------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:2490!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8946 Comm: syz-executor.4 Not tainted 6.2.0-rc5-next-20230123-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
RIP: 0010:__pskb_pull_tail+0x1196/0x1740 net/core/skbuff.c:2490
Code: 98 c8 00 00 00 e9 c7 f6 ff ff e8 05 3d bc f9 48 8b 3c 24 be 02 00 00 00 e8 47 a9 ff ff 45 31 e4 e9 b4 f6 ff ff e8 ea 3c bc f9 <0f> 0b e8 e3 3c bc f9 4c 8b 7c 24 38 49 83 ef 01 e9 fb f4 ff ff 48
RSP: 0018:ffffc90003d47950 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 00000000fffffff2 RCX: 0000000000000000
RDX: ffff888028739d40 RSI: ffffffff87c5b146 RDI: 0000000000000005
RBP: ffffc90003d479d8 R08: 0000000000000005 R09: 0000000000000000
R10: 00000000fffffff2 R11: 0000000000000000 R12: 0000000000000ec0
R13: ffff8880a3fa0000 R14: ffff88807f461cc0 R15: ffff88802972fdc0
FS:  00005555560d1400(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fef52985058 CR3: 000000005fe4d000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __skb_linearize include/linux/skbuff.h:3668 [inline]
 skb_linearize include/linux/skbuff.h:3680 [inline]
 tipc_msg_reverse+0x6dd/0x970 net/tipc/msg.c:627
 tipc_sk_respond+0xfa/0x300 net/tipc/socket.c:292
 tsk_rej_rx_queue+0x106/0x1d0 net/tipc/socket.c:313
 __tipc_shutdown+0x9ea/0xeb0 net/tipc/socket.c:577
 tipc_release+0x174/0x1920 net/tipc/socket.c:642
 __sock_release+0xcd/0x280 net/socket.c:651
 sock_close+0x1c/0x20 net/socket.c:1390
 __fput+0x27c/0xa90 fs/file_table.c:321
 task_work_run+0x16f/0x270 kernel/task_work.c:179
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline]
 syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297
 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f7e6b83df7b
Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
RSP: 002b:00007ffdfa8fa830 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007f7e6b83df7b
RDX: 0000001b2bf20000 RSI: 0000001b2bf22e70 RDI: 0000000000000004
RBP: 00007f7e6b9ad980 R08: 0000000000000000 R09: 00000000836ef1d9
R10: 00007ffdfa957090 R11: 0000000000000293 R12: 00000000000b3752
R13: 00007ffdfa8fa930 R14: 00007ffdfa8fa950 R15: 0000000000000032
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__pskb_pull_tail+0x1196/0x1740 net/core/skbuff.c:2490
Code: 98 c8 00 00 00 e9 c7 f6 ff ff e8 05 3d bc f9 48 8b 3c 24 be 02 00 00 00 e8 47 a9 ff ff 45 31 e4 e9 b4 f6 ff ff e8 ea 3c bc f9 <0f> 0b e8 e3 3c bc f9 4c 8b 7c 24 38 49 83 ef 01 e9 fb f4 ff ff 48
RSP: 0018:ffffc90003d47950 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 00000000fffffff2 RCX: 0000000000000000
RDX: ffff888028739d40 RSI: ffffffff87c5b146 RDI: 0000000000000005
RBP: ffffc90003d479d8 R08: 0000000000000005 R09: 0000000000000000
R10: 00000000fffffff2 R11: 0000000000000000 R12: 0000000000000ec0
R13: ffff8880a3fa0000 R14: ffff88807f461cc0 R15: ffff88802972fdc0
FS:  00005555560d1400(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fef52985058 CR3: 000000005fe4d000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400