: ffff88807bb39f50 0000000000000001 00000000ffffffff 0000000000000000
[  111.874979][ T6054] page dumped because: page_pool leak
[  111.880356][ T6054] page_owner tracks the page as allocated
[  111.886110][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178768204, free_ts 108126600812
[  111.902996][ T6054]  post_alloc_hook+0x234/0x290
[  111.907772][ T6054]  get_page_from_freelist+0x2365/0x2440
[  111.913353][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  111.919183][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  111.924677][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.930782][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  111.935682][ T6054]  do_xdp_generic+0x699/0x11a0
[  111.940473][ T6054]  tun_get_user+0x2527/0x3e90
[  111.945208][ T6054]  tun_chr_write_iter+0x113/0x200
[  111.950261][ T6054]  vfs_write+0x5c9/0xb30
[  111.954567][ T6054]  ksys_write+0x145/0x250
[  111.958925][ T6054]  do_syscall_64+0xfa/0xfa0
[  111.963467][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.969415][ T6054] page last free pid 36 tgid 36 stack trace:
[  111.975466][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  111.980600][ T6054]  __put_partials+0x146/0x170
[  111.985310][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  111.990100][ T6054]  __slab_free+0x2b9/0x390
[  111.994550][ T6054]  qlist_free_all+0x97/0x140
[  111.999161][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  112.004657][ T6054]  __kasan_slab_alloc+0x22/0x80
[  112.009531][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  112.014944][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  112.020179][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  112.025871][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  112.032084][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  112.037372][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  112.042525][ T6054]  process_scheduled_works+0xae1/0x17b0
[  112.048088][ T6054]  worker_thread+0x8a0/0xda0
[  112.052718][ T6054]  kthread+0x711/0x8a0
[  112.056807][ T6054] Modules linked in:
[  112.060706][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.060726][ T6054] Tainted: [B]=BAD_PAGE
[  112.060732][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  112.060740][ T6054] Call Trace:
[  112.060746][ T6054]  <TASK>
[  112.060752][ T6054]  dump_stack_lvl+0x189/0x250
[  112.060775][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.060795][ T6054]  ? __pfx_print_modules+0x10/0x10
[  112.060815][ T6054]  bad_page+0x180/0x1c0
[  112.060832][ T6054]  __free_frozen_pages+0xce2/0xd30
[  112.060857][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.060884][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.060901][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.060913][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  112.060943][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  112.060966][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.060989][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  112.061008][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  112.061028][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  112.061046][ T6054]  tun_get_user+0x2527/0x3e90
[  112.061070][ T6054]  ? aa_file_perm+0x44d/0x1550
[  112.061084][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  112.061103][ T6054]  ? __lock_acquire+0xab9/0xd20
[  112.061121][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  112.061134][ T6054]  ? __lock_acquire+0xab9/0xd20
[  112.061148][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.061163][ T6054]  ? tun_get+0x1c/0x2f0
[  112.061182][ T6054]  ? tun_get+0x1c/0x2f0
[  112.061197][ T6054]  ? tun_get+0x1c/0x2f0
[  112.061215][ T6054]  tun_chr_write_iter+0x113/0x200
[  112.061240][ T6054]  vfs_write+0x5c9/0xb30
[  112.061273][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  112.061297][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  112.061325][ T6054]  ? __pfx_do_futex+0x10/0x10
[  112.061368][ T6054]  ksys_write+0x145/0x250
[  112.061398][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  112.061425][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  112.061451][ T6054]  do_syscall_64+0xfa/0xfa0
[  112.061475][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.061500][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.061517][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  112.061536][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.061552][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  112.061566][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  112.061580][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  112.061599][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  112.061612][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.061623][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  112.061634][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  112.061644][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  112.061663][ T6054]  </TASK>
