DUID 00:04:b0:7e:30:9f:4d:11:81:da:bf:2d:3d:77:4c:17:c1:ba
forked to background, child pid 3181
[   38.213042][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.236900][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.43' (ECDSA) to the list of known hosts.
syzkaller login: [   57.873125][ T3605] chnl_net:caif_netlink_parms(): no params data found
[   57.916067][ T3605] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.923432][ T3605] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.931871][ T3605] device bridge_slave_0 entered promiscuous mode
[   57.940585][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.947837][ T3605] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.955723][ T3605] device bridge_slave_1 entered promiscuous mode
[   57.975452][ T3605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.986424][ T3605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.008106][ T3605] team0: Port device team_slave_0 added
[   58.015370][ T3605] team0: Port device team_slave_1 added
[   58.032077][ T3605] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.039038][ T3605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.065190][ T3605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.077644][ T3605] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.084670][ T3605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.110672][ T3605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.136287][ T3605] device hsr_slave_0 entered promiscuous mode
[   58.143293][ T3605] device hsr_slave_1 entered promiscuous mode
[   58.222786][ T3605] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   58.234079][ T3605] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   58.242660][ T3605] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   58.252176][ T3605] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   58.272940][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.280097][ T3605] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.287805][ T3605] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.294868][ T3605] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.340262][ T3605] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.353460][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.363000][ T3611] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.371389][ T3611] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.380381][ T3611] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   58.392524][ T3605] 8021q: adding VLAN 0 to HW filter on device team0
[   58.403436][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.412083][ T3267] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.419186][ T3267] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.435316][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.443629][ T3267] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.450729][ T3267] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.466741][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   58.475525][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   58.494208][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   58.502584][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.510875][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.519789][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   58.538614][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   58.546040][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   58.559842][ T3605] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.578032][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.596750][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.605158][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.612687][ T3267] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.624031][ T3605] device veth0_vlan entered promiscuous mode
[   58.635771][ T3605] device veth1_vlan entered promiscuous mode
[   58.657005][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   58.665604][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   58.674370][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.685417][ T3605] device veth0_macvtap entered promiscuous mode
[   58.694869][ T3605] device veth1_macvtap entered promiscuous mode
