Warning: Permanently added '10.128.1.20' (ED25519) to the list of known hosts.
2026/02/01 13:04:59 parsed 1 programs
[   89.401043][ T5823] cgroup: Unknown subsys name 'net'
[   89.570188][ T5823] cgroup: Unknown subsys name 'cpuset'
[   89.579707][ T5823] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   91.264641][ T5823] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.077850][   T24] cfg80211: failed to load regulatory.db
[   94.248854][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.328872][ T5860] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.338835][ T5860] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.347212][ T5860] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.355548][ T5860] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.366614][ T5860] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.148894][ T5900] chnl_net:caif_netlink_parms(): no params data found
[   97.226536][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.233693][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.240975][ T5900] bridge_slave_0: entered allmulticast mode
[   97.248427][ T5900] bridge_slave_0: entered promiscuous mode
[   97.304146][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.311487][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.318809][ T5900] bridge_slave_1: entered allmulticast mode
[   97.325862][ T5900] bridge_slave_1: entered promiscuous mode
[   97.377993][ T5900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.393834][ T5900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.436052][ T5900] team0: Port device team_slave_0 added
[   97.443996][ T5900] team0: Port device team_slave_1 added
[   97.469788][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.476962][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.503518][ T5900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.516782][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.523760][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.550547][ T5900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.603407][ T5900] hsr_slave_0: entered promiscuous mode
[   97.610513][ T5900] hsr_slave_1: entered promiscuous mode
[   97.755387][ T5900] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.768944][ T5900] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.779197][ T5900] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.789751][ T5900] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   97.861734][ T5900] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.883179][ T5900] 8021q: adding VLAN 0 to HW filter on device team0
[   97.895770][ T1319] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.903219][ T1319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.920549][ T4265] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.927690][ T4265] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.090946][ T5900] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.135471][ T5900] veth0_vlan: entered promiscuous mode
[   98.148347][ T5900] veth1_vlan: entered promiscuous mode
[   98.177419][ T5900] veth0_macvtap: entered promiscuous mode
[   98.188419][ T5900] veth1_macvtap: entered promiscuous mode
[   98.209622][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.222483][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.242607][ T4265] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.253508][ T4265] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.267465][ T4265] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.277650][ T3010] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.423434][ T1006] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.497781][ T1006] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.566320][ T1006] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.588531][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.605433][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.626961][ T1006] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.657865][ T4265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.667645][ T4265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/01 13:05:11 executed programs: 0
[   99.224268][ T5860] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   99.232817][ T5860] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   99.241039][ T5860] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   99.249796][ T5860] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   99.258856][ T5860] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   99.405533][ T5930] chnl_net:caif_netlink_parms(): no params data found
[   99.478587][ T5930] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.485774][ T5930] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.493163][ T5930] bridge_slave_0: entered allmulticast mode
[   99.500272][ T5930] bridge_slave_0: entered promiscuous mode
[   99.508394][ T5930] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.515672][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.523765][ T5930] bridge_slave_1: entered allmulticast mode
[   99.531761][ T5930] bridge_slave_1: entered promiscuous mode
[   99.564542][ T5930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.577735][ T5930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.611741][ T5930] team0: Port device team_slave_0 added
[   99.620430][ T5930] team0: Port device team_slave_1 added
[   99.650502][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.658260][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.684601][ T5930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.698513][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.705656][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.731798][ T5930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.779861][ T5930] hsr_slave_0: entered promiscuous mode
[   99.787108][ T5930] hsr_slave_1: entered promiscuous mode
[   99.793422][ T5930] debugfs: 'hsr0' already exists in 'hsr'
[   99.799691][ T5930] Cannot create hsr debugfs directory
[  101.238252][ T1006] bridge_slave_1: left allmulticast mode
[  101.244175][ T1006] bridge_slave_1: left promiscuous mode
[  101.251482][ T1006] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.262277][ T1006] bridge_slave_0: left allmulticast mode
[  101.269877][ T1006] bridge_slave_0: left promiscuous mode
[  101.275676][ T1006] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.277085][ T5143] Bluetooth: hci0: command tx timeout
[  101.509437][ T1006] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.521269][ T1006] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.531506][ T1006] bond0 (unregistering): Released all slaves
[  101.669453][ T1006] hsr_slave_0: left promiscuous mode
[  101.678905][ T1006] hsr_slave_1: left promiscuous mode
[  101.685394][ T1006] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.703122][ T1006] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.713954][ T1006] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.721904][ T1006] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.744667][ T1006] veth1_macvtap: left promiscuous mode
[  101.750694][ T1006] veth0_macvtap: left promiscuous mode
[  101.757517][ T1006] veth1_vlan: left promiscuous mode
[  101.763040][ T1006] veth0_vlan: left promiscuous mode
[  102.256021][ T1006] team0 (unregistering): Port device team_slave_1 removed
[  102.285160][ T1006] team0 (unregistering): Port device team_slave_0 removed
[  102.801162][ T5930] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.817515][ T5930] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.829200][ T5930] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.852740][ T5930] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  103.131911][ T5930] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.177518][ T5930] 8021q: adding VLAN 0 to HW filter on device team0
[  103.189798][ T4265] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.197140][ T4265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.227393][ T4265] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.234554][ T4265] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.356046][ T5143] Bluetooth: hci0: command tx timeout
[  103.456582][ T5930] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.497763][ T5930] veth0_vlan: entered promiscuous mode
[  103.510032][ T5930] veth1_vlan: entered promiscuous mode