[  112.350465][ T6054] BUG: Bad page state in process syz.0.17  pfn:7bb3a
[  112.351508][ T5147] Bluetooth: hci0: command tx timeout
[  112.357183][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807bb3af50 pfn:0x7bb3a
[  112.372642][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.379774][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  112.388412][ T6054] raw: ffff88807bb3af50 0000000000000001 00000000ffffffff 0000000000000000
[  112.397023][ T6054] page dumped because: page_pool leak
[  112.402417][ T6054] page_owner tracks the page as allocated
[  112.408136][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178750528, free_ts 108126684885
[  112.425020][ T6054]  post_alloc_hook+0x234/0x290
[  112.429824][ T6054]  get_page_from_freelist+0x2365/0x2440
[  112.435435][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  112.441292][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  112.446756][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.452858][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  112.457724][ T6054]  do_xdp_generic+0x699/0x11a0
[  112.462533][ T6054]  tun_get_user+0x2527/0x3e90
[  112.467232][ T6054]  tun_chr_write_iter+0x113/0x200
[  112.472289][ T6054]  vfs_write+0x5c9/0xb30
[  112.476564][ T6054]  ksys_write+0x145/0x250
[  112.480894][ T6054]  do_syscall_64+0xfa/0xfa0
[  112.485452][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.491393][ T6054] page last free pid 36 tgid 36 stack trace:
[  112.497388][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  112.502561][ T6054]  __put_partials+0x146/0x170
[  112.507257][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  112.512075][ T6054]  __slab_free+0x2b9/0x390
[  112.516509][ T6054]  qlist_free_all+0x97/0x140
[  112.521115][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  112.526628][ T6054]  __kasan_slab_alloc+0x22/0x80
[  112.531528][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  112.536917][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  112.542167][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  112.547828][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  112.554032][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  112.559346][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  112.564504][ T6054]  process_scheduled_works+0xae1/0x17b0
[  112.570066][ T6054]  worker_thread+0x8a0/0xda0
[  112.574696][ T6054]  kthread+0x711/0x8a0
[  112.578802][ T6054] Modules linked in:
[  112.582738][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.582766][ T6054] Tainted: [B]=BAD_PAGE
[  112.582774][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  112.582785][ T6054] Call Trace:
[  112.582793][ T6054]  <TASK>
[  112.582800][ T6054]  dump_stack_lvl+0x189/0x250
[  112.582832][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.582859][ T6054]  ? __pfx_print_modules+0x10/0x10
[  112.582888][ T6054]  bad_page+0x180/0x1c0
[  112.582912][ T6054]  __free_frozen_pages+0xce2/0xd30
[  112.582947][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.582983][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.583005][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.583022][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  112.583062][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  112.583094][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.583126][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  112.583153][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  112.583181][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  112.583206][ T6054]  tun_get_user+0x2527/0x3e90
[  112.583240][ T6054]  ? aa_file_perm+0x44d/0x1550
[  112.583259][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  112.583286][ T6054]  ? __lock_acquire+0xab9/0xd20
[  112.583312][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  112.583339][ T6054]  ? __lock_acquire+0xab9/0xd20
[  112.583359][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.583399][ T6054]  ? tun_get+0x1c/0x2f0
[  112.583426][ T6054]  ? tun_get+0x1c/0x2f0
[  112.583449][ T6054]  ? tun_get+0x1c/0x2f0
[  112.583476][ T6054]  tun_chr_write_iter+0x113/0x200
[  112.583502][ T6054]  vfs_write+0x5c9/0xb30
[  112.583535][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  112.583572][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  112.583600][ T6054]  ? __pfx_do_futex+0x10/0x10
[  112.583637][ T6054]  ksys_write+0x145/0x250
[  112.583685][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  112.583717][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  112.583750][ T6054]  do_syscall_64+0xfa/0xfa0
