Warning: Permanently added '[localhost]:26136' (ED25519) to the list of known hosts.
executing program
syzkaller login: [ 86.466116][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c9
[ 86.470043][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c9
[ 86.474914][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 86.478065][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 86.482206][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 86.485818][ T5313] page dumped because: page_pool leak
[ 86.488449][ T5313] page_owner tracks the page as allocated
[ 86.491077][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465963767, free_ts 0
[ 86.498206][ T5313] post_alloc_hook+0x240/0x2a0
[ 86.500517][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 86.502864][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 86.505189][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 86.507782][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 86.510560][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 86.512735][ T5313] do_xdp_generic+0x699/0x11a0
[ 86.514895][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 86.517550][ T5313] __netif_receive_skb+0x72/0x380
[ 86.519895][ T5313] netif_receive_skb+0x1cb/0x790
[ 86.522175][ T5313] tun_rx_batched+0x1b9/0x730
[ 86.524379][ T5313] tun_get_user+0x298e/0x3ce0
[ 86.526521][ T5313] tun_chr_write_iter+0x113/0x200
[ 86.528838][ T5313] vfs_write+0x54b/0xa90
[ 86.530982][ T5313] ksys_write+0x145/0x250
[ 86.533176][ T5313] do_syscall_64+0xfa/0x3b0
[ 86.535740][ T5313] page_owner free stack trace missing
[ 86.538262][ T5313] Modules linked in:
[ 86.540086][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 86.540103][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.540111][ T5313] Call Trace:
[ 86.540120][ T5313]
[ 86.540127][ T5313] dump_stack_lvl+0x189/0x250
[ 86.540155][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.540173][ T5313] ? __pfx_print_modules+0x10/0x10
[ 86.540188][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.540207][ T5313] bad_page+0x180/0x1c0
[ 86.540227][ T5313] __free_frozen_pages+0xe17/0xe70
[ 86.540246][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 86.540277][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 86.540295][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 86.540307][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 86.540345][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 86.540370][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 86.540384][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 86.540420][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 86.540436][ T5313] ? __up_read+0x280/0x680
[ 86.540450][ T5313] ? __pfx___up_read+0x10/0x10
[ 86.540462][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 86.540484][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 86.540499][ T5313] ? irqentry_exit+0x74/0x90
[ 86.540514][ T5313] ? __lock_acquire+0xab9/0xd20
[ 86.540533][ T5313] ? netif_receive_skb+0x115/0x790
[ 86.540544][ T5313] ? netif_receive_skb+0x115/0x790
[ 86.540557][ T5313] __netif_receive_skb+0x72/0x380
[ 86.540572][ T5313] ? netif_receive_skb+0x115/0x790
[ 86.540581][ T5313] netif_receive_skb+0x1cb/0x790
[ 86.540593][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 86.540606][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 86.540622][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 86.540638][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 86.540657][ T5313] ? tun_rx_batched+0x160/0x730
[ 86.540669][ T5313] tun_rx_batched+0x1b9/0x730
[ 86.540679][ T5313] ? __lock_acquire+0xab9/0xd20
[ 86.540696][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 86.540709][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 86.540728][ T5313] tun_get_user+0x298e/0x3ce0
[ 86.540741][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 86.540760][ T5313] ? aa_file_perm+0x11f/0xed0
[ 86.540775][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 86.540784][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 86.540808][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 86.540823][ T5313] ? __lock_acquire+0xab9/0xd20
[ 86.540837][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 86.540851][ T5313] ? tun_get+0x1c/0x2f0
[ 86.540869][ T5313] ? tun_get+0x1c/0x2f0
[ 86.540885][ T5313] ? tun_get+0x1c/0x2f0
[ 86.540904][ T5313] tun_chr_write_iter+0x113/0x200
[ 86.540922][ T5313] vfs_write+0x54b/0xa90
[ 86.540938][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 86.540955][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 86.540972][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 86.540993][ T5313] ksys_write+0x145/0x250
[ 86.541006][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 86.541021][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 86.541042][ T5313] do_syscall_64+0xfa/0x3b0
[ 86.541052][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.541071][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.541081][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 86.541095][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.541106][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 86.541121][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 86.541130][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 86.541142][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 86.541150][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 86.541157][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 86.541164][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 86.541172][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 86.541189][ T5313]
[ 86.541194][ T5313] Disabling lock debugging due to kernel taint
[ 86.731546][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c8
[ 86.735185][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c8
[ 86.738762][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 86.741867][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 86.745959][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 86.750300][ T5313] page dumped because: page_pool leak
[ 86.752512][ T5313] page_owner tracks the page as allocated
[ 86.754737][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465948821, free_ts 0
[ 86.761458][ T5313] post_alloc_hook+0x240/0x2a0
[ 86.764131][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 86.766580][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 86.768777][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 86.770810][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 86.773279][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 86.775410][ T5313] do_xdp_generic+0x699/0x11a0
[ 86.777846][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 86.780906][ T5313] __netif_receive_skb+0x72/0x380
[ 86.783277][ T5313] netif_receive_skb+0x1cb/0x790
[ 86.785305][ T5313] tun_rx_batched+0x1b9/0x730
[ 86.787394][ T5313] tun_get_user+0x298e/0x3ce0
[ 86.789405][ T5313] tun_chr_write_iter+0x113/0x200
[ 86.791793][ T5313] vfs_write+0x54b/0xa90
[ 86.793791][ T5313] ksys_write+0x145/0x250
[ 86.796436][ T5313] do_syscall_64+0xfa/0x3b0
[ 86.799083][ T5313] page_owner free stack trace missing
[ 86.801660][ T5313] Modules linked in:
[ 86.803414][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 86.803433][ T5313] Tainted: [B]=BAD_PAGE
[ 86.803437][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.803445][ T5313] Call Trace:
[ 86.803454][ T5313]
[ 86.803461][ T5313] dump_stack_lvl+0x189/0x250
[ 86.803484][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.803499][ T5313] ? __pfx_print_modules+0x10/0x10
[ 86.803515][ T5313] bad_page+0x180/0x1c0
[ 86.803533][ T5313] __free_frozen_pages+0xe17/0xe70
[ 86.803546][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 86.803567][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 86.803582][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 86.803591][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 86.803615][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 86.803634][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 86.803649][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 86.803671][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 86.803684][ T5313] ? __up_read+0x280/0x680
[ 86.803723][ T5313] ? __pfx___up_read+0x10/0x10
[ 86.803734][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 86.803752][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 86.803765][ T5313] ? irqentry_exit+0x74/0x90
[ 86.803778][ T5313] ? __lock_acquire+0xab9/0xd20
[ 86.803792][ T5313] ? netif_receive_skb+0x115/0x790
[ 86.803802][ T5313] ? netif_receive_skb+0x115/0x790
[ 86.803812][ T5313] __netif_receive_skb+0x72/0x380
[ 86.803826][ T5313] ? netif_receive_skb+0x115/0x790
[ 86.803836][ T5313] netif_receive_skb+0x1cb/0x790
[ 86.803844][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 86.803861][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 86.803878][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 86.803894][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 86.803910][ T5313] ? tun_rx_batched+0x160/0x730
[ 86.803923][ T5313] tun_rx_batched+0x1b9/0x730
[ 86.803931][ T5313] ? __lock_acquire+0xab9/0xd20
[ 86.803946][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 86.803956][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 86.803970][ T5313] tun_get_user+0x298e/0x3ce0
[ 86.803980][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 86.803992][ T5313] ? aa_file_perm+0x11f/0xed0
[ 86.804009][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 86.804018][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 86.804040][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 86.804057][ T5313] ? __lock_acquire+0xab9/0xd20
[ 86.804070][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 86.804085][ T5313] ? tun_get+0x1c/0x2f0
[ 86.804104][ T5313] ? tun_get+0x1c/0x2f0
[ 86.804118][ T5313] ? tun_get+0x1c/0x2f0
[ 86.804133][ T5313] tun_chr_write_iter+0x113/0x200
[ 86.804150][ T5313] vfs_write+0x54b/0xa90
[ 86.804161][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 86.804177][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 86.804189][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 86.804207][ T5313] ksys_write+0x145/0x250
[ 86.804218][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 86.804229][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 86.804242][ T5313] do_syscall_64+0xfa/0x3b0
[ 86.804252][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.804268][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.804277][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 86.804290][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.804301][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 86.804313][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 86.804322][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 86.804336][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 86.804343][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 86.804350][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 86.804357][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 86.804364][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 86.804376][ T5313]
[ 86.804387][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c7
[ 86.992264][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c7
[ 86.996088][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 86.999458][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 87.003906][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 87.008089][ T5313] page dumped because: page_pool leak
[ 87.010455][ T5313] page_owner tracks the page as allocated
[ 87.012904][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465933516, free_ts 0
[ 87.020774][ T5313] post_alloc_hook+0x240/0x2a0
[ 87.022828][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 87.025210][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 87.027891][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 87.030351][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 87.033240][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 87.035630][ T5313] do_xdp_generic+0x699/0x11a0
[ 87.038166][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.040740][ T5313] __netif_receive_skb+0x72/0x380
[ 87.042938][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.045150][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.047561][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.050267][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.052796][ T5313] vfs_write+0x54b/0xa90
[ 87.054714][ T5313] ksys_write+0x145/0x250
[ 87.056801][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.058942][ T5313] page_owner free stack trace missing
[ 87.061551][ T5313] Modules linked in:
[ 87.063575][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 87.063596][ T5313] Tainted: [B]=BAD_PAGE
[ 87.063601][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.063609][ T5313] Call Trace:
[ 87.063618][ T5313]
[ 87.063626][ T5313] dump_stack_lvl+0x189/0x250
[ 87.063652][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.063670][ T5313] ? __pfx_print_modules+0x10/0x10
[ 87.063714][ T5313] bad_page+0x180/0x1c0
[ 87.063737][ T5313] __free_frozen_pages+0xe17/0xe70
[ 87.063753][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 87.063778][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 87.063794][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 87.063807][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 87.063834][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 87.063855][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 87.063872][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 87.063897][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.063911][ T5313] ? __up_read+0x280/0x680
[ 87.063926][ T5313] ? __pfx___up_read+0x10/0x10
[ 87.063938][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 87.063958][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 87.063972][ T5313] ? irqentry_exit+0x74/0x90
[ 87.063985][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.064003][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.064014][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.064025][ T5313] __netif_receive_skb+0x72/0x380
[ 87.064039][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.064050][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.064060][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 87.064079][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 87.064097][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 87.064115][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 87.064135][ T5313] ? tun_rx_batched+0x160/0x730
[ 87.064148][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.064159][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.064176][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 87.064189][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.064204][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.064216][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.064230][ T5313] ? aa_file_perm+0x11f/0xed0
[ 87.064250][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 87.064261][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 87.064281][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 87.064297][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.064319][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 87.064338][ T5313] ? tun_get+0x1c/0x2f0
[ 87.064357][ T5313] ? tun_get+0x1c/0x2f0
[ 87.064373][ T5313] ? tun_get+0x1c/0x2f0
[ 87.064391][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.064409][ T5313] vfs_write+0x54b/0xa90
[ 87.064422][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 87.064439][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 87.064452][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 87.064472][ T5313] ksys_write+0x145/0x250
[ 87.064483][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 87.064495][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 87.064509][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.064520][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.064538][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.064550][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 87.064572][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.064583][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 87.064602][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 87.064612][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 87.064626][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 87.064634][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 87.064646][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 87.064654][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 87.064661][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 87.064674][ T5313]
[ 87.064685][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c6
[ 87.252778][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c6
[ 87.256517][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 87.259928][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 87.263569][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 87.267154][ T5313] page dumped because: page_pool leak
[ 87.269667][ T5313] page_owner tracks the page as allocated
[ 87.272943][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465918315, free_ts 0
[ 87.280854][ T5313] post_alloc_hook+0x240/0x2a0
[ 87.283131][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 87.285563][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 87.288235][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 87.290736][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 87.293943][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 87.296686][ T5313] do_xdp_generic+0x699/0x11a0
[ 87.298774][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.301275][ T5313] __netif_receive_skb+0x72/0x380
[ 87.303303][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.305204][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.307350][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.309160][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.311133][ T5313] vfs_write+0x54b/0xa90
[ 87.312884][ T5313] ksys_write+0x145/0x250
[ 87.314642][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.316826][ T5313] page_owner free stack trace missing
[ 87.319050][ T5313] Modules linked in:
[ 87.320856][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 87.320873][ T5313] Tainted: [B]=BAD_PAGE
[ 87.320877][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.320883][ T5313] Call Trace:
[ 87.320891][ T5313]
[ 87.320896][ T5313] dump_stack_lvl+0x189/0x250
[ 87.320916][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.320931][ T5313] ? __pfx_print_modules+0x10/0x10
[ 87.320946][ T5313] bad_page+0x180/0x1c0
[ 87.320962][ T5313] __free_frozen_pages+0xe17/0xe70
[ 87.320974][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 87.320992][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 87.321006][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 87.321016][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 87.321039][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 87.321055][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 87.321067][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 87.321088][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.321100][ T5313] ? __up_read+0x280/0x680
[ 87.321111][ T5313] ? __pfx___up_read+0x10/0x10
[ 87.321121][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 87.321136][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 87.321143][ T5313] ? irqentry_exit+0x74/0x90
[ 87.321153][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.321167][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.321176][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.321186][ T5313] __netif_receive_skb+0x72/0x380
[ 87.321197][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.321206][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.321215][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 87.321228][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 87.321239][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 87.321252][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 87.321268][ T5313] ? tun_rx_batched+0x160/0x730
[ 87.321284][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.321293][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.321307][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 87.321314][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.321323][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.321332][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.321343][ T5313] ? aa_file_perm+0x11f/0xed0
[ 87.321359][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 87.321368][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 87.321383][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 87.321396][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.321405][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 87.321419][ T5313] ? tun_get+0x1c/0x2f0
[ 87.321436][ T5313] ? tun_get+0x1c/0x2f0
[ 87.321449][ T5313] ? tun_get+0x1c/0x2f0
[ 87.321463][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.321478][ T5313] vfs_write+0x54b/0xa90
[ 87.321486][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 87.321499][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 87.321510][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 87.321526][ T5313] ksys_write+0x145/0x250
[ 87.321536][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 87.321546][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 87.321558][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.321566][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.321576][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.321585][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 87.321595][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.321605][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 87.321615][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 87.321624][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 87.321637][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 87.321644][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 87.321650][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 87.321656][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 87.321661][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 87.321671][ T5313]
[ 87.321680][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c5
[ 87.509192][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c5
[ 87.512782][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 87.515937][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 87.520201][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 87.524374][ T5313] page dumped because: page_pool leak
[ 87.526810][ T5313] page_owner tracks the page as allocated
[ 87.529342][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465902969, free_ts 0
[ 87.536620][ T5313] post_alloc_hook+0x240/0x2a0
[ 87.538847][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 87.541515][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 87.544150][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 87.546769][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 87.549392][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 87.551405][ T5313] do_xdp_generic+0x699/0x11a0
[ 87.553618][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.556864][ T5313] __netif_receive_skb+0x72/0x380
[ 87.559881][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.562273][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.564389][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.566515][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.568817][ T5313] vfs_write+0x54b/0xa90
[ 87.570708][ T5313] ksys_write+0x145/0x250
[ 87.572592][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.574860][ T5313] page_owner free stack trace missing
[ 87.577717][ T5313] Modules linked in:
[ 87.579792][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 87.579814][ T5313] Tainted: [B]=BAD_PAGE
[ 87.579818][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.579826][ T5313] Call Trace:
[ 87.579835][ T5313]
[ 87.579843][ T5313] dump_stack_lvl+0x189/0x250
[ 87.579870][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.579890][ T5313] ? __pfx_print_modules+0x10/0x10
[ 87.579910][ T5313] bad_page+0x180/0x1c0
[ 87.579931][ T5313] __free_frozen_pages+0xe17/0xe70
[ 87.579948][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 87.579974][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 87.579992][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 87.580004][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 87.580033][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 87.580056][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 87.580075][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 87.580100][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.580115][ T5313] ? __up_read+0x280/0x680
[ 87.580132][ T5313] ? __pfx___up_read+0x10/0x10
[ 87.580145][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 87.580165][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 87.580179][ T5313] ? irqentry_exit+0x74/0x90
[ 87.580194][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.580213][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.580224][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.580236][ T5313] __netif_receive_skb+0x72/0x380
[ 87.580251][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.580262][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.580273][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 87.580294][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 87.580313][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 87.580332][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 87.580359][ T5313] ? tun_rx_batched+0x160/0x730
[ 87.580374][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.580385][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.580404][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 87.580417][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.580432][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.580444][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.580459][ T5313] ? aa_file_perm+0x11f/0xed0
