program:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000a80)=ANY=[], 0x0)
[ 68.322166][ T5310] Bluetooth: hci0: command tx timeout
[ 68.370632][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f0c
[ 68.377825][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f0c
[ 68.383740][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 68.387299][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 68.390740][ T5325] raw: 0000000000000000 3fffffffffffffff 00000000ffffffff 0000000000000000
[ 68.393997][ T5325] page dumped because: page_pool leak
[ 68.396220][ T5325] page_owner tracks the page as allocated
[ 68.398645][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370507365, free_ts 0
[ 68.404771][ T5325] post_alloc_hook+0x1f4/0x240
[ 68.406958][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 68.409275][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 68.411625][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 68.413703][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 68.416213][ T5325] page_pool_alloc_frag_netmem+0x59c/0x940
[ 68.418545][ T5325] skb_pp_cow_data+0xcea/0x1720
[ 68.420617][ T5325] do_xdp_generic+0x505/0xd30
[ 68.422534][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.424600][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.426612][ T5325] vfs_write+0xacf/0xd10
[ 68.428310][ T5325] ksys_write+0x18f/0x2b0
[ 68.430047][ T5325] do_syscall_64+0xf3/0x230
[ 68.431899][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.434402][ T5325] page_owner free stack trace missing
[ 68.437074][ T5325] Modules linked in:
[ 68.438750][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 68.438767][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.438774][ T5325] Call Trace:
[ 68.438781][ T5325] <TASK>
[ 68.438790][ T5325] dump_stack_lvl+0x241/0x360
[ 68.438806][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.438818][ T5325] ? __pfx_print_modules+0x10/0x10
[ 68.438841][ T5325] bad_page+0x176/0x1d0
[ 68.438857][ T5325] free_frozen_pages+0x1082/0x10e0
[ 68.438877][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 68.438903][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 68.438922][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 68.438933][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 68.438960][ T5325] do_xdp_generic+0x757/0xd30
[ 68.438970][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 68.438979][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 68.438995][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 68.439012][ T5325] ? tun_get_user+0x2914/0x4860
[ 68.439029][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.439054][ T5325] ? __lock_acquire+0x1397/0x2100
[ 68.439075][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 68.439102][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 68.439119][ T5325] ? tun_get+0x1e/0x2f0
[ 68.439133][ T5325] ? __pfx_lock_release+0x10/0x10
[ 68.439186][ T5325] ? tun_get+0x1e/0x2f0
[ 68.439205][ T5325] ? tun_get+0x27d/0x2f0
[ 68.439222][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.439244][ T5325] vfs_write+0xacf/0xd10
[ 68.439259][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 68.439282][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 68.439295][ T5325] ? __fget_files+0x2a/0x420
[ 68.439315][ T5325] ? __fget_files+0x2a/0x420
[ 68.439336][ T5325] ksys_write+0x18f/0x2b0
[ 68.439349][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 68.439368][ T5325] ? exc_page_fault+0x590/0x8b0
[ 68.439385][ T5325] ? do_syscall_64+0xb6/0x230
[ 68.439403][ T5325] do_syscall_64+0xf3/0x230
[ 68.439418][ T5325] ? clear_bhb_loop+0x35/0x90
[ 68.439437][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.439451][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 68.439463][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 68.439472][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 68.439484][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 68.439492][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 68.439501][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 68.439506][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 68.439513][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 68.439529][ T5325] </TASK>
[ 68.439534][ T5325] Disabling lock debugging due to kernel taint
[ 68.553262][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f0b
[ 68.556060][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f0b
[ 68.559530][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 68.562407][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 68.566035][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 68.569561][ T5325] page dumped because: page_pool leak
[ 68.571791][ T5325] page_owner tracks the page as allocated
[ 68.574131][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370499752, free_ts 0
[ 68.580365][ T5325] post_alloc_hook+0x1f4/0x240
[ 68.582117][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 68.584361][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 68.586620][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 68.588594][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 68.590764][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 68.592546][ T5325] do_xdp_generic+0x505/0xd30
[ 68.594344][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.596243][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.598171][ T5325] vfs_write+0xacf/0xd10
[ 68.599855][ T5325] ksys_write+0x18f/0x2b0
[ 68.601530][ T5325] do_syscall_64+0xf3/0x230
[ 68.608513][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.611028][ T5325] page_owner free stack trace missing
[ 68.613316][ T5325] Modules linked in:
[ 68.614928][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 68.614947][ T5325] Tainted: [B]=BAD_PAGE
[ 68.614985][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.614995][ T5325] Call Trace:
[ 68.615084][ T5325] <TASK>
[ 68.615097][ T5325] dump_stack_lvl+0x241/0x360
[ 68.615114][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.615125][ T5325] ? __pfx_print_modules+0x10/0x10
[ 68.615145][ T5325] bad_page+0x176/0x1d0
[ 68.615181][ T5325] free_frozen_pages+0x1082/0x10e0
[ 68.615200][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 68.615326][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 68.615342][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 68.615354][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 68.615378][ T5325] do_xdp_generic+0x757/0xd30