[  112.583780][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.583811][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.583832][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  112.583855][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.583876][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  112.583893][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  112.583911][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  112.583933][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  112.583948][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.583962][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  112.583975][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  112.583988][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  112.584011][ T6054]  </TASK>
[  112.584023][ T6054] BUG: Bad page state in process syz.0.17  pfn:7bb3b
[  112.880305][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807bb3bf50 pfn:0x7bb3b
[  112.890419][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.897596][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  112.906237][ T6054] raw: ffff88807bb3bf50 0000000000000001 00000000ffffffff 0000000000000000
[  112.914860][ T6054] page dumped because: page_pool leak
[  112.920250][ T6054] page_owner tracks the page as allocated
[  112.926014][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178732185, free_ts 108126703814
[  112.942908][ T6054]  post_alloc_hook+0x234/0x290
[  112.947682][ T6054]  get_page_from_freelist+0x2365/0x2440
[  112.953268][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  112.959097][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  112.964612][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.970712][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  112.975605][ T6054]  do_xdp_generic+0x699/0x11a0
[  112.980390][ T6054]  tun_get_user+0x2527/0x3e90
[  112.985108][ T6054]  tun_chr_write_iter+0x113/0x200
[  112.990160][ T6054]  vfs_write+0x5c9/0xb30
[  112.994465][ T6054]  ksys_write+0x145/0x250
[  112.998833][ T6054]  do_syscall_64+0xfa/0xfa0
[  113.003389][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.009473][ T6054] page last free pid 36 tgid 36 stack trace:
[  113.015519][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  113.020666][ T6054]  __put_partials+0x146/0x170
[  113.025406][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  113.030200][ T6054]  __slab_free+0x2b9/0x390
[  113.034676][ T6054]  qlist_free_all+0x97/0x140
[  113.039291][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  113.044788][ T6054]  __kasan_slab_alloc+0x22/0x80
[  113.049662][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  113.055097][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  113.060327][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  113.066013][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  113.072223][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  113.077520][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  113.082765][ T6054]  process_scheduled_works+0xae1/0x17b0
[  113.088329][ T6054]  worker_thread+0x8a0/0xda0
[  113.092958][ T6054]  kthread+0x711/0x8a0
[  113.097053][ T6054] Modules linked in:
[  113.100950][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  113.100970][ T6054] Tainted: [B]=BAD_PAGE
[  113.100976][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.100984][ T6054] Call Trace:
[  113.100990][ T6054]  <TASK>
[  113.100996][ T6054]  dump_stack_lvl+0x189/0x250
[  113.101020][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.101040][ T6054]  ? __pfx_print_modules+0x10/0x10
[  113.101060][ T6054]  bad_page+0x180/0x1c0
[  113.101078][ T6054]  __free_frozen_pages+0xce2/0xd30
[  113.101103][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  113.101129][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  113.101146][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  113.101158][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  113.101187][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  113.101209][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  113.101236][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  113.101262][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  113.101297][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  113.101318][ T6054]  tun_get_user+0x2527/0x3e90
[  113.101342][ T6054]  ? aa_file_perm+0x44d/0x1550
[  113.101355][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  113.101374][ T6054]  ? __lock_acquire+0xab9/0xd20
[  113.101392][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  113.101405][ T6054]  ? __lock_acquire+0xab9/0xd20
[  113.101419][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  113.101435][ T6054]  ? tun_get+0x1c/0x2f0
[  113.101453][ T6054]  ? tun_get+0x1c/0x2f0
[  113.101468][ T6054]  ? tun_get+0x1c/0x2f0
[  113.101486][ T6054]  tun_chr_write_iter+0x113/0x200