[  103.536840][ T5930] veth0_macvtap: entered promiscuous mode
[  103.545715][ T5930] veth1_macvtap: entered promiscuous mode
[  103.567706][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.581762][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.595377][ T4265] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.605062][ T4265] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.622089][ T4265] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.631298][ T4265] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.688103][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.700316][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.727134][ T4265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.735129][ T4265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.792576][ T5976] BUG: Bad page state in process syz.0.17  pfn:789d7
[  103.799530][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880789d7f50 pfn:0x789d7
[  103.809756][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  103.816936][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  103.825635][ T5976] raw: ffff8880789d7f50 3fffffffffffffff 00000000ffffffff 0000000000000000
[  103.834373][ T5976] page dumped because: page_pool leak
[  103.839888][ T5976] page_owner tracks the page as allocated
[  103.845653][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792478167, free_ts 103698909013
[  103.862989][ T5976]  post_alloc_hook+0x228/0x280
[  103.867817][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  103.873367][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  103.879348][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  103.885551][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  103.891698][ T5976]  page_pool_alloc_frag_netmem+0x421/0x9b0
[  103.897579][ T5976]  skb_pp_cow_data+0xc43/0x1680
[  103.902434][ T5976]  do_xdp_generic+0x715/0x1280
[  103.907329][ T5976]  tun_get_user+0x247d/0x3dd0
[  103.912021][ T5976]  tun_chr_write_iter+0x113/0x200
[  103.917205][ T5976]  vfs_write+0x61d/0xb90
[  103.921497][ T5976]  ksys_write+0x150/0x270
[  103.925836][ T5976]  do_syscall_64+0xe2/0xf80
[  103.930596][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.936554][ T5976] page last free pid 5835 tgid 5835 stack trace:
[  103.942880][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  103.948092][ T5976]  __put_partials+0x146/0x170
[  103.952988][ T5976]  __slab_free+0x294/0x320
[  103.957471][ T5976]  qlist_free_all+0x97/0x100
[  103.962165][ T5976]  kasan_quarantine_reduce+0x148/0x160
[  103.967951][ T5976]  __kasan_slab_alloc+0x22/0x80
[  103.973171][ T5976]  __kmalloc_noprof+0x3c2/0x7e0
[  103.978071][ T5976]  tomoyo_realpath_from_path+0xe3/0x5d0
[  103.983674][ T5976]  tomoyo_check_open_permission+0x229/0x470
[  103.989791][ T5976]  security_file_open+0xa9/0x240
[  103.994919][ T5976]  do_dentry_open+0x34e/0x1420
[  103.999722][ T5976]  vfs_open+0x3b/0x340
[  104.003806][ T5976]  path_openat+0x3486/0x3e20
[  104.008545][ T5976]  do_filp_open+0x22d/0x490
[  104.013257][ T5976]  do_sys_openat2+0x12f/0x220
[  104.018068][ T5976]  __x64_sys_openat+0x138/0x170
[  104.022950][ T5976] Modules linked in:
[  104.026918][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  104.026941][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.026952][ T5976] Call Trace:
[  104.026959][ T5976]  <TASK>
[  104.026967][ T5976]  dump_stack_lvl+0xe8/0x150
[  104.026995][ T5976]  bad_page+0x17f/0x1c0
[  104.027021][ T5976]  __free_frozen_pages+0xd28/0xd70
[  104.027049][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  104.027108][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  104.027141][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  104.027161][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  104.027207][ T5976]  do_xdp_generic+0xa6f/0x1280
[  104.027226][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  104.027263][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  104.027292][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  104.027330][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  104.027349][ T5976]  tun_get_user+0x247d/0x3dd0
[  104.027382][ T5976]  ? aa_file_perm+0x12d/0x1630
[  104.027410][ T5976]  ? aa_file_perm+0x440/0x1630
[  104.027433][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  104.027456][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  104.027496][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  104.027522][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  104.027547][ T5976]  ? tun_get+0x1c/0x2f0
[  104.027568][ T5976]  ? tun_get+0x1c/0x2f0
[  104.027593][ T5976]  ? tun_get+0x1c/0x2f0
[  104.027612][ T5976]  ? tun_get+0x1c/0x2f0
[  104.027635][ T5976]  tun_chr_write_iter+0x113/0x200
[  104.027659][ T5976]  vfs_write+0x61d/0xb90
[  104.027697][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  104.027725][ T5976]  ? __pfx_do_futex+0x10/0x10
[  104.027769][ T5976]  ksys_write+0x150/0x270
[  104.027799][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  104.027835][ T5976]  do_syscall_64+0xe2/0xf80
[  104.027858][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.027874][ T5976]  ? trace_irq_disable+0x37/0x100
[  104.027891][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  104.027912][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.027929][ T5976] RIP: 0033:0x7f990df5b78e
[  104.027946][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  104.027961][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.027981][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  104.027994][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  104.028006][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  104.028017][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.028028][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  104.028060][ T5976]  </TASK>
[  104.028068][ T5976] Disabling lock debugging due to kernel taint
[  104.304169][ T5976] BUG: Bad page state in process syz.0.17  pfn:78a3a
[  104.311112][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078a3af50 pfn:0x78a3a
[  104.321560][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  104.328837][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  104.337824][ T5976] raw: ffff888078a3af50 0000000000000001 00000000ffffffff 0000000000000000
[  104.346436][ T5976] page dumped because: page_pool leak
[  104.351845][ T5976] page_owner tracks the page as allocated
[  104.357603][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792468495, free_ts 103698926626
[  104.374699][ T5976]  post_alloc_hook+0x228/0x280
[  104.379532][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  104.385125][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  104.391159][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  104.396676][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  104.402753][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  104.407769][ T5976]  do_xdp_generic+0x715/0x1280
[  104.412658][ T5976]  tun_get_user+0x247d/0x3dd0
[  104.417416][ T5976]  tun_chr_write_iter+0x113/0x200
[  104.422559][ T5976]  vfs_write+0x61d/0xb90
[  104.427024][ T5976]  ksys_write+0x150/0x270
[  104.431495][ T5976]  do_syscall_64+0xe2/0xf80
[  104.436081][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.442130][ T5976] page last free pid 5835 tgid 5835 stack trace:
[  104.448548][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  104.453706][ T5976]  __put_partials+0x146/0x170
[  104.458534][ T5976]  __slab_free+0x294/0x320
[  104.462980][ T5976]  qlist_free_all+0x97/0x100
[  104.467611][ T5976]  kasan_quarantine_reduce+0x148/0x160
[  104.473178][ T5976]  __kasan_slab_alloc+0x22/0x80
[  104.478068][ T5976]  __kmalloc_noprof+0x3c2/0x7e0
[  104.483052][ T5976]  tomoyo_realpath_from_path+0xe3/0x5d0
[  104.488655][ T5976]  tomoyo_check_open_permission+0x229/0x470
[  104.494595][ T5976]  security_file_open+0xa9/0x240
[  104.499573][ T5976]  do_dentry_open+0x34e/0x1420
[  104.504352][ T5976]  vfs_open+0x3b/0x340
[  104.508588][ T5976]  path_openat+0x3486/0x3e20
[  104.513659][ T5976]  do_filp_open+0x22d/0x490
[  104.518304][ T5976]  do_sys_openat2+0x12f/0x220
[  104.523208][ T5976]  __x64_sys_openat+0x138/0x170
[  104.528727][ T5976] Modules linked in:
[  104.532823][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  104.532841][ T5976] Tainted: [B]=BAD_PAGE