[ 68.615390][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 68.615402][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 68.615415][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 68.615430][ T5325] ? tun_get_user+0x2914/0x4860
[ 68.615453][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.615526][ T5325] ? __lock_acquire+0x1397/0x2100
[ 68.615548][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 68.615567][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 68.615583][ T5325] ? tun_get+0x1e/0x2f0
[ 68.615597][ T5325] ? __pfx_lock_release+0x10/0x10
[ 68.615612][ T5325] ? tun_get+0x1e/0x2f0
[ 68.615627][ T5325] ? tun_get+0x27d/0x2f0
[ 68.615640][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.615656][ T5325] vfs_write+0xacf/0xd10
[ 68.615668][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 68.615683][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 68.615694][ T5325] ? __fget_files+0x2a/0x420
[ 68.615715][ T5325] ? __fget_files+0x2a/0x420
[ 68.615731][ T5325] ksys_write+0x18f/0x2b0
[ 68.615742][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 68.615752][ T5325] ? exc_page_fault+0x590/0x8b0
[ 68.615765][ T5325] ? do_syscall_64+0xb6/0x230
[ 68.615781][ T5325] do_syscall_64+0xf3/0x230
[ 68.615795][ T5325] ? clear_bhb_loop+0x35/0x90
[ 68.615811][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.615828][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 68.615845][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 68.615856][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 68.615868][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 68.615877][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 68.615886][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 68.615893][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 68.615900][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 68.615911][ T5325] </TASK>
[ 68.615930][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f0a
[ 68.728835][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f0a
[ 68.731801][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 68.734180][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 68.737180][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 68.740177][ T5325] page dumped because: page_pool leak
[ 68.742384][ T5325] page_owner tracks the page as allocated
[ 68.744619][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370492745, free_ts 0
[ 68.749961][ T5325] post_alloc_hook+0x1f4/0x240
[ 68.751498][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 68.753575][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 68.755724][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 68.757729][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 68.760098][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 68.762046][ T5325] do_xdp_generic+0x505/0xd30
[ 68.764153][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.766128][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.768160][ T5325] vfs_write+0xacf/0xd10
[ 68.769945][ T5325] ksys_write+0x18f/0x2b0
[ 68.771731][ T5325] do_syscall_64+0xf3/0x230
[ 68.773734][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.776015][ T5325] page_owner free stack trace missing
[ 68.778181][ T5325] Modules linked in:
[ 68.779783][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 68.779800][ T5325] Tainted: [B]=BAD_PAGE
[ 68.779804][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.779811][ T5325] Call Trace:
[ 68.779818][ T5325] <TASK>
[ 68.779824][ T5325] dump_stack_lvl+0x241/0x360
[ 68.779840][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.779851][ T5325] ? __pfx_print_modules+0x10/0x10
[ 68.779873][ T5325] bad_page+0x176/0x1d0
[ 68.779888][ T5325] free_frozen_pages+0x1082/0x10e0
[ 68.779907][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 68.779926][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 68.779942][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 68.779954][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 68.779980][ T5325] do_xdp_generic+0x757/0xd30
[ 68.779991][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 68.780002][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 68.780015][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 68.780029][ T5325] ? tun_get_user+0x2914/0x4860
[ 68.780045][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.780064][ T5325] ? __lock_acquire+0x1397/0x2100
[ 68.780080][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 68.780100][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 68.780116][ T5325] ? tun_get+0x1e/0x2f0
[ 68.780131][ T5325] ? __pfx_lock_release+0x10/0x10
[ 68.780151][ T5325] ? tun_get+0x1e/0x2f0
[ 68.780165][ T5325] ? tun_get+0x27d/0x2f0
[ 68.780175][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.780190][ T5325] vfs_write+0xacf/0xd10
[ 68.780203][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 68.780217][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 68.780227][ T5325] ? __fget_files+0x2a/0x420
[ 68.780243][ T5325] ? __fget_files+0x2a/0x420
[ 68.780258][ T5325] ksys_write+0x18f/0x2b0
[ 68.780268][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 68.780278][ T5325] ? exc_page_fault+0x590/0x8b0
[ 68.780292][ T5325] ? do_syscall_64+0xb6/0x230
[ 68.780306][ T5325] do_syscall_64+0xf3/0x230
[ 68.780320][ T5325] ? clear_bhb_loop+0x35/0x90
[ 68.780338][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.780352][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 68.780362][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 68.780371][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 68.780383][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 68.780392][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 68.780399][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 68.780406][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 68.780412][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 68.780423][ T5325] </TASK>
[ 68.780432][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f09
[ 68.893385][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f09
[ 68.896784][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 68.899629][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 68.903115][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 68.906479][ T5325] page dumped because: page_pool leak
[ 68.908595][ T5325] page_owner tracks the page as allocated