[ 87.580478][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 87.580491][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 87.580511][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 87.580528][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.580545][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 87.580564][ T5313] ? tun_get+0x1c/0x2f0
[ 87.580585][ T5313] ? tun_get+0x1c/0x2f0
[ 87.580601][ T5313] ? tun_get+0x1c/0x2f0
[ 87.580621][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.580641][ T5313] vfs_write+0x54b/0xa90
[ 87.580655][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 87.580673][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 87.580689][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 87.580710][ T5313] ksys_write+0x145/0x250
[ 87.580722][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 87.580736][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 87.580750][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.580760][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.580776][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.580786][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 87.580798][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.580809][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 87.580823][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 87.580834][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 87.580846][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 87.580854][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 87.580861][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 87.580868][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 87.580875][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 87.580886][ T5313]
[ 87.580895][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c4
[ 87.771329][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c4
[ 87.775829][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 87.778965][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 87.782655][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 87.786799][ T5313] page dumped because: page_pool leak
[ 87.789858][ T5313] page_owner tracks the page as allocated
[ 87.792584][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465888109, free_ts 0
[ 87.799901][ T5313] post_alloc_hook+0x240/0x2a0
[ 87.802303][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 87.805249][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 87.808103][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 87.810564][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 87.813354][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 87.815802][ T5313] do_xdp_generic+0x699/0x11a0
[ 87.818558][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.821632][ T5313] __netif_receive_skb+0x72/0x380
[ 87.823761][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.825816][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.827807][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.829754][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.832001][ T5313] vfs_write+0x54b/0xa90
[ 87.833847][ T5313] ksys_write+0x145/0x250
[ 87.835864][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.838093][ T5313] page_owner free stack trace missing
[ 87.840733][ T5313] Modules linked in:
[ 87.842307][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 87.842324][ T5313] Tainted: [B]=BAD_PAGE
[ 87.842328][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.842334][ T5313] Call Trace:
[ 87.842341][ T5313]
[ 87.842357][ T5313] dump_stack_lvl+0x189/0x250
[ 87.842380][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.842395][ T5313] ? __pfx_print_modules+0x10/0x10
[ 87.842410][ T5313] bad_page+0x180/0x1c0
[ 87.842426][ T5313] __free_frozen_pages+0xe17/0xe70
[ 87.842440][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 87.842459][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 87.842472][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 87.842481][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 87.842503][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 87.842520][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 87.842533][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 87.842551][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 87.842563][ T5313] ? __up_read+0x280/0x680
[ 87.842575][ T5313] ? __pfx___up_read+0x10/0x10
[ 87.842584][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 87.842599][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 87.842611][ T5313] ? irqentry_exit+0x74/0x90
[ 87.842621][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.842636][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.842645][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.842653][ T5313] __netif_receive_skb+0x72/0x380
[ 87.842665][ T5313] ? netif_receive_skb+0x115/0x790
[ 87.842673][ T5313] netif_receive_skb+0x1cb/0x790
[ 87.842682][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 87.842698][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 87.842712][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 87.842726][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 87.842741][ T5313] ? tun_rx_batched+0x160/0x730
[ 87.842751][ T5313] tun_rx_batched+0x1b9/0x730
[ 87.842760][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.842773][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 87.842780][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.842786][ T5313] tun_get_user+0x298e/0x3ce0
[ 87.842793][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 87.842802][ T5313] ? aa_file_perm+0x11f/0xed0
[ 87.842816][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 87.842824][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 87.842840][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 87.842853][ T5313] ? __lock_acquire+0xab9/0xd20
[ 87.842866][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 87.842880][ T5313] ? tun_get+0x1c/0x2f0
[ 87.842896][ T5313] ? tun_get+0x1c/0x2f0
[ 87.842909][ T5313] ? tun_get+0x1c/0x2f0
[ 87.842923][ T5313] tun_chr_write_iter+0x113/0x200
[ 87.842938][ T5313] vfs_write+0x54b/0xa90
[ 87.842949][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 87.842963][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 87.842973][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 87.842987][ T5313] ksys_write+0x145/0x250
[ 87.842996][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 87.843006][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 87.843018][ T5313] do_syscall_64+0xfa/0x3b0
[ 87.843027][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.843042][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.843052][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 87.843062][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.843073][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 87.843086][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 87.843093][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 87.843105][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 87.843112][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 87.843118][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 87.843124][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 87.843130][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 87.843141][ T5313]
[ 87.843150][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c3
[ 88.028377][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c3
[ 88.032117][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 88.035366][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 88.040287][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 88.044154][ T5313] page dumped because: page_pool leak
[ 88.046558][ T5313] page_owner tracks the page as allocated
[ 88.049020][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465872869, free_ts 0
[ 88.056787][ T5313] post_alloc_hook+0x240/0x2a0
[ 88.059133][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 88.061749][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.064345][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 88.066667][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 88.069397][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 88.072054][ T5313] do_xdp_generic+0x699/0x11a0
[ 88.074635][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.077222][ T5313] __netif_receive_skb+0x72/0x380
[ 88.079425][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.081697][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.083752][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.086019][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.088416][ T5313] vfs_write+0x54b/0xa90
[ 88.090611][ T5313] ksys_write+0x145/0x250
[ 88.092556][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.094523][ T5313] page_owner free stack trace missing
[ 88.096879][ T5313] Modules linked in:
[ 88.098594][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 88.098611][ T5313] Tainted: [B]=BAD_PAGE
[ 88.098615][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.098621][ T5313] Call Trace:
[ 88.098629][ T5313]
[ 88.098636][ T5313] dump_stack_lvl+0x189/0x250
[ 88.098657][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.098672][ T5313] ? __pfx_print_modules+0x10/0x10
[ 88.098687][ T5313] bad_page+0x180/0x1c0
[ 88.098705][ T5313] __free_frozen_pages+0xe17/0xe70
[ 88.098719][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 88.098740][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 88.098755][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 88.098764][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 88.098789][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 88.098805][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 88.098818][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 88.098839][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.098851][ T5313] ? __up_read+0x280/0x680
[ 88.098863][ T5313] ? __pfx___up_read+0x10/0x10
[ 88.098873][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 88.098888][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 88.098900][ T5313] ? irqentry_exit+0x74/0x90
[ 88.098910][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.098927][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.098936][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.098945][ T5313] __netif_receive_skb+0x72/0x380
[ 88.098956][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.098964][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.098972][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 88.098989][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 88.099012][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 88.099028][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 88.099043][ T5313] ? tun_rx_batched+0x160/0x730
[ 88.099053][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.099061][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.099076][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 88.099085][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.099098][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.099108][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.099120][ T5313] ? aa_file_perm+0x11f/0xed0
[ 88.099135][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 88.099144][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 88.099161][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 88.099177][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.099191][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 88.099207][ T5313] ? tun_get+0x1c/0x2f0
[ 88.099223][ T5313] ? tun_get+0x1c/0x2f0
[ 88.099238][ T5313] ? tun_get+0x1c/0x2f0
[ 88.099254][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.099271][ T5313] vfs_write+0x54b/0xa90
[ 88.099283][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 88.099299][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 88.099311][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 88.099329][ T5313] ksys_write+0x145/0x250
[ 88.099340][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 88.099349][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 88.099362][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.099372][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.099389][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.099399][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 88.099410][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.099422][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 88.099435][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 88.099444][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 88.099456][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 88.099463][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 88.099471][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 88.099478][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 88.099485][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 88.099497][ T5313]
[ 88.099507][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c2
[ 88.286189][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c2
[ 88.290633][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 88.293882][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 88.297819][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 88.301771][ T5313] page dumped because: page_pool leak
[ 88.304581][ T5313] page_owner tracks the page as allocated
[ 88.307998][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465858019, free_ts 0
[ 88.316197][ T5313] post_alloc_hook+0x240/0x2a0
[ 88.318360][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 88.320822][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.323463][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 88.326020][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 88.328918][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 88.331203][ T5313] do_xdp_generic+0x699/0x11a0
[ 88.333820][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.336661][ T5313] __netif_receive_skb+0x72/0x380
[ 88.338927][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.341126][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.343118][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.345460][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.347665][ T5313] vfs_write+0x54b/0xa90
[ 88.349637][ T5313] ksys_write+0x145/0x250
[ 88.351362][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.353143][ T5313] page_owner free stack trace missing
[ 88.355480][ T5313] Modules linked in:
[ 88.357225][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 88.357244][ T5313] Tainted: [B]=BAD_PAGE
[ 88.357248][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.357254][ T5313] Call Trace:
[ 88.357261][ T5313]
[ 88.357267][ T5313] dump_stack_lvl+0x189/0x250
[ 88.357288][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.357303][ T5313] ? __pfx_print_modules+0x10/0x10
[ 88.357316][ T5313] bad_page+0x180/0x1c0
[ 88.357333][ T5313] __free_frozen_pages+0xe17/0xe70
[ 88.357345][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 88.357371][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 88.357383][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 88.357392][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 88.357415][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 88.357431][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 88.357444][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 88.357463][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.357474][ T5313] ? __up_read+0x280/0x680
[ 88.357486][ T5313] ? __pfx___up_read+0x10/0x10
[ 88.357494][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 88.357507][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 88.357516][ T5313] ? irqentry_exit+0x74/0x90
[ 88.357525][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.357537][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.357545][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.357552][ T5313] __netif_receive_skb+0x72/0x380
[ 88.357562][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.357569][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.357577][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 88.357593][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 88.357606][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 88.357618][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 88.357632][ T5313] ? tun_rx_batched+0x160/0x730
[ 88.357643][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.357652][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.357663][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 88.357673][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.357684][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.357694][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.357705][ T5313] ? aa_file_perm+0x11f/0xed0
[ 88.357721][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 88.357728][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 88.357742][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 88.357755][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.357768][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 88.357782][ T5313] ? tun_get+0x1c/0x2f0
[ 88.357797][ T5313] ? tun_get+0x1c/0x2f0
[ 88.357810][ T5313] ? tun_get+0x1c/0x2f0
[ 88.357822][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.357838][ T5313] vfs_write+0x54b/0xa90
[ 88.357848][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 88.357861][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 88.357872][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 88.357887][ T5313] ksys_write+0x145/0x250
[ 88.357896][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 88.357905][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 88.357916][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.357925][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.357938][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.357948][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 88.357958][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.357968][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 88.357979][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 88.357987][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 88.357999][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 88.358005][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 88.358011][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 88.358017][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 88.358022][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 88.358033][ T5313]
[ 88.358043][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c1
[ 88.549606][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c1
[ 88.553906][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 88.557258][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 88.561163][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 88.565090][ T5313] page dumped because: page_pool leak
[ 88.567862][ T5313] page_owner tracks the page as allocated
[ 88.570525][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465842540, free_ts 0
[ 88.578096][ T5313] post_alloc_hook+0x240/0x2a0
[ 88.580173][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 88.582457][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.584618][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 88.586478][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 88.588608][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 88.591184][ T5313] do_xdp_generic+0x699/0x11a0
[ 88.593524][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.596443][ T5313] __netif_receive_skb+0x72/0x380
[ 88.598738][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.600918][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.602916][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.604977][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.607365][ T5313] vfs_write+0x54b/0xa90
[ 88.609367][ T5313] ksys_write+0x145/0x250
[ 88.611389][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.613569][ T5313] page_owner free stack trace missing
[ 88.616115][ T5313] Modules linked in:
[ 88.617922][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 88.617940][ T5313] Tainted: [B]=BAD_PAGE
[ 88.617943][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.617950][ T5313] Call Trace:
[ 88.617958][ T5313]
[ 88.617965][ T5313] dump_stack_lvl+0x189/0x250
[ 88.617986][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.617997][ T5313] ? __pfx_print_modules+0x10/0x10
[ 88.618007][ T5313] bad_page+0x180/0x1c0
[ 88.618018][ T5313] __free_frozen_pages+0xe17/0xe70
[ 88.618030][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 88.618052][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 88.618065][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 88.618075][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 88.618094][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 88.618111][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 88.618124][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 88.618143][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.618154][ T5313] ? __up_read+0x280/0x680
[ 88.618166][ T5313] ? __pfx___up_read+0x10/0x10
[ 88.618176][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 88.618190][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 88.618201][ T5313] ? irqentry_exit+0x74/0x90
[ 88.618213][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.618228][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.618236][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.618244][ T5313] __netif_receive_skb+0x72/0x380
[ 88.618255][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.618262][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.618270][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 88.618286][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 88.618299][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 88.618314][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 88.618330][ T5313] ? tun_rx_batched+0x160/0x730
[ 88.618348][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.618356][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.618367][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 88.618376][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.618386][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.618395][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.618406][ T5313] ? aa_file_perm+0x11f/0xed0
[ 88.618420][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 88.618428][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 88.618443][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 88.618457][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.618469][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 88.618482][ T5313] ? tun_get+0x1c/0x2f0
[ 88.618497][ T5313] ? tun_get+0x1c/0x2f0
[ 88.618509][ T5313] ? tun_get+0x1c/0x2f0
[ 88.618524][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.618539][ T5313] vfs_write+0x54b/0xa90
[ 88.618551][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 88.618565][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 88.618572][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 88.618583][ T5313] ksys_write+0x145/0x250
[ 88.618590][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 88.618599][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 88.618610][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.618619][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.618632][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.618641][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 88.618653][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.618663][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 88.618675][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 88.618684][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 88.618697][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 88.618704][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 88.618709][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 88.618715][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 88.618721][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 88.618731][ T5313]
[ 88.618740][ T5313] BUG: Bad page state in process syz-executor246 pfn:447c0
[ 88.801830][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447c0
[ 88.806546][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 88.809677][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 88.813510][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 88.817199][ T5313] page dumped because: page_pool leak
[ 88.819937][ T5313] page_owner tracks the page as allocated
[ 88.823009][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465827178, free_ts 0
[ 88.830262][ T5313] post_alloc_hook+0x240/0x2a0
[ 88.832447][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 88.834888][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.838257][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 88.841417][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 88.844056][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 88.846377][ T5313] do_xdp_generic+0x699/0x11a0
[ 88.848548][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.851253][ T5313] __netif_receive_skb+0x72/0x380
[ 88.853631][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.856405][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.858828][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.861288][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.863290][ T5313] vfs_write+0x54b/0xa90
[ 88.865289][ T5313] ksys_write+0x145/0x250
[ 88.867238][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.869011][ T5313] page_owner free stack trace missing
[ 88.871063][ T5313] Modules linked in:
[ 88.872904][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 88.872924][ T5313] Tainted: [B]=BAD_PAGE
[ 88.872928][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.872935][ T5313] Call Trace:
[ 88.872943][ T5313]
[ 88.872950][ T5313] dump_stack_lvl+0x189/0x250
[ 88.872973][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.872987][ T5313] ? __pfx_print_modules+0x10/0x10
[ 88.872998][ T5313] bad_page+0x180/0x1c0
[ 88.873027][ T5313] __free_frozen_pages+0xe17/0xe70
[ 88.873041][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 88.873061][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 88.873076][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 88.873086][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 88.873110][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 88.873128][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 88.873142][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 88.873161][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 88.873175][ T5313] ? __up_read+0x280/0x680