[   58.712048][ T3605] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.719647][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.728743][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   58.740863][ T3605] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.749154][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   58.760646][ T3605] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.770403][ T3605] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.779252][ T3605] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.788211][ T3605] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.831356][ T3615] FAULT_INJECTION: forcing a failure.
[   58.831356][ T3615] name failslab, interval 1, probability 0, space 0, times 1
[   58.844245][ T3615] CPU: 0 PID: 3615 Comm: syz-executor556 Not tainted 5.16.0-rc4-syzkaller #0
[   58.852996][ T3615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.863031][ T3615] Call Trace:
[   58.866293][ T3615]  <TASK>
[   58.869207][ T3615]  dump_stack_lvl+0xcd/0x134
[   58.873803][ T3615]  should_fail.cold+0x5/0xa
[   58.878292][ T3615]  ? __build_skb+0x21/0x60
[   58.882689][ T3615]  should_failslab+0x5/0x10
[   58.887175][ T3615]  kmem_cache_alloc+0x5e/0x3a0
[   58.891924][ T3615]  __build_skb+0x21/0x60
[   58.896149][ T3615]  build_skb+0x1e/0x190
[   58.900288][ T3615]  __tun_build_skb+0x2c/0x260
[   58.904952][ T3615]  tun_build_skb+0x5d8/0x1010
[   58.909617][ T3615]  ? tun_xdp_act+0x8a0/0x8a0
[   58.914191][ T3615]  ? __lock_acquire+0xbc2/0x54a0
[   58.919126][ T3615]  tun_get_user+0x802/0x36d0
[   58.923721][ T3615]  ? tun_build_skb+0x1010/0x1010
[   58.928649][ T3615]  ? lock_downgrade+0x6e0/0x6e0
[   58.933503][ T3615]  tun_chr_write_iter+0xdd/0x1a0
[   58.938441][ T3615]  new_sync_write+0x429/0x660
[   58.943115][ T3615]  ? new_sync_read+0x6e0/0x6e0
[   58.947870][ T3615]  ? x86_pmu_start+0x50/0x270
[   58.952542][ T3615]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   58.958772][ T3615]  ? security_file_permission+0xab/0xd0
[   58.964308][ T3615]  vfs_write+0x7cd/0xae0
[   58.968534][ T3615]  ksys_write+0x12d/0x250
[   58.972851][ T3615]  ? __ia32_sys_read+0xb0/0xb0
[   58.977596][ T3615]  ? syscall_enter_from_user_mode+0x21/0x70
[   58.983476][ T3615]  do_syscall_64+0x35/0xb0
[   58.987876][ T3615]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   58.993752][ T3615] RIP: 0033:0x7f118d3afd83
[   58.998152][ T3615] Code: e9 0e ec ff ff bf 01 00 00 00 e8 a8 6f 00 00 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   59.017739][ T3615] RSP: 002b:00007ffcb2b40ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   59.026131][ T3615] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f118d3afd83
[   59.034081][ T3615] RDX: 000000000000000e RSI: 0000000020000100 RDI: 00000000000000c8
[   59.042031][ T3615] RBP: 00007ffcb2b40b00 R08: 0000000000000000 R09: 0000000000000001
[   59.049981][ T3615] R10: 00007ffcb2b40877 R11: 0000000000000246 R12: 0000000000000003
[   59.057931][ T3615] R13: 00007ffcb2b40b20 R14: 00007ffcb2b40b10 R15: 0000000000000003
[   59.065892][ T3615]  </TASK>
executing program
[   59.085454][ T3615] device syz_tun entered promiscuous mode
[   59.091819][ T3615] device batadv_slave_0 entered promiscuous mode
[   59.105835][ T3616] FAULT_INJECTION: forcing a failure.
[   59.105835][ T3616] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   59.120095][ T3616] CPU: 0 PID: 3616 Comm: syz-executor556 Not tainted 5.16.0-rc4-syzkaller #0
[   59.128873][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.138909][ T3616] Call Trace:
[   59.142171][ T3616]  <TASK>
[   59.145087][ T3616]  dump_stack_lvl+0xcd/0x134
[   59.149669][ T3616]  should_fail.cold+0x5/0xa
[   59.154159][ T3616]  prepare_alloc_pages+0x17b/0x570
[   59.159255][ T3616]  __alloc_pages+0x12f/0x500
[   59.163828][ T3616]  ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[   59.170579][ T3616]  ? local_lock_release+0x1d/0x60
[   59.175590][ T3616]  alloc_pages+0x1a7/0x300
[   59.179989][ T3616]  new_slab+0x32d/0x4a0
[   59.184128][ T3616]  ___slab_alloc+0x918/0xfe0
[   59.188700][ T3616]  ? __build_skb+0x21/0x60
[   59.193099][ T3616]  ? find_held_lock+0x2d/0x110
[   59.197846][ T3616]  ? __build_skb+0x21/0x60
[   59.202241][ T3616]  ? __slab_alloc.constprop.0+0x4d/0xa0
[   59.207770][ T3616]  ? __build_skb+0x21/0x60