[ 68.910844][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370485234, free_ts 0
[ 68.916920][ T5325] post_alloc_hook+0x1f4/0x240
[ 68.918833][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 68.921007][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 68.923366][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 68.925467][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 68.927948][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 68.929944][ T5325] do_xdp_generic+0x505/0xd30
[ 68.931901][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.933918][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.935916][ T5325] vfs_write+0xacf/0xd10
[ 68.937584][ T5325] ksys_write+0x18f/0x2b0
[ 68.939217][ T5325] do_syscall_64+0xf3/0x230
[ 68.941131][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.943535][ T5325] page_owner free stack trace missing
[ 68.945812][ T5325] Modules linked in:
[ 68.947434][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 68.947453][ T5325] Tainted: [B]=BAD_PAGE
[ 68.947457][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.947465][ T5325] Call Trace:
[ 68.947471][ T5325] <TASK>
[ 68.947477][ T5325] dump_stack_lvl+0x241/0x360
[ 68.947495][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.947507][ T5325] ? __pfx_print_modules+0x10/0x10
[ 68.947526][ T5325] bad_page+0x176/0x1d0
[ 68.947539][ T5325] free_frozen_pages+0x1082/0x10e0
[ 68.947559][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 68.947579][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 68.947593][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 68.947603][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 68.947627][ T5325] do_xdp_generic+0x757/0xd30
[ 68.947639][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 68.947651][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 68.947664][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 68.947677][ T5325] ? tun_get_user+0x2914/0x4860
[ 68.947693][ T5325] tun_get_user+0x2a4b/0x4860
[ 68.947713][ T5325] ? __lock_acquire+0x1397/0x2100
[ 68.947731][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 68.947750][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 68.947765][ T5325] ? tun_get+0x1e/0x2f0
[ 68.947779][ T5325] ? __pfx_lock_release+0x10/0x10
[ 68.947797][ T5325] ? tun_get+0x1e/0x2f0
[ 68.947814][ T5325] ? tun_get+0x27d/0x2f0
[ 68.947829][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 68.947846][ T5325] vfs_write+0xacf/0xd10
[ 68.947859][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 68.947881][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 68.947893][ T5325] ? __fget_files+0x2a/0x420
[ 68.947909][ T5325] ? __fget_files+0x2a/0x420
[ 68.947926][ T5325] ksys_write+0x18f/0x2b0
[ 68.947937][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 68.947947][ T5325] ? exc_page_fault+0x590/0x8b0
[ 68.947961][ T5325] ? do_syscall_64+0xb6/0x230
[ 68.947975][ T5325] do_syscall_64+0xf3/0x230
[ 68.947988][ T5325] ? clear_bhb_loop+0x35/0x90
[ 68.948004][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.948020][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 68.948030][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 68.948039][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 68.948052][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 68.948060][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 68.948068][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 68.948075][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 68.948082][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 68.948093][ T5325] </TASK>
[ 68.948101][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f08
[ 69.064424][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f08
[ 69.068071][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.070909][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 69.074107][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 69.077195][ T5325] page dumped because: page_pool leak
[ 69.079138][ T5325] page_owner tracks the page as allocated
[ 69.081201][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370477746, free_ts 0
[ 69.087092][ T5325] post_alloc_hook+0x1f4/0x240
[ 69.088994][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 69.091050][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 69.093271][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 69.095255][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 69.097410][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 69.099196][ T5325] do_xdp_generic+0x505/0xd30
[ 69.100910][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.102633][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.104546][ T5325] vfs_write+0xacf/0xd10
[ 69.106315][ T5325] ksys_write+0x18f/0x2b0
[ 69.108097][ T5325] do_syscall_64+0xf3/0x230
[ 69.109866][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.112210][ T5325] page_owner free stack trace missing
[ 69.114330][ T5325] Modules linked in:
[ 69.115915][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 69.115933][ T5325] Tainted: [B]=BAD_PAGE
[ 69.115937][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.115945][ T5325] Call Trace:
[ 69.115952][ T5325] <TASK>
[ 69.115959][ T5325] dump_stack_lvl+0x241/0x360
[ 69.115975][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.115986][ T5325] ? __pfx_print_modules+0x10/0x10
[ 69.116006][ T5325] bad_page+0x176/0x1d0
[ 69.116022][ T5325] free_frozen_pages+0x1082/0x10e0
[ 69.116039][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 69.116060][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 69.116075][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 69.116085][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 69.116108][ T5325] do_xdp_generic+0x757/0xd30
[ 69.116121][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 69.116134][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 69.116148][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 69.116164][ T5325] ? tun_get_user+0x2914/0x4860
[ 69.116181][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.116202][ T5325] ? __lock_acquire+0x1397/0x2100
[ 69.116218][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 69.116239][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 69.116256][ T5325] ? tun_get+0x1e/0x2f0
[ 69.116271][ T5325] ? __pfx_lock_release+0x10/0x10
[ 69.116288][ T5325] ? tun_get+0x1e/0x2f0
[ 69.116304][ T5325] ? tun_get+0x27d/0x2f0