[ 88.873188][ T5313] ? __pfx___up_read+0x10/0x10
[ 88.873199][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 88.873216][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 88.873227][ T5313] ? irqentry_exit+0x74/0x90
[ 88.873235][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.873245][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.873251][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.873258][ T5313] __netif_receive_skb+0x72/0x380
[ 88.873269][ T5313] ? netif_receive_skb+0x115/0x790
[ 88.873277][ T5313] netif_receive_skb+0x1cb/0x790
[ 88.873286][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 88.873302][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 88.873319][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 88.873335][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 88.873352][ T5313] ? tun_rx_batched+0x160/0x730
[ 88.873361][ T5313] tun_rx_batched+0x1b9/0x730
[ 88.873368][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.873381][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 88.873391][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.873403][ T5313] tun_get_user+0x298e/0x3ce0
[ 88.873414][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 88.873426][ T5313] ? aa_file_perm+0x11f/0xed0
[ 88.873442][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 88.873452][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 88.873469][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 88.873483][ T5313] ? __lock_acquire+0xab9/0xd20
[ 88.873497][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 88.873512][ T5313] ? tun_get+0x1c/0x2f0
[ 88.873528][ T5313] ? tun_get+0x1c/0x2f0
[ 88.873543][ T5313] ? tun_get+0x1c/0x2f0
[ 88.873558][ T5313] tun_chr_write_iter+0x113/0x200
[ 88.873574][ T5313] vfs_write+0x54b/0xa90
[ 88.873584][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 88.873600][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 88.873611][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 88.873628][ T5313] ksys_write+0x145/0x250
[ 88.873639][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 88.873650][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 88.873662][ T5313] do_syscall_64+0xfa/0x3b0
[ 88.873672][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.873688][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.873699][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 88.873710][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.873721][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 88.873735][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 88.873744][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 88.873758][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 88.873766][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 88.873773][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 88.873780][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 88.873787][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 88.873798][ T5313]
[ 88.873807][ T5313] BUG: Bad page state in process syz-executor246 pfn:447bf
[ 89.070520][ T5313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447bf
[ 89.074392][ T5313] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 89.078215][ T5313] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 89.082447][ T5313] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 89.087840][ T5313] page dumped because: page_pool leak
[ 89.090708][ T5313] page_owner tracks the page as allocated
[ 89.093324][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5313, tgid 5313 (syz-executor246), ts 86465811935, free_ts 0
[ 89.100636][ T5313] post_alloc_hook+0x240/0x2a0
[ 89.102879][ T5313] get_page_from_freelist+0x21e4/0x22c0
[ 89.105456][ T5313] __alloc_frozen_pages_noprof+0x181/0x370
[ 89.108481][ T5313] alloc_pages_bulk_noprof+0x560/0x710
[ 89.111293][ T5313] __page_pool_alloc_pages_slow+0x127/0x740
[ 89.113967][ T5313] skb_pp_cow_data+0xb47/0x13e0
[ 89.116314][ T5313] do_xdp_generic+0x699/0x11a0
[ 89.118426][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 89.121233][ T5313] __netif_receive_skb+0x72/0x380
[ 89.123765][ T5313] netif_receive_skb+0x1cb/0x790
[ 89.126584][ T5313] tun_rx_batched+0x1b9/0x730
[ 89.128744][ T5313] tun_get_user+0x298e/0x3ce0
[ 89.131413][ T5313] tun_chr_write_iter+0x113/0x200
[ 89.133979][ T5313] vfs_write+0x54b/0xa90
[ 89.136423][ T5313] ksys_write+0x145/0x250
[ 89.138877][ T5313] do_syscall_64+0xfa/0x3b0
[ 89.141202][ T5313] page_owner free stack trace missing
[ 89.143695][ T5313] Modules linked in:
[ 89.145457][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 89.145475][ T5313] Tainted: [B]=BAD_PAGE
[ 89.145478][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.145485][ T5313] Call Trace:
[ 89.145492][ T5313]
[ 89.145498][ T5313] dump_stack_lvl+0x189/0x250
[ 89.145519][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 89.145534][ T5313] ? __pfx_print_modules+0x10/0x10
[ 89.145547][ T5313] bad_page+0x180/0x1c0
[ 89.145562][ T5313] __free_frozen_pages+0xe17/0xe70
[ 89.145576][ T5313] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 89.145596][ T5313] bpf_xdp_adjust_tail+0x1d6/0x220
[ 89.145609][ T5313] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 89.145616][ T5313] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 89.145630][ T5313] do_xdp_generic+0x9f7/0x11a0
[ 89.145640][ T5313] ? __pfx_do_xdp_generic+0x10/0x10
[ 89.145648][ T5313] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 89.145664][ T5313] __netif_receive_skb_core+0x1823/0x4180
[ 89.145674][ T5313] ? __up_read+0x280/0x680
[ 89.145686][ T5313] ? __pfx___up_read+0x10/0x10
[ 89.145696][ T5313] ? do_user_addr_fault+0xbc1/0x1390
[ 89.145711][ T5313] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 89.145721][ T5313] ? irqentry_exit+0x74/0x90
[ 89.145731][ T5313] ? __lock_acquire+0xab9/0xd20
[ 89.145745][ T5313] ? netif_receive_skb+0x115/0x790
[ 89.145754][ T5313] ? netif_receive_skb+0x115/0x790
[ 89.145764][ T5313] __netif_receive_skb+0x72/0x380
[ 89.145774][ T5313] ? netif_receive_skb+0x115/0x790
[ 89.145782][ T5313] netif_receive_skb+0x1cb/0x790
[ 89.145790][ T5313] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 89.145806][ T5313] ? __pfx_netif_receive_skb+0x10/0x10
[ 89.145819][ T5313] ? __pfx__copy_from_iter+0x10/0x10
[ 89.145834][ T5313] ? sock_alloc_send_pskb+0x875/0x990
[ 89.145849][ T5313] ? tun_rx_batched+0x160/0x730
[ 89.145860][ T5313] tun_rx_batched+0x1b9/0x730
[ 89.145868][ T5313] ? __lock_acquire+0xab9/0xd20
[ 89.145881][ T5313] ? __pfx_tun_rx_batched+0x10/0x10
[ 89.145890][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 89.145901][ T5313] tun_get_user+0x298e/0x3ce0
[ 89.145911][ T5313] ? tun_get_user+0x2549/0x3ce0
[ 89.145921][ T5313] ? aa_file_perm+0x11f/0xed0
[ 89.145935][ T5313] ? __pfx_tun_get_user+0x10/0x10
[ 89.145944][ T5313] ? aa_file_perm+0x3e7/0xed0
[ 89.145959][ T5313] ? ref_tracker_alloc+0x318/0x460
[ 89.145971][ T5313] ? __lock_acquire+0xab9/0xd20
[ 89.145984][ T5313] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 89.145999][ T5313] ? tun_get+0x1c/0x2f0
[ 89.146015][ T5313] ? tun_get+0x1c/0x2f0
[ 89.146028][ T5313] ? tun_get+0x1c/0x2f0
[ 89.146041][ T5313] tun_chr_write_iter+0x113/0x200
[ 89.146062][ T5313] vfs_write+0x54b/0xa90
[ 89.146072][ T5313] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 89.146086][ T5313] ? __pfx_vfs_write+0x10/0x10
[ 89.146096][ T5313] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 89.146112][ T5313] ksys_write+0x145/0x250
[ 89.146121][ T5313] ? __pfx_ksys_write+0x10/0x10
[ 89.146131][ T5313] ? do_syscall_64+0xbe/0x3b0
[ 89.146143][ T5313] do_syscall_64+0xfa/0x3b0
[ 89.146153][ T5313] ? lockdep_hardirqs_on+0x9c/0x150
[ 89.146166][ T5313] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.146177][ T5313] ? clear_bhb_loop+0x60/0xb0
[ 89.146187][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.146197][ T5313] RIP: 0033:0x7f3452b9cdf0
[ 89.146209][ T5313] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 89.146218][ T5313] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 89.146252][ T5313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 89.146261][ T5313] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 89.146268][ T5313] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 89.146274][ T5313] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 89.146281][ T5313] R13: 0000000000000000 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 89.146291][ T5313]
executing program
[ 89.399772][ T5314] BUG: Bad page state in process syz-executor246 pfn:4464b
[ 89.403076][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4464b
[ 89.406949][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 89.410139][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 89.414054][ T5314] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 89.417708][ T5314] page dumped because: page_pool leak
[ 89.419984][ T5314] page_owner tracks the page as allocated
[ 89.422505][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399643212, free_ts 89396958744
[ 89.429500][ T5314] post_alloc_hook+0x240/0x2a0
[ 89.431765][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 89.434017][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 89.436660][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 89.439213][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 89.441947][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 89.444078][ T5314] do_xdp_generic+0x699/0x11a0
[ 89.446067][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 89.448644][ T5314] __netif_receive_skb+0x72/0x380
[ 89.450735][ T5314] netif_receive_skb+0x1cb/0x790
[ 89.452891][ T5314] tun_rx_batched+0x1b9/0x730
[ 89.455188][ T5314] tun_get_user+0x298e/0x3ce0
[ 89.457423][ T5314] tun_chr_write_iter+0x113/0x200
[ 89.459658][ T5314] vfs_write+0x54b/0xa90
[ 89.461458][ T5314] ksys_write+0x145/0x250
[ 89.463036][ T5314] do_syscall_64+0xfa/0x3b0
[ 89.465031][ T5314] page last free pid 5308 tgid 5308 stack trace:
[ 89.467651][ T5314] __free_frozen_pages+0xc71/0xe70
[ 89.469652][ T5314] __tlb_remove_table+0x2d2/0x3b0
[ 89.471882][ T5314] tlb_remove_table_rcu+0x85/0x100
[ 89.474326][ T5314] rcu_core+0xca5/0x1710
[ 89.476591][ T5314] handle_softirqs+0x286/0x870
[ 89.479113][ T5314] __irq_exit_rcu+0xca/0x1f0
[ 89.481408][ T5314] irq_exit_rcu+0x9/0x30
[ 89.483312][ T5314] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 89.485996][ T5314] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 89.489026][ T5314] Modules linked in:
[ 89.491169][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 89.491189][ T5314] Tainted: [B]=BAD_PAGE
[ 89.491193][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.491200][ T5314] Call Trace:
[ 89.491228][ T5314]
[ 89.491247][ T5314] dump_stack_lvl+0x189/0x250
[ 89.491297][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 89.491327][ T5314] ? __pfx_print_modules+0x10/0x10
[ 89.491341][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.491355][ T5314] bad_page+0x180/0x1c0
[ 89.491370][ T5314] __free_frozen_pages+0xe17/0xe70
[ 89.491385][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 89.491407][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 89.491422][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 89.491433][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 89.491455][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 89.491475][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 89.491490][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 89.491512][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 89.491525][ T5314] ? __up_read+0x280/0x680
[ 89.491539][ T5314] ? __pfx___up_read+0x10/0x10
[ 89.491550][ T5314] ? lock_release+0x4b/0x3e0
[ 89.491568][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 89.491580][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.491592][ T5314] ? irqentry_exit+0x74/0x90
[ 89.491604][ T5314] ? exc_page_fault+0x9f/0xf0
[ 89.491623][ T5314] ? netif_receive_skb+0x115/0x790
[ 89.491633][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.491644][ T5314] ? lock_acquire+0x5f/0x360
[ 89.491660][ T5314] __netif_receive_skb+0x72/0x380
[ 89.491704][ T5314] ? netif_receive_skb+0x115/0x790
[ 89.491715][ T5314] netif_receive_skb+0x1cb/0x790
[ 89.491726][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 89.491744][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 89.491760][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 89.491778][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 89.491795][ T5314] ? tun_rx_batched+0x160/0x730
[ 89.491805][ T5314] tun_rx_batched+0x1b9/0x730
[ 89.491814][ T5314] ? skb_header_pointer+0x8e/0x120
[ 89.491852][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 89.491862][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 89.491870][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.491878][ T5314] ? lock_acquire+0x5f/0x360
[ 89.491891][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 89.491909][ T5314] tun_get_user+0x298e/0x3ce0
[ 89.491920][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 89.491929][ T5314] ? aa_file_perm+0x11f/0xed0
[ 89.491946][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.491954][ T5314] ? lock_release+0x4b/0x3e0
[ 89.491965][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 89.491974][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 89.491980][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 89.491991][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 89.492000][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 89.492011][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 89.492024][ T5314] ? tun_get+0x1c/0x2f0
[ 89.492038][ T5314] ? tun_get+0x1c/0x2f0
[ 89.492051][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.492060][ T5314] ? tun_get+0x1c/0x2f0
[ 89.492075][ T5314] ? lock_release+0x4b/0x3e0
[ 89.492090][ T5314] ? tun_get+0x1c/0x2f0
[ 89.492106][ T5314] tun_chr_write_iter+0x113/0x200
[ 89.492121][ T5314] vfs_write+0x54b/0xa90
[ 89.492130][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.492140][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 89.492155][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 89.492167][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 89.492185][ T5314] ksys_write+0x145/0x250
[ 89.492196][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 89.492205][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.492215][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.492224][ T5314] do_syscall_64+0xfa/0x3b0
[ 89.492236][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.492247][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 89.492266][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.492277][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 89.492305][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 89.492331][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 89.492358][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 89.492365][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 89.492372][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 89.492379][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 89.492387][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 89.492398][ T5314]
[ 89.492408][ T5314] BUG: Bad page state in process syz-executor246 pfn:43fb4
[ 89.711890][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888043fb4140 pfn:0x43fb4
[ 89.716653][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 89.720434][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 89.724046][ T5314] raw: ffff888043fb4140 0000000000000001 00000000ffffffff 0000000000000000
[ 89.727783][ T5314] page dumped because: page_pool leak
[ 89.730492][ T5314] page_owner tracks the page as allocated
[ 89.733331][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399634619, free_ts 89396964352
[ 89.741051][ T5314] post_alloc_hook+0x240/0x2a0
[ 89.743360][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 89.746725][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 89.749826][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 89.752265][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 89.754853][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 89.757141][ T5314] do_xdp_generic+0x699/0x11a0
[ 89.759291][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 89.761778][ T5314] __netif_receive_skb+0x72/0x380
[ 89.764381][ T5314] netif_receive_skb+0x1cb/0x790
[ 89.767703][ T5314] tun_rx_batched+0x1b9/0x730
[ 89.769876][ T5314] tun_get_user+0x298e/0x3ce0
[ 89.772104][ T5314] tun_chr_write_iter+0x113/0x200
[ 89.774237][ T5314] vfs_write+0x54b/0xa90
[ 89.776151][ T5314] ksys_write+0x145/0x250
[ 89.778160][ T5314] do_syscall_64+0xfa/0x3b0
[ 89.780304][ T5314] page last free pid 5308 tgid 5308 stack trace:
[ 89.783568][ T5314] __free_frozen_pages+0xc71/0xe70
[ 89.786583][ T5314] __tlb_remove_table+0x2d2/0x3b0
[ 89.789007][ T5314] tlb_remove_table_rcu+0x85/0x100
[ 89.791273][ T5314] rcu_core+0xca5/0x1710
[ 89.793246][ T5314] handle_softirqs+0x286/0x870
[ 89.795397][ T5314] __irq_exit_rcu+0xca/0x1f0
[ 89.797766][ T5314] irq_exit_rcu+0x9/0x30
[ 89.799994][ T5314] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 89.802777][ T5314] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 89.805414][ T5314] Modules linked in:
[ 89.807191][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 89.807208][ T5314] Tainted: [B]=BAD_PAGE
[ 89.807212][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.807219][ T5314] Call Trace:
[ 89.807227][ T5314]
[ 89.807233][ T5314] dump_stack_lvl+0x189/0x250
[ 89.807253][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 89.807268][ T5314] ? __pfx_print_modules+0x10/0x10
[ 89.807280][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.807293][ T5314] bad_page+0x180/0x1c0
[ 89.807317][ T5314] __free_frozen_pages+0xe17/0xe70
[ 89.807331][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 89.807351][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 89.807364][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 89.807374][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 89.807397][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 89.807414][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 89.807428][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 89.807449][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 89.807461][ T5314] ? __up_read+0x280/0x680
[ 89.807473][ T5314] ? __pfx___up_read+0x10/0x10
[ 89.807482][ T5314] ? lock_release+0x4b/0x3e0
[ 89.807497][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 89.807509][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.807519][ T5314] ? irqentry_exit+0x74/0x90
[ 89.807527][ T5314] ? exc_page_fault+0x9f/0xf0
[ 89.807544][ T5314] ? netif_receive_skb+0x115/0x790
[ 89.807552][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.807561][ T5314] ? lock_acquire+0x5f/0x360
[ 89.807573][ T5314] __netif_receive_skb+0x72/0x380
[ 89.807584][ T5314] ? netif_receive_skb+0x115/0x790
[ 89.807594][ T5314] netif_receive_skb+0x1cb/0x790
[ 89.807603][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 89.807618][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 89.807632][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 89.807648][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 89.807662][ T5314] ? tun_rx_batched+0x160/0x730
[ 89.807710][ T5314] tun_rx_batched+0x1b9/0x730
[ 89.807719][ T5314] ? skb_header_pointer+0x8e/0x120
[ 89.807735][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 89.807744][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 89.807752][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.807761][ T5314] ? lock_acquire+0x5f/0x360
[ 89.807774][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 89.807791][ T5314] tun_get_user+0x298e/0x3ce0
[ 89.807800][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 89.807808][ T5314] ? aa_file_perm+0x11f/0xed0
[ 89.807823][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.807832][ T5314] ? lock_release+0x4b/0x3e0
[ 89.807844][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 89.807858][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 89.807866][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 89.807880][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 89.807893][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 89.807907][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 89.807921][ T5314] ? tun_get+0x1c/0x2f0
[ 89.807934][ T5314] ? tun_get+0x1c/0x2f0
[ 89.807944][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.807949][ T5314] ? tun_get+0x1c/0x2f0
[ 89.807956][ T5314] ? lock_release+0x4b/0x3e0
[ 89.807965][ T5314] ? tun_get+0x1c/0x2f0
[ 89.807974][ T5314] tun_chr_write_iter+0x113/0x200
[ 89.807984][ T5314] vfs_write+0x54b/0xa90
[ 89.807990][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.807996][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 89.808005][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 89.808012][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 89.808023][ T5314] ksys_write+0x145/0x250
[ 89.808029][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 89.808034][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.808040][ T5314] ? rcu_is_watching+0x15/0xb0
[ 89.808046][ T5314] do_syscall_64+0xfa/0x3b0
[ 89.808055][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.808061][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 89.808068][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.808074][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 89.808084][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 89.808089][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 89.808098][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 89.808102][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 89.808106][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 89.808111][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 89.808115][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 89.808121][ T5314]
[ 89.808128][ T5314] BUG: Bad page state in process syz-executor246 pfn:4335c
[ 90.026206][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804335c440 pfn:0x4335c
[ 90.031402][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 90.034329][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 90.038107][ T5314] raw: ffff88804335c440 0000000000000001 00000000ffffffff 0000000000000000
[ 90.041804][ T5314] page dumped because: page_pool leak
[ 90.044327][ T5314] page_owner tracks the page as allocated
[ 90.046873][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399625979, free_ts 89396975469
[ 90.054217][ T5314] post_alloc_hook+0x240/0x2a0
[ 90.056613][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 90.058754][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 90.061156][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 90.063470][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 90.066380][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 90.068500][ T5314] do_xdp_generic+0x699/0x11a0
[ 90.070647][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 90.073092][ T5314] __netif_receive_skb+0x72/0x380
[ 90.075451][ T5314] netif_receive_skb+0x1cb/0x790
[ 90.077958][ T5314] tun_rx_batched+0x1b9/0x730
[ 90.079941][ T5314] tun_get_user+0x298e/0x3ce0
[ 90.081830][ T5314] tun_chr_write_iter+0x113/0x200
[ 90.083605][ T5314] vfs_write+0x54b/0xa90
[ 90.085291][ T5314] ksys_write+0x145/0x250
[ 90.086941][ T5314] do_syscall_64+0xfa/0x3b0
[ 90.088719][ T5314] page last free pid 5308 tgid 5308 stack trace:
[ 90.091131][ T5314] __free_frozen_pages+0xc71/0xe70
[ 90.093659][ T5314] __tlb_remove_table+0x2d2/0x3b0
[ 90.095958][ T5314] tlb_remove_table_rcu+0x85/0x100
[ 90.098513][ T5314] rcu_core+0xca5/0x1710
[ 90.100390][ T5314] handle_softirqs+0x286/0x870
[ 90.102338][ T5314] __irq_exit_rcu+0xca/0x1f0
[ 90.104350][ T5314] irq_exit_rcu+0x9/0x30
[ 90.106121][ T5314] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 90.108943][ T5314] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 90.112213][ T5314] Modules linked in:
[ 90.114265][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 90.114285][ T5314] Tainted: [B]=BAD_PAGE
[ 90.114295][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.114304][ T5314] Call Trace:
[ 90.114423][ T5314]
[ 90.114482][ T5314] dump_stack_lvl+0x189/0x250
[ 90.114552][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 90.114589][ T5314] ? __pfx_print_modules+0x10/0x10
[ 90.114603][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.114617][ T5314] bad_page+0x180/0x1c0
[ 90.114663][ T5314] __free_frozen_pages+0xe17/0xe70
[ 90.114681][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 90.114761][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 90.114779][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 90.114790][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 90.114817][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 90.114836][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 90.114852][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 90.114875][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 90.114888][ T5314] ? __up_read+0x280/0x680
[ 90.114902][ T5314] ? __pfx___up_read+0x10/0x10
[ 90.114913][ T5314] ? lock_release+0x4b/0x3e0
[ 90.114931][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 90.114942][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.114954][ T5314] ? irqentry_exit+0x74/0x90
[ 90.114964][ T5314] ? exc_page_fault+0x9f/0xf0
[ 90.114993][ T5314] ? netif_receive_skb+0x115/0x790
[ 90.115002][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115013][ T5314] ? lock_acquire+0x5f/0x360
[ 90.115027][ T5314] __netif_receive_skb+0x72/0x380
[ 90.115038][ T5314] ? netif_receive_skb+0x115/0x790
[ 90.115046][ T5314] netif_receive_skb+0x1cb/0x790
[ 90.115055][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 90.115072][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 90.115089][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 90.115106][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 90.115122][ T5314] ? tun_rx_batched+0x160/0x730
[ 90.115132][ T5314] tun_rx_batched+0x1b9/0x730
[ 90.115218][ T5314] ? skb_header_pointer+0x8e/0x120
[ 90.115255][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 90.115264][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 90.115272][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115281][ T5314] ? lock_acquire+0x5f/0x360
