Warning: Permanently added '[localhost]:8503' (ED25519) to the list of known hosts.
2026/01/27 04:35:53 parsed 1 programs
syzkaller login: [   88.447085][ T5310] cgroup: Unknown subsys name 'net'
[   88.514916][ T5310] cgroup: Unknown subsys name 'cpuset'
[   88.521178][ T5310] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   90.392178][ T5310] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   91.873389][ T1233] cfg80211: failed to load regulatory.db
[   96.170826][ T5331] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   99.028718][ T5351] chnl_net:caif_netlink_parms(): no params data found
[   99.209780][ T5351] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.214229][ T5351] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.217226][ T5351] bridge_slave_0: entered allmulticast mode
[   99.232330][ T5351] bridge_slave_0: entered promiscuous mode
[   99.238038][ T5351] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.241133][ T5351] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.252350][ T5351] bridge_slave_1: entered allmulticast mode
[   99.255946][ T5351] bridge_slave_1: entered promiscuous mode
[   99.307516][ T5351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.322878][ T5351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.369258][ T5351] team0: Port device team_slave_0 added
[   99.383702][ T5351] team0: Port device team_slave_1 added
[   99.425360][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.428224][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.452176][ T5351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.462202][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.465309][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.491790][ T5351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.559765][ T5351] hsr_slave_0: entered promiscuous mode
[   99.573172][ T5351] hsr_slave_1: entered promiscuous mode
[   99.903577][ T5351] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   99.918508][ T5351] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   99.925647][ T5351] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   99.934485][ T5351] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.000689][ T5351] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.018606][ T5351] 8021q: adding VLAN 0 to HW filter on device team0
[  100.027882][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.030974][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.044007][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.047080][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.244043][ T5351] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.285356][ T5351] veth0_vlan: entered promiscuous mode
[  100.295971][ T5351] veth1_vlan: entered promiscuous mode
[  100.321299][ T5351] veth0_macvtap: entered promiscuous mode
[  100.328587][ T5351] veth1_macvtap: entered promiscuous mode
[  100.346293][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.378621][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.404730][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.413855][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.417809][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.453772][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.624204][   T43] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.694345][   T43] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.758287][   T43] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.854989][   T43] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.515652][ T1053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.519367][ T1053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.573841][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.577396][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.864450][ T5401] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  102.869648][ T5401] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  102.874328][ T5401] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  102.878299][ T5401] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  102.885915][ T5401] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  103.613716][   T43] bridge_slave_1: left allmulticast mode
[  103.616395][   T43] bridge_slave_1: left promiscuous mode
[  103.619752][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.663796][   T43] bridge_slave_0: left allmulticast mode
[  103.682369][   T43] bridge_slave_0: left promiscuous mode
[  103.684977][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.276451][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.293645][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.305047][   T43] bond0 (unregistering): Released all slaves
[  104.431308][   T43] hsr_slave_0: left promiscuous mode
[  104.434629][   T43] hsr_slave_1: left promiscuous mode
[  104.442425][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.445596][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.473006][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.476075][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.507927][   T43] veth1_macvtap: left promiscuous mode
[  104.510549][   T43] veth0_macvtap: left promiscuous mode
[  104.543035][   T43] veth1_vlan: left promiscuous mode
[  104.545811][   T43] veth0_vlan: left promiscuous mode
[  105.370131][   T43] team0 (unregistering): Port device team_slave_1 removed
[  105.428401][   T43] team0 (unregistering): Port device team_slave_0 removed
2026/01/27 04:36:16 executed programs: 0
[  108.607279][ T5401] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.611379][ T5401] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  108.615238][ T5401] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  108.618599][ T5401] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  108.621946][ T5401] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.800439][ T5457] chnl_net:caif_netlink_parms(): no params data found
[  108.857566][ T5457] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.860815][ T5457] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.863890][ T5457] bridge_slave_0: entered allmulticast mode
[  108.867524][ T5457] bridge_slave_0: entered promiscuous mode
[  108.872916][ T5457] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.876072][ T5457] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.879124][ T5457] bridge_slave_1: entered allmulticast mode
[  108.886473][ T5457] bridge_slave_1: entered promiscuous mode
[  108.916945][ T5457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.923863][ T5457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.946807][ T5457] team0: Port device team_slave_0 added
[  108.950644][ T5457] team0: Port device team_slave_1 added
[  108.970964][ T5457] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.974407][ T5457] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  108.990091][ T5457] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.005811][ T5457] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.008875][ T5457] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.020106][ T5457] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.054088][ T5457] hsr_slave_0: entered promiscuous mode
[  109.057979][ T5457] hsr_slave_1: entered promiscuous mode
[  109.479979][ T5457] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  109.496054][ T5457] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  109.513474][ T5457] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  109.525941][ T5457] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  109.656859][ T5457] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.679753][ T5457] 8021q: adding VLAN 0 to HW filter on device team0
[  109.699392][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.702630][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.725855][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.728675][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.028388][ T5457] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.105375][ T5457] veth0_vlan: entered promiscuous mode
[  110.123124][ T5457] veth1_vlan: entered promiscuous mode
[  110.157689][ T5457] veth0_macvtap: entered promiscuous mode
[  110.175962][ T5457] veth1_macvtap: entered promiscuous mode
[  110.204089][ T5457] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.223824][ T5457] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.246393][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.262559][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.267884][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.284630][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.398567][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.407093][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.484515][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.487851][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.603716][ T5501] BUG: Bad page state in process syz.0.17  pfn:12a60
[  110.606757][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012a60000 pfn:0x12a60
[  110.612059][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  110.615147][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  110.618927][ T5501] raw: ffff888012a60000 3fffffffffffffff 00000000ffffffff 0000000000000000
[  110.622749][ T5501] page dumped because: page_pool leak
[  110.625082][ T5501] page_owner tracks the page as allocated
[  110.627828][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603604520, free_ts 108533483792
[  110.634928][ T5501]  post_alloc_hook+0x228/0x280
[  110.637241][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  110.639789][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  110.642554][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  110.644984][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  110.647711][ T5501]  page_pool_alloc_frag_netmem+0x421/0x9b0
[  110.650320][ T5501]  skb_pp_cow_data+0xc43/0x1680
[  110.652656][ T5501]  do_xdp_generic+0x715/0x1280
[  110.654889][ T5501]  tun_get_user+0x247d/0x3dd0