[ 69.116321][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.116337][ T5325] vfs_write+0xacf/0xd10
[ 69.116348][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 69.116364][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 69.116376][ T5325] ? __fget_files+0x2a/0x420
[ 69.116392][ T5325] ? __fget_files+0x2a/0x420
[ 69.116407][ T5325] ksys_write+0x18f/0x2b0
[ 69.116418][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 69.116430][ T5325] ? exc_page_fault+0x590/0x8b0
[ 69.116445][ T5325] ? do_syscall_64+0xb6/0x230
[ 69.116459][ T5325] do_syscall_64+0xf3/0x230
[ 69.116473][ T5325] ? clear_bhb_loop+0x35/0x90
[ 69.116489][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.116506][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 69.116517][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 69.116526][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 69.116538][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 69.116545][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 69.116552][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.116559][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 69.116566][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 69.116577][ T5325] </TASK>
[ 69.116587][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f07
[ 69.231102][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f07
[ 69.234645][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.237535][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 69.240982][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 69.244316][ T5325] page dumped because: page_pool leak
[ 69.246427][ T5325] page_owner tracks the page as allocated
[ 69.248658][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370471106, free_ts 0
[ 69.254657][ T5325] post_alloc_hook+0x1f4/0x240
[ 69.256638][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 69.258837][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 69.261109][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 69.263291][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 69.265580][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 69.267525][ T5325] do_xdp_generic+0x505/0xd30
[ 69.269338][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.271238][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.273295][ T5325] vfs_write+0xacf/0xd10
[ 69.275023][ T5325] ksys_write+0x18f/0x2b0
[ 69.276758][ T5325] do_syscall_64+0xf3/0x230
[ 69.278625][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.281087][ T5325] page_owner free stack trace missing
[ 69.283353][ T5325] Modules linked in:
[ 69.284963][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 69.284982][ T5325] Tainted: [B]=BAD_PAGE
[ 69.284993][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.285001][ T5325] Call Trace:
[ 69.285061][ T5325] <TASK>
[ 69.285092][ T5325] dump_stack_lvl+0x241/0x360
[ 69.285110][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.285123][ T5325] ? __pfx_print_modules+0x10/0x10
[ 69.285145][ T5325] bad_page+0x176/0x1d0
[ 69.285160][ T5325] free_frozen_pages+0x1082/0x10e0
[ 69.285181][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 69.285224][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 69.285240][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 69.285251][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 69.285278][ T5325] do_xdp_generic+0x757/0xd30
[ 69.285290][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 69.285303][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 69.285318][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 69.285333][ T5325] ? tun_get_user+0x2914/0x4860
[ 69.285350][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.285382][ T5325] ? __lock_acquire+0x1397/0x2100
[ 69.285401][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 69.285423][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 69.285438][ T5325] ? tun_get+0x1e/0x2f0
[ 69.285454][ T5325] ? __pfx_lock_release+0x10/0x10
[ 69.285473][ T5325] ? tun_get+0x1e/0x2f0
[ 69.285487][ T5325] ? tun_get+0x27d/0x2f0
[ 69.285503][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.285521][ T5325] vfs_write+0xacf/0xd10
[ 69.285534][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 69.285549][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 69.285560][ T5325] ? __fget_files+0x2a/0x420
[ 69.285576][ T5325] ? __fget_files+0x2a/0x420
[ 69.285591][ T5325] ksys_write+0x18f/0x2b0
[ 69.285603][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 69.285615][ T5325] ? exc_page_fault+0x590/0x8b0
[ 69.285629][ T5325] ? do_syscall_64+0xb6/0x230
[ 69.285642][ T5325] do_syscall_64+0xf3/0x230
[ 69.285657][ T5325] ? clear_bhb_loop+0x35/0x90
[ 69.285682][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.285697][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 69.285715][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 69.285726][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 69.285738][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 69.285746][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 69.285753][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.285761][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 69.285769][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 69.285780][ T5325] </TASK>
[ 69.285822][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f06
[ 69.398025][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f06
[ 69.401213][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.403952][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 69.407233][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 69.410652][ T5325] page dumped because: page_pool leak
[ 69.412902][ T5325] page_owner tracks the page as allocated
[ 69.415200][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370464130, free_ts 0
[ 69.421404][ T5325] post_alloc_hook+0x1f4/0x240
[ 69.423420][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 69.425639][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 69.427978][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 69.430085][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 69.432377][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 69.434399][ T5325] do_xdp_generic+0x505/0xd30
[ 69.436284][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.438201][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.440269][ T5325] vfs_write+0xacf/0xd10
[ 69.441973][ T5325] ksys_write+0x18f/0x2b0