[ 90.115298][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 90.115315][ T5314] tun_get_user+0x298e/0x3ce0
[ 90.115325][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 90.115333][ T5314] ? aa_file_perm+0x11f/0xed0
[ 90.115349][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115357][ T5314] ? lock_release+0x4b/0x3e0
[ 90.115370][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 90.115385][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 90.115393][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 90.115409][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 90.115421][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 90.115434][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 90.115447][ T5314] ? tun_get+0x1c/0x2f0
[ 90.115461][ T5314] ? tun_get+0x1c/0x2f0
[ 90.115475][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115483][ T5314] ? tun_get+0x1c/0x2f0
[ 90.115497][ T5314] ? lock_release+0x4b/0x3e0
[ 90.115509][ T5314] ? tun_get+0x1c/0x2f0
[ 90.115522][ T5314] tun_chr_write_iter+0x113/0x200
[ 90.115537][ T5314] vfs_write+0x54b/0xa90
[ 90.115546][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115556][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 90.115570][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 90.115581][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 90.115597][ T5314] ksys_write+0x145/0x250
[ 90.115606][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 90.115614][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115624][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.115633][ T5314] do_syscall_64+0xfa/0x3b0
[ 90.115731][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.115743][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 90.115754][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.115764][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 90.115817][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 90.115839][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 90.115866][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 90.115874][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 90.115880][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 90.115887][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 90.115893][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 90.115903][ T5314]
[ 90.115961][ T5314] BUG: Bad page state in process syz-executor246 pfn:4465c
[ 90.335755][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4465c
[ 90.340136][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 90.343339][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 90.347414][ T5314] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 90.352318][ T5314] page dumped because: page_pool leak
[ 90.354631][ T5314] page_owner tracks the page as allocated
[ 90.357190][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399616647, free_ts 89396986731
[ 90.364845][ T5314] post_alloc_hook+0x240/0x2a0
[ 90.367175][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 90.369839][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 90.372556][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 90.375227][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 90.377861][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 90.379992][ T5314] do_xdp_generic+0x699/0x11a0
[ 90.382572][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 90.385569][ T5314] __netif_receive_skb+0x72/0x380
[ 90.388294][ T5314] netif_receive_skb+0x1cb/0x790
[ 90.390377][ T5314] tun_rx_batched+0x1b9/0x730
[ 90.392395][ T5314] tun_get_user+0x298e/0x3ce0
[ 90.394399][ T5314] tun_chr_write_iter+0x113/0x200
[ 90.396764][ T5314] vfs_write+0x54b/0xa90
[ 90.398690][ T5314] ksys_write+0x145/0x250
[ 90.400733][ T5314] do_syscall_64+0xfa/0x3b0
[ 90.403041][ T5314] page last free pid 5308 tgid 5308 stack trace:
[ 90.408175][ T5314] __free_frozen_pages+0xc71/0xe70
[ 90.410599][ T5314] __tlb_remove_table+0x2d2/0x3b0
[ 90.412606][ T5314] tlb_remove_table_rcu+0x85/0x100
[ 90.414632][ T5314] rcu_core+0xca5/0x1710
[ 90.416550][ T5314] handle_softirqs+0x286/0x870
[ 90.418697][ T5314] __irq_exit_rcu+0xca/0x1f0
[ 90.421347][ T5314] irq_exit_rcu+0x9/0x30
[ 90.423878][ T5314] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 90.426909][ T5314] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 90.429761][ T5314] Modules linked in:
[ 90.431592][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 90.431611][ T5314] Tainted: [B]=BAD_PAGE
[ 90.431614][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.431621][ T5314] Call Trace:
[ 90.431628][ T5314]
[ 90.431636][ T5314] dump_stack_lvl+0x189/0x250
[ 90.431659][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 90.431702][ T5314] ? __pfx_print_modules+0x10/0x10
[ 90.431715][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.431727][ T5314] bad_page+0x180/0x1c0
[ 90.431742][ T5314] __free_frozen_pages+0xe17/0xe70
[ 90.431755][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 90.431777][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 90.431791][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 90.431801][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 90.431824][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 90.431842][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 90.431855][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 90.431874][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 90.431886][ T5314] ? __up_read+0x280/0x680
[ 90.431898][ T5314] ? __pfx___up_read+0x10/0x10
[ 90.431907][ T5314] ? lock_release+0x4b/0x3e0
[ 90.431924][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 90.431935][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.431946][ T5314] ? irqentry_exit+0x74/0x90
[ 90.431955][ T5314] ? exc_page_fault+0x9f/0xf0
[ 90.431970][ T5314] ? netif_receive_skb+0x115/0x790
[ 90.431979][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.431987][ T5314] ? lock_acquire+0x5f/0x360
[ 90.432000][ T5314] __netif_receive_skb+0x72/0x380
[ 90.432011][ T5314] ? netif_receive_skb+0x115/0x790
[ 90.432019][ T5314] netif_receive_skb+0x1cb/0x790
[ 90.432028][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 90.432043][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 90.432056][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 90.432071][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 90.432085][ T5314] ? tun_rx_batched+0x160/0x730
[ 90.432096][ T5314] tun_rx_batched+0x1b9/0x730
[ 90.432105][ T5314] ? skb_header_pointer+0x8e/0x120
[ 90.432121][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 90.432130][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 90.432136][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.432144][ T5314] ? lock_acquire+0x5f/0x360
[ 90.432156][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 90.432172][ T5314] tun_get_user+0x298e/0x3ce0
[ 90.432182][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 90.432189][ T5314] ? aa_file_perm+0x11f/0xed0
[ 90.432203][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.432210][ T5314] ? lock_release+0x4b/0x3e0
[ 90.432223][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 90.432238][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 90.432247][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 90.432263][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 90.432275][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 90.432287][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 90.432300][ T5314] ? tun_get+0x1c/0x2f0
[ 90.432313][ T5314] ? tun_get+0x1c/0x2f0
[ 90.432334][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.432342][ T5314] ? tun_get+0x1c/0x2f0
[ 90.432354][ T5314] ? lock_release+0x4b/0x3e0
[ 90.432367][ T5314] ? tun_get+0x1c/0x2f0
[ 90.432381][ T5314] tun_chr_write_iter+0x113/0x200
[ 90.432395][ T5314] vfs_write+0x54b/0xa90
[ 90.432405][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.432414][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 90.432428][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 90.432440][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 90.432455][ T5314] ksys_write+0x145/0x250
[ 90.432464][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 90.432473][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.432483][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.432492][ T5314] do_syscall_64+0xfa/0x3b0
[ 90.432503][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.432511][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 90.432522][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.432531][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 90.432542][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 90.432550][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 90.432564][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 90.432571][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 90.432577][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 90.432583][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 90.432589][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 90.432600][ T5314]
[ 90.432610][ T5314] BUG: Bad page state in process syz-executor246 pfn:44657
[ 90.653284][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44657
[ 90.658060][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 90.661078][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 90.665009][ T5314] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 90.668790][ T5314] page dumped because: page_pool leak
[ 90.671402][ T5314] page_owner tracks the page as allocated
[ 90.674695][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399606896, free_ts 89396993609
[ 90.682919][ T5314] post_alloc_hook+0x240/0x2a0
[ 90.685268][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 90.687773][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 90.690303][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 90.692983][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 90.696640][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 90.699248][ T5314] do_xdp_generic+0x699/0x11a0
[ 90.701497][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 90.704365][ T5314] __netif_receive_skb+0x72/0x380
[ 90.706577][ T5314] netif_receive_skb+0x1cb/0x790
[ 90.708742][ T5314] tun_rx_batched+0x1b9/0x730
[ 90.710865][ T5314] tun_get_user+0x298e/0x3ce0
[ 90.713075][ T5314] tun_chr_write_iter+0x113/0x200
[ 90.715874][ T5314] vfs_write+0x54b/0xa90
[ 90.718360][ T5314] ksys_write+0x145/0x250
[ 90.720696][ T5314] do_syscall_64+0xfa/0x3b0
[ 90.722805][ T5314] page last free pid 5308 tgid 5308 stack trace:
[ 90.725524][ T5314] __free_frozen_pages+0xc71/0xe70
[ 90.727883][ T5314] __tlb_remove_table+0x2d2/0x3b0
[ 90.730325][ T5314] tlb_remove_table_rcu+0x85/0x100
[ 90.732754][ T5314] rcu_core+0xca5/0x1710
[ 90.734642][ T5314] handle_softirqs+0x286/0x870
[ 90.737159][ T5314] __irq_exit_rcu+0xca/0x1f0
[ 90.739886][ T5314] irq_exit_rcu+0x9/0x30
[ 90.742421][ T5314] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 90.744975][ T5314] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 90.747523][ T5314] Modules linked in:
[ 90.749205][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 90.749224][ T5314] Tainted: [B]=BAD_PAGE
[ 90.749255][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.749263][ T5314] Call Trace:
[ 90.749346][ T5314]
[ 90.749388][ T5314] dump_stack_lvl+0x189/0x250
[ 90.749431][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 90.749473][ T5314] ? __pfx_print_modules+0x10/0x10
[ 90.749487][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.749501][ T5314] bad_page+0x180/0x1c0
[ 90.749523][ T5314] __free_frozen_pages+0xe17/0xe70
[ 90.749538][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 90.749579][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 90.749595][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 90.749606][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 90.749632][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 90.749651][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 90.749667][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 90.749690][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 90.749703][ T5314] ? __up_read+0x280/0x680
[ 90.749716][ T5314] ? __pfx___up_read+0x10/0x10
[ 90.749726][ T5314] ? lock_release+0x4b/0x3e0
[ 90.749744][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 90.749756][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.749767][ T5314] ? irqentry_exit+0x74/0x90
[ 90.749777][ T5314] ? exc_page_fault+0x9f/0xf0
[ 90.749796][ T5314] ? netif_receive_skb+0x115/0x790
[ 90.749805][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.749814][ T5314] ? lock_acquire+0x5f/0x360
[ 90.749829][ T5314] __netif_receive_skb+0x72/0x380
[ 90.749841][ T5314] ? netif_receive_skb+0x115/0x790
[ 90.749851][ T5314] netif_receive_skb+0x1cb/0x790
[ 90.749861][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 90.749879][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 90.749895][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 90.749912][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 90.749929][ T5314] ? tun_rx_batched+0x160/0x730
[ 90.749941][ T5314] tun_rx_batched+0x1b9/0x730
[ 90.749974][ T5314] ? skb_header_pointer+0x8e/0x120
[ 90.750010][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 90.750019][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 90.750027][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.750036][ T5314] ? lock_acquire+0x5f/0x360
[ 90.750049][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 90.750066][ T5314] tun_get_user+0x298e/0x3ce0
[ 90.750076][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 90.750085][ T5314] ? aa_file_perm+0x11f/0xed0
[ 90.750101][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.750110][ T5314] ? lock_release+0x4b/0x3e0
[ 90.750124][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 90.750138][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 90.750147][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 90.750164][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 90.750178][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 90.750192][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 90.750206][ T5314] ? tun_get+0x1c/0x2f0
[ 90.750221][ T5314] ? tun_get+0x1c/0x2f0
[ 90.750235][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.750243][ T5314] ? tun_get+0x1c/0x2f0
[ 90.750258][ T5314] ? lock_release+0x4b/0x3e0
[ 90.750272][ T5314] ? tun_get+0x1c/0x2f0
[ 90.750287][ T5314] tun_chr_write_iter+0x113/0x200
[ 90.750303][ T5314] vfs_write+0x54b/0xa90
[ 90.750313][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.750327][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 90.750342][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 90.750354][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 90.750372][ T5314] ksys_write+0x145/0x250
[ 90.750382][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 90.750391][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.750401][ T5314] ? rcu_is_watching+0x15/0xb0
[ 90.750411][ T5314] do_syscall_64+0xfa/0x3b0
[ 90.750486][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.750497][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 90.750509][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.750519][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 90.750566][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 90.750589][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 90.750613][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 90.750620][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 90.750627][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 90.750634][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 90.750641][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 90.750653][ T5314]
[ 90.750687][ T5314] BUG: Bad page state in process syz-executor246 pfn:447cc
[ 90.970325][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x447cc
[ 90.974312][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 90.977500][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 90.981520][ T5314] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 90.986075][ T5314] page dumped because: page_pool leak
[ 90.988436][ T5314] page_owner tracks the page as allocated
[ 90.990881][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399597543, free_ts 89397000898
[ 90.998569][ T5314] post_alloc_hook+0x240/0x2a0
[ 91.000998][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 91.003496][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 91.006135][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 91.008752][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 91.011524][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 91.013982][ T5314] do_xdp_generic+0x699/0x11a0
[ 91.016054][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.018291][ T5314] __netif_receive_skb+0x72/0x380
[ 91.020497][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.022681][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.024779][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.027062][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.029898][ T5314] vfs_write+0x54b/0xa90
[ 91.031851][ T5314] ksys_write+0x145/0x250
[ 91.033813][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.035881][ T5314] page last free pid 5308 tgid 5308 stack trace:
[ 91.038858][ T5314] __free_frozen_pages+0xc71/0xe70
[ 91.041266][ T5314] rcu_core+0xca5/0x1710
[ 91.043064][ T5314] handle_softirqs+0x286/0x870
[ 91.045116][ T5314] __irq_exit_rcu+0xca/0x1f0
[ 91.047387][ T5314] irq_exit_rcu+0x9/0x30
[ 91.049669][ T5314] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 91.052576][ T5314] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 91.055233][ T5314] Modules linked in:
[ 91.057122][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 91.057141][ T5314] Tainted: [B]=BAD_PAGE
[ 91.057146][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.057153][ T5314] Call Trace:
[ 91.057160][ T5314]
[ 91.057166][ T5314] dump_stack_lvl+0x189/0x250
[ 91.057188][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 91.057205][ T5314] ? __pfx_print_modules+0x10/0x10
[ 91.057217][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.057231][ T5314] bad_page+0x180/0x1c0
[ 91.057250][ T5314] __free_frozen_pages+0xe17/0xe70
[ 91.057264][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 91.057286][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 91.057303][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 91.057313][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 91.057340][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 91.057357][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 91.057372][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 91.057394][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.057406][ T5314] ? __up_read+0x280/0x680
[ 91.057419][ T5314] ? __pfx___up_read+0x10/0x10
[ 91.057429][ T5314] ? lock_release+0x4b/0x3e0
[ 91.057446][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 91.057458][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.057469][ T5314] ? irqentry_exit+0x74/0x90
[ 91.057480][ T5314] ? exc_page_fault+0x9f/0xf0
[ 91.057499][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.057508][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.057517][ T5314] ? lock_acquire+0x5f/0x360
[ 91.057532][ T5314] __netif_receive_skb+0x72/0x380
[ 91.057543][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.057552][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.057562][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 91.057581][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 91.057593][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 91.057608][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 91.057625][ T5314] ? tun_rx_batched+0x160/0x730
[ 91.057637][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.057646][ T5314] ? skb_header_pointer+0x8e/0x120
[ 91.057662][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 91.057672][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.057682][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.057690][ T5314] ? lock_acquire+0x5f/0x360
[ 91.057703][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 91.057722][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.057732][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.057740][ T5314] ? aa_file_perm+0x11f/0xed0
[ 91.057757][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.057768][ T5314] ? lock_release+0x4b/0x3e0
[ 91.057780][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 91.057797][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 91.057806][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 91.057824][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 91.057838][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 91.057853][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 91.057868][ T5314] ? tun_get+0x1c/0x2f0
[ 91.057882][ T5314] ? tun_get+0x1c/0x2f0
[ 91.057896][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.057906][ T5314] ? tun_get+0x1c/0x2f0
[ 91.057919][ T5314] ? lock_release+0x4b/0x3e0
[ 91.057933][ T5314] ? tun_get+0x1c/0x2f0
[ 91.057950][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.057976][ T5314] vfs_write+0x54b/0xa90
[ 91.057986][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.057997][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 91.058013][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 91.058024][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 91.058042][ T5314] ksys_write+0x145/0x250
[ 91.058054][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 91.058062][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.058072][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.058082][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.058095][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.058105][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 91.058116][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.058128][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 91.058144][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 91.058153][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 91.058166][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 91.058173][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 91.058180][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 91.058187][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 91.058195][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 91.058205][ T5314]
[ 91.058214][ T5314] BUG: Bad page state in process syz-executor246 pfn:42ba3
[ 91.281398][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888042ba3dc0 pfn:0x42ba3
[ 91.286118][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 91.290061][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 91.293882][ T5314] raw: ffff888042ba3dc0 0000000000000001 00000000ffffffff 0000000000000000
[ 91.297795][ T5314] page dumped because: page_pool leak
[ 91.300336][ T5314] page_owner tracks the page as allocated
[ 91.303079][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399588355, free_ts 89397953041
[ 91.310650][ T5314] post_alloc_hook+0x240/0x2a0
[ 91.312779][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 91.315371][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 91.318505][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 91.321272][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 91.324054][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 91.326170][ T5314] do_xdp_generic+0x699/0x11a0
[ 91.328608][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.331911][ T5314] __netif_receive_skb+0x72/0x380
[ 91.334635][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.337022][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.339099][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.341235][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.343534][ T5314] vfs_write+0x54b/0xa90
[ 91.345447][ T5314] ksys_write+0x145/0x250
[ 91.347465][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.349820][ T5314] page last free pid 15 tgid 15 stack trace:
[ 91.353139][ T5314] __free_frozen_pages+0xc71/0xe70
[ 91.355639][ T5314] rcu_core+0xca5/0x1710
[ 91.357613][ T5314] handle_softirqs+0x286/0x870
[ 91.359619][ T5314] run_ksoftirqd+0x9b/0x100
[ 91.361778][ T5314] smpboot_thread_fn+0x53f/0xa60
[ 91.364079][ T5314] kthread+0x70e/0x8a0
[ 91.366479][ T5314] ret_from_fork+0x3f9/0x770
[ 91.368929][ T5314] ret_from_fork_asm+0x1a/0x30
[ 91.371531][ T5314] Modules linked in:
[ 91.373258][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 91.373277][ T5314] Tainted: [B]=BAD_PAGE
[ 91.373303][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.373310][ T5314] Call Trace:
[ 91.373371][ T5314]
[ 91.373426][ T5314] dump_stack_lvl+0x189/0x250
[ 91.373472][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 91.373499][ T5314] ? __pfx_print_modules+0x10/0x10
[ 91.373511][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.373524][ T5314] bad_page+0x180/0x1c0
[ 91.373548][ T5314] __free_frozen_pages+0xe17/0xe70
[ 91.373563][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 91.373593][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 91.373606][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 91.373617][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 91.373640][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 91.373658][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 91.373672][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 91.373691][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.373702][ T5314] ? __up_read+0x280/0x680
[ 91.373714][ T5314] ? __pfx___up_read+0x10/0x10
[ 91.373724][ T5314] ? lock_release+0x4b/0x3e0
[ 91.373738][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 91.373749][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.373760][ T5314] ? irqentry_exit+0x74/0x90
[ 91.373769][ T5314] ? exc_page_fault+0x9f/0xf0
[ 91.373785][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.373794][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.373803][ T5314] ? lock_acquire+0x5f/0x360
[ 91.373817][ T5314] __netif_receive_skb+0x72/0x380
[ 91.373828][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.373837][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.373843][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 91.373853][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 91.373863][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 91.373873][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 91.373883][ T5314] ? tun_rx_batched+0x160/0x730