[  104.532844][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.532851][ T5976] Call Trace:
[  104.532856][ T5976]  <TASK>
[  104.532861][ T5976]  dump_stack_lvl+0xe8/0x150
[  104.532878][ T5976]  bad_page+0x17f/0x1c0
[  104.532893][ T5976]  __free_frozen_pages+0xd28/0xd70
[  104.532906][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  104.532928][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  104.532943][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  104.532954][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  104.532971][ T5976]  do_xdp_generic+0xa6f/0x1280
[  104.532980][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  104.532997][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  104.533009][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  104.533024][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  104.533035][ T5976]  tun_get_user+0x247d/0x3dd0
[  104.533049][ T5976]  ? aa_file_perm+0x12d/0x1630
[  104.533064][ T5976]  ? aa_file_perm+0x440/0x1630
[  104.533077][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  104.533088][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  104.533106][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  104.533120][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  104.533148][ T5976]  ? tun_get+0x1c/0x2f0
[  104.533159][ T5976]  ? tun_get+0x1c/0x2f0
[  104.533170][ T5976]  ? tun_get+0x1c/0x2f0
[  104.533180][ T5976]  ? tun_get+0x1c/0x2f0
[  104.533191][ T5976]  tun_chr_write_iter+0x113/0x200
[  104.533203][ T5976]  vfs_write+0x61d/0xb90
[  104.533219][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  104.533235][ T5976]  ? __pfx_do_futex+0x10/0x10
[  104.533253][ T5976]  ksys_write+0x150/0x270
[  104.533269][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  104.533286][ T5976]  do_syscall_64+0xe2/0xf80
[  104.533301][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.533311][ T5976]  ? trace_irq_disable+0x37/0x100
[  104.533321][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  104.533333][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.533343][ T5976] RIP: 0033:0x7f990df5b78e
[  104.533354][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  104.533363][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.533377][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  104.533387][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  104.533394][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  104.533401][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.533408][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  104.533419][ T5976]  </TASK>
[  104.533427][ T5976] BUG: Bad page state in process syz.0.17  pfn:78a89
[  104.816475][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078a89f50 pfn:0x78a89
[  104.826845][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  104.834089][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  104.842719][ T5976] raw: ffff888078a89f50 0000000000000001 00000000ffffffff 0000000000000000
[  104.851684][ T5976] page dumped because: page_pool leak
[  104.857343][ T5976] page_owner tracks the page as allocated
[  104.863325][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792458984, free_ts 103698944616
[  104.880494][ T5976]  post_alloc_hook+0x228/0x280
[  104.885390][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  104.891432][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  104.897282][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  104.902735][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  104.908835][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  104.913791][ T5976]  do_xdp_generic+0x715/0x1280
[  104.918682][ T5976]  tun_get_user+0x247d/0x3dd0
[  104.923384][ T5976]  tun_chr_write_iter+0x113/0x200
[  104.928439][ T5976]  vfs_write+0x61d/0xb90
[  104.932715][ T5976]  ksys_write+0x150/0x270
[  104.937335][ T5976]  do_syscall_64+0xe2/0xf80
[  104.942053][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.948095][ T5976] page last free pid 5835 tgid 5835 stack trace:
[  104.954433][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  104.959716][ T5976]  __put_partials+0x146/0x170
[  104.964464][ T5976]  __slab_free+0x294/0x320
[  104.969068][ T5976]  qlist_free_all+0x97/0x100
[  104.973684][ T5976]  kasan_quarantine_reduce+0x148/0x160
[  104.979327][ T5976]  __kasan_slab_alloc+0x22/0x80
[  104.984653][ T5976]  __kmalloc_noprof+0x3c2/0x7e0
[  104.989575][ T5976]  tomoyo_realpath_from_path+0xe3/0x5d0
[  104.995267][ T5976]  tomoyo_check_open_permission+0x229/0x470
[  105.001405][ T5976]  security_file_open+0xa9/0x240
[  105.006397][ T5976]  do_dentry_open+0x34e/0x1420
[  105.011432][ T5976]  vfs_open+0x3b/0x340
[  105.015594][ T5976]  path_openat+0x3486/0x3e20
[  105.020448][ T5976]  do_filp_open+0x22d/0x490
[  105.024982][ T5976]  do_sys_openat2+0x12f/0x220
[  105.029827][ T5976]  __x64_sys_openat+0x138/0x170
[  105.034705][ T5976] Modules linked in:
[  105.038741][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  105.038771][ T5976] Tainted: [B]=BAD_PAGE
[  105.038777][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  105.038787][ T5976] Call Trace:
[  105.038793][ T5976]  <TASK>
[  105.038800][ T5976]  dump_stack_lvl+0xe8/0x150
[  105.038825][ T5976]  bad_page+0x17f/0x1c0
[  105.038848][ T5976]  __free_frozen_pages+0xd28/0xd70
[  105.038869][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  105.038905][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  105.038927][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  105.038944][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  105.038972][ T5976]  do_xdp_generic+0xa6f/0x1280
[  105.038989][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  105.039016][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  105.039036][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  105.039063][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  105.039091][ T5976]  tun_get_user+0x247d/0x3dd0
[  105.039116][ T5976]  ? aa_file_perm+0x12d/0x1630
[  105.039142][ T5976]  ? aa_file_perm+0x440/0x1630
[  105.039165][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  105.039185][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  105.039213][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  105.039237][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  105.039258][ T5976]  ? tun_get+0x1c/0x2f0
[  105.039276][ T5976]  ? tun_get+0x1c/0x2f0
[  105.039295][ T5976]  ? tun_get+0x1c/0x2f0
[  105.039312][ T5976]  ? tun_get+0x1c/0x2f0
[  105.039331][ T5976]  tun_chr_write_iter+0x113/0x200
[  105.039349][ T5976]  vfs_write+0x61d/0xb90
[  105.039377][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  105.039401][ T5976]  ? __pfx_do_futex+0x10/0x10
[  105.039431][ T5976]  ksys_write+0x150/0x270
[  105.039457][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  105.039485][ T5976]  do_syscall_64+0xe2/0xf80
[  105.039507][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.039524][ T5976]  ? trace_irq_disable+0x37/0x100
[  105.039541][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  105.039560][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.039575][ T5976] RIP: 0033:0x7f990df5b78e
[  105.039590][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  105.039604][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  105.039625][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  105.039638][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  105.039650][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  105.039660][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  105.039671][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  105.039691][ T5976]  </TASK>
[  105.039702][ T5976] BUG: Bad page state in process syz.0.17  pfn:78a8f
[  105.324163][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078a8ff50 pfn:0x78a8f
[  105.334361][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  105.341677][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  105.350636][ T5976] raw: ffff888078a8ff50 0000000000000001 00000000ffffffff 0000000000000000
[  105.359417][ T5976] page dumped because: page_pool leak
[  105.364920][ T5976] page_owner tracks the page as allocated
[  105.370839][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792449674, free_ts 103698962605
[  105.387831][ T5976]  post_alloc_hook+0x228/0x280