[ 69.443776][ T5325] do_syscall_64+0xf3/0x230
[ 69.445621][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.447982][ T5325] page_owner free stack trace missing
[ 69.450134][ T5325] Modules linked in:
[ 69.451659][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 69.451683][ T5325] Tainted: [B]=BAD_PAGE
[ 69.451688][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.451694][ T5325] Call Trace:
[ 69.451702][ T5325] <TASK>
[ 69.451713][ T5325] dump_stack_lvl+0x241/0x360
[ 69.451729][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.451741][ T5325] ? __pfx_print_modules+0x10/0x10
[ 69.451760][ T5325] bad_page+0x176/0x1d0
[ 69.451775][ T5325] free_frozen_pages+0x1082/0x10e0
[ 69.451793][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 69.451813][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 69.451828][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 69.451840][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 69.451864][ T5325] do_xdp_generic+0x757/0xd30
[ 69.451877][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 69.451890][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 69.451905][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 69.451920][ T5325] ? tun_get_user+0x2914/0x4860
[ 69.451937][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.451955][ T5325] ? __lock_acquire+0x1397/0x2100
[ 69.451973][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 69.451993][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 69.452007][ T5325] ? tun_get+0x1e/0x2f0
[ 69.452023][ T5325] ? __pfx_lock_release+0x10/0x10
[ 69.452042][ T5325] ? tun_get+0x1e/0x2f0
[ 69.452056][ T5325] ? tun_get+0x27d/0x2f0
[ 69.452071][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.452088][ T5325] vfs_write+0xacf/0xd10
[ 69.452100][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 69.452115][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 69.452126][ T5325] ? __fget_files+0x2a/0x420
[ 69.452143][ T5325] ? __fget_files+0x2a/0x420
[ 69.452159][ T5325] ksys_write+0x18f/0x2b0
[ 69.452170][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 69.452181][ T5325] ? exc_page_fault+0x590/0x8b0
[ 69.452196][ T5325] ? do_syscall_64+0xb6/0x230
[ 69.452210][ T5325] do_syscall_64+0xf3/0x230
[ 69.452223][ T5325] ? clear_bhb_loop+0x35/0x90
[ 69.452241][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.452257][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 69.452268][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 69.452278][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 69.452291][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 69.452300][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 69.452307][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.452314][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 69.452320][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 69.452332][ T5325] </TASK>
[ 69.452340][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f05
[ 69.566698][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f05
[ 69.570150][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.573522][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 69.576635][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 69.579674][ T5325] page dumped because: page_pool leak
[ 69.582382][ T5325] page_owner tracks the page as allocated
[ 69.584774][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370456895, free_ts 0
[ 69.590891][ T5325] post_alloc_hook+0x1f4/0x240
[ 69.592668][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 69.594729][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 69.596738][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 69.598736][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 69.600988][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 69.602972][ T5325] do_xdp_generic+0x505/0xd30
[ 69.604907][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.606844][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.608897][ T5325] vfs_write+0xacf/0xd10
[ 69.610600][ T5325] ksys_write+0x18f/0x2b0
[ 69.612354][ T5325] do_syscall_64+0xf3/0x230
[ 69.614248][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.616561][ T5325] page_owner free stack trace missing
[ 69.618700][ T5325] Modules linked in:
[ 69.620331][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 69.620351][ T5325] Tainted: [B]=BAD_PAGE
[ 69.620362][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.620370][ T5325] Call Trace:
[ 69.620401][ T5325] <TASK>
[ 69.620413][ T5325] dump_stack_lvl+0x241/0x360
[ 69.620430][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.620443][ T5325] ? __pfx_print_modules+0x10/0x10
[ 69.620463][ T5325] bad_page+0x176/0x1d0
[ 69.620477][ T5325] free_frozen_pages+0x1082/0x10e0
[ 69.620497][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 69.620538][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 69.620554][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 69.620566][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 69.620592][ T5325] do_xdp_generic+0x757/0xd30
[ 69.620606][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 69.620619][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 69.620634][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 69.620648][ T5325] ? tun_get_user+0x2914/0x4860
[ 69.620674][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.620706][ T5325] ? __lock_acquire+0x1397/0x2100
[ 69.620726][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 69.620750][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 69.620768][ T5325] ? tun_get+0x1e/0x2f0
[ 69.620785][ T5325] ? __pfx_lock_release+0x10/0x10
[ 69.620805][ T5325] ? tun_get+0x1e/0x2f0
[ 69.620820][ T5325] ? tun_get+0x27d/0x2f0
[ 69.620836][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.620853][ T5325] vfs_write+0xacf/0xd10
[ 69.620865][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 69.620881][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 69.620893][ T5325] ? __fget_files+0x2a/0x420
[ 69.620908][ T5325] ? __fget_files+0x2a/0x420
[ 69.620923][ T5325] ksys_write+0x18f/0x2b0
[ 69.620934][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 69.620945][ T5325] ? exc_page_fault+0x590/0x8b0
[ 69.620960][ T5325] ? do_syscall_64+0xb6/0x230
[ 69.620973][ T5325] do_syscall_64+0xf3/0x230
[ 69.620988][ T5325] ? clear_bhb_loop+0x35/0x90