[ 91.373891][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.373915][ T5314] ? skb_header_pointer+0x8e/0x120
[ 91.373935][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 91.373940][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.373945][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.373951][ T5314] ? lock_acquire+0x5f/0x360
[ 91.373959][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 91.373970][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.373976][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.373981][ T5314] ? aa_file_perm+0x11f/0xed0
[ 91.373992][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.373997][ T5314] ? lock_release+0x4b/0x3e0
[ 91.374005][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 91.374016][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 91.374024][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 91.374038][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 91.374051][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 91.374061][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 91.374070][ T5314] ? tun_get+0x1c/0x2f0
[ 91.374079][ T5314] ? tun_get+0x1c/0x2f0
[ 91.374088][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.374093][ T5314] ? tun_get+0x1c/0x2f0
[ 91.374101][ T5314] ? lock_release+0x4b/0x3e0
[ 91.374110][ T5314] ? tun_get+0x1c/0x2f0
[ 91.374119][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.374128][ T5314] vfs_write+0x54b/0xa90
[ 91.374135][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.374140][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 91.374149][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 91.374156][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 91.374168][ T5314] ksys_write+0x145/0x250
[ 91.374174][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 91.374179][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.374185][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.374191][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.374224][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.374230][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 91.374237][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.374247][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 91.374303][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 91.374322][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 91.374344][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 91.374350][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 91.374355][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 91.374359][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 91.374363][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 91.374370][ T5314]
[ 91.374411][ T5314] BUG: Bad page state in process syz-executor246 pfn:3ff66
[ 91.594192][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803ff66280 pfn:0x3ff66
[ 91.597975][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 91.600668][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 91.604015][ T5314] raw: ffff88803ff66280 0000000000000001 00000000ffffffff 0000000000000000
[ 91.607933][ T5314] page dumped because: page_pool leak
[ 91.610575][ T5314] page_owner tracks the page as allocated
[ 91.613427][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399578668, free_ts 89397962521
[ 91.620948][ T5314] post_alloc_hook+0x240/0x2a0
[ 91.623067][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 91.625869][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 91.629077][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 91.631692][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 91.634266][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 91.636324][ T5314] do_xdp_generic+0x699/0x11a0
[ 91.638421][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.641172][ T5314] __netif_receive_skb+0x72/0x380
[ 91.643774][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.646009][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.648191][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.650267][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.652451][ T5314] vfs_write+0x54b/0xa90
[ 91.654310][ T5314] ksys_write+0x145/0x250
[ 91.656554][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.658792][ T5314] page last free pid 15 tgid 15 stack trace:
[ 91.661430][ T5314] __free_frozen_pages+0xc71/0xe70
[ 91.663743][ T5314] rcu_core+0xca5/0x1710
[ 91.665880][ T5314] handle_softirqs+0x286/0x870
[ 91.668201][ T5314] run_ksoftirqd+0x9b/0x100
[ 91.670688][ T5314] smpboot_thread_fn+0x53f/0xa60
[ 91.673545][ T5314] kthread+0x70e/0x8a0
[ 91.675711][ T5314] ret_from_fork+0x3f9/0x770
[ 91.677652][ T5314] ret_from_fork_asm+0x1a/0x30
[ 91.679434][ T5314] Modules linked in:
[ 91.681043][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 91.681060][ T5314] Tainted: [B]=BAD_PAGE
[ 91.681064][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.681070][ T5314] Call Trace:
[ 91.681077][ T5314]
[ 91.681084][ T5314] dump_stack_lvl+0x189/0x250
[ 91.681105][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 91.681119][ T5314] ? __pfx_print_modules+0x10/0x10
[ 91.681132][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.681209][ T5314] bad_page+0x180/0x1c0
[ 91.681225][ T5314] __free_frozen_pages+0xe17/0xe70
[ 91.681233][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 91.681247][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 91.681256][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 91.681263][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 91.681278][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 91.681290][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 91.681307][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 91.681328][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.681339][ T5314] ? __up_read+0x280/0x680
[ 91.681350][ T5314] ? __pfx___up_read+0x10/0x10
[ 91.681359][ T5314] ? lock_release+0x4b/0x3e0
[ 91.681376][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 91.681387][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681397][ T5314] ? irqentry_exit+0x74/0x90
[ 91.681407][ T5314] ? exc_page_fault+0x9f/0xf0
[ 91.681420][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.681426][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681431][ T5314] ? lock_acquire+0x5f/0x360
[ 91.681439][ T5314] __netif_receive_skb+0x72/0x380
[ 91.681446][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.681451][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.681459][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 91.681474][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 91.681488][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 91.681502][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 91.681517][ T5314] ? tun_rx_batched+0x160/0x730
[ 91.681527][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.681536][ T5314] ? skb_header_pointer+0x8e/0x120
[ 91.681552][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 91.681561][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.681569][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681578][ T5314] ? lock_acquire+0x5f/0x360
[ 91.681587][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 91.681598][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.681604][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.681609][ T5314] ? aa_file_perm+0x11f/0xed0
[ 91.681619][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681625][ T5314] ? lock_release+0x4b/0x3e0
[ 91.681633][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 91.681642][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 91.681648][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 91.681658][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 91.681667][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 91.681675][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 91.681684][ T5314] ? tun_get+0x1c/0x2f0
[ 91.681693][ T5314] ? tun_get+0x1c/0x2f0
[ 91.681704][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681712][ T5314] ? tun_get+0x1c/0x2f0
[ 91.681723][ T5314] ? lock_release+0x4b/0x3e0
[ 91.681735][ T5314] ? tun_get+0x1c/0x2f0
[ 91.681749][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.681766][ T5314] vfs_write+0x54b/0xa90
[ 91.681775][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681786][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 91.681802][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 91.681809][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 91.681820][ T5314] ksys_write+0x145/0x250
[ 91.681827][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 91.681833][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681839][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.681845][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.681852][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.681859][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 91.681866][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.681873][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 91.681882][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 91.681887][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 91.681896][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 91.681901][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 91.681906][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 91.681910][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 91.681914][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 91.681921][ T5314]
[ 91.681929][ T5314] BUG: Bad page state in process syz-executor246 pfn:4445e
[ 91.896104][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804445ea00 pfn:0x4445e
[ 91.900817][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 91.904201][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 91.907918][ T5314] raw: ffff88804445ea00 0000000000000001 00000000ffffffff 0000000000000000
[ 91.911636][ T5314] page dumped because: page_pool leak
[ 91.914358][ T5314] page_owner tracks the page as allocated
[ 91.917011][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399569560, free_ts 89397968995
[ 91.923750][ T5314] post_alloc_hook+0x240/0x2a0
[ 91.926074][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 91.929611][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 91.933124][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 91.935677][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 91.938357][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 91.941589][ T5314] do_xdp_generic+0x699/0x11a0
[ 91.944092][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.947580][ T5314] __netif_receive_skb+0x72/0x380
[ 91.950281][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.952559][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.954697][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.956914][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.959157][ T5314] vfs_write+0x54b/0xa90
[ 91.961399][ T5314] ksys_write+0x145/0x250
[ 91.963754][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.967825][ T5314] page last free pid 15 tgid 15 stack trace:
[ 91.970449][ T5314] __free_frozen_pages+0xc71/0xe70
[ 91.972672][ T5314] rcu_core+0xca5/0x1710
[ 91.974608][ T5314] handle_softirqs+0x286/0x870
[ 91.976804][ T5314] run_ksoftirqd+0x9b/0x100
[ 91.978755][ T5314] smpboot_thread_fn+0x53f/0xa60
[ 91.980928][ T5314] kthread+0x70e/0x8a0
[ 91.982604][ T5314] ret_from_fork+0x3f9/0x770
[ 91.984627][ T5314] ret_from_fork_asm+0x1a/0x30
[ 91.987163][ T5314] Modules linked in:
[ 91.989090][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 91.989109][ T5314] Tainted: [B]=BAD_PAGE
[ 91.989138][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.989145][ T5314] Call Trace:
[ 91.989208][ T5314]
[ 91.989284][ T5314] dump_stack_lvl+0x189/0x250
[ 91.989347][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 91.989374][ T5314] ? __pfx_print_modules+0x10/0x10
[ 91.989386][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.989400][ T5314] bad_page+0x180/0x1c0
[ 91.989430][ T5314] __free_frozen_pages+0xe17/0xe70
[ 91.989494][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 91.989538][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 91.989552][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 91.989562][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 91.989583][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 91.989598][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 91.989610][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 91.989631][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 91.989644][ T5314] ? __up_read+0x280/0x680
[ 91.989656][ T5314] ? __pfx___up_read+0x10/0x10
[ 91.989665][ T5314] ? lock_release+0x4b/0x3e0
[ 91.989681][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 91.989693][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.989703][ T5314] ? irqentry_exit+0x74/0x90
[ 91.989713][ T5314] ? exc_page_fault+0x9f/0xf0
[ 91.989730][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.989738][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.989746][ T5314] ? lock_acquire+0x5f/0x360
[ 91.989759][ T5314] __netif_receive_skb+0x72/0x380
[ 91.989770][ T5314] ? netif_receive_skb+0x115/0x790
[ 91.989779][ T5314] netif_receive_skb+0x1cb/0x790
[ 91.989787][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 91.989804][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 91.989818][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 91.989833][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 91.989863][ T5314] ? tun_rx_batched+0x160/0x730
[ 91.989874][ T5314] tun_rx_batched+0x1b9/0x730
[ 91.989900][ T5314] ? skb_header_pointer+0x8e/0x120
[ 91.989927][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 91.989936][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.989944][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.989953][ T5314] ? lock_acquire+0x5f/0x360
[ 91.989964][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 91.989979][ T5314] tun_get_user+0x298e/0x3ce0
[ 91.989996][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 91.990005][ T5314] ? aa_file_perm+0x11f/0xed0
[ 91.990019][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.990026][ T5314] ? lock_release+0x4b/0x3e0
[ 91.990043][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 91.990057][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 91.990065][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 91.990081][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 91.990094][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 91.990108][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 91.990120][ T5314] ? tun_get+0x1c/0x2f0
[ 91.990136][ T5314] ? tun_get+0x1c/0x2f0
[ 91.990150][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.990157][ T5314] ? tun_get+0x1c/0x2f0
[ 91.990172][ T5314] ? lock_release+0x4b/0x3e0
[ 91.990185][ T5314] ? tun_get+0x1c/0x2f0
[ 91.990198][ T5314] tun_chr_write_iter+0x113/0x200
[ 91.990214][ T5314] vfs_write+0x54b/0xa90
[ 91.990224][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.990233][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 91.990246][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 91.990255][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 91.990271][ T5314] ksys_write+0x145/0x250
[ 91.990281][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 91.990289][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.990299][ T5314] ? rcu_is_watching+0x15/0xb0
[ 91.990308][ T5314] do_syscall_64+0xfa/0x3b0
[ 91.990421][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.990431][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 91.990441][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.990451][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 91.990501][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 91.990520][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 91.990545][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 91.990552][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 91.990559][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 91.990566][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 91.990572][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 91.990582][ T5314]
[ 91.990619][ T5314] BUG: Bad page state in process syz-executor246 pfn:44488
[ 92.207457][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888044488640 pfn:0x44488
[ 92.211619][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 92.215094][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 92.219297][ T5314] raw: ffff888044488640 0000000000000001 00000000ffffffff 0000000000000000
[ 92.222822][ T5314] page dumped because: page_pool leak
[ 92.225099][ T5314] page_owner tracks the page as allocated
[ 92.227814][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399560341, free_ts 89397976849
[ 92.236740][ T5314] post_alloc_hook+0x240/0x2a0
[ 92.238768][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 92.241156][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 92.243900][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 92.247052][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 92.250170][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 92.252362][ T5314] do_xdp_generic+0x699/0x11a0
[ 92.254321][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 92.256618][ T5314] __netif_receive_skb+0x72/0x380
[ 92.258727][ T5314] netif_receive_skb+0x1cb/0x790
[ 92.260941][ T5314] tun_rx_batched+0x1b9/0x730
[ 92.263413][ T5314] tun_get_user+0x298e/0x3ce0
[ 92.266118][ T5314] tun_chr_write_iter+0x113/0x200
[ 92.268618][ T5314] vfs_write+0x54b/0xa90
[ 92.270489][ T5314] ksys_write+0x145/0x250
[ 92.272217][ T5314] do_syscall_64+0xfa/0x3b0
[ 92.274071][ T5314] page last free pid 15 tgid 15 stack trace:
[ 92.276769][ T5314] __free_frozen_pages+0xc71/0xe70
[ 92.279003][ T5314] rcu_core+0xca5/0x1710
[ 92.281018][ T5314] handle_softirqs+0x286/0x870
[ 92.283359][ T5314] run_ksoftirqd+0x9b/0x100
[ 92.285802][ T5314] smpboot_thread_fn+0x53f/0xa60
[ 92.288626][ T5314] kthread+0x70e/0x8a0
[ 92.290555][ T5314] ret_from_fork+0x3f9/0x770
[ 92.292554][ T5314] ret_from_fork_asm+0x1a/0x30
[ 92.294645][ T5314] Modules linked in:
[ 92.296506][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 92.296523][ T5314] Tainted: [B]=BAD_PAGE
[ 92.296526][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.296533][ T5314] Call Trace:
[ 92.296540][ T5314]
[ 92.296547][ T5314] dump_stack_lvl+0x189/0x250
[ 92.296568][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 92.296584][ T5314] ? __pfx_print_modules+0x10/0x10
[ 92.296597][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.296609][ T5314] bad_page+0x180/0x1c0
[ 92.296626][ T5314] __free_frozen_pages+0xe17/0xe70
[ 92.296640][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 92.296660][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 92.296672][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 92.296683][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 92.296707][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 92.296723][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 92.296737][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 92.296757][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 92.296768][ T5314] ? __up_read+0x280/0x680
[ 92.296780][ T5314] ? __pfx___up_read+0x10/0x10
[ 92.296789][ T5314] ? lock_release+0x4b/0x3e0
[ 92.296805][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 92.296815][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.296826][ T5314] ? irqentry_exit+0x74/0x90
[ 92.296835][ T5314] ? exc_page_fault+0x9f/0xf0
[ 92.296853][ T5314] ? netif_receive_skb+0x115/0x790
[ 92.296861][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.296870][ T5314] ? lock_acquire+0x5f/0x360
[ 92.296883][ T5314] __netif_receive_skb+0x72/0x380
[ 92.296894][ T5314] ? netif_receive_skb+0x115/0x790
[ 92.296903][ T5314] netif_receive_skb+0x1cb/0x790
[ 92.296911][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 92.296928][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 92.296942][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 92.296958][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 92.296973][ T5314] ? tun_rx_batched+0x160/0x730
[ 92.296983][ T5314] tun_rx_batched+0x1b9/0x730
[ 92.296993][ T5314] ? skb_header_pointer+0x8e/0x120
[ 92.297009][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 92.297018][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 92.297027][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.297036][ T5314] ? lock_acquire+0x5f/0x360
[ 92.297048][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 92.297064][ T5314] tun_get_user+0x298e/0x3ce0
[ 92.297073][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 92.297082][ T5314] ? aa_file_perm+0x11f/0xed0
[ 92.297098][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.297108][ T5314] ? lock_release+0x4b/0x3e0
[ 92.297120][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 92.297134][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 92.297142][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 92.297158][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 92.297171][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 92.297184][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 92.297198][ T5314] ? tun_get+0x1c/0x2f0
[ 92.297211][ T5314] ? tun_get+0x1c/0x2f0
[ 92.297223][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.297230][ T5314] ? tun_get+0x1c/0x2f0
[ 92.297243][ T5314] ? lock_release+0x4b/0x3e0
[ 92.297256][ T5314] ? tun_get+0x1c/0x2f0
[ 92.297271][ T5314] tun_chr_write_iter+0x113/0x200
[ 92.297296][ T5314] vfs_write+0x54b/0xa90
[ 92.297304][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.297310][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 92.297319][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 92.297327][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 92.297338][ T5314] ksys_write+0x145/0x250
[ 92.297345][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 92.297353][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.297361][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.297372][ T5314] do_syscall_64+0xfa/0x3b0
[ 92.297383][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.297392][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 92.297404][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.297414][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 92.297425][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 92.297434][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 92.297447][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 92.297454][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 92.297461][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 92.297467][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 92.297473][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 92.297483][ T5314]
[ 92.297504][ T5314] BUG: Bad page state in process syz-executor246 pfn:3f2eb
[ 92.513515][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f2ebdc0 pfn:0x3f2eb
[ 92.517558][ T5314] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 92.520712][ T5314] raw: 04fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 92.524365][ T5314] raw: ffff88803f2ebdc0 0000000000000001 00000000ffffffff 0000000000000000
[ 92.528788][ T5314] page dumped because: page_pool leak
[ 92.531163][ T5314] page_owner tracks the page as allocated
[ 92.533629][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5314, tgid 5314 (syz-executor246), ts 89399548538, free_ts 89397983569
[ 92.541348][ T5314] post_alloc_hook+0x240/0x2a0
[ 92.543886][ T5314] get_page_from_freelist+0x21e4/0x22c0
[ 92.546932][ T5314] __alloc_frozen_pages_noprof+0x181/0x370
[ 92.549296][ T5314] alloc_pages_bulk_noprof+0x560/0x710
[ 92.551534][ T5314] __page_pool_alloc_pages_slow+0x127/0x740
[ 92.554071][ T5314] skb_pp_cow_data+0xb47/0x13e0
[ 92.556192][ T5314] do_xdp_generic+0x699/0x11a0
[ 92.558358][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 92.561208][ T5314] __netif_receive_skb+0x72/0x380
[ 92.564247][ T5314] netif_receive_skb+0x1cb/0x790
[ 92.566816][ T5314] tun_rx_batched+0x1b9/0x730
[ 92.568941][ T5314] tun_get_user+0x298e/0x3ce0
[ 92.570930][ T5314] tun_chr_write_iter+0x113/0x200
[ 92.572829][ T5314] vfs_write+0x54b/0xa90
[ 92.574329][ T5314] ksys_write+0x145/0x250
[ 92.575978][ T5314] do_syscall_64+0xfa/0x3b0
[ 92.577870][ T5314] page last free pid 15 tgid 15 stack trace:
[ 92.580484][ T5314] __free_frozen_pages+0xc71/0xe70
[ 92.583023][ T5314] rcu_core+0xca5/0x1710
[ 92.585186][ T5314] handle_softirqs+0x286/0x870
[ 92.587685][ T5314] run_ksoftirqd+0x9b/0x100
[ 92.589689][ T5314] smpboot_thread_fn+0x53f/0xa60
[ 92.591867][ T5314] kthread+0x70e/0x8a0
[ 92.593642][ T5314] ret_from_fork+0x3f9/0x770
[ 92.595642][ T5314] ret_from_fork_asm+0x1a/0x30
[ 92.598034][ T5314] Modules linked in:
[ 92.600233][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 92.600263][ T5314] Tainted: [B]=BAD_PAGE
[ 92.600268][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.600276][ T5314] Call Trace:
[ 92.600285][ T5314]
[ 92.600293][ T5314] dump_stack_lvl+0x189/0x250
[ 92.600319][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 92.600339][ T5314] ? __pfx_print_modules+0x10/0x10
[ 92.600356][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.600372][ T5314] bad_page+0x180/0x1c0
[ 92.600387][ T5314] __free_frozen_pages+0xe17/0xe70
[ 92.600403][ T5314] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 92.600429][ T5314] bpf_xdp_adjust_tail+0x1d6/0x220
[ 92.600445][ T5314] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 92.600458][ T5314] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 92.600488][ T5314] do_xdp_generic+0x9f7/0x11a0
[ 92.600511][ T5314] ? __pfx_do_xdp_generic+0x10/0x10
[ 92.600528][ T5314] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 92.600546][ T5314] __netif_receive_skb_core+0x1823/0x4180
[ 92.600557][ T5314] ? __up_read+0x280/0x680
[ 92.600572][ T5314] ? __pfx___up_read+0x10/0x10
[ 92.600584][ T5314] ? lock_release+0x4b/0x3e0
[ 92.600604][ T5314] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 92.600620][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.600634][ T5314] ? irqentry_exit+0x74/0x90
[ 92.600646][ T5314] ? exc_page_fault+0x9f/0xf0
[ 92.600665][ T5314] ? netif_receive_skb+0x115/0x790
