------------[ cut here ]------------ WARNING: CPU: 1 PID: 0 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 0 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012edd7b00 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012edd7b00 x19: ffff00012edd7b00 x18: 00000000000000c0 x17: ffff80000dd0b198 x16: ffff80000db49158 x15: ffff0000c02e8000 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff0000c02e8000 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : c402d26903a73f00 x8 : c402d26903a73f00 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 00000000009932a1 x2 : ffff00012edd7b00 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 __el1_irq arch/arm64/kernel/entry-common.c:471 [inline] el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:485 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:490 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:577 arch_local_irq_enable+0xc/0x18 arch/arm64/include/asm/irqflags.h:35 default_idle_call+0x48/0xb8 kernel/sched/idle.c:109 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x108/0x2d8 kernel/sched/idle.c:303 cpu_startup_entry+0x24/0x28 kernel/sched/idle.c:400 secondary_start_kernel+0x154/0x17c arch/arm64/kernel/smp.c:265 __secondary_switched+0xb0/0xb4 arch/arm64/kernel/head.S:618 irq event stamp: 16707697 hardirqs last enabled at (16707696): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (16707696): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (16707697): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (16707620): [] _stext+0x2e4/0x37c softirqs last disabled at (16707627): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 0 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 0 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012edd7b00 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012edd7b00 x19: ffff00012edd7b00 x18: 00000000000000c0 x17: ffff80000dd0b198 x16: ffff80000db49158 x15: ffff0000c02e8000 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff0000c02e8000 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : c402d26903a73f00 x8 : c402d26903a73f00 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 00000000009932b1 x2 : ffff00012edd7b00 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 __el1_irq arch/arm64/kernel/entry-common.c:471 [inline] el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:485 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:490 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:577 arch_local_irq_enable+0xc/0x18 arch/arm64/include/asm/irqflags.h:35 default_idle_call+0x48/0xb8 kernel/sched/idle.c:109 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x108/0x2d8 kernel/sched/idle.c:303 cpu_startup_entry+0x24/0x28 kernel/sched/idle.c:400 secondary_start_kernel+0x154/0x17c arch/arm64/kernel/smp.c:265 __secondary_switched+0xb0/0xb4 arch/arm64/kernel/head.S:618 irq event stamp: 16707797 hardirqs last enabled at (16707796): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (16707796): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (16707797): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (16707620): [] _stext+0x2e4/0x37c softirqs last disabled at (16707627): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 3479 Comm: syz-executor.1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012c25a100 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012c25a100 x19: ffff00012c25a100 x18: 0000000000000000 x17: ffff8001f1d7d000 x16: ffff80000db49158 x15: ffff00012f511a80 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff00012f511a80 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : cce3e5a3cb70b600 x8 : cce3e5a3cb70b600 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 0000000000994271 x2 : ffff00012c25a100 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 el0_interrupt+0x7c/0x214 arch/arm64/kernel/entry-common.c:716 __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:723 el0t_64_irq_handler+0x10/0x1c arch/arm64/kernel/entry-common.c:728 el0t_64_irq+0x18c/0x190 arch/arm64/kernel/entry.S:582 irq event stamp: 1657 hardirqs last enabled at (1656): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (1656): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (1657): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (1586): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (1601): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 3479 Comm: syz-executor.1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012c25a100 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012c25a100 x19: ffff00012c25a100 x18: 0000000000000000 x17: ffff8001f1d7d000 x16: ffff80000db49158 x15: ffff00012f511a80 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff00012f511a80 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : cce3e5a3cb70b600 x8 : cce3e5a3cb70b600 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 0000000000994281 x2 : ffff00012c25a100 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 el0_interrupt+0x7c/0x214 arch/arm64/kernel/entry-common.c:716 __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:723 el0t_64_irq_handler+0x10/0x1c arch/arm64/kernel/entry-common.c:728 el0t_64_irq+0x18c/0x190 arch/arm64/kernel/entry.S:582 irq event stamp: 1755 hardirqs last enabled at (1754): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (1754): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (1755): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (1586): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (1601): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 3479 Comm: syz-executor.1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012c25a100 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012c25a100 x19: ffff00012c25a100 x18: 0000000000000000 x17: ffff8001f1d7d000 x16: ffff80000db49158 x15: ffff00012f511a80 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff00012f511a80 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : cce3e5a3cb70b600 x8 : cce3e5a3cb70b600 