[   59.212165][ T3616]  __slab_alloc.constprop.0+0x4d/0xa0
[   59.217525][ T3616]  ? __build_skb+0x21/0x60
[   59.221921][ T3616]  kmem_cache_alloc+0x35c/0x3a0
[   59.226756][ T3616]  __build_skb+0x21/0x60
[   59.230982][ T3616]  build_skb+0x1e/0x190
[   59.235120][ T3616]  __tun_build_skb+0x2c/0x260
[   59.239779][ T3616]  tun_build_skb+0x5d8/0x1010
[   59.244443][ T3616]  ? tun_xdp_act+0x8a0/0x8a0
[   59.249014][ T3616]  ? __lock_acquire+0xbc2/0x54a0
[   59.253939][ T3616]  tun_get_user+0x802/0x36d0
[   59.258520][ T3616]  ? tun_build_skb+0x1010/0x1010
[   59.263442][ T3616]  ? lock_downgrade+0x6e0/0x6e0
[   59.268282][ T3616]  tun_chr_write_iter+0xdd/0x1a0
[   59.273202][ T3616]  new_sync_write+0x429/0x660
[   59.277867][ T3616]  ? new_sync_read+0x6e0/0x6e0
[   59.282615][ T3616]  ? x86_pmu_start+0x50/0x270
[   59.287278][ T3616]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   59.293503][ T3616]  ? security_file_permission+0xab/0xd0
[   59.299038][ T3616]  vfs_write+0x7cd/0xae0
[   59.303265][ T3616]  ksys_write+0x12d/0x250
[   59.307577][ T3616]  ? __ia32_sys_read+0xb0/0xb0
[   59.312323][ T3616]  ? syscall_enter_from_user_mode+0x21/0x70
[   59.318198][ T3616]  do_syscall_64+0x35/0xb0
[   59.322599][ T3616]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   59.328476][ T3616] RIP: 0033:0x7f118d3afd83
[   59.332875][ T3616] Code: e9 0e ec ff ff bf 01 00 00 00 e8 a8 6f 00 00 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   59.352465][ T3616] RSP: 002b:00007ffcb2b40ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   59.360863][ T3616] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f118d3afd83
[   59.368816][ T3616] RDX: 000000000000000e RSI: 0000000020000100 RDI: 00000000000000c8
[   59.376767][ T3616] RBP: 00007ffcb2b40b00 R08: 0000000000000000 R09: 0000000000000001
[   59.384719][ T3616] R10: 00007ffcb2b40877 R11: 0000000000000246 R12: 0000000000000003
[   59.392667][ T3616] R13: 00007ffcb2b40b20 R14: 00007ffcb2b40b10 R15: 00007ffcb2b40aec
[   59.400630][ T3616]  </TASK>
executing program
[   59.469804][ T3617] FAULT_INJECTION: forcing a failure.
[   59.469804][ T3617] name failslab, interval 1, probability 0, space 0, times 0
[   59.482605][ T3617] CPU: 1 PID: 3617 Comm: syz-executor556 Not tainted 5.16.0-rc4-syzkaller #0
[   59.491356][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.501397][ T3617] Call Trace:
[   59.504666][ T3617]  <TASK>
[   59.507590][ T3617]  dump_stack_lvl+0xcd/0x134
[   59.512173][ T3617]  should_fail.cold+0x5/0xa
[   59.516664][ T3617]  ? sock_free_inode+0x20/0x20
[   59.521415][ T3617]  ? sock_alloc_inode+0x18/0x1c0
[   59.526339][ T3617]  should_failslab+0x5/0x10
[   59.530842][ T3617]  kmem_cache_alloc+0x5e/0x3a0
[   59.535605][ T3617]  ? sock_free_inode+0x20/0x20
[   59.540368][ T3617]  sock_alloc_inode+0x18/0x1c0
[   59.545125][ T3617]  ? sock_free_inode+0x20/0x20
[   59.549885][ T3617]  alloc_inode+0x61/0x230
[   59.554212][ T3617]  new_inode_pseudo+0x14/0xe0
[   59.558887][ T3617]  sock_alloc+0x3c/0x260
[   59.563125][ T3617]  __sock_create+0xb9/0x790
[   59.567625][ T3617]  ? __context_tracking_exit+0xb8/0xe0
[   59.573077][ T3617]  ? lock_downgrade+0x6e0/0x6e0
[   59.577930][ T3617]  __sys_socket+0xef/0x200
[   59.582349][ T3617]  ? compat_sock_ioctl+0x6d0/0x6d0
[   59.587468][ T3617]  __x64_sys_socket+0x6f/0xb0
[   59.592144][ T3617]  ? syscall_enter_from_user_mode+0x21/0x70
[   59.598033][ T3617]  do_syscall_64+0x35/0xb0
[   59.602449][ T3617]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   59.608338][ T3617] RIP: 0033:0x7f118d3ee4f9
[   59.612744][ T3617] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   59.632342][ T3617] RSP: 002b:00007ffcb2b40ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   59.640746][ T3617] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f118d3ee4f9
[   59.648708][ T3617] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010
[   59.656670][ T3617] RBP: 00007ffcb2b40b00 R08: 0000000000000001 R09: 000000000000000a
executing program
[   59.664626][ T3617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[   59.672584][ T3617] R13: 00007ffcb2b40b20 R14: 00007ffcb2b40b10 R15: 00007ffcb2b40aec
[   59.680559][ T3617]  </TASK>
[   59.687202][ T3617] socket: no more sockets
[   59.697985][ T3618] FAULT_INJECTION: forcing a failure.