[ 92.600676][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.600687][ T5314] ? lock_acquire+0x5f/0x360
[ 92.600703][ T5314] __netif_receive_skb+0x72/0x380
[ 92.600717][ T5314] ? netif_receive_skb+0x115/0x790
[ 92.600728][ T5314] netif_receive_skb+0x1cb/0x790
[ 92.600739][ T5314] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 92.600759][ T5314] ? __pfx_netif_receive_skb+0x10/0x10
[ 92.600779][ T5314] ? __pfx__copy_from_iter+0x10/0x10
[ 92.600798][ T5314] ? sock_alloc_send_pskb+0x875/0x990
[ 92.600816][ T5314] ? tun_rx_batched+0x160/0x730
[ 92.600827][ T5314] tun_rx_batched+0x1b9/0x730
[ 92.600839][ T5314] ? skb_header_pointer+0x8e/0x120
[ 92.600858][ T5314] ? __pfx_tun_rx_batched+0x10/0x10
[ 92.600869][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 92.600880][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.600892][ T5314] ? lock_acquire+0x5f/0x360
[ 92.600909][ T5314] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 92.600930][ T5314] tun_get_user+0x298e/0x3ce0
[ 92.600939][ T5314] ? tun_get_user+0x2549/0x3ce0
[ 92.600946][ T5314] ? aa_file_perm+0x11f/0xed0
[ 92.600958][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.600965][ T5314] ? lock_release+0x4b/0x3e0
[ 92.600979][ T5314] ? __pfx_ref_tracker_free+0x10/0x10
[ 92.600995][ T5314] ? __pfx_tun_get_user+0x10/0x10
[ 92.601005][ T5314] ? aa_file_perm+0x3e7/0xed0
[ 92.601024][ T5314] ? ref_tracker_alloc+0x318/0x460
[ 92.601041][ T5314] ? bpf_xdp_link_attach+0x666/0x8c0
[ 92.601056][ T5314] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 92.601075][ T5314] ? tun_get+0x1c/0x2f0
[ 92.601093][ T5314] ? tun_get+0x1c/0x2f0
[ 92.601110][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.601123][ T5314] ? tun_get+0x1c/0x2f0
[ 92.601140][ T5314] ? lock_release+0x4b/0x3e0
[ 92.601158][ T5314] ? tun_get+0x1c/0x2f0
[ 92.601178][ T5314] tun_chr_write_iter+0x113/0x200
[ 92.601199][ T5314] vfs_write+0x54b/0xa90
[ 92.601211][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.601223][ T5314] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 92.601245][ T5314] ? __pfx_vfs_write+0x10/0x10
[ 92.601267][ T5314] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 92.601288][ T5314] ksys_write+0x145/0x250
[ 92.601301][ T5314] ? __pfx_ksys_write+0x10/0x10
[ 92.601311][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.601324][ T5314] ? rcu_is_watching+0x15/0xb0
[ 92.601337][ T5314] do_syscall_64+0xfa/0x3b0
[ 92.601352][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.601366][ T5314] ? clear_bhb_loop+0x60/0xb0
[ 92.601379][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.601388][ T5314] RIP: 0033:0x7f3452b9cdf0
[ 92.601400][ T5314] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 92.601410][ T5314] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 92.601425][ T5314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 92.601434][ T5314] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 92.601442][ T5314] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 92.601450][ T5314] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 92.601459][ T5314] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 92.601473][ T5314]
[ 92.833083][ T10] cfg80211: failed to load regulatory.db
executing program
[ 92.915460][ T5316] BUG: Bad page state in process syz-executor246 pfn:12275
[ 92.919167][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012275500 pfn:0x12275
[ 92.923680][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.926860][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 92.931339][ T5316] raw: ffff888012275500 0000000000000001 00000000ffffffff 0000000000000000
[ 92.935346][ T5316] page dumped because: page_pool leak
[ 92.937807][ T5316] page_owner tracks the page as allocated
[ 92.940301][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915397722, free_ts 62236378964
[ 92.948731][ T5316] post_alloc_hook+0x240/0x2a0
[ 92.950958][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 92.953173][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 92.955375][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 92.957781][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 92.960474][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 92.963198][ T5316] do_xdp_generic+0x699/0x11a0
[ 92.965610][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 92.968049][ T5316] __netif_receive_skb+0x72/0x380
[ 92.970280][ T5316] netif_receive_skb+0x1cb/0x790
[ 92.972420][ T5316] tun_rx_batched+0x1b9/0x730
[ 92.974258][ T5316] tun_get_user+0x298e/0x3ce0
[ 92.976113][ T5316] tun_chr_write_iter+0x113/0x200
[ 92.978298][ T5316] vfs_write+0x54b/0xa90
[ 92.980296][ T5316] ksys_write+0x145/0x250
[ 92.982276][ T5316] do_syscall_64+0xfa/0x3b0
[ 92.984316][ T5316] page last free pid 5105 tgid 5105 stack trace:
[ 92.987118][ T5316] __free_frozen_pages+0xc71/0xe70
[ 92.989345][ T5316] rcu_core+0xca5/0x1710
[ 92.991278][ T5316] handle_softirqs+0x286/0x870
[ 92.993450][ T5316] __irq_exit_rcu+0xca/0x1f0
[ 92.995932][ T5316] irq_exit_rcu+0x9/0x30
[ 92.998321][ T5316] sysvec_apic_timer_interrupt+0x57/0xc0
[ 93.001084][ T5316] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 93.003862][ T5316] Modules linked in:
[ 93.005654][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 93.005673][ T5316] Tainted: [B]=BAD_PAGE
[ 93.005678][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.005686][ T5316] Call Trace:
[ 93.005693][ T5316]
[ 93.005701][ T5316] dump_stack_lvl+0x189/0x250
[ 93.005723][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.005739][ T5316] ? __pfx_print_modules+0x10/0x10
[ 93.005751][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.005764][ T5316] bad_page+0x180/0x1c0
[ 93.005782][ T5316] __free_frozen_pages+0xe17/0xe70
[ 93.005795][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 93.005813][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 93.005827][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 93.005837][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 93.005862][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 93.005879][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 93.005892][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 93.005909][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.005920][ T5316] ? __up_read+0x280/0x680
[ 93.005931][ T5316] ? __pfx___up_read+0x10/0x10
[ 93.005940][ T5316] ? lock_release+0x4b/0x3e0
[ 93.005954][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 93.005965][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.005974][ T5316] ? irqentry_exit+0x74/0x90
[ 93.005983][ T5316] ? exc_page_fault+0x9f/0xf0
[ 93.006001][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.006009][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.006017][ T5316] ? lock_acquire+0x5f/0x360
[ 93.006030][ T5316] __netif_receive_skb+0x72/0x380
[ 93.006042][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.006050][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.006060][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 93.006077][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 93.006089][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 93.006100][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 93.006114][ T5316] ? tun_rx_batched+0x160/0x730
[ 93.006124][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.006132][ T5316] ? skb_header_pointer+0x8e/0x120
[ 93.006148][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 93.006156][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.006164][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.006172][ T5316] ? lock_acquire+0x5f/0x360
[ 93.006184][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 93.006199][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.006210][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.006244][ T5316] ? aa_file_perm+0x11f/0xed0
[ 93.006263][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.006273][ T5316] ? lock_release+0x4b/0x3e0
[ 93.006286][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 93.006301][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 93.006311][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 93.006329][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 93.006344][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 93.006360][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 93.006376][ T5316] ? tun_get+0x1c/0x2f0
[ 93.006391][ T5316] ? tun_get+0x1c/0x2f0
[ 93.006406][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.006415][ T5316] ? tun_get+0x1c/0x2f0
[ 93.006430][ T5316] ? lock_release+0x4b/0x3e0
[ 93.006444][ T5316] ? tun_get+0x1c/0x2f0
[ 93.006459][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.006475][ T5316] vfs_write+0x54b/0xa90
[ 93.006485][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.006497][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 93.006513][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 93.006526][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 93.006544][ T5316] ksys_write+0x145/0x250
[ 93.006553][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 93.006560][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.006570][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.006582][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.006592][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 93.006605][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.006616][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 93.006630][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 93.006641][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 93.006655][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 93.006662][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 93.006670][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 93.006676][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 93.006683][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 93.006694][ T5316]
[ 93.219812][ T5316] BUG: Bad page state in process syz-executor246 pfn:119c7
[ 93.223495][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880119c7c80 pfn:0x119c7
[ 93.227912][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 93.232689][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 93.236428][ T5316] raw: ffff8880119c7c80 0000000000000001 00000000ffffffff 0000000000000000
[ 93.240539][ T5316] page dumped because: page_pool leak
[ 93.242922][ T5316] page_owner tracks the page as allocated
[ 93.245486][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915389384, free_ts 62236388258
[ 93.253685][ T5316] post_alloc_hook+0x240/0x2a0
[ 93.255814][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 93.258256][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 93.260776][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 93.263065][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 93.265997][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 93.268743][ T5316] do_xdp_generic+0x699/0x11a0
[ 93.271180][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.273651][ T5316] __netif_receive_skb+0x72/0x380
[ 93.275825][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.278017][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.280142][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.282559][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.285170][ T5316] vfs_write+0x54b/0xa90
[ 93.287326][ T5316] ksys_write+0x145/0x250
[ 93.290369][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.292550][ T5316] page last free pid 5105 tgid 5105 stack trace:
[ 93.295377][ T5316] __free_frozen_pages+0xc71/0xe70
[ 93.297827][ T5316] rcu_core+0xca5/0x1710
[ 93.299760][ T5316] handle_softirqs+0x286/0x870
[ 93.301913][ T5316] __irq_exit_rcu+0xca/0x1f0
[ 93.304340][ T5316] irq_exit_rcu+0x9/0x30
[ 93.306681][ T5316] sysvec_apic_timer_interrupt+0x57/0xc0
[ 93.309037][ T5316] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 93.311539][ T5316] Modules linked in:
[ 93.313336][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 93.313351][ T5316] Tainted: [B]=BAD_PAGE
[ 93.313353][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.313359][ T5316] Call Trace:
[ 93.313364][ T5316]
[ 93.313370][ T5316] dump_stack_lvl+0x189/0x250
[ 93.313387][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.313398][ T5316] ? __pfx_print_modules+0x10/0x10
[ 93.313407][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.313417][ T5316] bad_page+0x180/0x1c0
[ 93.313430][ T5316] __free_frozen_pages+0xe17/0xe70
[ 93.313455][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 93.313469][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 93.313480][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 93.313488][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 93.313509][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 93.313521][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 93.313531][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 93.313545][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.313554][ T5316] ? __up_read+0x280/0x680
[ 93.313563][ T5316] ? __pfx___up_read+0x10/0x10
[ 93.313570][ T5316] ? lock_release+0x4b/0x3e0
[ 93.313581][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 93.313589][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.313597][ T5316] ? irqentry_exit+0x74/0x90
[ 93.313603][ T5316] ? exc_page_fault+0x9f/0xf0
[ 93.313616][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.313622][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.313629][ T5316] ? lock_acquire+0x5f/0x360
[ 93.313638][ T5316] __netif_receive_skb+0x72/0x380
[ 93.313646][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.313652][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.313659][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 93.313670][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 93.313681][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 93.313692][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 93.313703][ T5316] ? tun_rx_batched+0x160/0x730
[ 93.313711][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.313717][ T5316] ? skb_header_pointer+0x8e/0x120
[ 93.313729][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 93.313736][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.313742][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.313748][ T5316] ? lock_acquire+0x5f/0x360
[ 93.313762][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 93.313774][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.313789][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.313798][ T5316] ? aa_file_perm+0x11f/0xed0
[ 93.313814][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.313823][ T5316] ? lock_release+0x4b/0x3e0
[ 93.313837][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 93.313851][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 93.313860][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 93.313877][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 93.313892][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 93.313903][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 93.313912][ T5316] ? tun_get+0x1c/0x2f0
[ 93.313923][ T5316] ? tun_get+0x1c/0x2f0
[ 93.313932][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.313938][ T5316] ? tun_get+0x1c/0x2f0
[ 93.313947][ T5316] ? lock_release+0x4b/0x3e0
[ 93.313957][ T5316] ? tun_get+0x1c/0x2f0
[ 93.313967][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.313978][ T5316] vfs_write+0x54b/0xa90
[ 93.313985][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.313992][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 93.314002][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 93.314010][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 93.314022][ T5316] ksys_write+0x145/0x250
[ 93.314029][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 93.314036][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.314042][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.314062][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.314073][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 93.314085][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.314096][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 93.314122][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 93.314131][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 93.314147][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 93.314155][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 93.314162][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 93.314169][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 93.314176][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 93.314191][ T5316]
[ 93.314202][ T5316] BUG: Bad page state in process syz-executor246 pfn:11e6d
[ 93.529892][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888011e6da00 pfn:0x11e6d
[ 93.534774][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 93.538163][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 93.542137][ T5316] raw: ffff888011e6da00 0000000000000001 00000000ffffffff 0000000000000000
[ 93.545946][ T5316] page dumped because: page_pool leak
[ 93.548381][ T5316] page_owner tracks the page as allocated
[ 93.550845][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915380632, free_ts 62236405875
[ 93.558568][ T5316] post_alloc_hook+0x240/0x2a0
[ 93.560839][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 93.563848][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 93.566944][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 93.569689][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 93.572485][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 93.574529][ T5316] do_xdp_generic+0x699/0x11a0
[ 93.576651][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.578948][ T5316] __netif_receive_skb+0x72/0x380
[ 93.581344][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.583728][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.586632][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.589679][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.592253][ T5316] vfs_write+0x54b/0xa90
[ 93.594446][ T5316] ksys_write+0x145/0x250
[ 93.596508][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.598626][ T5316] page last free pid 5105 tgid 5105 stack trace:
[ 93.601798][ T5316] __free_frozen_pages+0xc71/0xe70
[ 93.604487][ T5316] rcu_core+0xca5/0x1710
[ 93.606616][ T5316] handle_softirqs+0x286/0x870
[ 93.608881][ T5316] __irq_exit_rcu+0xca/0x1f0
[ 93.611020][ T5316] irq_exit_rcu+0x9/0x30
[ 93.612917][ T5316] sysvec_apic_timer_interrupt+0x57/0xc0
[ 93.615156][ T5316] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 93.617802][ T5316] Modules linked in:
[ 93.619583][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 93.619605][ T5316] Tainted: [B]=BAD_PAGE
[ 93.619610][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.619617][ T5316] Call Trace:
[ 93.619626][ T5316]
[ 93.619664][ T5316] dump_stack_lvl+0x189/0x250
[ 93.619690][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.619705][ T5316] ? __pfx_print_modules+0x10/0x10
[ 93.619719][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.619732][ T5316] bad_page+0x180/0x1c0
[ 93.619750][ T5316] __free_frozen_pages+0xe17/0xe70
[ 93.619765][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 93.619784][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 93.619798][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 93.619808][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 93.619834][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 93.619852][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 93.619865][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 93.619882][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.619894][ T5316] ? __up_read+0x280/0x680
[ 93.619905][ T5316] ? __pfx___up_read+0x10/0x10
[ 93.619914][ T5316] ? lock_release+0x4b/0x3e0
[ 93.619930][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 93.619940][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.619952][ T5316] ? irqentry_exit+0x74/0x90
[ 93.619961][ T5316] ? exc_page_fault+0x9f/0xf0
[ 93.619980][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.619989][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.619999][ T5316] ? lock_acquire+0x5f/0x360
[ 93.620010][ T5316] __netif_receive_skb+0x72/0x380
[ 93.620022][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.620030][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.620039][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 93.620055][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 93.620069][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 93.620084][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 93.620101][ T5316] ? tun_rx_batched+0x160/0x730
[ 93.620112][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.620120][ T5316] ? skb_header_pointer+0x8e/0x120
[ 93.620137][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 93.620146][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.620154][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.620163][ T5316] ? lock_acquire+0x5f/0x360
[ 93.620183][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 93.620201][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.620211][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.620219][ T5316] ? aa_file_perm+0x11f/0xed0
[ 93.620236][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.620244][ T5316] ? lock_release+0x4b/0x3e0
[ 93.620256][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 93.620271][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 93.620281][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 93.620295][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 93.620309][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 93.620322][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 93.620335][ T5316] ? tun_get+0x1c/0x2f0
[ 93.620350][ T5316] ? tun_get+0x1c/0x2f0
[ 93.620363][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.620372][ T5316] ? tun_get+0x1c/0x2f0
[ 93.620384][ T5316] ? lock_release+0x4b/0x3e0
[ 93.620397][ T5316] ? tun_get+0x1c/0x2f0
[ 93.620412][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.620497][ T5316] vfs_write+0x54b/0xa90
[ 93.620519][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.620532][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 93.620549][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 93.620560][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 93.620577][ T5316] ksys_write+0x145/0x250
[ 93.620586][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 93.620597][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.620606][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.620618][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.620628][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 93.620639][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.620649][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 93.620663][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 93.620672][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 93.620686][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 93.620694][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 93.620701][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 93.620707][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 93.620713][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 93.620724][ T5316]
[ 93.620736][ T5316] BUG: Bad page state in process syz-executor246 pfn:1198c
[ 93.834816][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801198c880 pfn:0x1198c
[ 93.839679][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 93.843367][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 93.847402][ T5316] raw: ffff88801198c880 0000000000000001 00000000ffffffff 0000000000000000
[ 93.851094][ T5316] page dumped because: page_pool leak
[ 93.853338][ T5316] page_owner tracks the page as allocated
[ 93.855616][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915371569, free_ts 62271173951
[ 93.863225][ T5316] post_alloc_hook+0x240/0x2a0
[ 93.865820][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 93.868791][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 93.871088][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 93.873334][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 93.875872][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 93.878117][ T5316] do_xdp_generic+0x699/0x11a0
[ 93.880264][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.883168][ T5316] __netif_receive_skb+0x72/0x380
[ 93.885878][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.888298][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.890315][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.892308][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.894360][ T5316] vfs_write+0x54b/0xa90
[ 93.896362][ T5316] ksys_write+0x145/0x250
[ 93.898304][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.900752][ T5316] page last free pid 5107 tgid 5107 stack trace:
[ 93.903716][ T5316] __free_frozen_pages+0xc71/0xe70
[ 93.905828][ T5316] __slab_free+0x326/0x400
[ 93.907825][ T5316] qlist_free_all+0x97/0x140
[ 93.909895][ T5316] kasan_quarantine_reduce+0x148/0x160
[ 93.912080][ T5316] __kasan_slab_alloc+0x22/0x80
[ 93.913975][ T5316] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 93.916555][ T5316] vm_area_alloc+0x24/0x140
[ 93.918599][ T5316] mmap_region+0xcc7/0x1f30
[ 93.920877][ T5316] do_mmap+0xc45/0x10d0
[ 93.923214][ T5316] vm_mmap_pgoff+0x31b/0x4c0
[ 93.925747][ T5316] ksys_mmap_pgoff+0x51f/0x760
[ 93.928074][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.930092][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.932607][ T5316] Modules linked in:
[ 93.934298][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 93.934312][ T5316] Tainted: [B]=BAD_PAGE
[ 93.934315][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.934319][ T5316] Call Trace:
[ 93.934325][ T5316]
[ 93.934330][ T5316] dump_stack_lvl+0x189/0x250
[ 93.934348][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.934358][ T5316] ? __pfx_print_modules+0x10/0x10
[ 93.934367][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.934376][ T5316] bad_page+0x180/0x1c0
[ 93.934387][ T5316] __free_frozen_pages+0xe17/0xe70
[ 93.934396][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 93.934409][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 93.934419][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 93.934427][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 93.934449][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 93.934466][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 93.934477][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 93.934490][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 93.934498][ T5316] ? __up_read+0x280/0x680