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 0000000000994291 x2 : ffff00012c25a100 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 el0_interrupt+0x7c/0x214 arch/arm64/kernel/entry-common.c:716 __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:723 el0t_64_irq_handler+0x10/0x1c arch/arm64/kernel/entry-common.c:728 el0t_64_irq+0x18c/0x190 arch/arm64/kernel/entry.S:582 irq event stamp: 1861 hardirqs last enabled at (1860): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (1860): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (1861): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (1586): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (1601): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 3479 Comm: syz-executor.1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012c25a100 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012c25a100 x19: ffff00012c25a100 x18: 0000000038db07f9 x17: 000000001e358919 x16: ffff80000db49158 x15: ffff00012f511a80 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff00012f511a80 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : cce3e5a3cb70b600 x8 : cce3e5a3cb70b600 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 00000000009942a1 x2 : ffff00012c25a100 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 el0_interrupt+0x7c/0x214 arch/arm64/kernel/entry-common.c:716 __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:723 el0t_64_irq_handler+0x10/0x1c arch/arm64/kernel/entry-common.c:728 el0t_64_irq+0x18c/0x190 arch/arm64/kernel/entry.S:582 irq event stamp: 1957 hardirqs last enabled at (1956): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (1956): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (1957): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (1586): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (1601): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 3479 Comm: syz-executor.1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012c25a100 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012c25a100 x19: ffff00012c25a100 x18: 0000000038db07f9 x17: 000000001e358919 x16: ffff80000db49158 x15: ffff00012f511a80 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff00012f511a80 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : cce3e5a3cb70b600 x8 : cce3e5a3cb70b600 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 00000000009942b1 x2 : ffff00012c25a100 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 el0_interrupt+0x7c/0x214 arch/arm64/kernel/entry-common.c:716 __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:723 el0t_64_irq_handler+0x10/0x1c arch/arm64/kernel/entry-common.c:728 el0t_64_irq+0x18c/0x190 arch/arm64/kernel/entry.S:582 irq event stamp: 2045 hardirqs last enabled at (2044): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (2044): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (2045): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (1586): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (1601): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 kfree_skb include/linux/skbuff.h:1206 [inline] WARNING: CPU: 1 PID: 3479 at net/ipv4/route.c:1259 ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 Modules linked in: CPU: 1 PID: 3479 Comm: syz-executor.1 Tainted: G W 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ip_rt_bug+0x28/0x90 include/linux/skbuff.h:1206 lr : kfree_skb include/linux/skbuff.h:1206 [inline] lr : ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 sp : ffff80000800bac0 x29: ffff80000800bac0 x28: 00000000ffffffc0 x27: 0000000000000000 x26: ffff80000800bc30 x25: ffff0000c10d1488 x24: ffff0000c10d1488 x23: ffff00012c25a100 x22: ffff000113757c00 x21: ffff0000c10d1200 x20: ffff00012c25a100 x19: ffff00012c25a100 x18: 0000000038db07f9 x17: 000000001e358919 x16: ffff80000db49158 x15: ffff00012f511a80 x14: 0000000000000000 x13: 00000000ffffffff x12: ffff00012f511a80 x11: ffff8001f1d7d000 x10: ffff80000d27a100 x9 : cce3e5a3cb70b600 x8 : cce3e5a3cb70b600 x7 : ffff8000095d331c x6 : 0000000000000000 x5 : 0000000000000080 x4 : ffff0001feff7100 x3 : 00000000009942c1 x2 : ffff00012c25a100 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kfree_skb include/linux/skbuff.h:1206 [inline] ip_rt_bug+0x28/0x90 net/ipv4/route.c:1258 dst_output include/net/dst.h:451 [inline] ip_local_out net/ipv4/ip_output.c:126 [inline] ip_send_skb+0xc0/0x1c8 net/ipv4/ip_output.c:1589 ip_push_pending_frames+0x48/0x64 net/ipv4/ip_output.c:1609 icmp_push_reply+0x170/0x190 net/ipv4/icmp.c:386 __icmp_send+0x698/0x704 net/ipv4/icmp.c:762 ipv4_send_dest_unreach net/ipv4/route.c:1239 [inline] ipv4_link_failure+0x254/0x3f0 net/ipv4/route.c:1246 dst_link_failure include/net/dst.h:430 [inline] arp_error_report+0xa4/0xe4 net/ipv4/arp.c:296 neigh_invalidate+0xfc/0x1b4 net/core/neighbour.c:1048 neigh_timer_handler+0x264/0x508 net/core/neighbour.c:1135 call_timer_fn+0x90/0x144 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x280/0x374 kernel/time/timer.c:1790 run_timer_softirq+0x34/0x5c kernel/time/timer.c:1803 _stext+0x168/0x37c ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:889 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84 invoke_softirq+0x70/0xbc kernel/softirq.c:452 __irq_exit_rcu+0xf0/0x140 kernel/softirq.c:650 irq_exit_rcu+0x10/0x40 kernel/softirq.c:662 el0_interrupt+0x7c/0x214 arch/arm64/kernel/entry-common.c:716 __el0_irq_handler_common+0x18/0x24 arch/arm64/kernel/entry-common.c:723 el0t_64_irq_handler+0x10/0x1c arch/arm64/kernel/entry-common.c:728 el0t_64_irq+0x18c/0x190 arch/arm64/kernel/entry.S:582 irq event stamp: 2141 hardirqs last enabled at (2140): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (2140): [] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194 hardirqs last disabled at (2141): [] el1_dbg+0x24/0x5c arch/arm64/kernel/entry-common.c:404 softirqs last enabled at (1586): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (1601): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79 ---[ end trace 0000000000000000 ]---