[  113.101504][ T6054]  vfs_write+0x5c9/0xb30
[  113.101526][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  113.101542][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  113.101562][ T6054]  ? __pfx_do_futex+0x10/0x10
[  113.101589][ T6054]  ksys_write+0x145/0x250
[  113.101609][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  113.101630][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  113.101653][ T6054]  do_syscall_64+0xfa/0xfa0
[  113.101676][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.101697][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.101711][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  113.101727][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.101741][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  113.101753][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  113.101765][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  113.101780][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  113.101790][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  113.101800][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  113.101808][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  113.101817][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  113.101833][ T6054]  </TASK>
[  113.391073][ T6054] BUG: Bad page state in process syz.0.17  pfn:7bb3c
[  113.397798][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807bb3cf50 pfn:0x7bb3c
[  113.407961][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  113.415118][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  113.423737][ T6054] raw: ffff88807bb3cf50 0000000000000001 00000000ffffffff 0000000000000000
[  113.432352][ T6054] page dumped because: page_pool leak
[  113.437713][ T6054] page_owner tracks the page as allocated
[  113.443446][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178714005, free_ts 108126720751
[  113.460340][ T6054]  post_alloc_hook+0x234/0x290
[  113.465150][ T6054]  get_page_from_freelist+0x2365/0x2440
[  113.470712][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  113.476559][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  113.482056][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  113.488125][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  113.493007][ T6054]  do_xdp_generic+0x699/0x11a0
[  113.497789][ T6054]  tun_get_user+0x2527/0x3e90
[  113.502504][ T6054]  tun_chr_write_iter+0x113/0x200
[  113.507560][ T6054]  vfs_write+0x5c9/0xb30
[  113.511839][ T6054]  ksys_write+0x145/0x250
[  113.516194][ T6054]  do_syscall_64+0xfa/0xfa0
[  113.520703][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.526657][ T6054] page last free pid 36 tgid 36 stack trace:
[  113.532764][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  113.537910][ T6054]  __put_partials+0x146/0x170
[  113.542637][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  113.547436][ T6054]  __slab_free+0x2b9/0x390
[  113.551890][ T6054]  qlist_free_all+0x97/0x140
[  113.556512][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  113.562023][ T6054]  __kasan_slab_alloc+0x22/0x80
[  113.566915][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  113.572323][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  113.577546][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  113.583217][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  113.589390][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  113.594715][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  113.599857][ T6054]  process_scheduled_works+0xae1/0x17b0
[  113.605697][ T6054]  worker_thread+0x8a0/0xda0
[  113.610304][ T6054]  kthread+0x711/0x8a0
[  113.614417][ T6054] Modules linked in:
[  113.618333][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  113.618354][ T6054] Tainted: [B]=BAD_PAGE
[  113.618359][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.618368][ T6054] Call Trace:
[  113.618374][ T6054]  <TASK>
[  113.618380][ T6054]  dump_stack_lvl+0x189/0x250
[  113.618404][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.618424][ T6054]  ? __pfx_print_modules+0x10/0x10
[  113.618444][ T6054]  bad_page+0x180/0x1c0
[  113.618462][ T6054]  __free_frozen_pages+0xce2/0xd30
[  113.618488][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  113.618520][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  113.618537][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  113.618550][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  113.618579][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  113.618602][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  113.618625][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  113.618645][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  113.618665][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  113.618683][ T6054]  tun_get_user+0x2527/0x3e90