[ 93.934507][ T5316] ? __pfx___up_read+0x10/0x10
[ 93.934513][ T5316] ? lock_release+0x4b/0x3e0
[ 93.934523][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 93.934530][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.934538][ T5316] ? irqentry_exit+0x74/0x90
[ 93.934544][ T5316] ? exc_page_fault+0x9f/0xf0
[ 93.934555][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.934561][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.934566][ T5316] ? lock_acquire+0x5f/0x360
[ 93.934575][ T5316] __netif_receive_skb+0x72/0x380
[ 93.934582][ T5316] ? netif_receive_skb+0x115/0x790
[ 93.934587][ T5316] netif_receive_skb+0x1cb/0x790
[ 93.934594][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 93.934609][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 93.934623][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 93.934638][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 93.934655][ T5316] ? tun_rx_batched+0x160/0x730
[ 93.934666][ T5316] tun_rx_batched+0x1b9/0x730
[ 93.934672][ T5316] ? skb_header_pointer+0x8e/0x120
[ 93.934689][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 93.934695][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.934702][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.934710][ T5316] ? lock_acquire+0x5f/0x360
[ 93.934722][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 93.934737][ T5316] tun_get_user+0x298e/0x3ce0
[ 93.934746][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 93.934754][ T5316] ? aa_file_perm+0x11f/0xed0
[ 93.934771][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.934778][ T5316] ? lock_release+0x4b/0x3e0
[ 93.934787][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 93.934798][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 93.934806][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 93.934821][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 93.934833][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 93.934847][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 93.934859][ T5316] ? tun_get+0x1c/0x2f0
[ 93.934874][ T5316] ? tun_get+0x1c/0x2f0
[ 93.934888][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.934896][ T5316] ? tun_get+0x1c/0x2f0
[ 93.934908][ T5316] ? lock_release+0x4b/0x3e0
[ 93.934923][ T5316] ? tun_get+0x1c/0x2f0
[ 93.934938][ T5316] tun_chr_write_iter+0x113/0x200
[ 93.934954][ T5316] vfs_write+0x54b/0xa90
[ 93.934963][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.934976][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 93.934989][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 93.934999][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 93.935026][ T5316] ksys_write+0x145/0x250
[ 93.935036][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 93.935048][ T5316] ? rcu_is_watching+0x15/0xb0
[ 93.935060][ T5316] do_syscall_64+0xfa/0x3b0
[ 93.935071][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.935081][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 93.935094][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.935105][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 93.935119][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 93.935128][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 93.935143][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 93.935149][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 93.935157][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 93.935163][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 93.935169][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 93.935178][ T5316]
[ 93.935189][ T5316] BUG: Bad page state in process syz-executor246 pfn:11e93
[ 94.153079][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888011e93f50 pfn:0x11e93
[ 94.157391][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.160630][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 94.165081][ T5316] raw: ffff888011e93f50 0000000000000001 00000000ffffffff 0000000000000000
[ 94.169399][ T5316] page dumped because: page_pool leak
[ 94.171804][ T5316] page_owner tracks the page as allocated
[ 94.174454][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915347257, free_ts 62271228980
[ 94.183340][ T5316] post_alloc_hook+0x240/0x2a0
[ 94.185528][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 94.188058][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 94.190713][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 94.192976][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 94.195594][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 94.198399][ T5316] do_xdp_generic+0x699/0x11a0
[ 94.201173][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 94.203816][ T5316] __netif_receive_skb+0x72/0x380
[ 94.206125][ T5316] netif_receive_skb+0x1cb/0x790
[ 94.208505][ T5316] tun_rx_batched+0x1b9/0x730
[ 94.210757][ T5316] tun_get_user+0x298e/0x3ce0
[ 94.213069][ T5316] tun_chr_write_iter+0x113/0x200
[ 94.215218][ T5316] vfs_write+0x54b/0xa90
[ 94.217078][ T5316] ksys_write+0x145/0x250
[ 94.219141][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.221241][ T5316] page last free pid 5107 tgid 5107 stack trace:
[ 94.224000][ T5316] __free_frozen_pages+0xc71/0xe70
[ 94.226357][ T5316] __put_partials+0x161/0x1c0
[ 94.228377][ T5316] put_cpu_partial+0x17c/0x250
[ 94.230411][ T5316] __slab_free+0x2f7/0x400
[ 94.232114][ T5316] qlist_free_all+0x97/0x140
[ 94.234072][ T5316] kasan_quarantine_reduce+0x148/0x160
[ 94.236838][ T5316] __kasan_slab_alloc+0x22/0x80
[ 94.239412][ T5316] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 94.241437][ T5316] vm_area_alloc+0x24/0x140
[ 94.243176][ T5316] mmap_region+0xcc7/0x1f30
[ 94.244821][ T5316] do_mmap+0xc45/0x10d0
[ 94.246586][ T5316] vm_mmap_pgoff+0x31b/0x4c0
[ 94.248343][ T5316] ksys_mmap_pgoff+0x51f/0x760
[ 94.250363][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.252352][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.255103][ T5316] Modules linked in:
[ 94.257230][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 94.257251][ T5316] Tainted: [B]=BAD_PAGE
[ 94.257255][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.257264][ T5316] Call Trace:
[ 94.257272][ T5316]
[ 94.257279][ T5316] dump_stack_lvl+0x189/0x250
[ 94.257304][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 94.257320][ T5316] ? __pfx_print_modules+0x10/0x10
[ 94.257334][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.257351][ T5316] bad_page+0x180/0x1c0
[ 94.257370][ T5316] __free_frozen_pages+0xe17/0xe70
[ 94.257385][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 94.257410][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 94.257426][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.257438][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 94.257467][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 94.257487][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.257502][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 94.257526][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 94.257541][ T5316] ? __up_read+0x280/0x680
[ 94.257555][ T5316] ? __pfx___up_read+0x10/0x10
[ 94.257566][ T5316] ? lock_release+0x4b/0x3e0
[ 94.257585][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 94.257598][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.257611][ T5316] ? irqentry_exit+0x74/0x90
[ 94.257621][ T5316] ? exc_page_fault+0x9f/0xf0
[ 94.257640][ T5316] ? netif_receive_skb+0x115/0x790
[ 94.257650][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.257659][ T5316] ? lock_acquire+0x5f/0x360
[ 94.257675][ T5316] __netif_receive_skb+0x72/0x380
[ 94.257688][ T5316] ? netif_receive_skb+0x115/0x790
[ 94.257699][ T5316] netif_receive_skb+0x1cb/0x790
[ 94.257709][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 94.257728][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 94.257746][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 94.257764][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 94.257782][ T5316] ? tun_rx_batched+0x160/0x730
[ 94.257795][ T5316] tun_rx_batched+0x1b9/0x730
[ 94.257806][ T5316] ? skb_header_pointer+0x8e/0x120
[ 94.257824][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 94.257835][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 94.257845][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.257855][ T5316] ? lock_acquire+0x5f/0x360
[ 94.257870][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 94.257890][ T5316] tun_get_user+0x298e/0x3ce0
[ 94.257901][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 94.257911][ T5316] ? aa_file_perm+0x11f/0xed0
[ 94.257929][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.257940][ T5316] ? lock_release+0x4b/0x3e0
[ 94.257955][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 94.257970][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 94.257977][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 94.257989][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 94.258004][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 94.258030][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.258046][ T5316] ? tun_get+0x1c/0x2f0
[ 94.258063][ T5316] ? tun_get+0x1c/0x2f0
[ 94.258080][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.258089][ T5316] ? tun_get+0x1c/0x2f0
[ 94.258105][ T5316] ? lock_release+0x4b/0x3e0
[ 94.258121][ T5316] ? tun_get+0x1c/0x2f0
[ 94.258138][ T5316] tun_chr_write_iter+0x113/0x200
[ 94.258157][ T5316] vfs_write+0x54b/0xa90
[ 94.258168][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.258181][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.258197][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 94.258210][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 94.258231][ T5316] ksys_write+0x145/0x250
[ 94.258243][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 94.258255][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.258266][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.258280][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.258292][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 94.258305][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.258318][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 94.258331][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 94.258342][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 94.258357][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 94.258365][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 94.258373][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 94.258380][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 94.258387][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 94.258401][ T5316]
[ 94.258412][ T5316] BUG: Bad page state in process syz-executor246 pfn:1145c
[ 94.468092][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801145c3c0 pfn:0x1145c
[ 94.473395][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.476443][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 94.480140][ T5316] raw: ffff88801145c3c0 0000000000000001 00000000ffffffff 0000000000000000
[ 94.483873][ T5316] page dumped because: page_pool leak
[ 94.486471][ T5316] page_owner tracks the page as allocated
[ 94.489066][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915340482, free_ts 62271376237
[ 94.496665][ T5316] post_alloc_hook+0x240/0x2a0
[ 94.498714][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 94.501093][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 94.503709][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 94.506705][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 94.509847][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 94.512028][ T5316] do_xdp_generic+0x699/0x11a0
[ 94.514034][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 94.516542][ T5316] __netif_receive_skb+0x72/0x380
[ 94.518745][ T5316] netif_receive_skb+0x1cb/0x790
[ 94.520936][ T5316] tun_rx_batched+0x1b9/0x730
[ 94.523188][ T5316] tun_get_user+0x298e/0x3ce0
[ 94.525695][ T5316] tun_chr_write_iter+0x113/0x200
[ 94.528287][ T5316] vfs_write+0x54b/0xa90
[ 94.530241][ T5316] ksys_write+0x145/0x250
[ 94.531870][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.533660][ T5316] page last free pid 5107 tgid 5107 stack trace:
[ 94.536417][ T5316] __free_frozen_pages+0xc71/0xe70
[ 94.538661][ T5316] __slab_free+0x326/0x400
[ 94.540635][ T5316] qlist_free_all+0x97/0x140
[ 94.542512][ T5316] kasan_quarantine_reduce+0x148/0x160
[ 94.544755][ T5316] __kasan_slab_alloc+0x22/0x80
[ 94.547318][ T5316] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 94.550218][ T5316] vm_area_alloc+0x24/0x140
[ 94.552216][ T5316] mmap_region+0xcc7/0x1f30
[ 94.554264][ T5316] do_mmap+0xc45/0x10d0
[ 94.556495][ T5316] vm_mmap_pgoff+0x31b/0x4c0
[ 94.559037][ T5316] ksys_mmap_pgoff+0x51f/0x760
[ 94.561492][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.563924][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.567103][ T5316] Modules linked in:
[ 94.568800][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 94.568818][ T5316] Tainted: [B]=BAD_PAGE
[ 94.568822][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.568827][ T5316] Call Trace:
[ 94.568833][ T5316]
[ 94.568839][ T5316] dump_stack_lvl+0x189/0x250
[ 94.568853][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 94.568862][ T5316] ? __pfx_print_modules+0x10/0x10
[ 94.568872][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.568880][ T5316] bad_page+0x180/0x1c0
[ 94.568891][ T5316] __free_frozen_pages+0xe17/0xe70
[ 94.568900][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 94.568913][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 94.568923][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.568932][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 94.568955][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 94.568971][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.568985][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 94.569004][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 94.569016][ T5316] ? __up_read+0x280/0x680
[ 94.569028][ T5316] ? __pfx___up_read+0x10/0x10
[ 94.569037][ T5316] ? lock_release+0x4b/0x3e0
[ 94.569053][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 94.569063][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569069][ T5316] ? irqentry_exit+0x74/0x90
[ 94.569076][ T5316] ? exc_page_fault+0x9f/0xf0
[ 94.569089][ T5316] ? netif_receive_skb+0x115/0x790
[ 94.569094][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569099][ T5316] ? lock_acquire+0x5f/0x360
[ 94.569108][ T5316] __netif_receive_skb+0x72/0x380
[ 94.569115][ T5316] ? netif_receive_skb+0x115/0x790
[ 94.569121][ T5316] netif_receive_skb+0x1cb/0x790
[ 94.569127][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 94.569137][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 94.569147][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 94.569159][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 94.569173][ T5316] ? tun_rx_batched+0x160/0x730
[ 94.569183][ T5316] tun_rx_batched+0x1b9/0x730
[ 94.569192][ T5316] ? skb_header_pointer+0x8e/0x120
[ 94.569208][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 94.569217][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 94.569226][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569234][ T5316] ? lock_acquire+0x5f/0x360
[ 94.569245][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 94.569260][ T5316] tun_get_user+0x298e/0x3ce0
[ 94.569267][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 94.569275][ T5316] ? aa_file_perm+0x11f/0xed0
[ 94.569290][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569299][ T5316] ? lock_release+0x4b/0x3e0
[ 94.569311][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 94.569325][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 94.569334][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 94.569348][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 94.569361][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 94.569376][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.569389][ T5316] ? tun_get+0x1c/0x2f0
[ 94.569403][ T5316] ? tun_get+0x1c/0x2f0
[ 94.569417][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569422][ T5316] ? tun_get+0x1c/0x2f0
[ 94.569430][ T5316] ? lock_release+0x4b/0x3e0
[ 94.569438][ T5316] ? tun_get+0x1c/0x2f0
[ 94.569447][ T5316] tun_chr_write_iter+0x113/0x200
[ 94.569456][ T5316] vfs_write+0x54b/0xa90
[ 94.569462][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569468][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.569477][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 94.569484][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 94.569495][ T5316] ksys_write+0x145/0x250
[ 94.569502][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 94.569508][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.569514][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.569521][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.569527][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 94.569535][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.569542][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 94.569551][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 94.569558][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 94.569570][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 94.569577][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 94.569583][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 94.569590][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 94.569596][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 94.569605][ T5316]
[ 94.569614][ T5316] BUG: Bad page state in process syz-executor246 pfn:11df1
[ 94.783489][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888011df1a00 pfn:0x11df1
[ 94.789254][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.792646][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 94.796289][ T5316] raw: ffff888011df1a00 0000000000000001 00000000ffffffff 0000000000000000
[ 94.800049][ T5316] page dumped because: page_pool leak
[ 94.802966][ T5316] page_owner tracks the page as allocated
[ 94.805366][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915333248, free_ts 62271473958
[ 94.812391][ T5316] post_alloc_hook+0x240/0x2a0
[ 94.815725][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 94.818707][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 94.821253][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 94.823472][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 94.826121][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 94.828735][ T5316] do_xdp_generic+0x699/0x11a0
[ 94.831326][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 94.834261][ T5316] __netif_receive_skb+0x72/0x380
[ 94.836388][ T5316] netif_receive_skb+0x1cb/0x790
[ 94.838465][ T5316] tun_rx_batched+0x1b9/0x730
[ 94.840607][ T5316] tun_get_user+0x298e/0x3ce0
[ 94.842465][ T5316] tun_chr_write_iter+0x113/0x200
[ 94.844726][ T5316] vfs_write+0x54b/0xa90
[ 94.846670][ T5316] ksys_write+0x145/0x250
[ 94.848697][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.850992][ T5316] page last free pid 5107 tgid 5107 stack trace:
[ 94.853854][ T5316] __free_frozen_pages+0xc71/0xe70
[ 94.856070][ T5316] __slab_free+0x326/0x400
[ 94.858066][ T5316] qlist_free_all+0x97/0x140
[ 94.860096][ T5316] kasan_quarantine_reduce+0x148/0x160
[ 94.862580][ T5316] __kasan_slab_alloc+0x22/0x80
[ 94.865373][ T5316] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 94.868509][ T5316] vm_area_alloc+0x24/0x140
[ 94.870492][ T5316] mmap_region+0xcc7/0x1f30
[ 94.872418][ T5316] do_mmap+0xc45/0x10d0
[ 94.874190][ T5316] vm_mmap_pgoff+0x31b/0x4c0
[ 94.876326][ T5316] ksys_mmap_pgoff+0x51f/0x760
[ 94.878386][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.880420][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.882905][ T5316] Modules linked in:
[ 94.884728][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 94.884744][ T5316] Tainted: [B]=BAD_PAGE
[ 94.884756][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.884762][ T5316] Call Trace:
[ 94.884816][ T5316]
[ 94.884865][ T5316] dump_stack_lvl+0x189/0x250
[ 94.884930][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 94.884956][ T5316] ? __pfx_print_modules+0x10/0x10
[ 94.884966][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.884976][ T5316] bad_page+0x180/0x1c0
[ 94.884998][ T5316] __free_frozen_pages+0xe17/0xe70
[ 94.885008][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 94.885038][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 94.885053][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.885063][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 94.885089][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 94.885110][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.885125][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 94.885150][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 94.885162][ T5316] ? __up_read+0x280/0x680
[ 94.885172][ T5316] ? __pfx___up_read+0x10/0x10
[ 94.885179][ T5316] ? lock_release+0x4b/0x3e0
[ 94.885190][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 94.885199][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885207][ T5316] ? irqentry_exit+0x74/0x90
[ 94.885215][ T5316] ? exc_page_fault+0x9f/0xf0
[ 94.885228][ T5316] ? netif_receive_skb+0x115/0x790
[ 94.885236][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885248][ T5316] ? lock_acquire+0x5f/0x360
[ 94.885265][ T5316] __netif_receive_skb+0x72/0x380
[ 94.885280][ T5316] ? netif_receive_skb+0x115/0x790
[ 94.885292][ T5316] netif_receive_skb+0x1cb/0x790
[ 94.885305][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 94.885327][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 94.885343][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 94.885356][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 94.885371][ T5316] ? tun_rx_batched+0x160/0x730
[ 94.885381][ T5316] tun_rx_batched+0x1b9/0x730
[ 94.885410][ T5316] ? skb_header_pointer+0x8e/0x120
[ 94.885436][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 94.885445][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 94.885452][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885460][ T5316] ? lock_acquire+0x5f/0x360
[ 94.885472][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 94.885486][ T5316] tun_get_user+0x298e/0x3ce0
[ 94.885495][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 94.885503][ T5316] ? aa_file_perm+0x11f/0xed0
[ 94.885516][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885524][ T5316] ? lock_release+0x4b/0x3e0
[ 94.885535][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 94.885548][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 94.885556][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 94.885569][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 94.885581][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 94.885593][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.885605][ T5316] ? tun_get+0x1c/0x2f0
[ 94.885618][ T5316] ? tun_get+0x1c/0x2f0
[ 94.885630][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885638][ T5316] ? tun_get+0x1c/0x2f0
[ 94.885656][ T5316] ? lock_release+0x4b/0x3e0
[ 94.885672][ T5316] ? tun_get+0x1c/0x2f0
[ 94.885692][ T5316] tun_chr_write_iter+0x113/0x200
[ 94.885711][ T5316] vfs_write+0x54b/0xa90
[ 94.885719][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885728][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.885741][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 94.885751][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 94.885769][ T5316] ksys_write+0x145/0x250
[ 94.885782][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 94.885795][ T5316] ? rcu_is_watching+0x15/0xb0
[ 94.885808][ T5316] do_syscall_64+0xfa/0x3b0
[ 94.885880][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.885895][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 94.885910][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.885929][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 94.886059][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 94.886090][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 94.886120][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 94.886128][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 94.886138][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 94.886147][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 94.886155][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 94.886169][ T5316]
[ 95.098676][ T5316] BUG: Bad page state in process syz-executor246 pfn:1a0d6
[ 95.101761][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801a0d6fc0 pfn:0x1a0d6
[ 95.106003][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.108937][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 95.113568][ T5316] raw: ffff88801a0d6fc0 0000000000000001 00000000ffffffff 0000000000000000
[ 95.117314][ T5316] page dumped because: page_pool leak
[ 95.119398][ T5316] page_owner tracks the page as allocated
[ 95.121730][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915325397, free_ts 62271488795
[ 95.128926][ T5316] post_alloc_hook+0x240/0x2a0
[ 95.131288][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 95.134232][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 95.137407][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 95.139878][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 95.142617][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 95.144819][ T5316] do_xdp_generic+0x699/0x11a0
[ 95.147063][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 95.149658][ T5316] __netif_receive_skb+0x72/0x380
[ 95.151868][ T5316] netif_receive_skb+0x1cb/0x790
[ 95.154180][ T5316] tun_rx_batched+0x1b9/0x730
[ 95.156970][ T5316] tun_get_user+0x298e/0x3ce0
[ 95.159511][ T5316] tun_chr_write_iter+0x113/0x200
[ 95.161829][ T5316] vfs_write+0x54b/0xa90
[ 95.163815][ T5316] ksys_write+0x145/0x250
[ 95.165738][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.167862][ T5316] page last free pid 5107 tgid 5107 stack trace:
[ 95.170673][ T5316] __free_frozen_pages+0xc71/0xe70
[ 95.173114][ T5316] __slab_free+0x326/0x400
[ 95.175474][ T5316] qlist_free_all+0x97/0x140
[ 95.177951][ T5316] kasan_quarantine_reduce+0x148/0x160
[ 95.180327][ T5316] __kasan_slab_alloc+0x22/0x80
[ 95.182296][ T5316] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 95.184472][ T5316] vm_area_alloc+0x24/0x140
[ 95.186472][ T5316] mmap_region+0xcc7/0x1f30