[  110.657104][ T5501]  tun_chr_write_iter+0x113/0x200
[  110.659320][ T5501]  vfs_write+0x61d/0xb90
[  110.661258][ T5501]  ksys_write+0x150/0x270
[  110.663266][ T5501]  do_syscall_64+0xe2/0xf80
[  110.665282][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.667804][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  110.670623][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  110.672977][ T5501]  __slab_free+0x2ce/0x320
[  110.675118][ T5501]  qlist_free_all+0x97/0x100
[  110.677288][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  110.679768][ T5501]  __kasan_slab_alloc+0x22/0x80
[  110.682009][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  110.684655][ T5501]  __alloc_skb+0x1d7/0x390
[  110.686675][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  110.689030][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  110.691254][ T5501]  tcp_sendmsg+0x2f/0x50
[  110.693226][ T5501]  sock_write_iter+0x421/0x550
[  110.695353][ T5501]  vfs_write+0x61d/0xb90
[  110.697252][ T5501]  ksys_write+0x150/0x270
[  110.699065][ T5501]  do_syscall_64+0xe2/0xf80
[  110.701060][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.703692][ T5501] Modules linked in:
[  110.705553][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  110.705568][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  110.705576][ T5501] Call Trace:
[  110.705584][ T5501]  <TASK>
[  110.705590][ T5501]  dump_stack_lvl+0xe8/0x150
[  110.705609][ T5501]  bad_page+0x17f/0x1c0
[  110.705624][ T5501]  __free_frozen_pages+0xd28/0xd70
[  110.705647][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  110.705677][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  110.705694][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  110.705706][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  110.705741][ T5501]  do_xdp_generic+0xa6f/0x1280
[  110.705756][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  110.705779][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  110.705802][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  110.705830][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  110.705846][ T5501]  tun_get_user+0x247d/0x3dd0
[  110.705871][ T5501]  ? aa_file_perm+0x12d/0x1630
[  110.706061][ T5501]  ? aa_file_perm+0x440/0x1630
[  110.706074][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  110.706092][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  110.706118][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  110.706146][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  110.706176][ T5501]  ? tun_get+0x1c/0x2f0
[  110.706194][ T5501]  ? tun_get+0x1c/0x2f0
[  110.706214][ T5501]  ? tun_get+0x1c/0x2f0
[  110.706230][ T5501]  ? tun_get+0x1c/0x2f0
[  110.706249][ T5501]  tun_chr_write_iter+0x113/0x200
[  110.706268][ T5501]  vfs_write+0x61d/0xb90
[  110.706289][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  110.706305][ T5501]  ? __pfx_do_futex+0x10/0x10
[  110.706332][ T5501]  ksys_write+0x150/0x270
[  110.706349][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  110.706371][ T5501]  do_syscall_64+0xe2/0xf80
[  110.706383][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.706394][ T5501]  ? trace_irq_disable+0x37/0x100
[  110.706406][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  110.706421][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.706432][ T5501] RIP: 0033:0x7f302895b78e
[  110.706444][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  110.706454][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  110.706468][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  110.706476][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  110.706484][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  110.706491][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  110.706498][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  110.706517][ T5501]  </TASK>
[  110.706570][ T5501] Disabling lock debugging due to kernel taint
[  110.824258][ T5501] BUG: Bad page state in process syz.0.17  pfn:12e26
[  110.827266][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012e26c00 pfn:0x12e26
[  110.831625][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  110.834550][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  110.838264][ T5501] raw: ffff888012e26c00 0000000000000001 00000000ffffffff 0000000000000000
[  110.841719][ T5501] page dumped because: page_pool leak
[  110.843791][ T5501] page_owner tracks the page as allocated
[  110.846241][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603594148, free_ts 108533699132
[  110.853694][ T5501]  post_alloc_hook+0x228/0x280
[  110.855920][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  110.858356][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  110.860973][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  110.863438][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  110.866096][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  110.868242][ T5501]  do_xdp_generic+0x715/0x1280
[  110.870410][ T5501]  tun_get_user+0x247d/0x3dd0
[  110.872579][ T5501]  tun_chr_write_iter+0x113/0x200
[  110.874827][ T5501]  vfs_write+0x61d/0xb90
[  110.876720][ T5501]  ksys_write+0x150/0x270
[  110.878697][ T5501]  do_syscall_64+0xe2/0xf80
[  110.880848][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.883621][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  110.886459][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  110.888779][ T5501]  __put_partials+0x146/0x170
[  110.890913][ T5501]  __slab_free+0x294/0x320
[  110.892915][ T5501]  qlist_free_all+0x97/0x100
[  110.894891][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  110.897171][ T5501]  __kasan_slab_alloc+0x22/0x80
[  110.899225][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  110.902011][ T5501]  __alloc_skb+0x1d7/0x390
[  110.903918][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  110.906044][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  110.908048][ T5501]  tcp_sendmsg+0x2f/0x50
[  110.909925][ T5501]  sock_write_iter+0x421/0x550
[  110.912081][ T5501]  vfs_write+0x61d/0xb90
[  110.913934][ T5501]  ksys_write+0x150/0x270
[  110.915770][ T5501]  do_syscall_64+0xe2/0xf80
[  110.917882][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.920582][ T5501] Modules linked in:
[  110.922105][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  110.922117][ T5501] Tainted: [B]=BAD_PAGE
[  110.922120][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  110.922125][ T5501] Call Trace:
[  110.922130][ T5501]  <TASK>
[  110.922134][ T5501]  dump_stack_lvl+0xe8/0x150
[  110.922145][ T5501]  bad_page+0x17f/0x1c0
[  110.922156][ T5501]  __free_frozen_pages+0xd28/0xd70
[  110.922168][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  110.922181][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  110.922189][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  110.922197][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  110.922210][ T5501]  do_xdp_generic+0xa6f/0x1280
[  110.922219][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  110.922230][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  110.922242][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  110.922254][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  110.922264][ T5501]  tun_get_user+0x247d/0x3dd0
[  110.922281][ T5501]  ? aa_file_perm+0x12d/0x1630
[  110.922295][ T5501]  ? aa_file_perm+0x440/0x1630
[  110.922305][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  110.922317][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  110.922328][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  110.922336][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  110.922344][ T5501]  ? tun_get+0x1c/0x2f0
[  110.922353][ T5501]  ? tun_get+0x1c/0x2f0
[  110.922363][ T5501]  ? tun_get+0x1c/0x2f0
[  110.922371][ T5501]  ? tun_get+0x1c/0x2f0
[  110.922381][ T5501]  tun_chr_write_iter+0x113/0x200
[  110.922391][ T5501]  vfs_write+0x61d/0xb90
[  110.922401][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  110.922410][ T5501]  ? __pfx_do_futex+0x10/0x10
[  110.922422][ T5501]  ksys_write+0x150/0x270
[  110.922430][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  110.922440][ T5501]  do_syscall_64+0xe2/0xf80
[  110.922447][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.922453][ T5501]  ? trace_irq_disable+0x37/0x100
[  110.922461][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  110.922468][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.922475][ T5501] RIP: 0033:0x7f302895b78e
[  110.922483][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  110.922489][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  110.922498][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  110.922503][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  110.922508][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  110.922512][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  110.922516][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  110.922525][ T5501]  </TASK>
[  110.922533][ T5501] BUG: Bad page state in process syz.0.17  pfn:12e07
[  111.038818][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012e07e00 pfn:0x12e07
[  111.042830][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.045741][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  111.049145][ T5501] raw: ffff888012e07e00 0000000000000001 00000000ffffffff 0000000000000000
[  111.052787][ T5501] page dumped because: page_pool leak
[  111.055268][ T5501] page_owner tracks the page as allocated
[  111.057816][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603583001, free_ts 108533705043
[  111.064574][ T5501]  post_alloc_hook+0x228/0x280
[  111.066816][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  111.069131][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  111.071705][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  111.074142][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.076641][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  111.078572][ T5501]  do_xdp_generic+0x715/0x1280