[  113.618707][ T6054]  ? aa_file_perm+0x44d/0x1550
[  113.618721][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  113.618740][ T6054]  ? __lock_acquire+0xab9/0xd20
[  113.618759][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  113.618773][ T6054]  ? __lock_acquire+0xab9/0xd20
[  113.618787][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  113.618803][ T6054]  ? tun_get+0x1c/0x2f0
[  113.618821][ T6054]  ? tun_get+0x1c/0x2f0
[  113.618837][ T6054]  ? tun_get+0x1c/0x2f0
[  113.618855][ T6054]  tun_chr_write_iter+0x113/0x200
[  113.618874][ T6054]  vfs_write+0x5c9/0xb30
[  113.618896][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  113.618913][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  113.618933][ T6054]  ? __pfx_do_futex+0x10/0x10
[  113.618960][ T6054]  ksys_write+0x145/0x250
[  113.618981][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  113.619002][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  113.619025][ T6054]  do_syscall_64+0xfa/0xfa0
[  113.619045][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.619067][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.619080][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  113.619096][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.619110][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  113.619123][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  113.619135][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  113.619150][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  113.619161][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  113.619171][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  113.619180][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  113.619188][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  113.619205][ T6054]  </TASK>
[  113.619213][ T6054] BUG: Bad page state in process syz.0.17  pfn:7bb3d
[  113.916292][ T6054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807bb3df50 pfn:0x7bb3d
[  113.926487][ T6054] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  113.933666][ T6054] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  113.942309][ T6054] raw: ffff88807bb3df50 0000000000000001 00000000ffffffff 0000000000000000
[  113.950913][ T6054] page dumped because: page_pool leak
[  113.956333][ T6054] page_owner tracks the page as allocated
[  113.962084][ T6054] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178687382, free_ts 108126738469
[  113.979005][ T6054]  post_alloc_hook+0x234/0x290
[  113.983832][ T6054]  get_page_from_freelist+0x2365/0x2440
[  113.989382][ T6054]  __alloc_frozen_pages_noprof+0x181/0x370
[  113.995248][ T6054]  alloc_pages_bulk_noprof+0x560/0x710
[  114.000729][ T6054]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  114.006848][ T6054]  skb_pp_cow_data+0xb47/0x13e0
[  114.011764][ T6054]  do_xdp_generic+0x699/0x11a0
[  114.016551][ T6054]  tun_get_user+0x2527/0x3e90
[  114.021301][ T6054]  tun_chr_write_iter+0x113/0x200
[  114.026381][ T6054]  vfs_write+0x5c9/0xb30
[  114.030639][ T6054]  ksys_write+0x145/0x250
[  114.035033][ T6054]  do_syscall_64+0xfa/0xfa0
[  114.039603][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.045551][ T6054] page last free pid 36 tgid 36 stack trace:
[  114.051578][ T6054]  __free_frozen_pages+0xbc4/0xd30
[  114.056713][ T6054]  __put_partials+0x146/0x170
[  114.061463][ T6054]  put_cpu_partial+0x1f2/0x2e0
[  114.066269][ T6054]  __slab_free+0x2b9/0x390
[  114.070740][ T6054]  qlist_free_all+0x97/0x140
[  114.075438][ T6054]  kasan_quarantine_reduce+0x148/0x160
[  114.080966][ T6054]  __kasan_slab_alloc+0x22/0x80
[  114.085894][ T6054]  __kmalloc_cache_noprof+0x36f/0x6f0
[  114.091326][ T6054]  sta_info_insert_rcu+0x7b8/0x2840
[  114.096554][ T6054]  ieee80211_ibss_finish_sta+0x293/0x380
[  114.102228][ T6054]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  114.108411][ T6054]  ieee80211_iface_work+0x85f/0x12d0
[  114.113854][ T6054]  cfg80211_wiphy_work+0x2bb/0x470
[  114.118995][ T6054]  process_scheduled_works+0xae1/0x17b0
[  114.124582][ T6054]  worker_thread+0x8a0/0xda0
[  114.129193][ T6054]  kthread+0x711/0x8a0
[  114.133335][ T6054] Modules linked in:
[  114.137250][ T6054] CPU: 0 UID: 0 PID: 6054 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  114.137271][ T6054] Tainted: [B]=BAD_PAGE
[  114.137276][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  114.137285][ T6054] Call Trace:
[  114.137291][ T6054]  <TASK>
[  114.137297][ T6054]  dump_stack_lvl+0x189/0x250
[  114.137320][ T6054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.137341][ T6054]  ? __pfx_print_modules+0x10/0x10
[  114.137361][ T6054]  bad_page+0x180/0x1c0
[  114.137379][ T6054]  __free_frozen_pages+0xce2/0xd30
[  114.137405][ T6054]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  114.137431][ T6054]  bpf_xdp_adjust_tail+0x1d6/0x220