[ 95.188792][ T5316] do_mmap+0xc45/0x10d0
[ 95.190947][ T5316] vm_mmap_pgoff+0x31b/0x4c0
[ 95.192847][ T5316] ksys_mmap_pgoff+0x51f/0x760
[ 95.194823][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.196755][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.199270][ T5316] Modules linked in:
[ 95.200833][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 95.200846][ T5316] Tainted: [B]=BAD_PAGE
[ 95.200848][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.200853][ T5316] Call Trace:
[ 95.200859][ T5316]
[ 95.200864][ T5316] dump_stack_lvl+0x189/0x250
[ 95.200880][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 95.200890][ T5316] ? __pfx_print_modules+0x10/0x10
[ 95.200898][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.200906][ T5316] bad_page+0x180/0x1c0
[ 95.200917][ T5316] __free_frozen_pages+0xe17/0xe70
[ 95.200926][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 95.200945][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 95.200959][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.200969][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 95.200989][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 95.200999][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.201008][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 95.201021][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 95.201030][ T5316] ? __up_read+0x280/0x680
[ 95.201038][ T5316] ? __pfx___up_read+0x10/0x10
[ 95.201045][ T5316] ? lock_release+0x4b/0x3e0
[ 95.201055][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 95.201063][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201070][ T5316] ? irqentry_exit+0x74/0x90
[ 95.201076][ T5316] ? exc_page_fault+0x9f/0xf0
[ 95.201090][ T5316] ? netif_receive_skb+0x115/0x790
[ 95.201098][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201105][ T5316] ? lock_acquire+0x5f/0x360
[ 95.201118][ T5316] __netif_receive_skb+0x72/0x380
[ 95.201129][ T5316] ? netif_receive_skb+0x115/0x790
[ 95.201139][ T5316] netif_receive_skb+0x1cb/0x790
[ 95.201147][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 95.201158][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 95.201167][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 95.201178][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 95.201188][ T5316] ? tun_rx_batched+0x160/0x730
[ 95.201195][ T5316] tun_rx_batched+0x1b9/0x730
[ 95.201201][ T5316] ? skb_header_pointer+0x8e/0x120
[ 95.201213][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 95.201219][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 95.201225][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201230][ T5316] ? lock_acquire+0x5f/0x360
[ 95.201244][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 95.201255][ T5316] tun_get_user+0x298e/0x3ce0
[ 95.201263][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 95.201268][ T5316] ? aa_file_perm+0x11f/0xed0
[ 95.201279][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201284][ T5316] ? lock_release+0x4b/0x3e0
[ 95.201293][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 95.201302][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 95.201308][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 95.201318][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 95.201327][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 95.201335][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.201344][ T5316] ? tun_get+0x1c/0x2f0
[ 95.201353][ T5316] ? tun_get+0x1c/0x2f0
[ 95.201362][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201367][ T5316] ? tun_get+0x1c/0x2f0
[ 95.201376][ T5316] ? lock_release+0x4b/0x3e0
[ 95.201384][ T5316] ? tun_get+0x1c/0x2f0
[ 95.201394][ T5316] tun_chr_write_iter+0x113/0x200
[ 95.201404][ T5316] vfs_write+0x54b/0xa90
[ 95.201410][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201417][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.201426][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 95.201433][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 95.201445][ T5316] ksys_write+0x145/0x250
[ 95.201451][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 95.201457][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.201465][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.201476][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.201485][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 95.201495][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.201505][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 95.201518][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 95.201524][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 95.201534][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 95.201539][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 95.201543][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 95.201548][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 95.201552][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 95.201559][ T5316]
[ 95.201567][ T5316] BUG: Bad page state in process syz-executor246 pfn:11b1f
[ 95.419471][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888011b1f000 pfn:0x11b1f
[ 95.423835][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.427169][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 95.431247][ T5316] raw: ffff888011b1f000 0000000000000001 00000000ffffffff 0000000000000000
[ 95.434881][ T5316] page dumped because: page_pool leak
[ 95.437142][ T5316] page_owner tracks the page as allocated
[ 95.439586][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915316304, free_ts 62297665331
[ 95.447586][ T5316] post_alloc_hook+0x240/0x2a0
[ 95.449849][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 95.452284][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 95.454913][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 95.457475][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 95.460460][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 95.463036][ T5316] do_xdp_generic+0x699/0x11a0
[ 95.465276][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 95.468106][ T5316] __netif_receive_skb+0x72/0x380
[ 95.470582][ T5316] netif_receive_skb+0x1cb/0x790
[ 95.472701][ T5316] tun_rx_batched+0x1b9/0x730
[ 95.474864][ T5316] tun_get_user+0x298e/0x3ce0
[ 95.477450][ T5316] tun_chr_write_iter+0x113/0x200
[ 95.481112][ T5316] vfs_write+0x54b/0xa90
[ 95.483502][ T5316] ksys_write+0x145/0x250
[ 95.485344][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.487203][ T5316] page last free pid 15 tgid 15 stack trace:
[ 95.489558][ T5316] __free_frozen_pages+0xc71/0xe70
[ 95.491903][ T5316] rcu_core+0xca5/0x1710
[ 95.493810][ T5316] handle_softirqs+0x286/0x870
[ 95.495842][ T5316] run_ksoftirqd+0x9b/0x100
[ 95.498160][ T5316] smpboot_thread_fn+0x53f/0xa60
[ 95.500713][ T5316] kthread+0x70e/0x8a0
[ 95.502852][ T5316] ret_from_fork+0x3f9/0x770
[ 95.505138][ T5316] ret_from_fork_asm+0x1a/0x30
[ 95.507282][ T5316] Modules linked in:
[ 95.508919][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 95.508932][ T5316] Tainted: [B]=BAD_PAGE
[ 95.508936][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.508941][ T5316] Call Trace:
[ 95.508947][ T5316]
[ 95.508954][ T5316] dump_stack_lvl+0x189/0x250
[ 95.508969][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 95.508979][ T5316] ? __pfx_print_modules+0x10/0x10
[ 95.508991][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.509003][ T5316] bad_page+0x180/0x1c0
[ 95.509019][ T5316] __free_frozen_pages+0xe17/0xe70
[ 95.509033][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 95.509050][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 95.509059][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.509066][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 95.509081][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 95.509092][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.509100][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 95.509113][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 95.509120][ T5316] ? __up_read+0x280/0x680
[ 95.509128][ T5316] ? __pfx___up_read+0x10/0x10
[ 95.509134][ T5316] ? lock_release+0x4b/0x3e0
[ 95.509144][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 95.509151][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509158][ T5316] ? irqentry_exit+0x74/0x90
[ 95.509164][ T5316] ? exc_page_fault+0x9f/0xf0
[ 95.509175][ T5316] ? netif_receive_skb+0x115/0x790
[ 95.509181][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509195][ T5316] ? lock_acquire+0x5f/0x360
[ 95.509203][ T5316] __netif_receive_skb+0x72/0x380
[ 95.509211][ T5316] ? netif_receive_skb+0x115/0x790
[ 95.509216][ T5316] netif_receive_skb+0x1cb/0x790
[ 95.509222][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 95.509236][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 95.509250][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 95.509264][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 95.509276][ T5316] ? tun_rx_batched+0x160/0x730
[ 95.509283][ T5316] tun_rx_batched+0x1b9/0x730
[ 95.509289][ T5316] ? skb_header_pointer+0x8e/0x120
[ 95.509299][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 95.509305][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 95.509311][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509316][ T5316] ? lock_acquire+0x5f/0x360
[ 95.509324][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 95.509334][ T5316] tun_get_user+0x298e/0x3ce0
[ 95.509341][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 95.509346][ T5316] ? aa_file_perm+0x11f/0xed0
[ 95.509357][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509363][ T5316] ? lock_release+0x4b/0x3e0
[ 95.509372][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 95.509381][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 95.509387][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 95.509396][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 95.509408][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 95.509420][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.509433][ T5316] ? tun_get+0x1c/0x2f0
[ 95.509446][ T5316] ? tun_get+0x1c/0x2f0
[ 95.509460][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509467][ T5316] ? tun_get+0x1c/0x2f0
[ 95.509475][ T5316] ? lock_release+0x4b/0x3e0
[ 95.509483][ T5316] ? tun_get+0x1c/0x2f0
[ 95.509492][ T5316] tun_chr_write_iter+0x113/0x200
[ 95.509502][ T5316] vfs_write+0x54b/0xa90
[ 95.509508][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509518][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.509531][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 95.509542][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 95.509557][ T5316] ksys_write+0x145/0x250
[ 95.509566][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 95.509576][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.509585][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.509595][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.509605][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 95.509615][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.509625][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 95.509636][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 95.509645][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 95.509658][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 95.509665][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 95.509673][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 95.509679][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 95.509683][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 95.509690][ T5316]
[ 95.509696][ T5316] BUG: Bad page state in process syz-executor246 pfn:1a16b
[ 95.723467][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801a16b110 pfn:0x1a16b
[ 95.728293][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.731582][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 95.735154][ T5316] raw: ffff88801a16b110 0000000000000001 00000000ffffffff 0000000000000000
[ 95.738970][ T5316] page dumped because: page_pool leak
[ 95.741611][ T5316] page_owner tracks the page as allocated
[ 95.744638][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915307379, free_ts 92914304236
[ 95.751967][ T5316] post_alloc_hook+0x240/0x2a0
[ 95.754240][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 95.756770][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 95.759287][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 95.761724][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 95.764392][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 95.766846][ T5316] do_xdp_generic+0x699/0x11a0
[ 95.768554][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 95.770556][ T5316] __netif_receive_skb+0x72/0x380
[ 95.772489][ T5316] netif_receive_skb+0x1cb/0x790
[ 95.774632][ T5316] tun_rx_batched+0x1b9/0x730
[ 95.776742][ T5316] tun_get_user+0x298e/0x3ce0
[ 95.778730][ T5316] tun_chr_write_iter+0x113/0x200
[ 95.780978][ T5316] vfs_write+0x54b/0xa90
[ 95.782732][ T5316] ksys_write+0x145/0x250
[ 95.784717][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.786821][ T5316] page last free pid 5316 tgid 5316 stack trace:
[ 95.789935][ T5316] __free_frozen_pages+0xc71/0xe70
[ 95.792596][ T5316] kasan_populate_vmalloc+0x118/0x1a0
[ 95.795070][ T5316] alloc_vmap_area+0xd51/0x1490
[ 95.797380][ T5316] __get_vm_area_node+0x1f8/0x300
[ 95.799549][ T5316] __vmalloc_node_range_noprof+0x301/0x12f0
[ 95.802010][ T5316] vmalloc_noprof+0xb2/0xf0
[ 95.804132][ T5316] bpf_prog_calc_tag+0xb9/0x620
[ 95.807268][ T5316] resolve_pseudo_ldimm64+0xbc/0xc60
[ 95.810125][ T5316] bpf_check+0x1c0f/0x19c60
[ 95.811915][ T5316] bpf_prog_load+0x1318/0x1930
[ 95.813950][ T5316] __sys_bpf+0x5f1/0x860
[ 95.815725][ T5316] __x64_sys_bpf+0x7c/0x90
[ 95.817642][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.819395][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.821827][ T5316] Modules linked in:
[ 95.823509][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 95.823527][ T5316] Tainted: [B]=BAD_PAGE
[ 95.823531][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.823539][ T5316] Call Trace:
[ 95.823547][ T5316]
[ 95.823554][ T5316] dump_stack_lvl+0x189/0x250
[ 95.823574][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 95.823589][ T5316] ? __pfx_print_modules+0x10/0x10
[ 95.823602][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.823615][ T5316] bad_page+0x180/0x1c0
[ 95.823656][ T5316] __free_frozen_pages+0xe17/0xe70
[ 95.823676][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 95.823700][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 95.823713][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.823722][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 95.823745][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 95.823763][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.823777][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 95.823799][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 95.823812][ T5316] ? __up_read+0x280/0x680
[ 95.823824][ T5316] ? __pfx___up_read+0x10/0x10
[ 95.823835][ T5316] ? lock_release+0x4b/0x3e0
[ 95.823852][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 95.823866][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.823879][ T5316] ? irqentry_exit+0x74/0x90
[ 95.823889][ T5316] ? exc_page_fault+0x9f/0xf0
[ 95.823909][ T5316] ? netif_receive_skb+0x115/0x790
[ 95.823919][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.823930][ T5316] ? lock_acquire+0x5f/0x360
[ 95.823945][ T5316] __netif_receive_skb+0x72/0x380
[ 95.823958][ T5316] ? netif_receive_skb+0x115/0x790
[ 95.823968][ T5316] netif_receive_skb+0x1cb/0x790
[ 95.823979][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 95.823999][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 95.824016][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 95.824039][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 95.824056][ T5316] ? tun_rx_batched+0x160/0x730
[ 95.824068][ T5316] tun_rx_batched+0x1b9/0x730
[ 95.824077][ T5316] ? skb_header_pointer+0x8e/0x120
[ 95.824095][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 95.824104][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 95.824117][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.824127][ T5316] ? lock_acquire+0x5f/0x360
[ 95.824140][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 95.824158][ T5316] tun_get_user+0x298e/0x3ce0
[ 95.824169][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 95.824177][ T5316] ? aa_file_perm+0x11f/0xed0
[ 95.824188][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.824193][ T5316] ? lock_release+0x4b/0x3e0
[ 95.824202][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 95.824212][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 95.824218][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 95.824233][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 95.824246][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 95.824260][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.824274][ T5316] ? tun_get+0x1c/0x2f0
[ 95.824290][ T5316] ? tun_get+0x1c/0x2f0
[ 95.824304][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.824313][ T5316] ? tun_get+0x1c/0x2f0
[ 95.824324][ T5316] ? lock_release+0x4b/0x3e0
[ 95.824333][ T5316] ? tun_get+0x1c/0x2f0
[ 95.824343][ T5316] tun_chr_write_iter+0x113/0x200
[ 95.824353][ T5316] vfs_write+0x54b/0xa90
[ 95.824360][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.824366][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.824375][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 95.824383][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 95.824396][ T5316] ksys_write+0x145/0x250
[ 95.824402][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 95.824409][ T5316] ? rcu_is_watching+0x15/0xb0
[ 95.824415][ T5316] do_syscall_64+0xfa/0x3b0
[ 95.824423][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.824429][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 95.824437][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.824444][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 95.824453][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 95.824462][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 95.824475][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 95.824482][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 95.824488][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 95.824494][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 95.824501][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 95.824513][ T5316]
[ 95.824523][ T5316] BUG: Bad page state in process syz-executor246 pfn:114e5
[ 96.037443][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880114e5ee0 pfn:0x114e5
[ 96.041576][ T5316] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 96.044649][ T5316] raw: 00fff00000000000 dead000000000040 ffff88801e77f000 0000000000000000
[ 96.048666][ T5316] raw: ffff8880114e5ee0 0000000000000001 00000000ffffffff 0000000000000000
[ 96.053070][ T5316] page dumped because: page_pool leak
[ 96.056296][ T5316] page_owner tracks the page as allocated
[ 96.059259][ T5316] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5316, tgid 5316 (syz-executor246), ts 92915294515, free_ts 92914389402
[ 96.068765][ T5316] post_alloc_hook+0x240/0x2a0
[ 96.072075][ T5316] get_page_from_freelist+0x21e4/0x22c0
[ 96.074886][ T5316] __alloc_frozen_pages_noprof+0x181/0x370
[ 96.078077][ T5316] alloc_pages_bulk_noprof+0x560/0x710
[ 96.080832][ T5316] __page_pool_alloc_pages_slow+0x127/0x740
[ 96.084259][ T5316] skb_pp_cow_data+0xb47/0x13e0
[ 96.087192][ T5316] do_xdp_generic+0x699/0x11a0
[ 96.089705][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 96.092301][ T5316] __netif_receive_skb+0x72/0x380
[ 96.094442][ T5316] netif_receive_skb+0x1cb/0x790
[ 96.096738][ T5316] tun_rx_batched+0x1b9/0x730
[ 96.098722][ T5316] tun_get_user+0x298e/0x3ce0
[ 96.100795][ T5316] tun_chr_write_iter+0x113/0x200
[ 96.103058][ T5316] vfs_write+0x54b/0xa90
[ 96.104923][ T5316] ksys_write+0x145/0x250
[ 96.106974][ T5316] do_syscall_64+0xfa/0x3b0
[ 96.109119][ T5316] page last free pid 5316 tgid 5316 stack trace:
[ 96.111900][ T5316] __free_frozen_pages+0xc71/0xe70
[ 96.113852][ T5316] vfree+0x25a/0x400
[ 96.115519][ T5316] bpf_prog_calc_tag+0x55c/0x620
[ 96.117710][ T5316] resolve_pseudo_ldimm64+0xbc/0xc60
[ 96.119822][ T5316] bpf_check+0x1c0f/0x19c60
[ 96.121901][ T5316] bpf_prog_load+0x1318/0x1930
[ 96.123786][ T5316] __sys_bpf+0x5f1/0x860
[ 96.125363][ T5316] __x64_sys_bpf+0x7c/0x90
[ 96.127231][ T5316] do_syscall_64+0xfa/0x3b0
[ 96.129106][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.131692][ T5316] Modules linked in:
[ 96.133433][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz-executor246 Tainted: G B 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full)
[ 96.133449][ T5316] Tainted: [B]=BAD_PAGE
[ 96.133464][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 96.133471][ T5316] Call Trace:
[ 96.133581][ T5316]
[ 96.133647][ T5316] dump_stack_lvl+0x189/0x250
[ 96.133713][ T5316] ? __pfx_dump_stack_lvl+0x10/0x10
[ 96.133745][ T5316] ? __pfx_print_modules+0x10/0x10
[ 96.133758][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.133769][ T5316] bad_page+0x180/0x1c0
[ 96.133814][ T5316] __free_frozen_pages+0xe17/0xe70
[ 96.133829][ T5316] bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 96.133909][ T5316] bpf_xdp_adjust_tail+0x1d6/0x220
[ 96.133924][ T5316] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 96.133935][ T5316] bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 96.133960][ T5316] do_xdp_generic+0x9f7/0x11a0
[ 96.133977][ T5316] ? __pfx_do_xdp_generic+0x10/0x10
[ 96.133990][ T5316] ? __skb_flow_dissect+0x5ef8/0x68b0
[ 96.134011][ T5316] __netif_receive_skb_core+0x1823/0x4180
[ 96.134022][ T5316] ? __up_read+0x280/0x680
[ 96.134033][ T5316] ? __pfx___up_read+0x10/0x10
[ 96.134042][ T5316] ? lock_release+0x4b/0x3e0
[ 96.134058][ T5316] ? __pfx___netif_receive_skb_core+0x10/0x10
[ 96.134070][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134080][ T5316] ? irqentry_exit+0x74/0x90
[ 96.134091][ T5316] ? exc_page_fault+0x9f/0xf0
[ 96.134107][ T5316] ? netif_receive_skb+0x115/0x790
[ 96.134113][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134118][ T5316] ? lock_acquire+0x5f/0x360
[ 96.134126][ T5316] __netif_receive_skb+0x72/0x380
[ 96.134135][ T5316] ? netif_receive_skb+0x115/0x790
[ 96.134142][ T5316] netif_receive_skb+0x1cb/0x790
[ 96.134148][ T5316] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 96.134164][ T5316] ? __pfx_netif_receive_skb+0x10/0x10
[ 96.134178][ T5316] ? __pfx__copy_from_iter+0x10/0x10
[ 96.134194][ T5316] ? sock_alloc_send_pskb+0x875/0x990
[ 96.134210][ T5316] ? tun_rx_batched+0x160/0x730
[ 96.134221][ T5316] tun_rx_batched+0x1b9/0x730
[ 96.134290][ T5316] ? skb_header_pointer+0x8e/0x120
[ 96.134327][ T5316] ? __pfx_tun_rx_batched+0x10/0x10
[ 96.134336][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 96.134343][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134353][ T5316] ? lock_acquire+0x5f/0x360
[ 96.134365][ T5316] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 96.134380][ T5316] tun_get_user+0x298e/0x3ce0
[ 96.134397][ T5316] ? tun_get_user+0x2549/0x3ce0
[ 96.134405][ T5316] ? aa_file_perm+0x11f/0xed0
[ 96.134422][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134430][ T5316] ? lock_release+0x4b/0x3e0
[ 96.134443][ T5316] ? __pfx_ref_tracker_free+0x10/0x10
[ 96.134457][ T5316] ? __pfx_tun_get_user+0x10/0x10
[ 96.134466][ T5316] ? aa_file_perm+0x3e7/0xed0
[ 96.134481][ T5316] ? ref_tracker_alloc+0x318/0x460
[ 96.134493][ T5316] ? bpf_xdp_link_attach+0x666/0x8c0
[ 96.134507][ T5316] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 96.134519][ T5316] ? tun_get+0x1c/0x2f0
[ 96.134535][ T5316] ? tun_get+0x1c/0x2f0
[ 96.134548][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134557][ T5316] ? tun_get+0x1c/0x2f0
[ 96.134571][ T5316] ? lock_release+0x4b/0x3e0
[ 96.134582][ T5316] ? tun_get+0x1c/0x2f0
[ 96.134591][ T5316] tun_chr_write_iter+0x113/0x200
[ 96.134601][ T5316] vfs_write+0x54b/0xa90
[ 96.134607][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134614][ T5316] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 96.134623][ T5316] ? __pfx_vfs_write+0x10/0x10
[ 96.134630][ T5316] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 96.134640][ T5316] ksys_write+0x145/0x250
[ 96.134646][ T5316] ? __pfx_ksys_write+0x10/0x10
[ 96.134653][ T5316] ? rcu_is_watching+0x15/0xb0
[ 96.134658][ T5316] do_syscall_64+0xfa/0x3b0
[ 96.134721][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.134732][ T5316] ? clear_bhb_loop+0x60/0xb0
[ 96.134743][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.134752][ T5316] RIP: 0033:0x7f3452b9cdf0
[ 96.134862][ T5316] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d b1 e2 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[ 96.134888][ T5316] RSP: 002b:00007ffc306646f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 96.134914][ T5316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3452b9cdf0
[ 96.134921][ T5316] RDX: 0000000000011dc0 RSI: 00002000000004c0 RDI: 00000000000000c8
[ 96.134927][ T5316] RBP: 0000000000000000 R08: 00007ffc30664828 R09: 00007ffc30664828
[ 96.134933][ T5316] R10: 00007ffc30664828 R11: 0000000000000202 R12: 0000000000000000
[ 96.134938][ T5316] R13: 00007ffc30664714 R14: 00007ffc30664730 R15: 00007ffc30664720
[ 96.134950][ T5316]
VM DIAGNOSIS:
00:59:19 Registers:
info registers vcpu 0
CPU#0
RAX=000000000000006f RBX=000000000000006f RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000d3ee6b0
R8 =ffff888033bb0237 R9 =1ffff11006776046 R10=dffffc0000000000 R11=ffffffff8546f770
R12=dffffc0000000000 R13=ffffffff99ac38ed R14=ffffffff99dc8780 R15=0000000000000000
RIP=ffffffff8546f7ec RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558de6c380 ffffffff 00c00000
GS =0000 ffff88808d252000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000012000 CR3=00000000444a4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffe000d0 Opmask01=0000000000000fff Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc30664700 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000001 0000000b00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3452c076c4 00007f3452c1b260
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7865006a64615f65 726f63735f6d6f6f 2f666c65732f636f 72702f0030303031
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d40004f41445f40 574a46565f484a4a 0a434940560a464a 57550a0015151514
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000