general protection fault in ipv6

general protection fault in ipv6_rcv
Status: auto-closed as invalid on 2019/10/25 08:42
Reported-by: syzbot+6c54e67cc0b0c896aa4b@syzkaller.appspotmail.com
First crash: 481d, last: 417d

Sample crash report:

kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.1.0+ #8
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__x86_indirect_thunk_rax+0x10/0x20 arch/x86/lib/retpoline.S:32
Code: ca e9 d4 a7 db ff 48 8d 0c ca e9 59 a3 db ff 90 90 90 90 90 90 90 90 90 90 90 e8 07 00 00 00 f3 90 0f ae e8 eb f9 48 89 04 24 <c3> 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 e8 07 00 00 00 f3
RSP: 0018:ffff8880a98afa20 EFLAGS: 00010246
RAX: 8698d65affffffff RBX: ffff88808f803f24 RCX: ffffffff861c537e
RDX: 1ffff11011f007e9 RSI: ffffffff861c5388 RDI: ffff888089e25b80
RBP: ffff8880a98afa58 R08: ffff8880a989c240 R09: 0000000000000002
R10: ffffed1015d06bdf R11: ffff8880ae835efb R12: ffff888089e25b80
R13: 0000000000000000 R14: ffff888089e25bd8 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbabf980ea0 CR3: 000000006a871000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ipv6_rcv+0x10e/0x420 net/ipv6/ip6_input.c:276
 __netif_receive_skb_one_core+0x12a/0x1f0 net/core/dev.c:4990
 __netif_receive_skb+0x2c/0x1d0 net/core/dev.c:5104
 process_backlog+0x206/0x750 net/core/dev.c:5944
 napi_poll net/core/dev.c:6367 [inline]
 net_rx_action+0x4fa/0x1070 net/core/dev.c:6433
 __do_softirq+0x266/0x95a kernel/softirq.c:293
 run_ksoftirqd kernel/softirq.c:604 [inline]
 run_ksoftirqd+0x8e/0x110 kernel/softirq.c:596
 smpboot_thread_fn+0x6ab/0xa40 kernel/smpboot.c:164
 kthread+0x357/0x430 kernel/kthread.c:253
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Modules linked in:
---[ end trace a01246c8ee3347c6 ]---
RIP: 0010:__x86_indirect_thunk_rax+0x10/0x20 arch/x86/lib/retpoline.S:32
Code: ca e9 d4 a7 db ff 48 8d 0c ca e9 59 a3 db ff 90 90 90 90 90 90 90 90 90 90 90 e8 07 00 00 00 f3 90 0f ae e8 eb f9 48 89 04 24 <c3> 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 e8 07 00 00 00 f3
RSP: 0018:ffff8880a98afa20 EFLAGS: 00010246
RAX: 8698d65affffffff RBX: ffff88808f803f24 RCX: ffffffff861c537e
RDX: 1ffff11011f007e9 RSI: ffffffff861c5388 RDI: ffff888089e25b80
RBP: ffff8880a98afa58 R08: ffff8880a989c240 R09: 0000000000000002
R10: ffffed1015d06bdf R11: ffff8880ae835efb R12: ffff888089e25b80
R13: 0000000000000000 R14: ffff888089e25bd8 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbabf980ea0 CR3: 000000006a871000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (4):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Maintainers
ci-upstream-net-this-kasan-gce	2019/05/11 23:29	net	8f779443	0637a7f0	.config	log	report	davem@davemloft.net, kuznet@ms2.inr.ac.ru, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, yoshfuji@linux-ipv6.org
ci-upstream-net-kasan-gce	2019/03/24 09:04	net-next	e6d14070	acbc5b7d	.config	log	report	davem@davemloft.net, kuznet@ms2.inr.ac.ru, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, yoshfuji@linux-ipv6.org
ci-upstream-net-kasan-gce	2019/03/15 20:41	net-next	3b319ee2	bab43553	.config	log	report	davem@davemloft.net, kuznet@ms2.inr.ac.ru, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, yoshfuji@linux-ipv6.org
ci-upstream-net-kasan-gce	2019/03/08 21:27	net-next	d9862cfb	12365b99	.config	log	report	davem@davemloft.net, kuznet@ms2.inr.ac.ru, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, yoshfuji@linux-ipv6.org