[  105.392765][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  105.398344][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  105.404163][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  105.409651][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  105.415738][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  105.420618][ T5976]  do_xdp_generic+0x715/0x1280
[  105.425569][ T5976]  tun_get_user+0x247d/0x3dd0
[  105.430286][ T5976]  tun_chr_write_iter+0x113/0x200
[  105.435344][ T5976]  vfs_write+0x61d/0xb90
[  105.439803][ T5976]  ksys_write+0x150/0x270
[  105.444265][ T5976]  do_syscall_64+0xe2/0xf80
[  105.448801][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.454792][ T5976] page last free pid 5835 tgid 5835 stack trace:
[  105.461156][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  105.466589][ T5976]  __put_partials+0x146/0x170
[  105.471262][ T5976]  __slab_free+0x294/0x320
[  105.475758][ T5976]  qlist_free_all+0x97/0x100
[  105.480378][ T5976]  kasan_quarantine_reduce+0x148/0x160
[  105.485854][ T5976]  __kasan_slab_alloc+0x22/0x80
[  105.490825][ T5976]  __kmalloc_noprof+0x3c2/0x7e0
[  105.495856][ T5976]  tomoyo_realpath_from_path+0xe3/0x5d0
[  105.501758][ T5976]  tomoyo_check_open_permission+0x229/0x470
[  105.507797][ T5976]  security_file_open+0xa9/0x240
[  105.512820][ T5976]  do_dentry_open+0x34e/0x1420
[  105.517623][ T5976]  vfs_open+0x3b/0x340
[  105.521710][ T5976]  path_openat+0x3486/0x3e20
[  105.526449][ T5976]  do_filp_open+0x22d/0x490
[  105.531147][ T5976]  do_sys_openat2+0x12f/0x220
[  105.535824][ T5976]  __x64_sys_openat+0x138/0x170
[  105.540888][ T5976] Modules linked in:
[  105.544991][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  105.545009][ T5976] Tainted: [B]=BAD_PAGE
[  105.545013][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  105.545020][ T5976] Call Trace:
[  105.545025][ T5976]  <TASK>
[  105.545030][ T5976]  dump_stack_lvl+0xe8/0x150
[  105.545048][ T5976]  bad_page+0x17f/0x1c0
[  105.545069][ T5976]  __free_frozen_pages+0xd28/0xd70
[  105.545112][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  105.545146][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  105.545165][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  105.545176][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  105.545192][ T5976]  do_xdp_generic+0xa6f/0x1280
[  105.545202][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  105.545218][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  105.545230][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  105.545245][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  105.545256][ T5976]  tun_get_user+0x247d/0x3dd0
[  105.545270][ T5976]  ? aa_file_perm+0x12d/0x1630
[  105.545284][ T5976]  ? aa_file_perm+0x440/0x1630
[  105.545297][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  105.545309][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  105.545326][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  105.545343][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  105.545357][ T5976]  ? tun_get+0x1c/0x2f0
[  105.545367][ T5976]  ? tun_get+0x1c/0x2f0
[  105.545379][ T5976]  ? tun_get+0x1c/0x2f0
[  105.545389][ T5976]  ? tun_get+0x1c/0x2f0
[  105.545400][ T5976]  tun_chr_write_iter+0x113/0x200
[  105.545412][ T5976]  vfs_write+0x61d/0xb90
[  105.545428][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  105.545444][ T5976]  ? __pfx_do_futex+0x10/0x10
[  105.545463][ T5976]  ksys_write+0x150/0x270
[  105.545478][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  105.545496][ T5976]  do_syscall_64+0xe2/0xf80
[  105.545510][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.545520][ T5976]  ? trace_irq_disable+0x37/0x100
[  105.545530][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  105.545542][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.545552][ T5976] RIP: 0033:0x7f990df5b78e
[  105.545563][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  105.545573][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  105.545585][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  105.545593][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  105.545601][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  105.545607][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  105.545614][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  105.545625][ T5976]  </TASK>
[  105.545634][ T5976] BUG: Bad page state in process syz.0.17  pfn:789ec
[  105.828941][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880789ecfc0 pfn:0x789ec
[  105.839039][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  105.846306][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  105.855002][ T5976] raw: ffff8880789ecfc0 0000000000000001 00000000ffffffff 0000000000000000
[  105.863622][ T5976] page dumped because: page_pool leak
[  105.869115][ T5976] page_owner tracks the page as allocated
[  105.875095][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792440317, free_ts 103699097169
[  105.892387][ T5976]  post_alloc_hook+0x228/0x280
[  105.897219][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  105.902863][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  105.908886][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  105.914449][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  105.920571][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  105.925462][ T5976]  do_xdp_generic+0x715/0x1280
[  105.930408][ T5976]  tun_get_user+0x247d/0x3dd0
[  105.935123][ T5976]  tun_chr_write_iter+0x113/0x200
[  105.940358][ T5976]  vfs_write+0x61d/0xb90
[  105.944964][ T5976]  ksys_write+0x150/0x270
[  105.949342][ T5976]  do_syscall_64+0xe2/0xf80
[  105.954081][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.960202][ T5976] page last free pid 5835 tgid 5835 stack trace:
[  105.966582][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  105.971722][ T5976]  __put_partials+0x146/0x170
[  105.976438][ T5976]  __slab_free+0x294/0x320
[  105.980870][ T5976]  qlist_free_all+0x97/0x100
[  105.985459][ T5976]  kasan_quarantine_reduce+0x148/0x160
[  105.991345][ T5976]  __kasan_slab_alloc+0x22/0x80
[  105.996259][ T5976]  __kmalloc_noprof+0x3c2/0x7e0
[  106.001201][ T5976]  tomoyo_realpath_from_path+0xe3/0x5d0
[  106.006814][ T5976]  tomoyo_check_open_permission+0x229/0x470
[  106.012727][ T5976]  security_file_open+0xa9/0x240
[  106.017797][ T5976]  do_dentry_open+0x34e/0x1420
[  106.022577][ T5976]  vfs_open+0x3b/0x340
[  106.026854][ T5976]  path_openat+0x3486/0x3e20
[  106.031466][ T5976]  do_filp_open+0x22d/0x490
[  106.036048][ T5976]  do_sys_openat2+0x12f/0x220
[  106.040744][ T5976]  __x64_sys_openat+0x138/0x170
[  106.045762][ T5976] Modules linked in:
[  106.049692][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  106.049718][ T5976] Tainted: [B]=BAD_PAGE
[  106.049725][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  106.049736][ T5976] Call Trace:
[  106.049745][ T5976]  <TASK>
[  106.049752][ T5976]  dump_stack_lvl+0xe8/0x150
[  106.049775][ T5976]  bad_page+0x17f/0x1c0
[  106.049797][ T5976]  __free_frozen_pages+0xd28/0xd70
[  106.049818][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  106.049851][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  106.049874][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  106.049892][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  106.049921][ T5976]  do_xdp_generic+0xa6f/0x1280
[  106.049937][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  106.049965][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  106.049985][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  106.050009][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  106.050025][ T5976]  tun_get_user+0x247d/0x3dd0
[  106.050048][ T5976]  ? aa_file_perm+0x12d/0x1630
[  106.050072][ T5976]  ? aa_file_perm+0x440/0x1630
[  106.050094][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  106.050112][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  106.050140][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  106.050164][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  106.050188][ T5976]  ? tun_get+0x1c/0x2f0
[  106.050206][ T5976]  ? tun_get+0x1c/0x2f0
[  106.050227][ T5976]  ? tun_get+0x1c/0x2f0
[  106.050246][ T5976]  ? tun_get+0x1c/0x2f0
[  106.050266][ T5976]  tun_chr_write_iter+0x113/0x200
[  106.050285][ T5976]  vfs_write+0x61d/0xb90