[   59.697985][ T3618] name failslab, interval 1, probability 0, space 0, times 0
[   59.711290][ T3618] CPU: 1 PID: 3618 Comm: syz-executor556 Not tainted 5.16.0-rc4-syzkaller #0
[   59.720057][ T3618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.730094][ T3618] Call Trace:
[   59.733355][ T3618]  <TASK>
[   59.736272][ T3618]  dump_stack_lvl+0xcd/0x134
[   59.740964][ T3618]  should_fail.cold+0x5/0xa
[   59.745457][ T3618]  ? sock_free_inode+0x20/0x20
[   59.750207][ T3618]  ? sock_alloc_inode+0x18/0x1c0
[   59.755133][ T3618]  should_failslab+0x5/0x10
[   59.759642][ T3618]  kmem_cache_alloc+0x5e/0x3a0
[   59.764425][ T3618]  ? sock_free_inode+0x20/0x20
[   59.769197][ T3618]  sock_alloc_inode+0x18/0x1c0
[   59.773946][ T3618]  ? sock_free_inode+0x20/0x20
[   59.778700][ T3618]  alloc_inode+0x61/0x230
[   59.783019][ T3618]  new_inode_pseudo+0x14/0xe0
[   59.787682][ T3618]  sock_alloc+0x3c/0x260
[   59.791913][ T3618]  __sock_create+0xb9/0x790
[   59.796406][ T3618]  ? __context_tracking_exit+0xb8/0xe0
[   59.801862][ T3618]  ? lock_downgrade+0x6e0/0x6e0
[   59.806714][ T3618]  __sys_socket+0xef/0x200
[   59.811130][ T3618]  ? compat_sock_ioctl+0x6d0/0x6d0
[   59.816252][ T3618]  __x64_sys_socket+0x6f/0xb0
[   59.820929][ T3618]  ? syscall_enter_from_user_mode+0x21/0x70
[   59.826823][ T3618]  do_syscall_64+0x35/0xb0
[   59.831235][ T3618]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   59.837124][ T3618] RIP: 0033:0x7f118d3ee4f9
[   59.841533][ T3618] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   59.861136][ T3618] RSP: 002b:00007ffcb2b40ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   59.869544][ T3618] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f118d3ee4f9
[   59.877506][ T3618] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010
[   59.885483][ T3618] RBP: 00007ffcb2b40b00 R08: 0000000000000001 R09: 000000000000000a
[   59.893454][ T3618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[   59.901420][ T3618] R13: 00007ffcb2b40b20 R14: 00007ffcb2b40b10 R15: 00007ffcb2b40aec
[   59.909398][ T3618]  </TASK>
executing program
[   59.918324][ T3618] socket: no more sockets
[   59.929286][ T3619] FAULT_INJECTION: forcing a failure.
