Warning: Permanently added '10.128.10.44' (ED25519) to the list of known hosts. executing program [ 37.174656][ T6414] syz_tun: entered allmulticast mode [ 37.177446][ T6414] ------------[ cut here ]------------ [ 37.178791][ T6414] UBSAN: array-index-out-of-bounds in net/ipv4/ipmr_base.c:289:10 [ 37.180598][ T6414] index -615590656 is out of range for type 'const struct vif_device[32]' [ 37.182726][ T6414] CPU: 0 UID: 0 PID: 6414 Comm: syz-executor195 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0 [ 37.185076][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 37.187284][ T6414] Call trace: [ 37.188031][ T6414] show_stack+0x2c/0x3c (C) [ 37.189015][ T6414] dump_stack_lvl+0xe4/0x150 [ 37.189987][ T6414] dump_stack+0x1c/0x28 [ 37.190912][ T6414] __ubsan_handle_out_of_bounds+0xf8/0x148 [ 37.192283][ T6414] mr_table_dump+0x694/0x8b0 [ 37.193341][ T6414] mr_rtm_dumproute+0x254/0x454 [ 37.194443][ T6414] ipmr_rtm_dumproute+0x248/0x4b4 [ 37.195538][ T6414] rtnl_dump_all+0x2e4/0x4e8 [ 37.196560][ T6414] rtnl_dumpit+0x98/0x1d0 [ 37.197517][ T6414] netlink_dump+0x4f0/0xbc0 [ 37.198542][ T6414] __netlink_dump_start+0x4d8/0x720 [ 37.199720][ T6414] rtnetlink_rcv_msg+0x8fc/0xa9c [ 37.200817][ T6414] netlink_rcv_skb+0x214/0x3c4 [ 37.201850][ T6414] rtnetlink_rcv+0x28/0x38 [ 37.202876][ T6414] netlink_unicast+0x668/0x8a4 [ 37.203967][ T6414] netlink_sendmsg+0x7a4/0xa8c [ 37.204976][ T6414] sock_write_iter+0x2d8/0x448 [ 37.206005][ T6414] vfs_write+0x920/0xcf4 [ 37.206963][ T6414] ksys_write+0x15c/0x26c [ 37.207940][ T6414] __arm64_sys_write+0x7c/0x90 [ 37.208932][ T6414] invoke_syscall+0x98/0x2b8 [ 37.209978][ T6414] el0_svc_common+0x130/0x23c [ 37.211060][ T6414] do_el0_svc+0x48/0x58 [ 37.212026][ T6414] el0_svc+0x54/0x168 [ 37.212948][ T6414] el0t_64_sync_handler+0x84/0x108 [ 37.214036][ T6414] el0t_64_sync+0x198/0x19c [ 37.215047][ T6414] ---[ end trace ]--- [ 37.215906][ T6414] Unable to handle kernel paging request at virtual address ffff5ffe1971b613 [ 37.217880][ T6414] KASAN: maybe wild-memory-access in range [0xfffefff0cb8db098-0xfffefff0cb8db09f] [ 37.219892][ T6414] Mem abort info: [ 37.220677][ T6414] ESR = 0x0000000096000004 [ 37.221630][ T6414] EC = 0x25: DABT (current EL), IL = 32 bits [ 37.223051][ T6414] SET = 0, FnV = 0 [ 37.223859][ T6414] EA = 0, S1PTW = 0 [ 37.224734][ T6414] FSC = 0x04: level 0 translation fault [ 37.225970][ T6414] Data abort info: [ 37.226714][ T6414] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 37.228165][ T6414] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 37.229451][ T6414] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 37.230758][ T6414] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001a5699000 [ 37.232459][ T6414] [ffff5ffe1971b613] pgd=0000000000000000, p4d=0000000000000000 [ 37.234174][ T6414] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 