[  106.050312][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  106.050336][ T5976]  ? __pfx_do_futex+0x10/0x10
[  106.050367][ T5976]  ksys_write+0x150/0x270
[  106.050403][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  106.050431][ T5976]  do_syscall_64+0xe2/0xf80
[  106.050453][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.050471][ T5976]  ? trace_irq_disable+0x37/0x100
[  106.050486][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  106.050506][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.050523][ T5976] RIP: 0033:0x7f990df5b78e
[  106.050540][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  106.050555][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  106.050575][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  106.050588][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  106.050600][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  106.050611][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  106.050622][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  106.050642][ T5976]  </TASK>
[  106.050654][ T5976] BUG: Bad page state in process syz.0.17  pfn:7899f
[  106.332819][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807899f000 pfn:0x7899f
[  106.342946][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  106.350205][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  106.359081][ T5976] raw: ffff88807899f000 0000000000000001 00000000ffffffff 0000000000000000
[  106.367773][ T5976] page dumped because: page_pool leak
[  106.373157][ T5976] page_owner tracks the page as allocated
[  106.378922][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792430787, free_ts 103726086442
[  106.396138][ T5976]  post_alloc_hook+0x228/0x280
[  106.400905][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  106.406679][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  106.413462][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  106.418962][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  106.425224][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  106.430302][ T5976]  do_xdp_generic+0x715/0x1280
[  106.435085][ T5976]  tun_get_user+0x247d/0x3dd0
[  106.439845][ T5976]  tun_chr_write_iter+0x113/0x200
[  106.444973][ T5976]  vfs_write+0x61d/0xb90
[  106.449262][ T5976]  ksys_write+0x150/0x270
[  106.453779][ T5976]  do_syscall_64+0xe2/0xf80
[  106.458362][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.464357][ T5976] page last free pid 0 tgid 0 stack trace:
[  106.470285][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  106.475418][ T5976]  rcu_core+0xc9e/0x1750
[  106.479792][ T5976]  handle_softirqs+0x22a/0x7c0
[  106.484569][ T5976]  __irq_exit_rcu+0x5f/0x150
[  106.489449][ T5976]  irq_exit_rcu+0x9/0x30
[  106.493699][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  106.499476][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  106.505751][ T5976] Modules linked in:
[  106.510129][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  106.510155][ T5976] Tainted: [B]=BAD_PAGE
[  106.510162][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  106.510171][ T5976] Call Trace:
[  106.510178][ T5976]  <TASK>
[  106.510185][ T5976]  dump_stack_lvl+0xe8/0x150
[  106.510212][ T5976]  bad_page+0x17f/0x1c0
[  106.510237][ T5976]  __free_frozen_pages+0xd28/0xd70
[  106.510259][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  106.510294][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  106.510319][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  106.510337][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  106.510365][ T5976]  do_xdp_generic+0xa6f/0x1280
[  106.510381][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  106.510408][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  106.510427][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  106.510450][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  106.510468][ T5976]  tun_get_user+0x247d/0x3dd0
[  106.510490][ T5976]  ? aa_file_perm+0x12d/0x1630
[  106.510524][ T5976]  ? aa_file_perm+0x440/0x1630
[  106.510547][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  106.510567][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  106.510597][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  106.510622][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  106.510644][ T5976]  ? tun_get+0x1c/0x2f0
[  106.510662][ T5976]  ? tun_get+0x1c/0x2f0
[  106.510681][ T5976]  ? tun_get+0x1c/0x2f0
[  106.510697][ T5976]  ? tun_get+0x1c/0x2f0
[  106.510716][ T5976]  tun_chr_write_iter+0x113/0x200
[  106.510736][ T5976]  vfs_write+0x61d/0xb90
[  106.510764][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  106.510786][ T5976]  ? __pfx_do_futex+0x10/0x10
[  106.510815][ T5976]  ksys_write+0x150/0x270
[  106.510839][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  106.510867][ T5976]  do_syscall_64+0xe2/0xf80
[  106.510889][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.510906][ T5976]  ? trace_irq_disable+0x37/0x100
[  106.510923][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  106.510942][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.510959][ T5976] RIP: 0033:0x7f990df5b78e
[  106.510976][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  106.510990][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  106.511010][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  106.511024][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  106.511035][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  106.511047][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  106.511057][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  106.511077][ T5976]  </TASK>
[  106.511088][ T5976] BUG: Bad page state in process syz.0.17  pfn:7890e
[  106.797834][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807890e780 pfn:0x7890e
[  106.808118][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  106.815420][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  106.824212][ T5976] raw: ffff88807890e780 0000000000000001 00000000ffffffff 0000000000000000
[  106.832922][ T5976] page dumped because: page_pool leak
[  106.838409][ T5976] page_owner tracks the page as allocated
[  106.844327][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792421054, free_ts 103726113083
[  106.861411][ T5976]  post_alloc_hook+0x228/0x280
[  106.866221][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  106.871937][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  106.877779][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  106.883258][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  106.889521][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  106.894392][ T5976]  do_xdp_generic+0x715/0x1280
[  106.899295][ T5976]  tun_get_user+0x247d/0x3dd0
[  106.903982][ T5976]  tun_chr_write_iter+0x113/0x200
[  106.909037][ T5976]  vfs_write+0x61d/0xb90
[  106.913415][ T5976]  ksys_write+0x150/0x270
[  106.917862][ T5976]  do_syscall_64+0xe2/0xf80
[  106.922391][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.928615][ T5976] page last free pid 0 tgid 0 stack trace:
[  106.934424][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  106.939649][ T5976]  rcu_core+0xc9e/0x1750
[  106.944032][ T5976]  handle_softirqs+0x22a/0x7c0
[  106.948911][ T5976]  __irq_exit_rcu+0x5f/0x150
[  106.953597][ T5976]  irq_exit_rcu+0x9/0x30
[  106.957861][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  106.963506][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  106.969514][ T5976] Modules linked in:
[  106.973421][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  106.973439][ T5976] Tainted: [B]=BAD_PAGE
[  106.973443][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  106.973450][ T5976] Call Trace:
[  106.973455][ T5976]  <TASK>
[  106.973459][ T5976]  dump_stack_lvl+0xe8/0x150
[  106.973476][ T5976]  bad_page+0x17f/0x1c0
[  106.973491][ T5976]  __free_frozen_pages+0xd28/0xd70
[  106.973503][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  106.973525][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  106.973540][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  106.973551][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  106.973568][ T5976]  do_xdp_generic+0xa6f/0x1280