[   59.929286][ T3619] name failslab, interval 1, probability 0, space 0, times 0
[   59.941968][ T3619] CPU: 1 PID: 3619 Comm: syz-executor556 Not tainted 5.16.0-rc4-syzkaller #0
[   59.950763][ T3619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.960802][ T3619] Call Trace:
[   59.964066][ T3619]  <TASK>
[   59.966980][ T3619]  dump_stack_lvl+0xcd/0x134
[   59.971567][ T3619]  should_fail.cold+0x5/0xa
[   59.976056][ T3619]  should_failslab+0x5/0x10
[   59.980560][ T3619]  kmem_cache_alloc_node+0x65/0x3f0
[   59.985756][ T3619]  ? __alloc_skb+0x215/0x340
[   59.990335][ T3619]  __alloc_skb+0x215/0x340
[   59.994739][ T3619]  __pskb_copy_fclone+0xf8/0xca0
[   59.999665][ T3619]  hsr_get_untagged_frame+0x113/0x5a0
[   60.005026][ T3619]  ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[   60.011252][ T3619]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   60.017480][ T3619]  ? hsr_register_frame_out+0x1da/0x2a0
[   60.023013][ T3619]  hsr_forward_skb+0xc05/0x1bf0
[   60.027857][ T3619]  ? prp_drop_frame+0x150/0x150
[   60.032711][ T3619]  ? prp_fill_frame_info+0x6b0/0x6b0
[   60.038007][ T3619]  hsr_handle_frame+0x565/0x790
[   60.042853][ T3619]  ? hsr_handle_frame+0x700/0x790
[   60.047872][ T3619]  ? hsr_nl_nodedown+0x3a0/0x3a0
[   60.052804][ T3619]  __netif_receive_skb_core+0x9e1/0x3770
[   60.058446][ T3619]  ? do_xdp_generic+0x40/0x40
[   60.063128][ T3619]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   60.069106][ T3619]  ? find_held_lock+0x2d/0x110
[   60.073873][ T3619]  __netif_receive_skb_one_core+0xae/0x180
[   60.079676][ T3619]  ? __netif_receive_skb_core+0x3770/0x3770
[   60.085565][ T3619]  ? ktime_get_with_offset+0x3f2/0x500
[   60.091020][ T3619]  ? lockdep_hardirqs_on+0x79/0x100
[   60.096208][ T3619]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[   60.101924][ T3619]  ? ktime_get_with_offset+0x36d/0x500
[   60.107386][ T3619]  __netif_receive_skb+0x24/0x1b0
[   60.112412][ T3619]  netif_receive_skb+0x13e/0x8e0
[   60.117348][ T3619]  ? __netif_receive_skb+0x1b0/0x1b0
[   60.122629][ T3619]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   60.128615][ T3619]  tun_rx_batched.isra.0+0x460/0x720
[   60.133904][ T3619]  ? tun_net_open+0x120/0x120
[   60.138573][ T3619]  ? lock_release+0x720/0x720
[   60.143246][ T3619]  ? tun_get_user+0x23da/0x36d0
[   60.148092][ T3619]  ? lock_downgrade+0x6e0/0x6e0
[   60.152936][ T3619]  ? eth_type_trans+0x29e/0x640
[   60.157790][ T3619]  ? __local_bh_enable_ip+0xa0/0x120
[   60.163078][ T3619]  tun_get_user+0x24d0/0x36d0
[   60.167765][ T3619]  ? tun_build_skb+0x1010/0x1010
[   60.172701][ T3619]  ? lock_downgrade+0x6e0/0x6e0
[   60.177563][ T3619]  tun_chr_write_iter+0xdd/0x1a0
[   60.182499][ T3619]  new_sync_write+0x429/0x660
[   60.187176][ T3619]  ? new_sync_read+0x6e0/0x6e0
[   60.191938][ T3619]  ? x86_pmu_start+0x50/0x270
[   60.196629][ T3619]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   60.202865][ T3619]  ? security_file_permission+0xab/0xd0
[   60.208417][ T3619]  vfs_write+0x7cd/0xae0
[   60.212662][ T3619]  ksys_write+0x12d/0x250
[   60.216983][ T3619]  ? __ia32_sys_read+0xb0/0xb0
[   60.221743][ T3619]  ? syscall_enter_from_user_mode+0x21/0x70
[   60.227635][ T3619]  do_syscall_64+0x35/0xb0
[   60.232047][ T3619]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   60.237933][ T3619] RIP: 0033:0x7f118d3afd83
