./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor302512332

<...>
Warning: Permanently added '10.128.0.22' (ECDSA) to the list of known hosts.
execve("./syz-executor302512332", ["./syz-executor302512332"], 0x7fffc0597c30 /* 10 vars */) = 0
brk(NULL)                               = 0x555555571000
brk(0x555555571c40)                     = 0x555555571c40
arch_prctl(ARCH_SET_FS, 0x555555571300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x5555555715d0)         = 3611
set_robust_list(0x5555555715e0, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f79a63245f0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f79a6324cc0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f79a6324690, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f79a6324cc0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor302512332", 4096) = 27
brk(0x555555592c40)                     = 0x555555592c40
brk(0x555555593000)                     = 0x555555593000
mprotect(0x7f79a63e6000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3612 attached
, child_tidptr=0x5555555715d0) = 3612
[pid  3612] set_robust_list(0x5555555715e0, 24) = 0
[pid  3612] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  3612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3612] setsid()                    = 1
[pid  3612] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  3612] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  3612] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  3612] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  3612] prlimit64(0, RLIMIT_CORE, {rlim_cur=0, rlim_max=0}, NULL) = 0
[pid  3612] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  3612] unshare(CLONE_NEWNS)        = 0
[pid  3612] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  3612] unshare(CLONE_NEWIPC)       = 0
[pid  3612] unshare(CLONE_NEWCGROUP)    = 0
[pid  3612] unshare(CLONE_NEWUTS)       = 0
[pid  3612] unshare(CLONE_SYSVSEM)      = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "16777216", 8)     = 8
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "536870912", 9)    = 9
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "1024", 4)         = 4
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "8192", 4)         = 4
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "1024", 4)         = 4
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "1024", 4)         = 4
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "1024 1048576 500 1024", 21) = 21
[pid  3612] close(3)                    = 0
[pid  3612] getpid()                    = 1
[pid  3612] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3612] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  3612] unshare(CLONE_NEWNET)       = 0
[pid  3612] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "0 65535", 7)      = 7
[pid  3612] close(3)                    = 0
[pid  3612] mkdir("/dev/binderfs", 0777) = 0
[pid  3612] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  3612] symlink("/dev/binderfs", "./binderfs") = 0
[pid  3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3613 attached
, child_tidptr=0x5555555715d0) = 2
[pid  3613] set_robust_list(0x5555555715e0, 24) = 0
[pid  3613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3613] setpgid(0, 0)               = 0
[pid  3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3613] write(3, "1000", 4)         = 4
[pid  3613] close(3)                    = 0
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f79a62f4000
[pid  3613] mprotect(0x7f79a62f5000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3613] clone(child_stack=0x7f79a63143f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3614 attached
 <unfinished ...>
[pid  3614] set_robust_list(0x7f79a63149e0, 24 <unfinished ...>
[pid  3613] <... clone resumed>, parent_tid=[3], tls=0x7f79a6314700, child_tidptr=0x7f79a63149d0) = 3
[pid  3614] <... set_robust_list resumed>) = 0
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3614] openat(AT_FDCWD, "/dev/net/tun", O_RDONLY) = 3
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] <... futex resumed>)        = 0
[pid  3614] ioctl(3, TUNSETIFF, 0x20000200 <unfinished ...>
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3614] <... ioctl resumed>)        = 0
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] <... futex resumed>)        = 0
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE <unfinished ...>
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3614] <... socket resumed>)       = 4
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] <... futex resumed>)        = 0
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3614] socket(AF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL)) = 5
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] <... futex resumed>)        = 0
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3614] ioctl(5, SIOCGIFINDEX, {ifr_name="rose0", ifr_ifindex=11}) = 0
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] <... futex resumed>)        = 0
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] ioctl(3, TUNSETQUEUE, 0x20000340 <unfinished ...>
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  3614] <... ioctl resumed>)        = 0
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  3613] <... futex resumed>)        = 0
[pid  3613] futex(0x7f79a63ec428, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3614] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x34\x00\x00\x00\x11\x00\x01\xe9\x0d\x7d\x1f\xc7\x4e\x1b\xed\x42\xec\x45\xb2\xfc\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=52}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 <unfinished ...>
[pid  3613] futex(0x7f79a63ec42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  3613] futex(0x7f79a63ec43c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f79a62d3000
[pid  3613] mprotect(0x7f79a62d4000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  3613] clone(child_stack=0x7f79a62f33f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[4], tls=0x7f79a62f3700, child_tidptr=0x7f79a62f39d0) = 4
[pid  3613] futex(0x7f79a63ec438, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  3613] futex(0x7f79a63ec43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3615 attached
 <unfinished ...>
[pid  3615] set_robust_list(0x7f79a62f39e0, 24) = 0
[   48.371930][ T3614] netlink: 20 bytes leftover after parsing attributes in process `syz-executor302'.
