syzbot

 sign-in | mailing list | source | docs
🐞 Open [1161] 🐞 Fixed [4320] 🐞 Invalid [9660] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

general protection fault in ipv6_rcv

Status: auto-closed as invalid on 2019/10/25 08:42
Reported-by: syzbot+6c54e67cc0b0c896aa4b@syzkaller.appspotmail.com
First crash: 1428d, last: 1364d

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.1.0+ #8
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__x86_indirect_thunk_rax+0x10/0x20 arch/x86/lib/retpoline.S:32
Code: ca e9 d4 a7 db ff 48 8d 0c ca e9 59 a3 db ff 90 90 90 90 90 90 90 90 90 90 90 e8 07 00 00 00 f3 90 0f ae e8 eb f9 48 89 04 24 <c3> 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 e8 07 00 00 00 f3
RSP: 0018:ffff8880a98afa20 EFLAGS: 00010246
RAX: 8698d65affffffff RBX: ffff88808f803f24 RCX: ffffffff861c537e
RDX: 1ffff11011f007e9 RSI: ffffffff861c5388 RDI: ffff888089e25b80
RBP: ffff8880a98afa58 R08: ffff8880a989c240 R09: 0000000000000002
R10: ffffed1015d06bdf R11: ffff8880ae835efb R12: ffff888089e25b80
R13: 0000000000000000 R14: ffff888089e25bd8 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbabf980ea0 CR3: 000000006a871000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ipv6_rcv+0x10e/0x420 net/ipv6/ip6_input.c:276
 __netif_receive_skb_one_core+0x12a/0x1f0 net/core/dev.c:4990
 __netif_receive_skb+0x2c/0x1d0 net/core/dev.c:5104
 process_backlog+0x206/0x750 net/core/dev.c:5944
 napi_poll net/core/dev.c:6367 [inline]
 net_rx_action+0x4fa/0x1070 net/core/dev.c:6433
 __do_softirq+0x266/0x95a kernel/softirq.c:293
 run_ksoftirqd kernel/softirq.c:604 [inline]
 run_ksoftirqd+0x8e/0x110 kernel/softirq.c:596
 smpboot_thread_fn+0x6ab/0xa40 kernel/smpboot.c:164
 kthread+0x357/0x430 kernel/kthread.c:253
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Modules linked in:
---[ end trace a01246c8ee3347c6 ]---
RIP: 0010:__x86_indirect_thunk_rax+0x10/0x20 arch/x86/lib/retpoline.S:32
Code: ca e9 d4 a7 db ff 48 8d 0c ca e9 59 a3 db ff 90 90 90 90 90 90 90 90 90 90 90 e8 07 00 00 00 f3 90 0f ae e8 eb f9 48 89 04 24 <c3> 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 e8 07 00 00 00 f3
RSP: 0018:ffff8880a98afa20 EFLAGS: 00010246
RAX: 8698d65affffffff RBX: ffff88808f803f24 RCX: ffffffff861c537e
RDX: 1ffff11011f007e9 RSI: ffffffff861c5388 RDI: ffff888089e25b80
RBP: ffff8880a98afa58 R08: ffff8880a989c240 R09: 0000000000000002
R10: ffffed1015d06bdf R11: ffff8880ae835efb R12: ffff888089e25b80
R13: 0000000000000000 R14: ffff888089e25bd8 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbabf980ea0 CR3: 000000006a871000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-net-this-kasan-gce 2019/05/11 23:29 net 8f779443b440 0637a7f0 .config console log report
ci-upstream-net-kasan-gce 2019/03/24 09:04 net-next e6d1407013a9 acbc5b7d .config console log report
ci-upstream-net-kasan-gce 2019/03/15 20:41 net-next 3b319ee220a8 bab43553 .config console log report
ci-upstream-net-kasan-gce 2019/03/08 21:27 net-next d9862cfbe209 12365b99 .config console log report
* Struck through repros no longer work on HEAD.