[ 69.621007][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.621026][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 69.621074][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 69.621085][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 69.621100][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 69.621109][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 69.621117][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.621125][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 69.621133][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 69.621147][ T5325] </TASK>
[ 69.621167][ T5325] BUG: Bad page state in process syz.0.0 pfn:52f04
[ 69.733291][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52f04
[ 69.736743][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.739632][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 69.743089][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 69.746494][ T5325] page dumped because: page_pool leak
[ 69.748667][ T5325] page_owner tracks the page as allocated
[ 69.751000][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370448979, free_ts 0
[ 69.757364][ T5325] post_alloc_hook+0x1f4/0x240
[ 69.759358][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 69.761614][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 69.764085][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 69.766404][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 69.768855][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 69.770865][ T5325] do_xdp_generic+0x505/0xd30
[ 69.772892][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.774834][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.776868][ T5325] vfs_write+0xacf/0xd10
[ 69.778600][ T5325] ksys_write+0x18f/0x2b0
[ 69.780370][ T5325] do_syscall_64+0xf3/0x230
[ 69.782214][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.784616][ T5325] page_owner free stack trace missing
[ 69.786853][ T5325] Modules linked in:
[ 69.788494][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 69.788512][ T5325] Tainted: [B]=BAD_PAGE
[ 69.788516][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.788524][ T5325] Call Trace:
[ 69.788531][ T5325] <TASK>
[ 69.788537][ T5325] dump_stack_lvl+0x241/0x360
[ 69.788553][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.788565][ T5325] ? __pfx_print_modules+0x10/0x10
[ 69.788584][ T5325] bad_page+0x176/0x1d0
[ 69.788599][ T5325] free_frozen_pages+0x1082/0x10e0
[ 69.788618][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 69.788639][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 69.788653][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 69.788664][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 69.788689][ T5325] do_xdp_generic+0x757/0xd30
[ 69.788701][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 69.788715][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 69.788730][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 69.788743][ T5325] ? tun_get_user+0x2914/0x4860
[ 69.788761][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.788781][ T5325] ? __lock_acquire+0x1397/0x2100
[ 69.788798][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 69.788819][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 69.788836][ T5325] ? tun_get+0x1e/0x2f0
[ 69.788850][ T5325] ? __pfx_lock_release+0x10/0x10
[ 69.788875][ T5325] ? tun_get+0x1e/0x2f0
[ 69.788890][ T5325] ? tun_get+0x27d/0x2f0
[ 69.788905][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.788923][ T5325] vfs_write+0xacf/0xd10
[ 69.788936][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 69.788953][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 69.788965][ T5325] ? __fget_files+0x2a/0x420
[ 69.788982][ T5325] ? __fget_files+0x2a/0x420
[ 69.788999][ T5325] ksys_write+0x18f/0x2b0
[ 69.789011][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 69.789023][ T5325] ? exc_page_fault+0x590/0x8b0
[ 69.789039][ T5325] ? do_syscall_64+0xb6/0x230
[ 69.789054][ T5325] do_syscall_64+0xf3/0x230
[ 69.789069][ T5325] ? clear_bhb_loop+0x35/0x90
[ 69.789086][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.789100][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 69.789112][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 69.789122][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 69.789134][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 69.789142][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 69.789149][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.789157][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 69.789163][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 69.789175][ T5325] </TASK>
[ 69.789184][ T5325] BUG: Bad page state in process syz.0.0 pfn:45c4b
[ 69.904584][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45c4b
[ 69.908180][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 69.910946][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 69.914227][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 69.917563][ T5325] page dumped because: page_pool leak
[ 69.919703][ T5325] page_owner tracks the page as allocated
[ 69.921867][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370441761, free_ts 66823904665
[ 69.927993][ T5325] post_alloc_hook+0x1f4/0x240
[ 69.929845][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 69.931941][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 69.934010][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 69.936069][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 69.938399][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 69.940326][ T5325] do_xdp_generic+0x505/0xd30
[ 69.942135][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.944069][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.946040][ T5325] vfs_write+0xacf/0xd10
[ 69.947707][ T5325] ksys_write+0x18f/0x2b0
[ 69.949390][ T5325] do_syscall_64+0xf3/0x230
[ 69.951126][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.953458][ T5325] page last free pid 5307 tgid 5307 stack trace:
[ 69.955706][ T5325] free_frozen_pages+0xe0d/0x10e0
[ 69.957484][ T5325] stack_depot_save_flags+0x7c6/0x940
[ 69.959358][ T5325] kasan_save_track+0x51/0x80
[ 69.961026][ T5325] kasan_save_free_info+0x40/0x50
[ 69.962964][ T5325] __kasan_slab_free+0x59/0x70
[ 69.964774][ T5325] kmem_cache_free+0x195/0x410
[ 69.966605][ T5325] alloc_vmap_area+0x1629/0x2400
[ 69.968621][ T5325] __get_vm_area_node+0x1c8/0x2d0
[ 69.970577][ T5325] __vmalloc_node_range_noprof+0x344/0x1380
[ 69.972947][ T5325] vzalloc_noprof+0x79/0x90