[  111.080546][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.082481][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.084439][ T5501]  vfs_write+0x61d/0xb90
[  111.086209][ T5501]  ksys_write+0x150/0x270
[  111.088001][ T5501]  do_syscall_64+0xe2/0xf80
[  111.089885][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.092641][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  111.095553][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  111.097745][ T5501]  __put_partials+0x146/0x170
[  111.099864][ T5501]  __slab_free+0x294/0x320
[  111.101888][ T5501]  qlist_free_all+0x97/0x100
[  111.103694][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  111.106056][ T5501]  __kasan_slab_alloc+0x22/0x80
[  111.108231][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  111.110703][ T5501]  __alloc_skb+0x1d7/0x390
[  111.112670][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  111.114928][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  111.117048][ T5501]  tcp_sendmsg+0x2f/0x50
[  111.118856][ T5501]  sock_write_iter+0x421/0x550
[  111.121063][ T5501]  vfs_write+0x61d/0xb90
[  111.122918][ T5501]  ksys_write+0x150/0x270
[  111.124769][ T5501]  do_syscall_64+0xe2/0xf80
[  111.126654][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.129199][ T5501] Modules linked in:
[  111.130948][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  111.130961][ T5501] Tainted: [B]=BAD_PAGE
[  111.130963][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  111.130968][ T5501] Call Trace:
[  111.130974][ T5501]  <TASK>
[  111.130978][ T5501]  dump_stack_lvl+0xe8/0x150
[  111.130989][ T5501]  bad_page+0x17f/0x1c0
[  111.130999][ T5501]  __free_frozen_pages+0xd28/0xd70
[  111.131010][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  111.131023][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  111.131032][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  111.131039][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  111.131053][ T5501]  do_xdp_generic+0xa6f/0x1280
[  111.131062][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.131078][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  111.131094][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.131113][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.131127][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.131144][ T5501]  ? aa_file_perm+0x12d/0x1630
[  111.131157][ T5501]  ? aa_file_perm+0x440/0x1630
[  111.131167][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  111.131187][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.131204][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  111.131216][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  111.131228][ T5501]  ? tun_get+0x1c/0x2f0
[  111.131241][ T5501]  ? tun_get+0x1c/0x2f0
[  111.131259][ T5501]  ? tun_get+0x1c/0x2f0
[  111.131268][ T5501]  ? tun_get+0x1c/0x2f0
[  111.131278][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.131290][ T5501]  vfs_write+0x61d/0xb90
[  111.131304][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  111.131317][ T5501]  ? __pfx_do_futex+0x10/0x10
[  111.131335][ T5501]  ksys_write+0x150/0x270
[  111.131348][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  111.131364][ T5501]  do_syscall_64+0xe2/0xf80
[  111.131376][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.131407][ T5501]  ? trace_irq_disable+0x37/0x100
[  111.131419][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  111.131431][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.131442][ T5501] RIP: 0033:0x7f302895b78e
[  111.131452][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  111.131459][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.131468][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  111.131473][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  111.131478][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  111.131483][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.131487][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  111.131494][ T5501]  </TASK>
[  111.250121][ T5501] BUG: Bad page state in process syz.0.17  pfn:1efee
[  111.253379][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801efeee00 pfn:0x1efee
[  111.258172][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.262160][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  111.266185][ T5501] raw: ffff88801efeee00 0000000000000001 00000000ffffffff 0000000000000000
[  111.270008][ T5501] page dumped because: page_pool leak
[  111.272247][ T5501] page_owner tracks the page as allocated
[  111.274476][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603572096, free_ts 108533710692
[  111.281375][ T5501]  post_alloc_hook+0x228/0x280
[  111.283508][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  111.285968][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  111.288225][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  111.290651][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.293390][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  111.295454][ T5501]  do_xdp_generic+0x715/0x1280
[  111.297517][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.299600][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.302719][ T5501]  vfs_write+0x61d/0xb90
[  111.304710][ T5501]  ksys_write+0x150/0x270
[  111.306569][ T5501]  do_syscall_64+0xe2/0xf80
[  111.308435][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.310759][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  111.313315][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  111.315332][ T5501]  __put_partials+0x146/0x170
[  111.317291][ T5501]  __slab_free+0x294/0x320
[  111.319347][ T5501]  qlist_free_all+0x97/0x100
[  111.321585][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  111.324093][ T5501]  __kasan_slab_alloc+0x22/0x80
[  111.326244][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  111.329413][ T5501]  __alloc_skb+0x1d7/0x390
[  111.331572][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  111.333962][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  111.336099][ T5501]  tcp_sendmsg+0x2f/0x50
[  111.337868][ T5501]  sock_write_iter+0x421/0x550
[  111.339911][ T5501]  vfs_write+0x61d/0xb90
[  111.341625][ T5501]  ksys_write+0x150/0x270
[  111.343416][ T5501]  do_syscall_64+0xe2/0xf80
[  111.345677][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.348505][ T5501] Modules linked in:
[  111.350263][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  111.350281][ T5501] Tainted: [B]=BAD_PAGE
[  111.350285][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  111.350292][ T5501] Call Trace:
[  111.350299][ T5501]  <TASK>
[  111.350306][ T5501]  dump_stack_lvl+0xe8/0x150
[  111.350321][ T5501]  bad_page+0x17f/0x1c0
[  111.350335][ T5501]  __free_frozen_pages+0xd28/0xd70
[  111.350351][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  111.350371][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  111.350384][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  111.350395][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  111.350414][ T5501]  do_xdp_generic+0xa6f/0x1280
[  111.350429][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.350445][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  111.350461][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.350480][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.350494][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.350511][ T5501]  ? aa_file_perm+0x12d/0x1630
[  111.350525][ T5501]  ? aa_file_perm+0x440/0x1630
[  111.350536][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  111.350551][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.350567][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  111.350581][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  111.350592][ T5501]  ? tun_get+0x1c/0x2f0
[  111.350606][ T5501]  ? tun_get+0x1c/0x2f0
[  111.350620][ T5501]  ? tun_get+0x1c/0x2f0
[  111.350634][ T5501]  ? tun_get+0x1c/0x2f0
[  111.350648][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.350663][ T5501]  vfs_write+0x61d/0xb90
[  111.350678][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  111.350691][ T5501]  ? __pfx_do_futex+0x10/0x10
[  111.350709][ T5501]  ksys_write+0x150/0x270
[  111.350722][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  111.350737][ T5501]  do_syscall_64+0xe2/0xf80
[  111.350747][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.350758][ T5501]  ? trace_irq_disable+0x37/0x100
[  111.350768][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  111.350779][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.350790][ T5501] RIP: 0033:0x7f302895b78e
[  111.350800][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  111.350809][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.350821][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  111.350829][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  111.350835][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  111.350842][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.350848][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  111.350859][ T5501]  </TASK>
[  111.350874][ T5501] BUG: Bad page state in process syz.0.17  pfn:120b9
[  111.473099][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880120b9800 pfn:0x120b9
[  111.477495][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.480536][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  111.484343][ T5501] raw: ffff8880120b9800 0000000000000001 00000000ffffffff 0000000000000000
[  111.487903][ T5501] page dumped because: page_pool leak
[  111.490263][ T5501] page_owner tracks the page as allocated
[  111.492908][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603561336, free_ts 108533716692
[  111.500182][ T5501]  post_alloc_hook+0x228/0x280