[  114.137448][ T6054]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  114.137461][ T6054]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  114.137490][ T6054]  do_xdp_generic+0x9f7/0x11a0
[  114.137513][ T6054]  ? __pfx_do_xdp_generic+0x10/0x10
[  114.137536][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  114.137556][ T6054]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  114.137576][ T6054]  ? tun_get_user+0x23f3/0x3e90
[  114.137594][ T6054]  tun_get_user+0x2527/0x3e90
[  114.137618][ T6054]  ? aa_file_perm+0x44d/0x1550
[  114.137632][ T6054]  ? __pfx_tun_get_user+0x10/0x10
[  114.137651][ T6054]  ? __lock_acquire+0xab9/0xd20
[  114.137670][ T6054]  ? ref_tracker_alloc+0x318/0x460
[  114.137683][ T6054]  ? __lock_acquire+0xab9/0xd20
[  114.137697][ T6054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  114.137713][ T6054]  ? tun_get+0x1c/0x2f0
[  114.137731][ T6054]  ? tun_get+0x1c/0x2f0
[  114.137747][ T6054]  ? tun_get+0x1c/0x2f0
[  114.137765][ T6054]  tun_chr_write_iter+0x113/0x200
[  114.137783][ T6054]  vfs_write+0x5c9/0xb30
[  114.137805][ T6054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  114.137822][ T6054]  ? __pfx_vfs_write+0x10/0x10
[  114.137843][ T6054]  ? __pfx_do_futex+0x10/0x10
[  114.137869][ T6054]  ksys_write+0x145/0x250
[  114.137890][ T6054]  ? __pfx_ksys_write+0x10/0x10
[  114.137911][ T6054]  ? do_syscall_64+0xbe/0xfa0
[  114.137935][ T6054]  do_syscall_64+0xfa/0xfa0
[  114.137955][ T6054]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.137976][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.137990][ T6054]  ? clear_bhb_loop+0x60/0xb0
[  114.138005][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.138019][ T6054] RIP: 0033:0x7ff28ad8e1ff
[  114.138032][ T6054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  114.138045][ T6054] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  114.138060][ T6054] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  114.138071][ T6054] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  114.138081][ T6054] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  114.138090][ T6054] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  114.138098][ T6054] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  114.138115][ T6054]  </TASK>
[  114.444174][ T5147] Bluetooth: hci0: command tx timeout
[  114.469260][ T6138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807723af50 pfn:0x7723a
[  114.479410][ T6138] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  114.486587][ T6138] raw: 00fff00000000000 dead000000000040 ffff888021e88000 0000000000000000
[  114.495255][ T6138] raw: ffff88807723af50 3fffffffffffffff 00000000ffffffff 0000000000000000
[  114.503879][ T6138] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[  114.511633][ T6138] page_owner tracks the page as allocated
[  114.517350][ T6138] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6054, tgid 6054 (syz.0.17), ts 108178898662, free_ts 108126402605
[  114.534318][ T6138]  post_alloc_hook+0x234/0x290
[  114.539212][ T6138]  get_page_from_freelist+0x2365/0x2440
[  114.544807][ T6138]  __alloc_frozen_pages_noprof+0x181/0x370
[  114.550642][ T6138]  alloc_pages_bulk_noprof+0x560/0x710
[  114.556145][ T6138]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  114.562288][ T6138]  page_pool_alloc_frag_netmem+0x421/0x9b0
[  114.568120][ T6138]  skb_pp_cow_data+0xb69/0x13e0
[  114.573012][ T6138]  do_xdp_generic+0x699/0x11a0
[  114.577804][ T6138]  tun_get_user+0x2527/0x3e90
[  114.582524][ T6138]  tun_chr_write_iter+0x113/0x200
[  114.587567][ T6138]  vfs_write+0x5c9/0xb30
[  114.591852][ T6138]  ksys_write+0x145/0x250
[  114.596210][ T6138]  do_syscall_64+0xfa/0xfa0
[  114.600722][ T6138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.606664][ T6138] page last free pid 36 tgid 36 stack trace:
[  114.612677][ T6138]  __free_frozen_pages+0xbc4/0xd30
[  114.617974][ T6138]  __put_partials+0x146/0x170
[  114.622682][ T6138]  put_cpu_partial+0x1f2/0x2e0
[  114.627468][ T6138]  __slab_free+0x2b9/0x390
[  114.631925][ T6138]  qlist_free_all+0x97/0x140
[  114.636544][ T6138]  kasan_quarantine_reduce+0x148/0x160
[  114.642102][ T6138]  __kasan_slab_alloc+0x22/0x80
[  114.646995][ T6138]  __kmalloc_cache_noprof+0x36f/0x6f0
[  114.652455][ T6138]  sta_info_insert_rcu+0x7b8/0x2840
[  114.657688][ T6138]  ieee80211_ibss_finish_sta+0x293/0x380
[  114.663369][ T6138]  ieee80211_ibss_rx_queued_mgmt+0x179b/0x2af0
[  114.669572][ T6138]  ieee80211_iface_work+0x85f/0x12d0
[  114.674921][ T6138]  cfg80211_wiphy_work+0x2bb/0x470
[  114.680070][ T6138]  process_scheduled_works+0xae1/0x17b0
[  114.685659][ T6138]  worker_thread+0x8a0/0xda0
[  114.690275][ T6138]  kthread+0x711/0x8a0
[  114.694640][ T6138] ------------[ cut here ]------------
[  114.700102][ T6138] kernel BUG at ./include/linux/mm.h:1101!