[ 69.974728][ T5325] alloc_counters+0xd7/0x770
[ 69.976553][ T5325] do_ip6t_get_ctl+0xf1c/0x18d0
[ 69.978434][ T5325] nf_getsockopt+0x299/0x2c0
[ 69.980238][ T5325] ipv6_getsockopt+0x23e/0x360
[ 69.982078][ T5325] tcp_getsockopt+0x163/0x1c0
[ 69.983995][ T5325] do_sock_getsockopt+0x38e/0x740
[ 69.985947][ T5325] Modules linked in:
[ 69.987491][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 69.987508][ T5325] Tainted: [B]=BAD_PAGE
[ 69.987511][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.987518][ T5325] Call Trace:
[ 69.987524][ T5325] <TASK>
[ 69.987530][ T5325] dump_stack_lvl+0x241/0x360
[ 69.987544][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.987554][ T5325] ? __pfx_print_modules+0x10/0x10
[ 69.987572][ T5325] bad_page+0x176/0x1d0
[ 69.987584][ T5325] free_frozen_pages+0x1082/0x10e0
[ 69.987606][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 69.987625][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 69.987639][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 69.987649][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 69.987672][ T5325] do_xdp_generic+0x757/0xd30
[ 69.987684][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 69.987695][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 69.987710][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 69.987724][ T5325] ? tun_get_user+0x2914/0x4860
[ 69.987740][ T5325] tun_get_user+0x2a4b/0x4860
[ 69.987759][ T5325] ? __lock_acquire+0x1397/0x2100
[ 69.987776][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 69.987795][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 69.987809][ T5325] ? tun_get+0x1e/0x2f0
[ 69.987823][ T5325] ? __pfx_lock_release+0x10/0x10
[ 69.987841][ T5325] ? tun_get+0x1e/0x2f0
[ 69.987861][ T5325] ? tun_get+0x27d/0x2f0
[ 69.987876][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 69.987892][ T5325] vfs_write+0xacf/0xd10
[ 69.987904][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 69.987919][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 69.987930][ T5325] ? __fget_files+0x2a/0x420
[ 69.987945][ T5325] ? __fget_files+0x2a/0x420
[ 69.987960][ T5325] ksys_write+0x18f/0x2b0
[ 69.987971][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 69.987981][ T5325] ? exc_page_fault+0x590/0x8b0
[ 69.987995][ T5325] ? do_syscall_64+0xb6/0x230
[ 69.988009][ T5325] do_syscall_64+0xf3/0x230
[ 69.988022][ T5325] ? clear_bhb_loop+0x35/0x90
[ 69.988037][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.988052][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 69.988061][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 69.988070][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 69.988081][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 69.988089][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 69.988096][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.988102][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 69.988108][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 69.988119][ T5325] </TASK>
[ 69.988128][ T5325] BUG: Bad page state in process syz.0.0 pfn:45c4a
[ 70.100925][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45c4a
[ 70.104291][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 70.107206][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 70.110575][ T5325] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 70.114111][ T5325] page dumped because: page_pool leak
[ 70.116362][ T5325] page_owner tracks the page as allocated
[ 70.118620][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370433959, free_ts 66823904665
[ 70.125148][ T5325] post_alloc_hook+0x1f4/0x240
[ 70.127034][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 70.129138][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 70.131439][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 70.133640][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 70.135946][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 70.137752][ T5325] do_xdp_generic+0x505/0xd30
[ 70.139428][ T5325] tun_get_user+0x2a4b/0x4860
[ 70.141154][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 70.143092][ T5325] vfs_write+0xacf/0xd10
[ 70.144654][ T5325] ksys_write+0x18f/0x2b0
[ 70.146252][ T5325] do_syscall_64+0xf3/0x230
[ 70.147889][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.150098][ T5325] page last free pid 5307 tgid 5307 stack trace:
[ 70.152429][ T5325] free_frozen_pages+0xe0d/0x10e0
[ 70.154337][ T5325] stack_depot_save_flags+0x7c6/0x940
[ 70.156165][ T5325] kasan_save_track+0x51/0x80
[ 70.157980][ T5325] kasan_save_free_info+0x40/0x50
[ 70.160009][ T5325] __kasan_slab_free+0x59/0x70
[ 70.162050][ T5325] kmem_cache_free+0x195/0x410
[ 70.164110][ T5325] alloc_vmap_area+0x1629/0x2400
[ 70.166097][ T5325] __get_vm_area_node+0x1c8/0x2d0
[ 70.168115][ T5325] __vmalloc_node_range_noprof+0x344/0x1380
[ 70.170513][ T5325] vzalloc_noprof+0x79/0x90
[ 70.172346][ T5325] alloc_counters+0xd7/0x770
[ 70.174263][ T5325] do_ip6t_get_ctl+0xf1c/0x18d0
[ 70.176285][ T5325] nf_getsockopt+0x299/0x2c0
[ 70.178144][ T5325] ipv6_getsockopt+0x23e/0x360
[ 70.180021][ T5325] tcp_getsockopt+0x163/0x1c0
[ 70.181833][ T5325] do_sock_getsockopt+0x38e/0x740
[ 70.183935][ T5325] Modules linked in:
[ 70.185569][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 70.185587][ T5325] Tainted: [B]=BAD_PAGE
[ 70.185599][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.185606][ T5325] Call Trace:
[ 70.185638][ T5325] <TASK>
[ 70.185650][ T5325] dump_stack_lvl+0x241/0x360
[ 70.185665][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.185676][ T5325] ? __pfx_print_modules+0x10/0x10
[ 70.185694][ T5325] bad_page+0x176/0x1d0
[ 70.185708][ T5325] free_frozen_pages+0x1082/0x10e0
[ 70.185726][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 70.185767][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 70.185781][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 70.185790][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 70.185815][ T5325] do_xdp_generic+0x757/0xd30
[ 70.185826][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 70.185842][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 70.185855][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 70.185868][ T5325] ? tun_get_user+0x2914/0x4860
[ 70.185885][ T5325] tun_get_user+0x2a4b/0x4860
[ 70.185914][ T5325] ? __lock_acquire+0x1397/0x2100
[ 70.185931][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 70.185949][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 70.185975][ T5325] ? tun_get+0x1e/0x2f0