[  111.502426][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  111.504767][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  111.507325][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  111.509856][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.512649][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  111.515088][ T5501]  do_xdp_generic+0x715/0x1280
[  111.517384][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.519536][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.521967][ T5501]  vfs_write+0x61d/0xb90
[  111.523801][ T5501]  ksys_write+0x150/0x270
[  111.525724][ T5501]  do_syscall_64+0xe2/0xf80
[  111.527736][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.530302][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  111.533091][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  111.535329][ T5501]  __put_partials+0x146/0x170
[  111.537479][ T5501]  __slab_free+0x294/0x320
[  111.539244][ T5501]  qlist_free_all+0x97/0x100
[  111.541492][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  111.543923][ T5501]  __kasan_slab_alloc+0x22/0x80
[  111.546281][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  111.549024][ T5501]  __alloc_skb+0x1d7/0x390
[  111.551015][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  111.553497][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  111.555712][ T5501]  tcp_sendmsg+0x2f/0x50
[  111.557692][ T5501]  sock_write_iter+0x421/0x550
[  111.559984][ T5501]  vfs_write+0x61d/0xb90
[  111.561946][ T5501]  ksys_write+0x150/0x270
[  111.563708][ T5501]  do_syscall_64+0xe2/0xf80
[  111.565712][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.568228][ T5501] Modules linked in:
[  111.570040][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  111.570058][ T5501] Tainted: [B]=BAD_PAGE
[  111.570062][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  111.570068][ T5501] Call Trace:
[  111.570075][ T5501]  <TASK>
[  111.570082][ T5501]  dump_stack_lvl+0xe8/0x150
[  111.570097][ T5501]  bad_page+0x17f/0x1c0
[  111.570110][ T5501]  __free_frozen_pages+0xd28/0xd70
[  111.570127][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  111.570149][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  111.570161][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  111.570172][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  111.570193][ T5501]  do_xdp_generic+0xa6f/0x1280
[  111.570206][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.570223][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  111.570239][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.570258][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.570272][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.570295][ T5501]  ? aa_file_perm+0x12d/0x1630
[  111.570309][ T5501]  ? aa_file_perm+0x440/0x1630
[  111.570320][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  111.570335][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.570352][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  111.570364][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  111.570376][ T5501]  ? tun_get+0x1c/0x2f0
[  111.570390][ T5501]  ? tun_get+0x1c/0x2f0
[  111.570404][ T5501]  ? tun_get+0x1c/0x2f0
[  111.570418][ T5501]  ? tun_get+0x1c/0x2f0
[  111.570433][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.570448][ T5501]  vfs_write+0x61d/0xb90
[  111.570464][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  111.570477][ T5501]  ? __pfx_do_futex+0x10/0x10
[  111.570495][ T5501]  ksys_write+0x150/0x270
[  111.570508][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  111.570523][ T5501]  do_syscall_64+0xe2/0xf80
[  111.570534][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.570544][ T5501]  ? trace_irq_disable+0x37/0x100
[  111.570555][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  111.570566][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.570577][ T5501] RIP: 0033:0x7f302895b78e
[  111.570587][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  111.570596][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.570609][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  111.570617][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  111.570624][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  111.570630][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.570637][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  111.570648][ T5501]  </TASK>
[  111.570657][ T5501] BUG: Bad page state in process syz.0.17  pfn:1225d
[  111.696275][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801225de00 pfn:0x1225d
[  111.700840][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.704049][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  111.707891][ T5501] raw: ffff88801225de00 0000000000000001 00000000ffffffff 0000000000000000
[  111.711651][ T5501] page dumped because: page_pool leak
[  111.714002][ T5501] page_owner tracks the page as allocated
[  111.716617][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603550302, free_ts 108533722195
[  111.724033][ T5501]  post_alloc_hook+0x228/0x280
[  111.726198][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  111.728673][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  111.731213][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  111.733638][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.736225][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  111.738235][ T5501]  do_xdp_generic+0x715/0x1280
[  111.740317][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.742429][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.744619][ T5501]  vfs_write+0x61d/0xb90
[  111.746549][ T5501]  ksys_write+0x150/0x270
[  111.748382][ T5501]  do_syscall_64+0xe2/0xf80
[  111.750286][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.752970][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  111.755849][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  111.758108][ T5501]  __put_partials+0x146/0x170
[  111.760226][ T5501]  __slab_free+0x294/0x320
[  111.762355][ T5501]  qlist_free_all+0x97/0x100
[  111.764478][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  111.766937][ T5501]  __kasan_slab_alloc+0x22/0x80
[  111.769110][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  111.771784][ T5501]  __alloc_skb+0x1d7/0x390
[  111.773881][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  111.776213][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  111.778524][ T5501]  tcp_sendmsg+0x2f/0x50
[  111.780420][ T5501]  sock_write_iter+0x421/0x550
[  111.782652][ T5501]  vfs_write+0x61d/0xb90
[  111.784561][ T5501]  ksys_write+0x150/0x270
[  111.786601][ T5501]  do_syscall_64+0xe2/0xf80
[  111.788619][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.791175][ T5501] Modules linked in:
[  111.792943][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  111.792962][ T5501] Tainted: [B]=BAD_PAGE
[  111.792966][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  111.792973][ T5501] Call Trace:
[  111.792981][ T5501]  <TASK>
[  111.792988][ T5501]  dump_stack_lvl+0xe8/0x150
[  111.793004][ T5501]  bad_page+0x17f/0x1c0
[  111.793019][ T5501]  __free_frozen_pages+0xd28/0xd70
[  111.793037][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  111.793058][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  111.793072][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  111.793083][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  111.793105][ T5501]  do_xdp_generic+0xa6f/0x1280
[  111.793120][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.793138][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  111.793155][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.793176][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  111.793191][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.793210][ T5501]  ? aa_file_perm+0x12d/0x1630
[  111.793224][ T5501]  ? aa_file_perm+0x440/0x1630
[  111.793236][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  111.793252][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  111.793270][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  111.793290][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  111.793303][ T5501]  ? tun_get+0x1c/0x2f0
[  111.793318][ T5501]  ? tun_get+0x1c/0x2f0
[  111.793334][ T5501]  ? tun_get+0x1c/0x2f0
[  111.793350][ T5501]  ? tun_get+0x1c/0x2f0
[  111.793366][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.793383][ T5501]  vfs_write+0x61d/0xb90
[  111.793400][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  111.793414][ T5501]  ? __pfx_do_futex+0x10/0x10
[  111.793433][ T5501]  ksys_write+0x150/0x270
[  111.793448][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  111.793464][ T5501]  do_syscall_64+0xe2/0xf80
[  111.793477][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.793490][ T5501]  ? trace_irq_disable+0x37/0x100
[  111.793499][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  111.793510][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.793519][ T5501] RIP: 0033:0x7f302895b78e
[  111.793530][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  111.793539][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.793551][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  111.793559][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  111.793566][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  111.793573][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.793579][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  111.793590][ T5501]  </TASK>
[  111.793598][ T5501] BUG: Bad page state in process syz.0.17  pfn:12e24
[  111.914773][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012e24e00 pfn:0x12e24
[  111.919187][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  111.922437][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  111.926219][ T5501] raw: ffff888012e24e00 0000000000000001 00000000ffffffff 0000000000000000
[  111.929979][ T5501] page dumped because: page_pool leak
[  111.932479][ T5501] page_owner tracks the page as allocated
[  111.935090][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603539651, free_ts 108533727879
[  111.942228][ T5501]  post_alloc_hook+0x228/0x280