37.235665][ T6414] Modules linked in: [ 37.236488][ T6414] CPU: 0 UID: 0 PID: 6414 Comm: syz-executor195 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0 [ 37.238801][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 37.241016][ T6414] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 37.242801][ T6414] pc : mr_table_dump+0x5a4/0x8b0 [ 37.243910][ T6414] lr : mr_table_dump+0x694/0x8b0 [ 37.244992][ T6414] sp : ffff8000a41a6e10 [ 37.245860][ T6414] x29: ffff8000a41a6ed0 x28: fffefff0cb8db098 x27: ffffffffdb4ed500 [ 37.247691][ T6414] x26: ffffffffdb4ed500 x25: 0000000000000000 x24: fffefff0cb8db098 [ 37.249421][ T6414] x23: dfff800000000000 x22: 00000000db4ed500 x21: ffff0000b4959548 [ 37.251077][ T6414] x20: dfff800000000000 x19: ffff0000d946c078 x18: 0000000000000008 [ 37.252889][ T6414] x17: 0000000000000000 x16: ffff80008b5fe85c x15: ffff7000125d8a48 [ 37.254556][ T6414] x14: 1ffff000125d8a48 x13: 0000000000000004 x12: ffffffffffffffff [ 37.256331][ T6414] x11: ffff7000125d8a48 x10: 0000000000ff0100 x9 : 0000000000000000 [ 37.258060][ T6414] x8 : 1fffdffe1971b613 x7 : 0000000000000001 x6 : 0000000000000001 [ 37.259777][ T6414] x5 : ffff8000a41a64f8 x4 : ffff80008fa8f840 x3 : ffff8000802f4dc8 [ 37.261487][ T6414] x2 : 0000000000000001 x1 : 0000000000000001 x0 : 00000000ffffffff [ 37.263192][ T6414] Call trace: [ 37.263858][ T6414] mr_table_dump+0x5a4/0x8b0 (P) [ 37.264909][ T6414] mr_rtm_dumproute+0x254/0x454 [ 37.266016][ T6414] ipmr_rtm_dumproute+0x248/0x4b4 [ 37.267073][ T6414] rtnl_dump_all+0x2e4/0x4e8 [ 37.268131][ T6414] rtnl_dumpit+0x98/0x1d0 [ 37.269074][ T6414] netlink_dump+0x4f0/0xbc0 [ 37.270086][ T6414] __netlink_dump_start+0x4d8/0x720 [ 37.271103][ T6414] rtnetlink_rcv_msg+0x8fc/0xa9c [ 37.272240][ T6414] netlink_rcv_skb+0x214/0x3c4 [ 37.273233][ T6414] rtnetlink_rcv+0x28/0x38 [ 37.274127][ T6414] netlink_unicast+0x668/0x8a4 [ 37.275224][ T6414] netlink_sendmsg+0x7a4/0xa8c [ 37.276291][ T6414] sock_write_iter+0x2d8/0x448 [ 37.277346][ T6414] vfs_write+0x920/0xcf4 [ 37.278247][ T6414] ksys_write+0x15c/0x26c [ 37.279134][ T6414] __arm64_sys_write+0x7c/0x90 [ 37.280200][ T6414] invoke_syscall+0x98/0x2b8 [ 37.281172][ T6414] el0_svc_common+0x130/0x23c [ 37.282252][ T6414] do_el0_svc+0x48/0x58 [ 37.283164][ T6414] el0_svc+0x54/0x168 [ 37.284071][ T6414] el0t_64_sync_handler+0x84/0x108 [ 37.285201][ T6414] el0t_64_sync+0x198/0x19c [ 37.286166][ T6414] Code: 97759d2c d343ff08 d2d00017 f2fbfff7 (38746908) [ 37.287703][ T6414] ---[ end trace 0000000000000000 ]--- [ 37.651090][ T6414] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 37.652866][ T6414] SMP: stopping secondary CPUs [ 37.653961][ T6414] Kernel Offset: disabled [ 37.654901][ T6414] CPU features: 0x100,00002070,00800250,82017203 [ 37.656552][ T6414] Memory Limit: none [ 38.002000][ T6414] Rebooting in 86400 seconds..