[   60.242341][ T3619] Code: e9 0e ec ff ff bf 01 00 00 00 e8 a8 6f 00 00 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   60.261942][ T3619] RSP: 002b:00007ffcb2b40ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   60.270347][ T3619] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f118d3afd83
[   60.278321][ T3619] RDX: 000000000000000e RSI: 0000000020000100 RDI: 00000000000000c8
[   60.286282][ T3619] RBP: 00007ffcb2b40b00 R08: 0000000000000000 R09: 0000000000000001
[   60.294244][ T3619] R10: 00007ffcb2b40877 R11: 0000000000000246 R12: 0000000000000003
[   60.302205][ T3619] R13: 00007ffcb2b40b20 R14: 00007ffcb2b40b10 R15: 00007ffcb2b40aec
[   60.310182][ T3619]  </TASK>
[   60.313272][ T3619] general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] PREEMPT SMP KASAN
[   60.324978][ T3619] KASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]
[   60.333374][ T3619] CPU: 1 PID: 3619 Comm: syz-executor556 Not tainted 5.16.0-rc4-syzkaller #0
[   60.342122][ T3619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.352161][ T3619] RIP: 0010:skb_clone+0x107/0x3c0
[   60.357180][ T3619] Code: 00 00 49 8b 5c 24 28 48 85 db 0f 85 ec 00 00 00 e8 fe a1 51 fa 4c 8d 7d 7e 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 <0f> b6 04 02 4c 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 d3 01 00 00
[   60.376775][ T3619] RSP: 0018:ffffc9000284f508 EFLAGS: 00010207
[   60.382830][ T3619] RAX: dffffc0000000000 RBX: ffffc9000284f610 RCX: 0000000000000000
[   60.390786][ T3619] RDX: 000000000000000f RSI: ffffffff872608f2 RDI: 0000000000000000
[   60.398742][ T3619] RBP: 0000000000000000 R08: 0000000000000140 R09: ffffffff8bcd1eb3
[   60.406701][ T3619] R10: fffffbfff179a3d6 R11: 0000000000000000 R12: ffff888019e03a00
[   60.414658][ T3619] R13: 0000000000000a20 R14: ffff888019e03ac8 R15: 000000000000007e
[   60.422614][ T3619] FS:  00005555570ab300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   60.431531][ T3619] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   60.438104][ T3619] CR2: 00007f118d423dd0 CR3: 00000000139e3000 CR4: 00000000003506e0
[   60.446061][ T3619] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   60.454017][ T3619] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   60.461972][ T3619] Call Trace:
[   60.465236][ T3619]  <TASK>
[   60.468155][ T3619]  hsr_get_untagged_frame+0x4e/0x5a0
[   60.473437][ T3619]  ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[   60.479669][ T3619]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   60.485905][ T3619]  ? hsr_register_frame_out+0x1da/0x2a0
[   60.491445][ T3619]  hsr_forward_skb+0xc05/0x1bf0
[   60.496292][ T3619]  ? prp_drop_frame+0x150/0x150
[   60.501134][ T3619]  ? prp_fill_frame_info+0x6b0/0x6b0
[   60.506422][ T3619]  hsr_handle_frame+0x565/0x790
[   60.511261][ T3619]  ? hsr_handle_frame+0x700/0x790
[   60.516275][ T3619]  ? hsr_nl_nodedown+0x3a0/0x3a0
[   60.521204][ T3619]  __netif_receive_skb_core+0x9e1/0x3770
[   60.526833][ T3619]  ? do_xdp_generic+0x40/0x40
[   60.531518][ T3619]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   60.537497][ T3619]  ? find_held_lock+0x2d/0x110
[   60.542256][ T3619]  __netif_receive_skb_one_core+0xae/0x180
[   60.548056][ T3619]  ? __netif_receive_skb_core+0x3770/0x3770
[   60.553941][ T3619]  ? ktime_get_with_offset+0x3f2/0x500
[   60.559390][ T3619]  ? lockdep_hardirqs_on+0x79/0x100
[   60.564578][ T3619]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[   60.570287][ T3619]  ? ktime_get_with_offset+0x36d/0x500
[   60.575736][ T3619]  __netif_receive_skb+0x24/0x1b0
[   60.580755][ T3619]  netif_receive_skb+0x13e/0x8e0
[   60.585686][ T3619]  ? __netif_receive_skb+0x1b0/0x1b0