[  111.944268][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  111.946742][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  111.949133][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  111.951566][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  111.954195][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  111.956238][ T5501]  do_xdp_generic+0x715/0x1280
[  111.958203][ T5501]  tun_get_user+0x247d/0x3dd0
[  111.960126][ T5501]  tun_chr_write_iter+0x113/0x200
[  111.962269][ T5501]  vfs_write+0x61d/0xb90
[  111.964049][ T5501]  ksys_write+0x150/0x270
[  111.965780][ T5501]  do_syscall_64+0xe2/0xf80
[  111.967604][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.969755][ T5501] page last free pid 5305 tgid 5305 stack trace:
[  111.972418][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  111.974665][ T5501]  __put_partials+0x146/0x170
[  111.976874][ T5501]  __slab_free+0x294/0x320
[  111.978776][ T5501]  qlist_free_all+0x97/0x100
[  111.980662][ T5501]  kasan_quarantine_reduce+0x148/0x160
[  111.982824][ T5501]  __kasan_slab_alloc+0x22/0x80
[  111.984690][ T5501]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  111.987027][ T5501]  __alloc_skb+0x1d7/0x390
[  111.988907][ T5501]  tcp_stream_alloc_skb+0x3d/0x350
[  111.990960][ T5501]  tcp_sendmsg_locked+0xefc/0x5710
[  111.993220][ T5501]  tcp_sendmsg+0x2f/0x50
[  111.994864][ T5501]  sock_write_iter+0x421/0x550
[  111.996928][ T5501]  vfs_write+0x61d/0xb90
[  111.998816][ T5501]  ksys_write+0x150/0x270
[  112.000703][ T5501]  do_syscall_64+0xe2/0xf80
[  112.002683][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.005319][ T5501] Modules linked in:
[  112.007075][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.007092][ T5501] Tainted: [B]=BAD_PAGE
[  112.007096][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  112.007104][ T5501] Call Trace:
[  112.007112][ T5501]  <TASK>
[  112.007123][ T5501]  dump_stack_lvl+0xe8/0x150
[  112.007138][ T5501]  bad_page+0x17f/0x1c0
[  112.007150][ T5501]  __free_frozen_pages+0xd28/0xd70
[  112.007173][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.007191][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.007203][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.007212][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  112.007233][ T5501]  do_xdp_generic+0xa6f/0x1280
[  112.007246][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.007263][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.007278][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.007298][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.007312][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.007329][ T5501]  ? aa_file_perm+0x12d/0x1630
[  112.007351][ T5501]  ? aa_file_perm+0x440/0x1630
[  112.007362][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  112.007376][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.007393][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  112.007405][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.007416][ T5501]  ? tun_get+0x1c/0x2f0
[  112.007430][ T5501]  ? tun_get+0x1c/0x2f0
[  112.007444][ T5501]  ? tun_get+0x1c/0x2f0
[  112.007458][ T5501]  ? tun_get+0x1c/0x2f0
[  112.007472][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.007487][ T5501]  vfs_write+0x61d/0xb90
[  112.007501][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  112.007514][ T5501]  ? __pfx_do_futex+0x10/0x10
[  112.007533][ T5501]  ksys_write+0x150/0x270
[  112.007546][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  112.007560][ T5501]  do_syscall_64+0xe2/0xf80
[  112.007571][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.007582][ T5501]  ? trace_irq_disable+0x37/0x100
[  112.007592][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  112.007604][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.007615][ T5501] RIP: 0033:0x7f302895b78e
[  112.007625][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  112.007634][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.007646][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  112.007654][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.007661][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  112.007667][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.007673][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  112.007684][ T5501]  </TASK>
[  112.007693][ T5501] BUG: Bad page state in process syz.0.17  pfn:1c919
[  112.125968][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801a86ee40 pfn:0x1c919
[  112.130098][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.132960][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  112.136226][ T5501] raw: ffff88801a86ee40 0000000000000001 00000000ffffffff 0000000000000000
[  112.139983][ T5501] page dumped because: page_pool leak
[  112.142304][ T5501] page_owner tracks the page as allocated
[  112.144761][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603529920, free_ts 108537611538
[  112.151742][ T5501]  post_alloc_hook+0x228/0x280
[  112.153856][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  112.156316][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  112.158725][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  112.161113][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.163584][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  112.165490][ T5501]  do_xdp_generic+0x715/0x1280
[  112.167435][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.169338][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.171489][ T5501]  vfs_write+0x61d/0xb90
[  112.173360][ T5501]  ksys_write+0x150/0x270
[  112.175055][ T5501]  do_syscall_64+0xe2/0xf80
[  112.176955][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.179420][ T5501] page last free pid 5444 tgid 5444 stack trace:
[  112.182173][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  112.184411][ T5501]  __mmdrop+0xb5/0x750
[  112.186089][ T5501]  finish_task_switch+0x445/0x920
[  112.188290][ T5501]  __schedule+0x14f2/0x5050
[  112.190352][ T5501]  schedule+0x164/0x360
[  112.192361][ T5501]  anon_pipe_read+0xc37/0x10a0
[  112.194529][ T5501]  vfs_read+0x582/0xa70
[  112.196455][ T5501]  ksys_read+0x150/0x270
[  112.198611][ T5501]  do_syscall_64+0xe2/0xf80
[  112.201134][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.203677][ T5501] Modules linked in:
[  112.205517][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.205535][ T5501] Tainted: [B]=BAD_PAGE
[  112.205538][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  112.205545][ T5501] Call Trace:
[  112.205552][ T5501]  <TASK>
[  112.205557][ T5501]  dump_stack_lvl+0xe8/0x150
[  112.205572][ T5501]  bad_page+0x17f/0x1c0
[  112.205585][ T5501]  __free_frozen_pages+0xd28/0xd70
[  112.205602][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.205621][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.205634][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.205644][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  112.205665][ T5501]  do_xdp_generic+0xa6f/0x1280
[  112.205679][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.205696][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.205711][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.205730][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.205744][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.205761][ T5501]  ? aa_file_perm+0x12d/0x1630
[  112.205774][ T5501]  ? aa_file_perm+0x440/0x1630
[  112.205785][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  112.205799][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.205816][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  112.205825][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.205833][ T5501]  ? tun_get+0x1c/0x2f0
[  112.205842][ T5501]  ? tun_get+0x1c/0x2f0
[  112.205852][ T5501]  ? tun_get+0x1c/0x2f0
[  112.205860][ T5501]  ? tun_get+0x1c/0x2f0
[  112.205870][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.205881][ T5501]  vfs_write+0x61d/0xb90
[  112.205896][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  112.205909][ T5501]  ? __pfx_do_futex+0x10/0x10
[  112.205927][ T5501]  ksys_write+0x150/0x270
[  112.205939][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  112.205954][ T5501]  do_syscall_64+0xe2/0xf80
[  112.205965][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.205975][ T5501]  ? trace_irq_disable+0x37/0x100
[  112.205986][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  112.205997][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.206006][ T5501] RIP: 0033:0x7f302895b78e
[  112.206015][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  112.206024][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.206036][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  112.206044][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.206050][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  112.206057][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.206063][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  112.206074][ T5501]  </TASK>
[  112.206083][ T5501] BUG: Bad page state in process syz.0.17  pfn:12522
[  112.329213][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012522280 pfn:0x12522
[  112.333215][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.335985][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  112.339261][ T5501] raw: ffff888012522280 0000000000000001 00000000ffffffff 0000000000000000
[  112.342811][ T5501] page dumped because: page_pool leak
[  112.345071][ T5501] page_owner tracks the page as allocated
[  112.347385][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603520424, free_ts 110593114634
[  112.353841][ T5501]  post_alloc_hook+0x228/0x280
[  112.356016][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  112.358386][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  112.360905][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  112.363240][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.365909][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  112.367733][ T5501]  do_xdp_generic+0x715/0x1280