[  106.973577][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  106.973594][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  106.973607][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  106.973622][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  106.973632][ T5976]  tun_get_user+0x247d/0x3dd0
[  106.973646][ T5976]  ? aa_file_perm+0x12d/0x1630
[  106.973661][ T5976]  ? aa_file_perm+0x440/0x1630
[  106.973674][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  106.973686][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  106.973703][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  106.973717][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  106.973730][ T5976]  ? tun_get+0x1c/0x2f0
[  106.973741][ T5976]  ? tun_get+0x1c/0x2f0
[  106.973752][ T5976]  ? tun_get+0x1c/0x2f0
[  106.973762][ T5976]  ? tun_get+0x1c/0x2f0
[  106.973773][ T5976]  tun_chr_write_iter+0x113/0x200
[  106.973785][ T5976]  vfs_write+0x61d/0xb90
[  106.973802][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  106.973817][ T5976]  ? __pfx_do_futex+0x10/0x10
[  106.973836][ T5976]  ksys_write+0x150/0x270
[  106.973851][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  106.973868][ T5976]  do_syscall_64+0xe2/0xf80
[  106.973883][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.973894][ T5976]  ? trace_irq_disable+0x37/0x100
[  106.973909][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  106.973976][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.973996][ T5976] RIP: 0033:0x7f990df5b78e
[  106.974009][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  106.974018][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  106.974032][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  106.974040][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  106.974047][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  106.974054][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  106.974115][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  106.974127][ T5976]  </TASK>
[  106.974135][ T5976] BUG: Bad page state in process syz.0.17  pfn:2037b
[  107.257792][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802037bee0 pfn:0x2037b
[  107.267999][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  107.275129][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  107.283849][ T5976] raw: ffff88802037bee0 0000000000000001 00000000ffffffff 0000000000000000
[  107.292480][ T5976] page dumped because: page_pool leak
[  107.297903][ T5976] page_owner tracks the page as allocated
[  107.303628][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792410904, free_ts 103726135717
[  107.320683][ T5976]  post_alloc_hook+0x228/0x280
[  107.325474][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  107.331161][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  107.337009][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  107.342551][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  107.348649][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  107.353513][ T5976]  do_xdp_generic+0x715/0x1280
[  107.358304][ T5976]  tun_get_user+0x247d/0x3dd0
[  107.363015][ T5976]  tun_chr_write_iter+0x113/0x200
[  107.368177][ T5976]  vfs_write+0x61d/0xb90
[  107.372436][ T5976]  ksys_write+0x150/0x270
[  107.376973][ T5976]  do_syscall_64+0xe2/0xf80
[  107.381583][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.387563][ T5976] page last free pid 0 tgid 0 stack trace:
[  107.393652][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  107.398825][ T5976]  rcu_core+0xc9e/0x1750
[  107.403182][ T5976]  handle_softirqs+0x22a/0x7c0
[  107.407985][ T5976]  __irq_exit_rcu+0x5f/0x150
[  107.412595][ T5976]  irq_exit_rcu+0x9/0x30
[  107.416959][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  107.422612][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  107.428637][ T5976] Modules linked in:
[  107.432551][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  107.432571][ T5976] Tainted: [B]=BAD_PAGE
[  107.432575][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  107.432581][ T5976] Call Trace:
[  107.432586][ T5976]  <TASK>
[  107.432591][ T5976]  dump_stack_lvl+0xe8/0x150
[  107.432607][ T5976]  bad_page+0x17f/0x1c0
[  107.432622][ T5976]  __free_frozen_pages+0xd28/0xd70
[  107.432635][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  107.432657][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  107.432673][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  107.432685][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  107.432701][ T5976]  do_xdp_generic+0xa6f/0x1280
[  107.432711][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  107.432728][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  107.432740][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  107.432755][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  107.432766][ T5976]  tun_get_user+0x247d/0x3dd0
[  107.432780][ T5976]  ? aa_file_perm+0x12d/0x1630
[  107.432795][ T5976]  ? aa_file_perm+0x440/0x1630
[  107.432808][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  107.432819][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  107.432837][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  107.432851][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  107.432864][ T5976]  ? tun_get+0x1c/0x2f0
[  107.432875][ T5976]  ? tun_get+0x1c/0x2f0
[  107.432886][ T5976]  ? tun_get+0x1c/0x2f0
[  107.432896][ T5976]  ? tun_get+0x1c/0x2f0
[  107.432907][ T5976]  tun_chr_write_iter+0x113/0x200
[  107.432919][ T5976]  vfs_write+0x61d/0xb90
[  107.432936][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  107.432951][ T5976]  ? __pfx_do_futex+0x10/0x10
[  107.432970][ T5976]  ksys_write+0x150/0x270
[  107.432986][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  107.433003][ T5976]  do_syscall_64+0xe2/0xf80
[  107.433017][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.433027][ T5976]  ? trace_irq_disable+0x37/0x100
[  107.433038][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  107.433049][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.433064][ T5976] RIP: 0033:0x7f990df5b78e
[  107.433075][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  107.433084][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  107.433097][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  107.433105][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  107.433113][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  107.433119][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  107.433126][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  107.433137][ T5976]  </TASK>
[  107.433145][ T5976] BUG: Bad page state in process syz.0.17  pfn:2f85f
[  107.715828][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802f85fee0 pfn:0x2f85f
[  107.726156][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  107.733307][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  107.742036][ T5976] raw: ffff88802f85fee0 0000000000000001 00000000ffffffff 0000000000000000
[  107.750649][ T5976] page dumped because: page_pool leak
[  107.756041][ T5976] page_owner tracks the page as allocated
[  107.761760][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792401562, free_ts 103726156532
[  107.778816][ T5976]  post_alloc_hook+0x228/0x280
[  107.783685][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  107.789349][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  107.795320][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  107.800812][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  107.807469][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  107.812315][ T5976]  do_xdp_generic+0x715/0x1280
[  107.817275][ T5976]  tun_get_user+0x247d/0x3dd0
[  107.822056][ T5976]  tun_chr_write_iter+0x113/0x200
[  107.827117][ T5976]  vfs_write+0x61d/0xb90
[  107.831430][ T5976]  ksys_write+0x150/0x270
[  107.835754][ T5976]  do_syscall_64+0xe2/0xf80
[  107.840297][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.846251][ T5976] page last free pid 0 tgid 0 stack trace:
[  107.852072][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  107.857300][ T5976]  rcu_core+0xc9e/0x1750
[  107.861560][ T5976]  handle_softirqs+0x22a/0x7c0
[  107.866361][ T5976]  __irq_exit_rcu+0x5f/0x150
[  107.870964][ T5976]  irq_exit_rcu+0x9/0x30
[  107.875192][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  107.880852][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  107.886867][ T5976] Modules linked in:
