general protection fault in __sock

general protection fault in __sock_release (2)
Status: auto-closed as invalid on 2019/10/25 08:42
Reported-by: syzbot+38b29941610a1cc735dc@syzkaller.appspotmail.com
First crash: 836d, last: 693d

similar bugs (4):
Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-4.19	general protection fault in __sock_release	syz		done	8	244d	256d	1/1	fixed on 2020/10/09 08:27
linux-4.14	general protection fault in __sock_release	syz		done	12	243d	256d	1/1	fixed on 2020/10/09 20:44
upstream	general protection fault in __sock_release				1	1026d	1026d	9/22	fixed on 2018/08/07 13:43
upstream	general protection fault in __sock_release (3)	syz	done	unreliable	21	249d	252d	0/22	upstream: reported syz repro on 2020/08/31 19:38

Sample crash report:

kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 25985 Comm: kworker/u4:3 Not tainted 5.2.0-rc3+ #56
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
RIP: 0010:__sock_release+0x2d/0x2a0 net/socket.c:596
Code: e5 41 57 41 56 41 55 41 54 49 89 f4 53 48 89 fb e8 78 9c f7 fb 4c 8d 73 28 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f5 01 00 00 4c 8b 6b 28 4d 85 ed 0f 84 e9 00 00
RSP: 0018:ffff8880796afb70 EFLAGS: 00010207
RAX: dffffc0000000000 RBX: 00000000000000ff RCX: 1ffffffff10e9e4d
RDX: 0000000000000024 RSI: ffffffff85790a08 RDI: 00000000000000ff
RBP: ffff8880796afb98 R08: ffff8880726ae4c0 R09: ffffed1015d26c70
R10: ffffed1015d26c6f R11: ffff8880ae93637b R12: 0000000000000000
R13: 0000000000000007 R14: 0000000000000127 R15: ffff888067fde387
FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c425403728 CR3: 000000009ec27000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 sock_release+0x18/0x20 net/socket.c:621
 inet_ctl_sock_destroy include/net/inet_common.h:56 [inline]
 icmpv6_sk_exit+0x11f/0x1c0 net/ipv6/icmp.c:975
 ops_exit_list.isra.0+0xaa/0x150 net/core/net_namespace.c:154
 cleanup_net+0x3fb/0x960 net/core/net_namespace.c:553
 process_one_work+0x989/0x1790 kernel/workqueue.c:2269
 worker_thread+0x98/0xe40 kernel/workqueue.c:2415
 kthread+0x354/0x420 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Modules linked in:
---[ end trace 166b90ca8c6e905d ]---
RIP: 0010:__sock_release+0x2d/0x2a0 net/socket.c:596
Code: e5 41 57 41 56 41 55 41 54 49 89 f4 53 48 89 fb e8 78 9c f7 fb 4c 8d 73 28 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 f5 01 00 00 4c 8b 6b 28 4d 85 ed 0f 84 e9 00 00
RSP: 0018:ffff8880796afb70 EFLAGS: 00010207
RAX: dffffc0000000000 RBX: 00000000000000ff RCX: 1ffffffff10e9e4d
RDX: 0000000000000024 RSI: ffffffff85790a08 RDI: 00000000000000ff
RBP: ffff8880796afb98 R08: ffff8880726ae4c0 R09: ffffed1015d26c70
R10: ffffed1015d26c6f R11: ffff8880ae93637b R12: 0000000000000000
R13: 0000000000000007 R14: 0000000000000127 R15: ffff888067fde387
FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c425403728 CR3: 000000009ec27000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (20):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report
ci-upstream-net-this-kasan-gce	2019/06/17 15:03	net	6be8e297	442206d7	.config	log	report
ci-upstream-net-this-kasan-gce	2019/06/16 23:05	net	1eb4169c	442206d7	.config	log	report
ci-upstream-net-this-kasan-gce	2019/05/30 02:10	net	58e8b370	d9aaf3c2	.config	log	report
ci-upstream-net-this-kasan-gce	2019/05/28 12:23	net	3e66b7cc	6bd61501	.config	log	report
ci-upstream-net-this-kasan-gce	2019/05/24 21:16	net	ce8d24f9	85c57315	.config	log	report
ci-upstream-net-this-kasan-gce	2019/04/24 12:09	net	1c5c12ee	8e3c52b1	.config	log	report
ci-upstream-net-this-kasan-gce	2019/04/08 14:52	net	5055376a	0dfb0452	.config	log	report
ci-upstream-net-this-kasan-gce	2019/03/17 21:11	net	517ccc2a	ba18afea	.config	log	report
ci-upstream-net-kasan-gce	2019/06/15 20:34	net-next	877cd9ff	442206d7	.config	log	report
ci-upstream-net-kasan-gce	2019/06/15 15:57	net-next	877cd9ff	442206d7	.config	log	report
ci-upstream-net-kasan-gce	2019/05/29 21:55	net-next	36f18439	5457ef34	.config	log	report
ci-upstream-net-kasan-gce	2019/05/29 02:55	net-next	c7ae0925	6bd61501	.config	log	report
ci-upstream-net-kasan-gce	2019/05/26 16:09	net-next	22942498	85c57315	.config	log	report
ci-upstream-net-kasan-gce	2019/05/20 01:35	net-next	35c99ffa	5a4461b0	.config	log	report
ci-upstream-net-kasan-gce	2019/03/27 03:40	net-next	be67101f	55684ce1	.config	log	report
ci-upstream-net-kasan-gce	2019/03/16 11:41	net-next	3b319ee2	bab43553	.config	log	report
ci-upstream-net-kasan-gce	2019/03/09 04:58	net-next	d9862cfb	12365b99	.config	log	report
ci-upstream-net-kasan-gce	2019/03/03 22:57	net-next	41bc0ddb	1c0e457a	.config	log	report
ci-upstream-net-kasan-gce	2019/02/27 11:44	net-next	ff8285f8	083cfd0e	.config	log	report
ci-upstream-net-kasan-gce	2019/01/26 01:31	net-next	30e5c2c6	ebf7a37c	.config	log	report