[  112.369736][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.371781][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.373964][ T5501]  vfs_write+0x61d/0xb90
[  112.375830][ T5501]  ksys_write+0x150/0x270
[  112.377993][ T5501]  do_syscall_64+0xe2/0xf80
[  112.380357][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.383041][ T5501] page last free pid 15 tgid 15 stack trace:
[  112.385947][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  112.388533][ T5501]  tlb_remove_table_rcu+0x85/0x100
[  112.391065][ T5501]  rcu_core+0xc9e/0x1750
[  112.393070][ T5501]  handle_softirqs+0x22a/0x7c0
[  112.395057][ T5501]  run_ksoftirqd+0x36/0x60
[  112.397113][ T5501]  smpboot_thread_fn+0x541/0xa50
[  112.399346][ T5501]  kthread+0x726/0x8b0
[  112.401287][ T5501]  ret_from_fork+0x51b/0xa40
[  112.403353][ T5501]  ret_from_fork_asm+0x1a/0x30
[  112.405475][ T5501] Modules linked in:
[  112.407125][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.407143][ T5501] Tainted: [B]=BAD_PAGE
[  112.407146][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  112.407153][ T5501] Call Trace:
[  112.407162][ T5501]  <TASK>
[  112.407167][ T5501]  dump_stack_lvl+0xe8/0x150
[  112.407182][ T5501]  bad_page+0x17f/0x1c0
[  112.407196][ T5501]  __free_frozen_pages+0xd28/0xd70
[  112.407213][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.407233][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.407245][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.407260][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  112.407281][ T5501]  do_xdp_generic+0xa6f/0x1280
[  112.407295][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.407311][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.407325][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.407345][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.407358][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.407376][ T5501]  ? aa_file_perm+0x12d/0x1630
[  112.407389][ T5501]  ? aa_file_perm+0x440/0x1630
[  112.407399][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  112.407414][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.407431][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  112.407443][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.407454][ T5501]  ? tun_get+0x1c/0x2f0
[  112.407467][ T5501]  ? tun_get+0x1c/0x2f0
[  112.407482][ T5501]  ? tun_get+0x1c/0x2f0
[  112.407495][ T5501]  ? tun_get+0x1c/0x2f0
[  112.407510][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.407525][ T5501]  vfs_write+0x61d/0xb90
[  112.407536][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  112.407545][ T5501]  ? __pfx_do_futex+0x10/0x10
[  112.407557][ T5501]  ksys_write+0x150/0x270
[  112.407566][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  112.407575][ T5501]  do_syscall_64+0xe2/0xf80
[  112.407582][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.407592][ T5501]  ? trace_irq_disable+0x37/0x100
[  112.407602][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  112.407613][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.407624][ T5501] RIP: 0033:0x7f302895b78e
[  112.407635][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  112.407644][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.407657][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  112.407664][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.407671][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  112.407677][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.407683][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  112.407695][ T5501]  </TASK>
[  112.407703][ T5501] BUG: Bad page state in process syz.0.17  pfn:1ef74
[  112.526204][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801ef74000 pfn:0x1ef74
[  112.530537][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.533828][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  112.537583][ T5501] raw: ffff88801ef74000 0000000000000001 00000000ffffffff 0000000000000000
[  112.541576][ T5501] page dumped because: page_pool leak
[  112.543975][ T5501] page_owner tracks the page as allocated
[  112.546505][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603511117, free_ts 110593129924
[  112.553694][ T5501]  post_alloc_hook+0x228/0x280
[  112.555751][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  112.557895][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  112.560061][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  112.562116][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.564349][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  112.566326][ T5501]  do_xdp_generic+0x715/0x1280
[  112.568306][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.570013][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.571925][ T5501]  vfs_write+0x61d/0xb90
[  112.573734][ T5501]  ksys_write+0x150/0x270
[  112.575477][ T5501]  do_syscall_64+0xe2/0xf80
[  112.577109][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.579245][ T5501] page last free pid 15 tgid 15 stack trace:
[  112.581552][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  112.583480][ T5501]  tlb_remove_table_rcu+0x85/0x100
[  112.585664][ T5501]  rcu_core+0xc9e/0x1750
[  112.587419][ T5501]  handle_softirqs+0x22a/0x7c0
[  112.589319][ T5501]  run_ksoftirqd+0x36/0x60
[  112.591086][ T5501]  smpboot_thread_fn+0x541/0xa50
[  112.592983][ T5501]  kthread+0x726/0x8b0
[  112.594686][ T5501]  ret_from_fork+0x51b/0xa40
[  112.597004][ T5501]  ret_from_fork_asm+0x1a/0x30
[  112.599097][ T5501] Modules linked in:
[  112.601007][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.601024][ T5501] Tainted: [B]=BAD_PAGE
[  112.601028][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  112.601034][ T5501] Call Trace:
[  112.601042][ T5501]  <TASK>
[  112.601048][ T5501]  dump_stack_lvl+0xe8/0x150
[  112.601065][ T5501]  bad_page+0x17f/0x1c0
[  112.601080][ T5501]  __free_frozen_pages+0xd28/0xd70
[  112.601098][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.601119][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.601132][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.601143][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  112.601164][ T5501]  do_xdp_generic+0xa6f/0x1280
[  112.601179][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.601196][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.601212][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.601232][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.601246][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.601264][ T5501]  ? aa_file_perm+0x12d/0x1630
[  112.601278][ T5501]  ? aa_file_perm+0x440/0x1630
[  112.601290][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  112.601303][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.601328][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  112.601339][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.601351][ T5501]  ? tun_get+0x1c/0x2f0
[  112.601364][ T5501]  ? tun_get+0x1c/0x2f0
[  112.601379][ T5501]  ? tun_get+0x1c/0x2f0
[  112.601423][ T5501]  ? tun_get+0x1c/0x2f0
[  112.601438][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.601458][ T5501]  vfs_write+0x61d/0xb90
[  112.601474][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  112.601487][ T5501]  ? __pfx_do_futex+0x10/0x10
[  112.601505][ T5501]  ksys_write+0x150/0x270
[  112.601519][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  112.601533][ T5501]  do_syscall_64+0xe2/0xf80
[  112.601545][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.601555][ T5501]  ? trace_irq_disable+0x37/0x100
[  112.601566][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  112.601579][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.601591][ T5501] RIP: 0033:0x7f302895b78e
[  112.601603][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  112.601611][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.601624][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  112.601632][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.601639][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  112.601645][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.601651][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  112.601663][ T5501]  </TASK>
[  112.716940][ T5501] BUG: Bad page state in process syz.0.17  pfn:1205f
[  112.719743][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x1205f
[  112.724094][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.727243][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  112.731156][ T5501] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[  112.736017][ T5501] page dumped because: page_pool leak
[  112.738432][ T5501] page_owner tracks the page as allocated
[  112.741135][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603500919, free_ts 110593143199
[  112.748130][ T5501]  post_alloc_hook+0x228/0x280
[  112.750138][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  112.752542][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  112.754754][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  112.756963][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.759645][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  112.761792][ T5501]  do_xdp_generic+0x715/0x1280
[  112.763745][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.765734][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.767778][ T5501]  vfs_write+0x61d/0xb90
[  112.769563][ T5501]  ksys_write+0x150/0x270
[  112.771256][ T5501]  do_syscall_64+0xe2/0xf80
[  112.773162][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.775610][ T5501] page last free pid 15 tgid 15 stack trace:
[  112.778140][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  112.780245][ T5501]  tlb_remove_table_rcu+0x85/0x100
[  112.782471][ T5501]  rcu_core+0xc9e/0x1750
[  112.784154][ T5501]  handle_softirqs+0x22a/0x7c0
[  112.786138][ T5501]  run_ksoftirqd+0x36/0x60
[  112.788055][ T5501]  smpboot_thread_fn+0x541/0xa50