[pid  3615] ioctl(3, TUNSETIFF, 0x20000200 <unfinished ...>
[pid  3614] <... sendmsg resumed>)      = 52
[pid  3614] futex(0x7f79a63ec42c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   48.427548][ T3615] ------------[ cut here ]------------
[   48.427556][ T3615] WARNING: CPU: 1 PID: 3615 at net/core/dev.c:6357 netif_napi_add_weight+0x7e8/0x9e0
[   48.443026][ T3615] Modules linked in:
[   48.447022][ T3615] CPU: 1 PID: 3615 Comm: syz-executor302 Not tainted 5.19.0-rc3-syzkaller-00038-gca1fdab7fd27 #0
[   48.457618][ T3615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   48.467762][ T3615] RIP: 0010:netif_napi_add_weight+0x7e8/0x9e0
[pid  3614] futex(0x7f79a63ec428, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  3613] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[   48.473960][ T3615] Code: b6 04 02 48 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 a4 00 00 00 48 8b 04 24 80 a0 b1 0b 00 00 fd e9 6c fd ff ff e8 78 20 27 fa <0f> 0b e9 60 fd ff ff e8 2c e4 73 fa e9 4c fe ff ff e8 12 e4 73 fa
[   48.493714][ T3615] RSP: 0018:ffffc90002fdfb18 EFLAGS: 00010293
[   48.499978][ T3615] RAX: 0000000000000000 RBX: ffff88801fc6a001 RCX: 0000000000000000
[   48.508609][ T3615] RDX: ffff8880257e8000 RSI: ffffffff87535508 RDI: 0000000000000001
[   48.517256][ T3615] RBP: ffff88801fc6a5d8 R08: 0000000000000001 R09: 0000000000000000
[   48.526016][ T3615] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801fc6a5e8
[   48.534105][ T3615] R13: ffff88801fc6a5d8 R14: ffff88801d6ecc80 R15: 0000000000000000
[   48.542152][ T3615] FS:  00007f79a62f3700(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[   48.551214][ T3615] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   48.557901][ T3615] CR2: 00007f79a62f3718 CR3: 000000001d926000 CR4: 00000000003506e0
[   48.565973][ T3615] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   48.574018][ T3615] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   48.581996][ T3615] Call Trace:
[   48.585361][ T3615]  <TASK>
[   48.588305][ T3615]  ? owner_show+0x130/0x130
[   48.592803][ T3615]  ? __xdp_rxq_info_reg+0x189/0x340
[   48.598065][ T3615]  tun_attach.isra.0+0x1096/0x16c0
[   48.603231][ T3615]  tun_net_init+0x45e/0x660
[   48.607847][ T3615]  ? tun_attach.isra.0+0x16c0/0x16c0
[   48.613160][ T3615]  register_netdevice+0x57d/0x15b0
[   48.618375][ T3615]  ? netdev_change_features+0xb0/0xb0
[   48.623777][ T3615]  ? dev_addr_mod+0x2c9/0x3f0
[   48.623924][ T3615]  __tun_chr_ioctl+0x2a19/0x3da0
[   48.623960][ T3615]  ? tun_chr_read_iter+0x270/0x270
[   48.623988][ T3615]  ? calibrate_delay+0xd83/0x1120
[   48.624023][ T3615]  ? __fget_files+0x26a/0x440
[   48.624057][ T3615]  ? bpf_lsm_file_ioctl+0x5/0x10
[   48.624086][ T3615]  ? tun_chr_compat_ioctl+0x30/0x30
[   48.624113][ T3615]  __x64_sys_ioctl+0x193/0x200
[   48.624145][ T3615]  do_syscall_64+0x35/0xb0
[   48.624174][ T3615]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[   48.624202][ T3615] RIP: 0033:0x7f79a6362da9
[   48.624223][ T3615] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   48.624247][ T3615] RSP: 002b:00007f79a62f3308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   48.624274][ T3615] RAX: ffffffffffffffda RBX: 00007f79a63ec438 RCX: 00007f79a6362da9
[   48.624292][ T3615] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000003
[   48.624309][ T3615] RBP: 00007f79a63ec430 R08: 00007f79a62f3700 R09: 0000000000000000
[   48.624326][ T3615] R10: 00007f79a62f3700 R11: 0000000000000246 R12: 00007f79a63ec43c
[   48.624343][ T3615] R13: 00007f79a63b918c R14: 74656e2f7665642f R15: 0000000000022000
[   48.624378][ T3615]  </TASK>
[   48.624396][ T3615] Kernel panic - not syncing: panic_on_warn set ...