[  114.706020][ T6138] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  114.712295][ T6138] CPU: 0 UID: 0 PID: 6138 Comm: syz.0.18 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  114.722982][ T6138] Tainted: [B]=BAD_PAGE
[  114.727133][ T6138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  114.737194][ T6138] RIP: 0010:page_frag_free+0x182/0x240
[  114.742671][ T6138] Code: 38 c1 0f 8c 64 ff ff ff 4c 89 f7 e8 48 b6 0c 00 e9 57 ff ff ff e8 8e f2 a6 ff 48 89 df 48 c7 c6 80 f5 76 8b e8 ff dc 0e ff 90 <0f> 0b f3 0f 1e fa 48 89 de 48 81 e6 ff 0f 00 00 31 ff e8 47 f7 a6
[  114.762287][ T6138] RSP: 0018:ffffc90003bcf490 EFLAGS: 00010246
[  114.768383][ T6138] RAX: 231a557c121f3800 RBX: ffffea0001dc8e80 RCX: 231a557c121f3800
[  114.776397][ T6138] RDX: 0000000000000000 RSI: ffffffff8bbf08c0 RDI: ffff88802db65ac0
[  114.784407][ T6138] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  114.792395][ T6138] R10: dffffc0000000000 R11: fffffbfff1bba684 R12: dffffc0000000000
[  114.800381][ T6138] R13: 000000000000bcdd R14: ffffea0001dc8eb4 R15: dead000000000040
[  114.808355][ T6138] FS:  00005555779ec500(0000) GS:ffff888126138000(0000) knlGS:0000000000000000
[  114.817294][ T6138] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  114.823882][ T6138] CR2: 0000200000010000 CR3: 0000000071fac000 CR4: 00000000003526f0
[  114.831880][ T6138] Call Trace:
[  114.835158][ T6138]  <TASK>
[  114.838089][ T6138]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  114.843742][ T6138]  bpf_xdp_adjust_tail+0x1d6/0x220
[  114.848898][ T6138]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  114.854358][ T6138]  bpf_prog_run_generic_xdp+0x606/0x13d0
[  114.860003][ T6138]  ? lock_release+0x4b/0x3e0
[  114.864600][ T6138]  do_xdp_generic+0x9f7/0x11a0
[  114.869408][ T6138]  ? __pfx_do_xdp_generic+0x10/0x10
[  114.874652][ T6138]  ? __pfx_eth_type_trans+0x10/0x10
[  114.879856][ T6138]  ? tun_vnet_hdr_tnl_to_skb+0xed/0x830
[  114.885409][ T6138]  ? tun_get_user+0x23f3/0x3e90
[  114.890296][ T6138]  ? tun_get_user+0x23f3/0x3e90
[  114.895151][ T6138]  tun_get_user+0x2527/0x3e90
[  114.899836][ T6138]  ? rcu_is_watching+0x15/0xb0
[  114.904600][ T6138]  ? lock_release+0x4b/0x3e0
[  114.909198][ T6138]  ? aa_file_perm+0x44d/0x1550
[  114.913960][ T6138]  ? __pfx_tun_get_user+0x10/0x10
[  114.918989][ T6138]  ? get_futex_key+0x8a3/0x1660
[  114.923847][ T6138]  ? ref_tracker_alloc+0x318/0x460
[  114.928957][ T6138]  ? rcu_is_watching+0x15/0xb0
[  114.933739][ T6138]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  114.939199][ T6138]  ? tun_get+0x1c/0x2f0
[  114.943355][ T6138]  ? tun_get+0x1c/0x2f0
[  114.947512][ T6138]  ? rcu_is_watching+0x15/0xb0
[  114.952276][ T6138]  ? tun_get+0x1c/0x2f0
[  114.956449][ T6138]  ? lock_release+0x4b/0x3e0