[  112.790095][ T5501]  kthread+0x726/0x8b0
[  112.791689][ T5501]  ret_from_fork+0x51b/0xa40
[  112.793575][ T5501]  ret_from_fork_asm+0x1a/0x30
[  112.795620][ T5501] Modules linked in:
[  112.797329][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.797343][ T5501] Tainted: [B]=BAD_PAGE
[  112.797347][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  112.797354][ T5501] Call Trace:
[  112.797361][ T5501]  <TASK>
[  112.797367][ T5501]  dump_stack_lvl+0xe8/0x150
[  112.797383][ T5501]  bad_page+0x17f/0x1c0
[  112.797396][ T5501]  __free_frozen_pages+0xd28/0xd70
[  112.797412][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.797431][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.797443][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.797454][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  112.797475][ T5501]  do_xdp_generic+0xa6f/0x1280
[  112.797488][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.797507][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.797522][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.797542][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.797556][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.797573][ T5501]  ? aa_file_perm+0x12d/0x1630
[  112.797586][ T5501]  ? aa_file_perm+0x440/0x1630
[  112.797597][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  112.797614][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.797630][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  112.797644][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.797655][ T5501]  ? tun_get+0x1c/0x2f0
[  112.797668][ T5501]  ? tun_get+0x1c/0x2f0
[  112.797683][ T5501]  ? tun_get+0x1c/0x2f0
[  112.797696][ T5501]  ? tun_get+0x1c/0x2f0
[  112.797711][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.797726][ T5501]  vfs_write+0x61d/0xb90
[  112.797739][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  112.797753][ T5501]  ? __pfx_do_futex+0x10/0x10
[  112.797769][ T5501]  ksys_write+0x150/0x270
[  112.797780][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  112.797794][ T5501]  do_syscall_64+0xe2/0xf80
[  112.797805][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.797815][ T5501]  ? trace_irq_disable+0x37/0x100
[  112.797826][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  112.797837][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.797847][ T5501] RIP: 0033:0x7f302895b78e
[  112.797858][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  112.797866][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.797879][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  112.797887][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.797894][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  112.797901][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.797907][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  112.797918][ T5501]  </TASK>
[  112.797926][ T5501] BUG: Bad page state in process syz.0.17  pfn:12523
[  112.914471][ T5501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012523140 pfn:0x12523
[  112.918659][ T5501] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.921841][ T5501] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  112.925652][ T5501] raw: ffff888012523140 0000000000000001 00000000ffffffff 0000000000000000
[  112.929067][ T5501] page dumped because: page_pool leak
[  112.931177][ T5501] page_owner tracks the page as allocated
[  112.933540][ T5501] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603490546, free_ts 110593149820
[  112.939793][ T5501]  post_alloc_hook+0x228/0x280
[  112.941785][ T5501]  get_page_from_freelist+0x24dc/0x2580
[  112.943789][ T5501]  __alloc_frozen_pages_noprof+0x18d/0x380
[  112.945868][ T5501]  alloc_pages_bulk_noprof+0x558/0x700
[  112.948064][ T5501]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  112.950552][ T5501]  skb_pp_cow_data+0xc21/0x1680
[  112.952765][ T5501]  do_xdp_generic+0x715/0x1280
[  112.954845][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.956839][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.958805][ T5501]  vfs_write+0x61d/0xb90
[  112.960552][ T5501]  ksys_write+0x150/0x270
[  112.962148][ T5501]  do_syscall_64+0xe2/0xf80
[  112.963735][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.965996][ T5501] page last free pid 15 tgid 15 stack trace:
[  112.968369][ T5501]  __free_frozen_pages+0xbf8/0xd70
[  112.970500][ T5501]  tlb_remove_table_rcu+0x85/0x100
[  112.972810][ T5501]  rcu_core+0xc9e/0x1750
[  112.974726][ T5501]  handle_softirqs+0x22a/0x7c0
[  112.976674][ T5501]  run_ksoftirqd+0x36/0x60
[  112.978542][ T5501]  smpboot_thread_fn+0x541/0xa50
[  112.980695][ T5501]  kthread+0x726/0x8b0
[  112.982590][ T5501]  ret_from_fork+0x51b/0xa40
[  112.984605][ T5501]  ret_from_fork_asm+0x1a/0x30
[  112.986710][ T5501] Modules linked in:
[  112.988515][ T5501] CPU: 0 UID: 0 PID: 5501 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  112.988532][ T5501] Tainted: [B]=BAD_PAGE
[  112.988537][ T5501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  112.988544][ T5501] Call Trace:
[  112.988551][ T5501]  <TASK>
[  112.988556][ T5501]  dump_stack_lvl+0xe8/0x150
[  112.988571][ T5501]  bad_page+0x17f/0x1c0
[  112.988586][ T5501]  __free_frozen_pages+0xd28/0xd70
[  112.988602][ T5501]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  112.988621][ T5501]  bpf_xdp_adjust_tail+0x1d6/0x220
[  112.988634][ T5501]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  112.988645][ T5501]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  112.988665][ T5501]  do_xdp_generic+0xa6f/0x1280
[  112.988678][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.988696][ T5501]  ? __pfx_do_xdp_generic+0x10/0x10
[  112.988711][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.988731][ T5501]  ? tun_get_user+0x2354/0x3dd0
[  112.988746][ T5501]  tun_get_user+0x247d/0x3dd0
[  112.988764][ T5501]  ? aa_file_perm+0x12d/0x1630
[  112.988777][ T5501]  ? aa_file_perm+0x440/0x1630
[  112.988788][ T5501]  ? __pfx_tun_get_user+0x10/0x10
[  112.988803][ T5501]  ? __lock_acquire+0x6b5/0x2cf0
[  112.988819][ T5501]  ? ref_tracker_alloc+0x363/0x4d0
[  112.988832][ T5501]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.988843][ T5501]  ? tun_get+0x1c/0x2f0
[  112.988857][ T5501]  ? tun_get+0x1c/0x2f0
[  112.988872][ T5501]  ? tun_get+0x1c/0x2f0
[  112.988885][ T5501]  ? tun_get+0x1c/0x2f0
[  112.988899][ T5501]  tun_chr_write_iter+0x113/0x200
[  112.988915][ T5501]  vfs_write+0x61d/0xb90
[  112.988930][ T5501]  ? __pfx_vfs_write+0x10/0x10
[  112.988942][ T5501]  ? __pfx_do_futex+0x10/0x10
[  112.988962][ T5501]  ksys_write+0x150/0x270
[  112.988975][ T5501]  ? __pfx_ksys_write+0x10/0x10
[  112.988990][ T5501]  do_syscall_64+0xe2/0xf80
[  112.989001][ T5501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.989011][ T5501]  ? trace_irq_disable+0x37/0x100
[  112.989021][ T5501]  ? clear_bhb_loop+0x60/0xb0
[  112.989039][ T5501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.989050][ T5501] RIP: 0033:0x7f302895b78e
[  112.989061][ T5501] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  112.989070][ T5501] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.989082][ T5501] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  112.989090][ T5501] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  112.989097][ T5501] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  112.989103][ T5501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.989110][ T5501] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  112.989121][ T5501]  </TASK>
[  113.141683][ T5401] Bluetooth: hci0: command tx timeout
[  113.452716][ T5512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012a60000 pfn:0x12a60
[  113.457104][ T5512] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  113.460046][ T5512] raw: 00fff00000000000 dead000000000040 ffff88801f509000 0000000000000000
[  113.463701][ T5512] raw: ffff888012a60000 3fffffffffffffff 00000000ffffffff 0000000000000000
[  113.467533][ T5512] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[  113.470492][ T5512] page_owner tracks the page as allocated
[  113.472848][ T5512] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5501, tgid 5501 (syz.0.17), ts 110603604520, free_ts 108533483792
[  113.480037][ T5512]  post_alloc_hook+0x228/0x280
[  113.482409][ T5512]  get_page_from_freelist+0x24dc/0x2580
[  113.484877][ T5512]  __alloc_frozen_pages_noprof+0x18d/0x380
[  113.487444][ T5512]  alloc_pages_bulk_noprof+0x558/0x700
[  113.489863][ T5512]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  113.492573][ T5512]  page_pool_alloc_frag_netmem+0x421/0x9b0
[  113.495079][ T5512]  skb_pp_cow_data+0xc43/0x1680
[  113.497282][ T5512]  do_xdp_generic+0x715/0x1280
[  113.499179][ T5512]  tun_get_user+0x247d/0x3dd0
[  113.501155][ T5512]  tun_chr_write_iter+0x113/0x200
[  113.503324][ T5512]  vfs_write+0x61d/0xb90
[  113.505182][ T5512]  ksys_write+0x150/0x270
[  113.507067][ T5512]  do_syscall_64+0xe2/0xf80
[  113.509084][ T5512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.511655][ T5512] page last free pid 5305 tgid 5305 stack trace:
[  113.514256][ T5512]  __free_frozen_pages+0xbf8/0xd70
[  113.516551][ T5512]  __slab_free+0x2ce/0x320
[  113.518348][ T5512]  qlist_free_all+0x97/0x100
[  113.520421][ T5512]  kasan_quarantine_reduce+0x148/0x160
[  113.522825][ T5512]  __kasan_slab_alloc+0x22/0x80
[  113.525030][ T5512]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  113.527709][ T5512]  __alloc_skb+0x1d7/0x390
[  113.529508][ T5512]  tcp_stream_alloc_skb+0x3d/0x350
[  113.531828][ T5512]  tcp_sendmsg_locked+0xefc/0x5710
[  113.534368][ T5512]  tcp_sendmsg+0x2f/0x50
[  113.536173][ T5512]  sock_write_iter+0x421/0x550
[  113.538329][ T5512]  vfs_write+0x61d/0xb90
[  113.540228][ T5512]  ksys_write+0x150/0x270
[  113.542306][ T5512]  do_syscall_64+0xe2/0xf80
[  113.544300][ T5512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.547198][ T5512] ------------[ cut here ]------------
[  113.549562][ T5512] kernel BUG at ./include/linux/mm.h:1292!