[   48.624407][ T3615] CPU: 1 PID: 3615 Comm: syz-executor302 Not tainted 5.19.0-rc3-syzkaller-00038-gca1fdab7fd27 #0
[   48.624431][ T3615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   48.624444][ T3615] Call Trace:
[   48.624452][ T3615]  <TASK>
[   48.624460][ T3615]  dump_stack_lvl+0xcd/0x134
[   48.624487][ T3615]  panic+0x2d7/0x64a
[   48.624509][ T3615]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   48.624543][ T3615]  ? __warn.cold+0x1d9/0x2cd
[   48.624568][ T3615]  ? netif_napi_add_weight+0x7e8/0x9e0
[   48.624597][ T3615]  __warn.cold+0x1ea/0x2cd
[   48.624620][ T3615]  ? netif_napi_add_weight+0x7e8/0x9e0
[   48.624647][ T3615]  report_bug+0x1bc/0x210
[   48.624680][ T3615]  handle_bug+0x3c/0x60
[   48.624704][ T3615]  exc_invalid_op+0x14/0x40
[   48.624731][ T3615]  asm_exc_invalid_op+0x1b/0x20
[   48.624754][ T3615] RIP: 0010:netif_napi_add_weight+0x7e8/0x9e0
[   48.624782][ T3615] Code: b6 04 02 48 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 a4 00 00 00 48 8b 04 24 80 a0 b1 0b 00 00 fd e9 6c fd ff ff e8 78 20 27 fa <0f> 0b e9 60 fd ff ff e8 2c e4 73 fa e9 4c fe ff ff e8 12 e4 73 fa
[   48.624802][ T3615] RSP: 0018:ffffc90002fdfb18 EFLAGS: 00010293
[   48.624822][ T3615] RAX: 0000000000000000 RBX: ffff88801fc6a001 RCX: 0000000000000000
[   48.624837][ T3615] RDX: ffff8880257e8000 RSI: ffffffff87535508 RDI: 0000000000000001
[   48.624852][ T3615] RBP: ffff88801fc6a5d8 R08: 0000000000000001 R09: 0000000000000000
[   48.624867][ T3615] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801fc6a5e8
[   48.624881][ T3615] R13: ffff88801fc6a5d8 R14: ffff88801d6ecc80 R15: 0000000000000000
[   48.624907][ T3615]  ? netif_napi_add_weight+0x7e8/0x9e0
[   48.624937][ T3615]  ? netif_napi_add_weight+0x7e8/0x9e0
[   48.624965][ T3615]  ? owner_show+0x130/0x130
[   48.624984][ T3615]  ? __xdp_rxq_info_reg+0x189/0x340
[   48.625013][ T3615]  tun_attach.isra.0+0x1096/0x16c0
[   48.625066][ T3615]  tun_net_init+0x45e/0x660
[   48.625089][ T3615]  ? tun_attach.isra.0+0x16c0/0x16c0
[   48.625114][ T3615]  register_netdevice+0x57d/0x15b0
[   48.625142][ T3615]  ? netdev_change_features+0xb0/0xb0
[   48.625167][ T3615]  ? dev_addr_mod+0x2c9/0x3f0
[   48.625194][ T3615]  __tun_chr_ioctl+0x2a19/0x3da0
[   48.625224][ T3615]  ? tun_chr_read_iter+0x270/0x270
[   48.625250][ T3615]  ? calibrate_delay+0xd83/0x1120
[   48.625281][ T3615]  ? __fget_files+0x26a/0x440
[   48.625311][ T3615]  ? bpf_lsm_file_ioctl+0x5/0x10
[   48.625337][ T3615]  ? tun_chr_compat_ioctl+0x30/0x30
[   48.625362][ T3615]  __x64_sys_ioctl+0x193/0x200
[   48.625396][ T3615]  do_syscall_64+0x35/0xb0
[   48.625421][ T3615]  entry_SYSCALL_64_after_hwframe+0x46/0xb0
[   48.625447][ T3615] RIP: 0033:0x7f79a6362da9
[   48.625464][ T3615] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   48.625485][ T3615] RSP: 002b:00007f79a62f3308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   48.625507][ T3615] RAX: ffffffffffffffda RBX: 00007f79a63ec438 RCX: 00007f79a6362da9
[   48.625523][ T3615] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000003
[   48.625538][ T3615] RBP: 00007f79a63ec430 R08: 00007f79a62f3700 R09: 0000000000000000
[   48.625553][ T3615] R10: 00007f79a62f3700 R11: 0000000000000246 R12: 00007f79a63ec43c
[   48.625568][ T3615] R13: 00007f79a63b918c R14: 74656e2f7665642f R15: 0000000000022000
[   48.625600][ T3615]  </TASK>
[   49.083261][ T3615] Kernel Offset: disabled
[   49.087638][ T3615] Rebooting in 86400 seconds..