bridge0: port 2(bridge_slave_1) entered blocking state bridge0: port 2(bridge_slave_1) entered forwarding state IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready ================================================================================ UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2023:28 member access within address ffffc90000a1f1c0 with insufficient space for an object of type 'struct sk_buff' CPU: 1 PID: 372 Comm: kworker/1:2 Not tainted 5.10.80-syzkaller-01801-g971945b72224 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack_lvl+0x1e2/0x24b lib/dump_stack.c:118 dump_stack+0x15/0x1d lib/dump_stack.c:135 ubsan_epilogue lib/ubsan.c:148 [inline] handle_object_size_mismatch lib/ubsan.c:229 [inline] ubsan_type_mismatch_common+0x1ed/0x3a0 lib/ubsan.c:242 __ubsan_handle_type_mismatch_v1+0x5b/0x70 lib/ubsan.c:271 __skb_queue_before include/linux/skbuff.h:2023 [inline] __skb_queue_tail include/linux/skbuff.h:2056 [inline] wg_xmit+0x4a2/0xae0 drivers/net/wireguard/device.c:182 __netdev_start_xmit include/linux/netdevice.h:4823 [inline] netdev_start_xmit+0x8a/0x160 include/linux/netdevice.h:4837 xmit_one net/core/dev.c:3589 [inline] dev_hard_start_xmit+0x18d/0x2f0 net/core/dev.c:3605 __dev_queue_xmit+0xfbe/0x1bb0 net/core/dev.c:4168 dev_queue_xmit+0x17/0x20 net/core/dev.c:4201 neigh_connected_output+0x288/0x2b0 net/core/neighbour.c:1532 neigh_output include/net/neighbour.h:524 [inline] ip6_finish_output2+0xde2/0x1440 net/ipv6/ip6_output.c:145 __ip6_finish_output+0x3e4/0x520 net/ipv6/ip6_output.c:210 ip6_finish_output+0x3f/0x220 net/ipv6/ip6_output.c:220 NF_HOOK_COND include/linux/netfilter.h:293 [inline] ip6_output+0x1f8/0x4b0 net/ipv6/ip6_output.c:243 dst_output include/net/dst.h:443 [inline] NF_HOOK+0xdd/0x280 include/linux/netfilter.h:304 ndisc_send_skb+0x646/0x9f0 net/ipv6/ndisc.c:508 ndisc_send_rs+0x26c/0x360 net/ipv6/ndisc.c:702 addrconf_dad_completed+0x4f3/0x9f0 net/ipv6/addrconf.c:4224 addrconf_dad_work+0x9c1/0x1520 net/ipv6/addrconf.c:3989 process_one_work+0x3ca/0x660 kernel/workqueue.c:2289 worker_thread+0x709/0xa20 kernel/workqueue.c:2435 kthread+0x371/0x390 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 ================================================================================ ================================================================================ UBSAN: object-size-mismatch in ./include/linux/skbuff.h:1916:2 member access within address ffffc90000a1f1c0 with insufficient space for an object of type 'struct sk_buff' CPU: 1 PID: 372 Comm: kworker/1:2 Not tainted 5.10.80-syzkaller-01801-g971945b72224 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack_lvl+0x1e2/0x24b lib/dump_stack.c:118 dump_stack+0x15/0x1d lib/dump_stack.c:135 ubsan_epilogue lib/ubsan.c:148 [inline] handle_object_size_mismatch lib/ubsan.c:229 [inline] ubsan_type_mismatch_common+0x1ed/0x3a0 lib/ubsan.c:242 __ubsan_handle_type_mismatch_v1+0x5b/0x70 lib/ubsan.c:271 __skb_insert include/linux/skbuff.h:1916 [inline] __skb_queue_before include/linux/skbuff.h:2023 [inline] __skb_queue_tail include/linux/skbuff.h:2056 [inline] wg_xmit+0x513/0xae0 drivers/net/wireguard/device.c:182 __netdev_start_xmit include/linux/netdevice.h:4823 [inline] netdev_start_xmit+0x8a/0x160 include/linux/netdevice.h:4837 xmit_one net/core/dev.c:3589 [inline] dev_hard_start_xmit+0x18d/0x2f0 net/core/dev.c:3605 __dev_queue_xmit+0xfbe/0x1bb0 net/core/dev.c:4168 dev_queue_xmit+0x17/0x20 net/core/dev.c:4201 neigh_connected_output+0x288/0x2b0 net/core/neighbour.c:1532 neigh_output include/net/neighbour.h:524 [inline] ip6_finish_output2+0xde2/0x1440 net/ipv6/ip6_output.c:145 __ip6_finish_output+0x3e4/0x520 net/ipv6/ip6_output.c:210 ip6_finish_output+0x3f/0x220 net/ipv6/ip6_output.c:220 NF_HOOK_COND include/linux/netfilter.h:293 [inline] ip6_output+0x1f8/0x4b0 net/ipv6/ip6_output.c:243 dst_output include/net/dst.h:443 [inline] NF_HOOK+0xdd/0x280 include/linux/netfilter.h:304 ndisc_send_skb+0x646/0x9f0 net/ipv6/ndisc.c:508 ndisc_send_rs+0x26c/0x360 net/ipv6/ndisc.c:702 addrconf_dad_completed+0x4f3/0x9f0 net/ipv6/addrconf.c:4224 addrconf_dad_work+0x9c1/0x1520 net/ipv6/addrconf.c:3989 process_one_work+0x3ca/0x660 kernel/workqueue.c:2289 worker_thread+0x709/0xa20 kernel/workqueue.c:2435 kthread+0x371/0x390 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 ================================================================================