[  114.961041][ T6138]  ? common_file_perm+0x1b5/0x230
[  114.966076][ T6138]  ? tun_get+0x1c/0x2f0
[  114.970241][ T6138]  tun_chr_write_iter+0x113/0x200
[  114.975271][ T6138]  vfs_write+0x5c9/0xb30
[  114.979521][ T6138]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  114.985068][ T6138]  ? __pfx_vfs_write+0x10/0x10
[  114.989844][ T6138]  ? __pfx_do_futex+0x10/0x10
[  114.994537][ T6138]  ksys_write+0x145/0x250
[  114.998874][ T6138]  ? __pfx_ksys_write+0x10/0x10
[  115.003728][ T6138]  ? rcu_is_watching+0x15/0xb0
[  115.008494][ T6138]  do_syscall_64+0xfa/0xfa0
[  115.013035][ T6138]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.019195][ T6138]  ? clear_bhb_loop+0x60/0xb0
[  115.023879][ T6138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.029784][ T6138] RIP: 0033:0x7ff28ad8e1ff
[  115.034201][ T6138] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  115.053993][ T6138] RSP: 002b:00007ffecbec7c10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  115.062422][ T6138] RAX: ffffffffffffffda RBX: 00007ff28afe5fa0 RCX: 00007ff28ad8e1ff
[  115.070420][ T6138] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  115.078393][ T6138] RBP: 00007ff28ae13f91 R08: 0000000000000000 R09: 0000000000000000
[  115.086372][ T6138] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  115.094344][ T6138] R13: 00007ff28afe5fa0 R14: 00007ff28afe5fa0 R15: 0000000000000003
[  115.102329][ T6138]  </TASK>
[  115.105349][ T6138] Modules linked in:
[  115.109305][ T6138] ---[ end trace 0000000000000000 ]---
[  115.114813][ T6138] RIP: 0010:page_frag_free+0x182/0x240
[  115.120310][ T6138] Code: 38 c1 0f 8c 64 ff ff ff 4c 89 f7 e8 48 b6 0c 00 e9 57 ff ff ff e8 8e f2 a6 ff 48 89 df 48 c7 c6 80 f5 76 8b e8 ff dc 0e ff 90 <0f> 0b f3 0f 1e fa 48 89 de 48 81 e6 ff 0f 00 00 31 ff e8 47 f7 a6
[  115.139981][ T6138] RSP: 0018:ffffc90003bcf490 EFLAGS: 00010246
[  115.146100][ T6138] RAX: 231a557c121f3800 RBX: ffffea0001dc8e80 RCX: 231a557c121f3800
[  115.154142][ T6138] RDX: 0000000000000000 RSI: ffffffff8bbf08c0 RDI: ffff88802db65ac0
[  115.162204][ T6138] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  115.170200][ T6138] R10: dffffc0000000000 R11: fffffbfff1bba684 R12: dffffc0000000000
[  115.178230][ T6138] R13: 000000000000bcdd R14: ffffea0001dc8eb4 R15: dead000000000040
[  115.186256][ T6138] FS:  00005555779ec500(0000) GS:ffff888126138000(0000) knlGS:0000000000000000
[  115.195313][ T6138] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  115.201950][ T6138] CR2: 0000200000010000 CR3: 0000000071fac000 CR4: 00000000003526f0
[  115.209934][ T6138] Kernel panic - not syncing: Fatal exception in interrupt
[  115.217433][ T6138] Kernel Offset: disabled
[  115.221764][ T6138] Rebooting in 86400 seconds..