[  107.890949][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  107.890966][ T5976] Tainted: [B]=BAD_PAGE
[  107.890970][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  107.890977][ T5976] Call Trace:
[  107.890983][ T5976]  <TASK>
[  107.890988][ T5976]  dump_stack_lvl+0xe8/0x150
[  107.891005][ T5976]  bad_page+0x17f/0x1c0
[  107.891020][ T5976]  __free_frozen_pages+0xd28/0xd70
[  107.891033][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  107.891055][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  107.891070][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  107.891081][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  107.891097][ T5976]  do_xdp_generic+0xa6f/0x1280
[  107.891112][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  107.891130][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  107.891142][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  107.891157][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  107.891167][ T5976]  tun_get_user+0x247d/0x3dd0
[  107.891181][ T5976]  ? aa_file_perm+0x12d/0x1630
[  107.891196][ T5976]  ? aa_file_perm+0x440/0x1630
[  107.891209][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  107.891220][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  107.891238][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  107.891252][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  107.891265][ T5976]  ? tun_get+0x1c/0x2f0
[  107.891276][ T5976]  ? tun_get+0x1c/0x2f0
[  107.891287][ T5976]  ? tun_get+0x1c/0x2f0
[  107.891297][ T5976]  ? tun_get+0x1c/0x2f0
[  107.891308][ T5976]  tun_chr_write_iter+0x113/0x200
[  107.891319][ T5976]  vfs_write+0x61d/0xb90
[  107.891336][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  107.891351][ T5976]  ? __pfx_do_futex+0x10/0x10
[  107.891370][ T5976]  ksys_write+0x150/0x270
[  107.891386][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  107.891403][ T5976]  do_syscall_64+0xe2/0xf80
[  107.891417][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.891427][ T5976]  ? trace_irq_disable+0x37/0x100
[  107.891438][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  107.891450][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.891460][ T5976] RIP: 0033:0x7f990df5b78e
[  107.891470][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  107.891479][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  107.891492][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  107.891500][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  107.891507][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  107.891514][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  107.891521][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  107.891532][ T5976]  </TASK>
[  107.891540][ T5976] BUG: Bad page state in process syz.0.17  pfn:78828
[  108.175752][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078828ee0 pfn:0x78828
[  108.186072][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  108.193222][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  108.202151][ T5976] raw: ffff888078828ee0 0000000000000001 00000000ffffffff 0000000000000000
[  108.211038][ T5976] page dumped because: page_pool leak
[  108.216431][ T5976] page_owner tracks the page as allocated
[  108.222148][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792392193, free_ts 103726178530
[  108.239034][ T5976]  post_alloc_hook+0x228/0x280
[  108.243821][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  108.249493][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  108.255441][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  108.260935][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  108.267051][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  108.271999][ T5976]  do_xdp_generic+0x715/0x1280
[  108.276800][ T5976]  tun_get_user+0x247d/0x3dd0
[  108.281491][ T5976]  tun_chr_write_iter+0x113/0x200
[  108.286541][ T5976]  vfs_write+0x61d/0xb90
[  108.290798][ T5976]  ksys_write+0x150/0x270
[  108.295157][ T5976]  do_syscall_64+0xe2/0xf80
[  108.299688][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.305592][ T5976] page last free pid 0 tgid 0 stack trace:
[  108.311532][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  108.316767][ T5976]  rcu_core+0xc9e/0x1750
[  108.321008][ T5976]  handle_softirqs+0x22a/0x7c0
[  108.325843][ T5976]  __irq_exit_rcu+0x5f/0x150
[  108.330456][ T5976]  irq_exit_rcu+0x9/0x30
[  108.334706][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  108.340474][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  108.346584][ T5976] Modules linked in:
[  108.350479][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  108.350497][ T5976] Tainted: [B]=BAD_PAGE
[  108.350501][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.350508][ T5976] Call Trace:
[  108.350514][ T5976]  <TASK>
[  108.350519][ T5976]  dump_stack_lvl+0xe8/0x150
[  108.350535][ T5976]  bad_page+0x17f/0x1c0
[  108.350550][ T5976]  __free_frozen_pages+0xd28/0xd70
[  108.350563][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  108.350585][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  108.350600][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  108.350611][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  108.350627][ T5976]  do_xdp_generic+0xa6f/0x1280
[  108.350636][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  108.350654][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  108.350666][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  108.350681][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  108.350692][ T5976]  tun_get_user+0x247d/0x3dd0
[  108.350705][ T5976]  ? aa_file_perm+0x12d/0x1630
[  108.350721][ T5976]  ? aa_file_perm+0x440/0x1630
[  108.350734][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  108.350745][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  108.350763][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  108.350777][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  108.350790][ T5976]  ? tun_get+0x1c/0x2f0
[  108.350800][ T5976]  ? tun_get+0x1c/0x2f0
[  108.350812][ T5976]  ? tun_get+0x1c/0x2f0
[  108.350821][ T5976]  ? tun_get+0x1c/0x2f0
[  108.350832][ T5976]  tun_chr_write_iter+0x113/0x200
[  108.350844][ T5976]  vfs_write+0x61d/0xb90
[  108.350861][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  108.350876][ T5976]  ? __pfx_do_futex+0x10/0x10
[  108.350894][ T5976]  ksys_write+0x150/0x270
[  108.350910][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  108.350928][ T5976]  do_syscall_64+0xe2/0xf80
[  108.350941][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.350952][ T5976]  ? trace_irq_disable+0x37/0x100
[  108.350962][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  108.350974][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.350984][ T5976] RIP: 0033:0x7f990df5b78e
[  108.350994][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  108.351003][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  108.351016][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  108.351024][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  108.351032][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  108.351038][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  108.351045][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  108.351056][ T5976]  </TASK>
[  108.351063][ T5976] BUG: Bad page state in process syz.0.17  pfn:78ff4
[  108.633482][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078ff4000 pfn:0x78ff4
[  108.643602][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  108.650954][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  108.659748][ T5976] raw: ffff888078ff4000 0000000000000001 00000000ffffffff 0000000000000000
[  108.668444][ T5976] page dumped because: page_pool leak
[  108.673976][ T5976] page_owner tracks the page as allocated
[  108.679808][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792382964, free_ts 103726202155
[  108.696780][ T5976]  post_alloc_hook+0x228/0x280
[  108.701633][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  108.707284][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  108.713117][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  108.718598][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  108.724685][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  108.729569][ T5976]  do_xdp_generic+0x715/0x1280
