syzbot


general protection fault in ip6_setup_cork

Status: fixed on 2018/02/03 04:36
Fix commit: 28fa583fd8ce ipv6: flowlabel: do not leave opt->tot_len with garbage
First crash: 2605d, last: 2579d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in ip6_setup_cork net 56 2582d 2591d 3/28 fixed on 2017/11/11 01:37

Sample crash report:
9pnet_virtio: no channels available for device ./file0
9pnet_virtio: no channels available for device ./file0
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 1 PID: 13710 Comm: syz-executor0 Not tainted 4.9.57-gf8de76a #68
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801d21e9800 task.stack: ffff8801d85e8000
RIP: 0010:[<ffffffff8341053c>]  [<ffffffff8341053c>] ip6_setup_cork+0x20c/0x1200 net/ipv6/ip6_output.c:1230
RSP: 0018:ffff8801d85ef6d8  EFLAGS: 00010203
RAX: dffffc0000000000 RBX: ffff8801d85ef8b8 RCX: ffffc90000960000
RDX: 0000000000000002 RSI: 00000000024080c0 RDI: 0000000000000014
RBP: ffff8801d85ef740 R08: ffff8801d9414000 R09: ffff8801d85efb70
R10: 0000000000000000 R11: 1ffff1003b0bdefa R12: ffff8801d85efad0
R13: ffff8801d85efb70 R14: 0000000000000000 R15: 0000000000000010
FS:  00007fd289eb6700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020e0afe4 CR3: 00000001a9cf7000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffff8801d85ef860 ffffffff833bff90 ffff8801d077f748 ffff8801d077fa40
 ffff8801d077f500 ffff8801d85efa90 ffff8801d9414000 ffff8801d85ef7f8
 ffff8801d85ef958 ffff8801d85efa90 ffff8801d85ef838 ffff8801d077f500
Call Trace:
 [<ffffffff834242b8>] ip6_make_skb+0x1b8/0x440 net/ipv6/ip6_output.c:1802
 [<ffffffff8348a21d>] udpv6_sendmsg+0x1b1d/0x2540 net/ipv6/udp.c:1240
 [<ffffffff832ebcdc>] inet_sendmsg+0x2bc/0x4c0 net/ipv4/af_inet.c:753
 [<ffffffff82ed1b9a>] sock_sendmsg_nosec net/socket.c:635 [inline]
 [<ffffffff82ed1b9a>] sock_sendmsg+0xca/0x110 net/socket.c:645
 [<ffffffff82ed2af8>] SYSC_sendto+0x2c8/0x340 net/socket.c:1670
 [<ffffffff82ed4fa0>] SyS_sendto+0x40/0x50 net/socket.c:1638
 [<ffffffff838ad0c5>] entry_SYSCALL_64_fastpath+0x23/0xc6
Code: e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 5d 0d 00 00 49 8d 7f 04 45 8b 74 24 04 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 
RIP  [<ffffffff8341053c>] ip6_setup_cork+0x20c/0x1200 net/ipv6/ip6_output.c:1230
 RSP <ffff8801d85ef6d8>
---[ end trace 1114e47e592eaa87 ]---
Kernel panic - not syncing: Fatal exception
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (924):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/10/19 04:11 https://android.googlesource.com/kernel/common android-4.9 f8de76a9022c fe864987 .config console log report ci-android-49-kasan-gce
2017/10/19 02:26 https://android.googlesource.com/kernel/common android-4.9 f8de76a9022c fe864987 .config console log report ci-android-49-kasan-gce
2017/10/19 00:42 https://android.googlesource.com/kernel/common android-4.9 f8de76a9022c fe864987 .config console log report ci-android-49-kasan-gce
2017/10/18 19:04 https://android.googlesource.com/kernel/common android-4.9 f8de76a9022c fe864987 .config console log report ci-android-49-kasan-gce
2017/10/18 05:40 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/17 07:45 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/17 04:21 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 14:53 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 14:03 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 06:21 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 05:15 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 04:03 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 03:16 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/16 00:04 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/15 21:47 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/15 17:59 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/15 12:21 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/15 05:22 https://android.googlesource.com/kernel/common android-4.9 5c73594e214f b69d27d1 .config console log report ci-android-49-kasan-gce
2017/10/14 11:29 https://android.googlesource.com/kernel/common android-4.9 ed0b958299be c26ea367 .config console log report ci-android-49-kasan-gce
2017/10/14 07:45 https://android.googlesource.com/kernel/common android-4.9 ed0b958299be c26ea367 .config console log report ci-android-49-kasan-gce
* Struck through repros no longer work on HEAD.