skbuff: skb_under_panic: text:ffffffff88af90e0 len:48 put:8 head:ffff888070e0e100 data:ffff888070e0e0fc tail:0x2c end:0x140 dev:sit1
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:200!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5580 Comm: syz-executor.7 Not tainted 6.3.0-syzkaller-07936-gda94a7781fc3 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
RIP: 0010:skb_panic+0x152/0x1d0
Code: 0f b6 04 01 84 c0 74 04 3c 03 7e 20 8b 4b 70 41 56 45 89 e8 48 c7 c7 80 15 5e 8b 41 57 56 48 89 ee 52 4c 89 e2 e8 ee 46 61 f9 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 b9 b3 cf f9 4c
RSP: 0018:ffffc90006536a88 EFLAGS: 00010282
RAX: 0000000000000084 RBX: ffff8880167b8640 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8168c630 RDI: 0000000000000005
RBP: ffffffff8b5e23e0 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000200 R11: 0000000000000001 R12: ffffffff88af90e0
R13: 0000000000000008 R14: ffff888076748000 R15: 0000000000000140
FS:  00007fcaf1b346c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fcaf1b34d58 CR3: 00000000275c1000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 skb_push+0xc6/0xe0
 fou_build_udp+0x30/0x380
 gue_build_header+0xfb/0x150
 ip_tunnel_xmit+0x697/0x3320
 sit_tunnel_xmit__.isra.0+0xe6/0x140
 sit_tunnel_xmit+0xdae/0x2880
 dev_hard_start_xmit+0x13d/0x6c0
 __dev_queue_xmit+0xa23/0x3e60
 neigh_connected_output+0x42c/0x5d0
 ip_finish_output2+0x70a/0x24b0
 __ip_finish_output+0x38b/0x640
 ip_finish_output+0x31/0x280
 ip_output+0x198/0x310
 ip_send_skb+0xd3/0x250
 udp_send_skb+0x731/0x1470
 udp_sendmsg+0x1d7f/0x29a0
 udpv6_sendmsg+0x19f0/0x2ec0
 inet6_sendmsg+0x9d/0xe0
 sock_sendmsg+0xd9/0x180
 ____sys_sendmsg+0x264/0x910
 ___sys_sendmsg+0x11d/0x1b0
 __sys_sendmmsg+0x18e/0x430
 __x64_sys_sendmmsg+0x9c/0x100
 do_syscall_64+0x38/0xb0
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fcaf0e7ca19
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fcaf1b340c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 00007fcaf0f9c050 RCX: 00007fcaf0e7ca19
RDX: 0000000000000001 RSI: 00000000200017c0 RDI: 0000000000000003
RBP: 00007fcaf0ed8c88 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007fcaf0f9c050 R15: 00007ffcfc3ba4e8
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:skb_panic+0x152/0x1d0
Code: 0f b6 04 01 84 c0 74 04 3c 03 7e 20 8b 4b 70 41 56 45 89 e8 48 c7 c7 80 15 5e 8b 41 57 56 48 89 ee 52 4c 89 e2 e8 ee 46 61 f9 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 b9 b3 cf f9 4c
RSP: 0018:ffffc90006536a88 EFLAGS: 00010282
RAX: 0000000000000084 RBX: ffff8880167b8640 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8168c630 RDI: 0000000000000005
RBP: ffffffff8b5e23e0 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000200 R11: 0000000000000001 R12: ffffffff88af90e0
R13: 0000000000000008 R14: ffff888076748000 R15: 0000000000000140
FS:  00007fcaf1b346c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fcaf1b34d58 CR3: 00000000275c1000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
