skbuff: skb_under_panic: text:ffffffff8a113867 len:237470072 put:237469996 head:ffff888028bd4a80 data:ffff88801a95ca24 tail:0x11c end:0x180 dev:team0
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:211!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 10810 Comm: syz.3.1177 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:skb_panic+0x157/0x160
Code: c7 40 e5 93 8c 48 8b 74 24 08 48 8b 54 24 10 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 55 41 57 41 56 e8 5e 0d f5 ff 48 83 c4 20 90 <0f> 0b cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0000:ffffc90000007890 EFLAGS: 00010286
RAX: 0000000000000095 RBX: dffffc0000000000 RCX: 45c840ed8d6d5800
RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
RBP: 0000000000000180 R08: ffffc90000007587 R09: 1ffff92000000eb0
R10: dffffc0000000000 R11: fffff52000000eb1 R12: ffff888122d8d500
R13: ffff888028bd4a80 R14: ffff88801a95ca24 R15: 000000000000011c
FS:  00007f405ab586c0(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c2872b9 CR3: 000000002439a000 CR4: 00000000000006f0
Call Trace:
 <IRQ>
 skb_push+0xc3/0xe0
 ipgre_header+0x67/0x290
 tipc_l2_send_msg+0x31f/0x400
 tipc_bearer_xmit_skb+0x2b3/0x400
 tipc_disc_timeout+0x580/0x6d0
 call_timer_fn+0x17e/0x5f0
 __run_timer_base+0x61a/0x860
 run_timer_softirq+0xb7/0x180
 handle_softirqs+0x286/0x870
 __irq_exit_rcu+0xca/0x1f0
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0xa6/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:lock_release+0x70/0x3e0
Code: e8 45 f1 08 00 84 c0 75 0d f6 05 3e f7 ef 0d 01 0f 84 ad 02 00 00 83 3d 7d 42 06 0e 00 0f 84 44 02 00 00 65 8b 05 30 23 03 11 <85> c0 0f 85 35 02 00 00 65 4c 8b 3c 25 08 50 a0 92 41 83 bf ec 0a
RSP: 0000:ffffc9000ac16908 EFLAGS: 00000202
RAX: 0000000000000000 RBX: ffffffff825d38bc RCX: 45c840ed8d6d5800
RDX: 0000000000000000 RSI: ffffffff8be332e0 RDI: ffffffff8be332a0
RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff825d38bc
R10: dffffc0000000000 R11: ffffed102001c025 R12: dffffc0000000000
R13: ffffffff825d38bc R14: ffffffff8e139ea0 R15: ffff8880214dfc30
 kernfs_root+0x1e5/0x230
 kernfs_parent+0x51/0x190
 kernfs_add_one+0x49/0x520
 __kernfs_create_file+0x22b/0x2e0
 sysfs_add_file_mode_ns+0x238/0x300
 internal_create_group+0x66d/0x1110
 sysfs_create_groups+0x59/0x120
 netdev_queue_update_kobjects+0x2a6/0x6c0
 netdev_register_kobject+0x258/0x310
 register_netdevice+0x126c/0x1ae0
 bond_newlink+0x60/0xb0
 rtnl_newlink_create+0x310/0xb00
 rtnl_newlink+0x16d6/0x1c70
 rtnetlink_rcv_msg+0x7cf/0xb70
 netlink_rcv_skb+0x208/0x470
 netlink_unicast+0x82f/0x9e0
 netlink_sendmsg+0x805/0xb30
 __sock_sendmsg+0x21c/0x270
 ____sys_sendmsg+0x505/0x830
 ___sys_sendmsg+0x21f/0x2a0
 __x64_sys_sendmsg+0x19b/0x260
 do_syscall_64+0xfa/0x3b0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4059d8ebe9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f405ab58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f4059fb5fa0 RCX: 00007f4059d8ebe9
RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
RBP: 00007f4059e11e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f4059fb6038 R14: 00007f4059fb5fa0 R15: 00007ffc71d52e88
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:skb_panic+0x157/0x160
Code: c7 40 e5 93 8c 48 8b 74 24 08 48 8b 54 24 10 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 55 41 57 41 56 e8 5e 0d f5 ff 48 83 c4 20 90 <0f> 0b cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0000:ffffc90000007890 EFLAGS: 00010286
RAX: 0000000000000095 RBX: dffffc0000000000 RCX: 45c840ed8d6d5800
RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
RBP: 0000000000000180 R08: ffffc90000007587 R09: 1ffff92000000eb0
R10: dffffc0000000000 R11: fffff52000000eb1 R12: ffff888122d8d500
R13: ffff888028bd4a80 R14: ffff88801a95ca24 R15: 000000000000011c
FS:  00007f405ab586c0(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c2872b9 CR3: 000000002439a000 CR4: 00000000000006f0