[   60.590963][ T3619]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   60.596939][ T3619]  tun_rx_batched.isra.0+0x460/0x720
[   60.602219][ T3619]  ? tun_net_open+0x120/0x120
[   60.606885][ T3619]  ? lock_release+0x720/0x720
[   60.611551][ T3619]  ? tun_get_user+0x23da/0x36d0
[   60.616392][ T3619]  ? lock_downgrade+0x6e0/0x6e0
[   60.621237][ T3619]  ? eth_type_trans+0x29e/0x640
[   60.626084][ T3619]  ? __local_bh_enable_ip+0xa0/0x120
[   60.631373][ T3619]  tun_get_user+0x24d0/0x36d0
[   60.636047][ T3619]  ? tun_build_skb+0x1010/0x1010
[   60.640973][ T3619]  ? lock_downgrade+0x6e0/0x6e0
[   60.645820][ T3619]  tun_chr_write_iter+0xdd/0x1a0
[   60.650748][ T3619]  new_sync_write+0x429/0x660
[   60.655420][ T3619]  ? new_sync_read+0x6e0/0x6e0
[   60.660181][ T3619]  ? x86_pmu_start+0x50/0x270
[   60.664856][ T3619]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   60.671093][ T3619]  ? security_file_permission+0xab/0xd0
[   60.676635][ T3619]  vfs_write+0x7cd/0xae0
[   60.680865][ T3619]  ksys_write+0x12d/0x250
[   60.685185][ T3619]  ? __ia32_sys_read+0xb0/0xb0
[   60.689935][ T3619]  ? syscall_enter_from_user_mode+0x21/0x70
[   60.695821][ T3619]  do_syscall_64+0x35/0xb0
[   60.700228][ T3619]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   60.706113][ T3619] RIP: 0033:0x7f118d3afd83
[   60.710524][ T3619] Code: e9 0e ec ff ff bf 01 00 00 00 e8 a8 6f 00 00 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   60.730131][ T3619] RSP: 002b:00007ffcb2b40ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   60.738543][ T3619] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f118d3afd83
[   60.746504][ T3619] RDX: 000000000000000e RSI: 0000000020000100 RDI: 00000000000000c8
[   60.754462][ T3619] RBP: 00007ffcb2b40b00 R08: 0000000000000000 R09: 0000000000000001
[   60.762420][ T3619] R10: 00007ffcb2b40877 R11: 0000000000000246 R12: 0000000000000003
[   60.770378][ T3619] R13: 00007ffcb2b40b20 R14: 00007ffcb2b40b10 R15: 00007ffcb2b40aec
[   60.778351][ T3619]  </TASK>
[   60.781362][ T3619] Modules linked in:
[   60.785266][ T3619] ---[ end trace 6fca89c07a97c7a3 ]---
[   60.790711][ T3619] RIP: 0010:skb_clone+0x107/0x3c0
[   60.795762][ T3619] Code: 00 00 49 8b 5c 24 28 48 85 db 0f 85 ec 00 00 00 e8 fe a1 51 fa 4c 8d 7d 7e 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 <0f> b6 04 02 4c 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 d3 01 00 00
[   60.815908][ T3619] RSP: 0018:ffffc9000284f508 EFLAGS: 00010207
[   60.821969][ T3619] RAX: dffffc0000000000 RBX: ffffc9000284f610 RCX: 0000000000000000
[   60.829953][ T3619] RDX: 000000000000000f RSI: ffffffff872608f2 RDI: 0000000000000000
[   60.837943][ T3619] RBP: 0000000000000000 R08: 0000000000000140 R09: ffffffff8bcd1eb3
[   60.845926][ T3619] R10: fffffbfff179a3d6 R11: 0000000000000000 R12: ffff888019e03a00
[   60.853905][ T3619] R13: 0000000000000a20 R14: ffff888019e03ac8 R15: 000000000000007e
[   60.861871][ T3619] FS:  00005555570ab300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   60.870803][ T3619] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   60.877399][ T3619] CR2: 00007f118d423dd0 CR3: 00000000139e3000 CR4: 00000000003506e0
[   60.885377][ T3619] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   60.893348][ T3619] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   60.901344][ T3619] Kernel panic - not syncing: Fatal exception in interrupt
[   60.908760][ T3619] Kernel Offset: disabled
[   60.913070][ T3619] Rebooting in 86400 seconds..