[  113.552239][ T5512] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  113.555105][ T5512] CPU: 0 UID: 0 PID: 5512 Comm: syz.0.18 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  113.559674][ T5512] Tainted: [B]=BAD_PAGE
[  113.561620][ T5512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  113.566101][ T5512] RIP: 0010:page_frag_free+0x182/0x240
[  113.568540][ T5512] Code: 38 c1 0f 8c 64 ff ff ff 4c 89 f7 e8 88 07 0d 00 e9 57 ff ff ff e8 ae 2d a3 ff 48 89 df 48 c7 c6 e0 ca ba 8b e8 ef b6 06 ff 90 <0f> 0b 48 89 de 48 81 e6 ff 0f 00 00 31 ff e8 6b 32 a3 ff 48 89 d8
[  113.576788][ T5512] RSP: 0018:ffffc90002bf7490 EFLAGS: 00010246
[  113.579483][ T5512] RAX: 50c99532b6d33400 RBX: ffffea00004a9800 RCX: 0000000000000201
[  113.582745][ T5512] RDX: 0000000000000000 RSI: ffffffff8c074fe0 RDI: ffff888000aa8000
[  113.586180][ T5512] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  113.589672][ T5512] R10: dffffc0000000000 R11: fffffbfff1c7ce48 R12: dffffc0000000000
[  113.593061][ T5512] R13: 000000000000bcdd R14: ffffea00004a9834 R15: dead000000000040
[  113.596520][ T5512] FS:  000055556e833500(0000) GS:ffff88808ccea000(0000) knlGS:0000000000000000
[  113.600320][ T5512] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.603060][ T5512] CR2: 0000200000010000 CR3: 0000000012a7b000 CR4: 0000000000352ef0
[  113.606541][ T5512] Call Trace:
[  113.607924][ T5512]  <TASK>
[  113.609233][ T5512]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  113.611706][ T5512]  bpf_xdp_adjust_tail+0x1d6/0x220
[  113.613871][ T5512]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  113.616201][ T5512]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  113.618523][ T5512]  ? lock_release+0x4b/0x3a0
[  113.620404][ T5512]  do_xdp_generic+0xa6f/0x1280
[  113.622528][ T5512]  ? __pfx_do_xdp_generic+0x10/0x10
[  113.624745][ T5512]  ? tun_get_user+0x2354/0x3dd0
[  113.626847][ T5512]  tun_get_user+0x247d/0x3dd0
[  113.628932][ T5512]  ? aa_file_perm+0x440/0x1630
[  113.631582][ T5512]  ? __pfx_tun_get_user+0x10/0x10
[  113.633917][ T5512]  ? get_futex_key+0x8cd/0x1690
[  113.636210][ T5512]  ? ref_tracker_alloc+0x363/0x4d0
[  113.638478][ T5512]  ? rcu_is_watching+0x15/0xb0
[  113.640641][ T5512]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  113.643000][ T5512]  ? __futex_hash+0x33b/0x760
[  113.645124][ T5512]  ? tun_get+0x1c/0x2f0
[  113.646896][ T5512]  ? tun_get+0x1c/0x2f0
[  113.648560][ T5512]  ? rcu_is_watching+0x15/0xb0
[  113.650422][ T5512]  ? tun_get+0x1c/0x2f0
[  113.652095][ T5512]  ? lock_release+0x4b/0x3a0
[  113.653941][ T5512]  ? apparmor_file_permission+0x17f/0x1f0
[  113.656209][ T5512]  ? tun_get+0x1c/0x2f0
[  113.657937][ T5512]  tun_chr_write_iter+0x113/0x200
[  113.660115][ T5512]  vfs_write+0x61d/0xb90
[  113.661904][ T5512]  ? __pfx_vfs_write+0x10/0x10
[  113.663919][ T5512]  ? __pfx_do_futex+0x10/0x10
[  113.665975][ T5512]  ksys_write+0x150/0x270
[  113.667778][ T5512]  ? __pfx_ksys_write+0x10/0x10
[  113.669776][ T5512]  ? rcu_is_watching+0x15/0xb0
[  113.671967][ T5512]  do_syscall_64+0xe2/0xf80
[  113.674087][ T5512]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.676696][ T5512]  ? trace_irq_disable+0x37/0x100
[  113.678906][ T5512]  ? clear_bhb_loop+0x60/0xb0
[  113.680925][ T5512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.683489][ T5512] RIP: 0033:0x7f302895b78e
[  113.685434][ T5512] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  113.693333][ T5512] RSP: 002b:00007ffd12da9c98 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.696991][ T5512] RAX: ffffffffffffffda RBX: 000055556e833500 RCX: 00007f302895b78e
[  113.700611][ T5512] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  113.703965][ T5512] RBP: 00007f3028a08c1f R08: 0000000000000000 R09: 0000000000000000
[  113.707267][ T5512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.710680][ T5512] R13: 00007f3028c15fac R14: 00007f3028c15fa0 R15: 00007f3028c15fa0
[  113.713915][ T5512]  </TASK>
[  113.715110][ T5512] Modules linked in:
[  113.716815][ T5512] ---[ end trace 0000000000000000 ]---
[  113.719152][ T5512] RIP: 0010:page_frag_free+0x182/0x240
[  113.721513][ T5512] Code: 38 c1 0f 8c 64 ff ff ff 4c 89 f7 e8 88 07 0d 00 e9 57 ff ff ff e8 ae 2d a3 ff 48 89 df 48 c7 c6 e0 ca ba 8b e8 ef b6 06 ff 90 <0f> 0b 48 89 de 48 81 e6 ff 0f 00 00 31 ff e8 6b 32 a3 ff 48 89 d8
[  113.729306][ T5512] RSP: 0018:ffffc90002bf7490 EFLAGS: 00010246
[  113.732267][ T5512] RAX: 50c99532b6d33400 RBX: ffffea00004a9800 RCX: 0000000000000201
[  113.735801][ T5512] RDX: 0000000000000000 RSI: ffffffff8c074fe0 RDI: ffff888000aa8000
[  113.739088][ T5512] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  113.742648][ T5512] R10: dffffc0000000000 R11: fffffbfff1c7ce48 R12: dffffc0000000000
[  113.746554][ T5512] R13: 000000000000bcdd R14: ffffea00004a9834 R15: dead000000000040
[  113.750021][ T5512] FS:  000055556e833500(0000) GS:ffff88808ccea000(0000) knlGS:0000000000000000
[  113.753756][ T5512] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.756554][ T5512] CR2: 0000200000010000 CR3: 0000000012a7b000 CR4: 0000000000352ef0
[  113.760208][ T5512] Kernel panic - not syncing: Fatal exception in interrupt
[  113.763721][ T5512] Kernel Offset: disabled
[  113.765726][ T5512] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:36:18  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000070 RBX=0000000000000070 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90002c16c70
R8 =ffff888034198237 R9 =1ffff11006833046 R10=dffffc0000000000 R11=ffffffff85335ee0
R12=dffffc0000000000 R13=ffffffff9a02ca17 R14=ffffffff9a3416a0 R15=0000000000000000
RIP=ffffffff85335f5c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055556e833500 ffffffff 00c00000
GS =0000 ffff88808ccea000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000010000 CR3=0000000012492000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006e75745f7a7973
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd12daa156
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd12daa156 00007ffd12daa15c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3028a08704
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3028a08750
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3028a086c4
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3028a08742
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c667265766f20 6772612061746164 000a747261745374 6f687370616e5300
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000c0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000c0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000