[  108.734438][ T5976]  tun_get_user+0x247d/0x3dd0
[  108.739586][ T5976]  tun_chr_write_iter+0x113/0x200
[  108.744736][ T5976]  vfs_write+0x61d/0xb90
[  108.749102][ T5976]  ksys_write+0x150/0x270
[  108.753465][ T5976]  do_syscall_64+0xe2/0xf80
[  108.758096][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.764012][ T5976] page last free pid 0 tgid 0 stack trace:
[  108.769844][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  108.775143][ T5976]  rcu_core+0xc9e/0x1750
[  108.779591][ T5976]  handle_softirqs+0x22a/0x7c0
[  108.784379][ T5976]  __irq_exit_rcu+0x5f/0x150
[  108.789100][ T5976]  irq_exit_rcu+0x9/0x30
[  108.793456][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  108.799507][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  108.805592][ T5976] Modules linked in:
[  108.809645][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  108.809673][ T5976] Tainted: [B]=BAD_PAGE
[  108.809679][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.809689][ T5976] Call Trace:
[  108.809697][ T5976]  <TASK>
[  108.809705][ T5976]  dump_stack_lvl+0xe8/0x150
[  108.809730][ T5976]  bad_page+0x17f/0x1c0
[  108.809754][ T5976]  __free_frozen_pages+0xd28/0xd70
[  108.809776][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  108.809812][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  108.809838][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  108.809856][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  108.809885][ T5976]  do_xdp_generic+0xa6f/0x1280
[  108.809901][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  108.809930][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  108.809951][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  108.809976][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  108.809995][ T5976]  tun_get_user+0x247d/0x3dd0
[  108.810019][ T5976]  ? aa_file_perm+0x12d/0x1630
[  108.810045][ T5976]  ? aa_file_perm+0x440/0x1630
[  108.810068][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  108.810088][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  108.810127][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  108.810151][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  108.810174][ T5976]  ? tun_get+0x1c/0x2f0
[  108.810192][ T5976]  ? tun_get+0x1c/0x2f0
[  108.810212][ T5976]  ? tun_get+0x1c/0x2f0
[  108.810229][ T5976]  ? tun_get+0x1c/0x2f0
[  108.810249][ T5976]  tun_chr_write_iter+0x113/0x200
[  108.810269][ T5976]  vfs_write+0x61d/0xb90
[  108.810297][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  108.810322][ T5976]  ? __pfx_do_futex+0x10/0x10
[  108.810354][ T5976]  ksys_write+0x150/0x270
[  108.810378][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  108.810408][ T5976]  do_syscall_64+0xe2/0xf80
[  108.810431][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.810449][ T5976]  ? trace_irq_disable+0x37/0x100
[  108.810467][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  108.810487][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.810506][ T5976] RIP: 0033:0x7f990df5b78e
[  108.810522][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  108.810537][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  108.810558][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  108.810571][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  108.810583][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  108.810594][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  108.810605][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  108.810626][ T5976]  </TASK>
[  108.810637][ T5976] BUG: Bad page state in process syz.0.17  pfn:78889
[  109.093133][ T5976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078889ee0 pfn:0x78889
[  109.103322][ T5976] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  109.110731][ T5976] raw: 00fff00000000000 dead000000000040 ffff8880212c1000 0000000000000000
[  109.119515][ T5976] raw: ffff888078889ee0 0000000000000001 00000000ffffffff 0000000000000000
[  109.128137][ T5976] page dumped because: page_pool leak
[  109.133495][ T5976] page_owner tracks the page as allocated
[  109.139329][ T5976] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5976, tgid 5976 (syz.0.17), ts 103792373249, free_ts 103726225025
[  109.156984][ T5976]  post_alloc_hook+0x228/0x280
[  109.161741][ T5976]  get_page_from_freelist+0x24dc/0x2580
[  109.167393][ T5976]  __alloc_frozen_pages_noprof+0x18d/0x380
[  109.173299][ T5976]  alloc_pages_bulk_noprof+0x558/0x700
[  109.179073][ T5976]  __page_pool_alloc_netmems_slow+0x14c/0x710
[  109.185168][ T5976]  skb_pp_cow_data+0xc21/0x1680
[  109.190055][ T5976]  do_xdp_generic+0x715/0x1280
[  109.194832][ T5976]  tun_get_user+0x247d/0x3dd0
[  109.199698][ T5976]  tun_chr_write_iter+0x113/0x200
[  109.204750][ T5976]  vfs_write+0x61d/0xb90
[  109.209076][ T5976]  ksys_write+0x150/0x270
[  109.213454][ T5976]  do_syscall_64+0xe2/0xf80
[  109.218118][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.224035][ T5976] page last free pid 0 tgid 0 stack trace:
[  109.229969][ T5976]  __free_frozen_pages+0xbf8/0xd70
[  109.235182][ T5976]  rcu_core+0xc9e/0x1750
[  109.239498][ T5976]  handle_softirqs+0x22a/0x7c0
[  109.244568][ T5976]  __irq_exit_rcu+0x5f/0x150
[  109.249231][ T5976]  irq_exit_rcu+0x9/0x30
[  109.253505][ T5976]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  109.259177][ T5976]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  109.265176][ T5976] Modules linked in:
[  109.269116][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.17 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  109.269143][ T5976] Tainted: [B]=BAD_PAGE
[  109.269149][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  109.269158][ T5976] Call Trace:
[  109.269166][ T5976]  <TASK>
[  109.269173][ T5976]  dump_stack_lvl+0xe8/0x150
[  109.269205][ T5976]  bad_page+0x17f/0x1c0
[  109.269228][ T5976]  __free_frozen_pages+0xd28/0xd70
[  109.269248][ T5976]  bpf_xdp_frags_shrink_tail+0x4f7/0x7f0
[  109.269285][ T5976]  bpf_xdp_adjust_tail+0x1d6/0x220
[  109.269312][ T5976]  bpf_prog_5d7dc57dfd7f985a+0x1e/0x24
[  109.269339][ T5976]  bpf_prog_run_generic_xdp+0x623/0x13f0
[  109.269375][ T5976]  do_xdp_generic+0xa6f/0x1280
[  109.269398][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  109.269427][ T5976]  ? __pfx_do_xdp_generic+0x10/0x10
[  109.269446][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  109.269472][ T5976]  ? tun_get_user+0x2354/0x3dd0
[  109.269490][ T5976]  tun_get_user+0x247d/0x3dd0
[  109.269513][ T5976]  ? aa_file_perm+0x12d/0x1630
[  109.269534][ T5976]  ? aa_file_perm+0x440/0x1630
[  109.269554][ T5976]  ? __pfx_tun_get_user+0x10/0x10
[  109.269573][ T5976]  ? __lock_acquire+0x6b5/0x2cf0
[  109.269601][ T5976]  ? ref_tracker_alloc+0x363/0x4d0
[  109.269624][ T5976]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  109.269646][ T5976]  ? tun_get+0x1c/0x2f0
[  109.269664][ T5976]  ? tun_get+0x1c/0x2f0
[  109.269683][ T5976]  ? tun_get+0x1c/0x2f0
[  109.269699][ T5976]  ? tun_get+0x1c/0x2f0
[  109.269718][ T5976]  tun_chr_write_iter+0x113/0x200
[  109.269738][ T5976]  vfs_write+0x61d/0xb90
[  109.269765][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  109.269790][ T5976]  ? __pfx_do_futex+0x10/0x10
[  109.269830][ T5976]  ksys_write+0x150/0x270
[  109.269856][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  109.269884][ T5976]  do_syscall_64+0xe2/0xf80
[  109.269905][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.269922][ T5976]  ? trace_irq_disable+0x37/0x100
[  109.269939][ T5976]  ? clear_bhb_loop+0x60/0xb0
[  109.269958][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.269974][ T5976] RIP: 0033:0x7f990df5b78e
[  109.269990][ T5976] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  109.270005][ T5976] RSP: 002b:00007fff4eedd768 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  109.270025][ T5976] RAX: ffffffffffffffda RBX: 000055558ae0d500 RCX: 00007f990df5b78e
[  109.270038][ T5976] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[  109.270049][ T5976] RBP: 00007f990e008c1f R08: 0000000000000000 R09: 0000000000000000
[  109.270061][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  109.270071][ T5976] R13: 00007f990e215fac R14: 00007f990e215fa0 R15: 00007f990e215fa0
[  109.270090][ T5976]  </TASK>
[  109.273676][ T5143] Bluetooth: hci0: command tx timeout