[ 70.185990][ T5325] ? __pfx_lock_release+0x10/0x10
[ 70.186007][ T5325] ? tun_get+0x1e/0x2f0
[ 70.186021][ T5325] ? tun_get+0x27d/0x2f0
[ 70.186035][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 70.186051][ T5325] vfs_write+0xacf/0xd10
[ 70.186063][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 70.186078][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 70.186093][ T5325] ? __fget_files+0x2a/0x420
[ 70.186108][ T5325] ? __fget_files+0x2a/0x420
[ 70.186128][ T5325] ksys_write+0x18f/0x2b0
[ 70.186138][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 70.186148][ T5325] ? exc_page_fault+0x590/0x8b0
[ 70.186161][ T5325] ? do_syscall_64+0xb6/0x230
[ 70.186175][ T5325] do_syscall_64+0xf3/0x230
[ 70.186189][ T5325] ? clear_bhb_loop+0x35/0x90
[ 70.186205][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.186219][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 70.186302][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 70.186313][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 70.186325][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 70.186333][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 70.186340][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 70.186346][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 70.186352][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 70.186362][ T5325] </TASK>
[ 70.186384][ T5325] BUG: Bad page state in process syz.0.0 pfn:40bdb
[ 70.298093][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888040bdb3e0 pfn:0x40bdb
[ 70.302070][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 70.304940][ T5325] raw: 04fff00000000000 dead000000000040 ffff88801d5e9000 0000000000000000
[ 70.308260][ T5325] raw: ffff888040bdb3e0 0000000000000001 00000000ffffffff 0000000000000000
[ 70.311758][ T5325] page dumped because: page_pool leak
[ 70.313995][ T5325] page_owner tracks the page as allocated
[ 70.316277][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 5325, tgid 5324 (syz.0.0), ts 68370426513, free_ts 66502789670
[ 70.322904][ T5325] post_alloc_hook+0x1f4/0x240
[ 70.325023][ T5325] get_page_from_freelist+0x365c/0x37a0
[ 70.327560][ T5325] __alloc_frozen_pages_noprof+0x292/0x710
[ 70.330197][ T5325] alloc_pages_bulk_noprof+0x847/0xae0
[ 70.332437][ T5325] __page_pool_alloc_pages_slow+0x11f/0x690
[ 70.334893][ T5325] skb_pp_cow_data+0xcc8/0x1720
[ 70.336769][ T5325] do_xdp_generic+0x505/0xd30
[ 70.338562][ T5325] tun_get_user+0x2a4b/0x4860
[ 70.340423][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 70.342412][ T5325] vfs_write+0xacf/0xd10
[ 70.344246][ T5325] ksys_write+0x18f/0x2b0
[ 70.346078][ T5325] do_syscall_64+0xf3/0x230
[ 70.347994][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.350384][ T5325] page last free pid 5307 tgid 5307 stack trace:
[ 70.353000][ T5325] free_frozen_pages+0xe0d/0x10e0
[ 70.355063][ T5325] __put_partials+0x160/0x1c0
[ 70.357027][ T5325] put_cpu_partial+0x17c/0x250
[ 70.358948][ T5325] __slab_free+0x290/0x380
[ 70.360748][ T5325] qlist_free_all+0x9a/0x140
[ 70.362636][ T5325] kasan_quarantine_reduce+0x14f/0x170
[ 70.364962][ T5325] __kasan_slab_alloc+0x23/0x80
[ 70.367030][ T5325] kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 70.369337][ T5325] __alloc_skb+0x1c3/0x440
[ 70.371115][ T5325] netlink_sendmsg+0x623/0xca0
[ 70.373043][ T5325] __sock_sendmsg+0x221/0x270
[ 70.374951][ T5325] __sys_sendto+0x363/0x4c0
[ 70.376764][ T5325] __x64_sys_sendto+0xde/0x100
[ 70.378682][ T5325] do_syscall_64+0xf3/0x230
[ 70.380580][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.383119][ T5325] Modules linked in:
[ 70.384805][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0
[ 70.384822][ T5325] Tainted: [B]=BAD_PAGE
[ 70.384826][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.384833][ T5325] Call Trace:
[ 70.384839][ T5325] <TASK>
[ 70.384844][ T5325] dump_stack_lvl+0x241/0x360
[ 70.384858][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.384867][ T5325] ? __pfx_print_modules+0x10/0x10
[ 70.384884][ T5325] bad_page+0x176/0x1d0
[ 70.384897][ T5325] free_frozen_pages+0x1082/0x10e0
[ 70.384914][ T5325] bpf_xdp_frags_shrink_tail+0x3b3/0x780
[ 70.384932][ T5325] bpf_xdp_adjust_tail+0x1c6/0x210
[ 70.384947][ T5325] bpf_prog_f476d5219b92964a+0x1e/0x20
[ 70.384963][ T5325] bpf_prog_run_generic_xdp+0x12af/0x1510
[ 70.384985][ T5325] do_xdp_generic+0x757/0xd30
[ 70.384997][ T5325] ? __pfx_do_xdp_generic+0x10/0x10
[ 70.385009][ T5325] ? __local_bh_disable_ip+0x179/0x220
[ 70.385023][ T5325] ? __pfx_eth_type_trans+0x10/0x10
[ 70.385036][ T5325] ? tun_get_user+0x2914/0x4860
[ 70.385053][ T5325] tun_get_user+0x2a4b/0x4860
[ 70.385071][ T5325] ? __lock_acquire+0x1397/0x2100
[ 70.385089][ T5325] ? __pfx_tun_get_user+0x10/0x10
[ 70.385109][ T5325] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 70.385123][ T5325] ? tun_get+0x1e/0x2f0
[ 70.385137][ T5325] ? __pfx_lock_release+0x10/0x10
[ 70.385154][ T5325] ? tun_get+0x1e/0x2f0
[ 70.385168][ T5325] ? tun_get+0x27d/0x2f0
[ 70.385183][ T5325] tun_chr_write_iter+0x10d/0x1f0
[ 70.385199][ T5325] vfs_write+0xacf/0xd10
[ 70.385211][ T5325] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 70.385225][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 70.385236][ T5325] ? __fget_files+0x2a/0x420
[ 70.385251][ T5325] ? __fget_files+0x2a/0x420
[ 70.385266][ T5325] ksys_write+0x18f/0x2b0
[ 70.385278][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 70.385288][ T5325] ? exc_page_fault+0x590/0x8b0
[ 70.385301][ T5325] ? do_syscall_64+0xb6/0x230
[ 70.385315][ T5325] do_syscall_64+0xf3/0x230
[ 70.385329][ T5325] ? clear_bhb_loop+0x35/0x90
[ 70.385344][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.385359][ T5325] RIP: 0033:0x7f6df9b8bc1f
[ 70.385369][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 70.385378][ T5325] RSP: 002b:00007f6dfaab6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 70.385389][ T5325] RAX: ffffffffffffffda RBX: 00007f6df9da5fa0 RCX: 00007f6df9b8bc1f
[ 70.385396][ T5325] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 70.385403][ T5325] RBP: 00007f6df9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 70.385409][ T5325] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 70.385416][ T5325] R13: 0000000000000000 R14: 00007f6df9da5fa0 R15: 00007ffeaa968ba8
[ 70.385426][ T5325] </TASK>
[ 70.523285][ T5310] Bluetooth: hci0: command tx timeout