syzbot |
sign-in | mailing list | source | docs |
Oops: general protection fault, probably for non-canonical address 0xdffffc000000000c: 0000 [#1] SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000060-0x0000000000000067] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G L syzkaller #0 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 RIP: 0010:fib6_nh_get_excptn_bucket net/ipv6/route.c:1673 [inline] RIP: 0010:rt6_find_cached_rt+0xb9/0x270 net/ipv6/route.c:1871 Code: 48 c1 e8 03 48 89 44 24 08 48 8b 44 24 08 80 3c 18 00 74 08 4c 89 f7 e8 c5 26 1c f8 49 8b 2e 48 83 c5 60 48 89 e8 48 c1 e8 03 <80> 3c 18 00 74 08 48 89 ef e8 a9 26 1c f8 4c 8b 6d 00 e8 60 41 4f RSP: 0018:ffffc90000006de0 EFLAGS: 00010206 RAX: 000000000000000c RBX: dffffc0000000000 RCX: 0000000000000100 RDX: ffffffff8dc95340 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000060 R08: ffff88802985d833 R09: 1ffff1100530bb06 R10: dffffc0000000000 R11: ffffed100530bb07 R12: ffffc90000006eb8 R13: 0000000000000000 R14: ffffc90000006eb0 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff888125e1e000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f05aed72a60 CR3: 0000000059e42000 CR4: 00000000003526f0 Call Trace: <IRQ> ip6_pol_route+0x296/0x11a0 net/ipv6/route.c:2287 pol_lookup_func include/net/ip6_fib.h:617 [inline] fib6_rule_lookup+0x348/0x6f0 net/ipv6/fib6_rules.c:125 ip6_route_output_flags_noref net/ipv6/route.c:2695 [inline] ip6_route_output_flags+0x364/0x5d0 net/ipv6/route.c:2707 ip6_route_output include/net/ip6_route.h:93 [inline] ip6_dst_lookup_tail+0x1ae/0x1510 net/ipv6/ip6_output.c:1141 ip6_dst_lookup_flow+0x47/0xe0 net/ipv6/ip6_output.c:1272 udp_tunnel6_dst_lookup+0x234/0x420 net/ipv6/ip6_udp_tunnel.c:165 geneve6_xmit_skb drivers/net/geneve.c:960 [inline] geneve_xmit+0xd1a/0x2b90 drivers/net/geneve.c:1047 __netdev_start_xmit include/linux/netdevice.h:5273 [inline] netdev_start_xmit include/linux/netdevice.h:5282 [inline] xmit_one net/core/dev.c:3866 [inline] dev_hard_start_xmit+0x2cd/0x800 net/core/dev.c:3882 __dev_queue_xmit+0x144f/0x3100 net/core/dev.c:4832 NF_HOOK_COND include/linux/netfilter.h:307 [inline] ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247 NF_HOOK include/linux/netfilter.h:318 [inline] ndisc_send_skb+0xbce/0x1510 net/ipv6/ndisc.c:512 addrconf_rs_timer+0x369/0x6a0 net/ipv6/addrconf.c:4037 call_timer_fn+0x16e/0x590 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2373 [inline] __run_timer_base+0x61a/0x860 kernel/time/timer.c:2385 run_timer_base kernel/time/timer.c:2394 [inline] run_timer_softirq+0xb7/0x180 kernel/time/timer.c:2404 handle_softirqs+0x22b/0x7c0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x60/0x150 kernel/softirq.c:723 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82 Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 21 0e 00 f3 0f 1e fa fb f4 <e9> 08 e3 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffffff8dc07dc0 EFLAGS: 000002c6 RAX: 00000000014854c3 RBX: ffffffff8197149e RCX: 0000000080000001 RDX: 0000000000000001 RSI: ffffffff8d793611 RDI: ffffffff8bc084e0 RBP: ffffffff8dc07eb0 R08: ffff8880b86336db R09: 1ffff110170c66db R10: dffffc0000000000 R11: ffffed10170c66dc R12: ffffffff8f822d70 R13: 1ffffffff1b92a68 R14: 0000000000000000 R15: 0000000000000000 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline] default_idle+0x13/0x20 arch/x86/kernel/process.c:767 default_idle_call+0x73/0xb0 kernel/sched/idle.c:122 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x1be/0x4d0 kernel/sched/idle.c:332 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:430 rest_init+0x2de/0x300 init/main.c:757 start_kernel+0x381/0x3d0 init/main.c:1206 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x147 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:fib6_nh_get_excptn_bucket net/ipv6/route.c:1673 [inline] RIP: 0010:rt6_find_cached_rt+0xb9/0x270 net/ipv6/route.c:1871 Code: 48 c1 e8 03 48 89 44 24 08 48 8b 44 24 08 80 3c 18 00 74 08 4c 89 f7 e8 c5 26 1c f8 49 8b 2e 48 83 c5 60 48 89 e8 48 c1 e8 03 <80> 3c 18 00 74 08 48 89 ef e8 a9 26 1c f8 4c 8b 6d 00 e8 60 41 4f RSP: 0018:ffffc90000006de0 EFLAGS: 00010206 RAX: 000000000000000c RBX: dffffc0000000000 RCX: 0000000000000100 RDX: ffffffff8dc95340 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000060 R08: ffff88802985d833 R09: 1ffff1100530bb06 R10: dffffc0000000000 R11: ffffed100530bb07 R12: ffffc90000006eb8 R13: 0000000000000000 R14: ffffc90000006eb0 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff888125e1e000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f05aed72a60 CR3: 0000000059e42000 CR4: 00000000003526f0 ---------------- Code disassembly (best guess): 0: 48 c1 e8 03 shr $0x3,%rax 4: 48 89 44 24 08 mov %rax,0x8(%rsp) 9: 48 8b 44 24 08 mov 0x8(%rsp),%rax e: 80 3c 18 00 cmpb $0x0,(%rax,%rbx,1) 12: 74 08 je 0x1c 14: 4c 89 f7 mov %r14,%rdi 17: e8 c5 26 1c f8 call 0xf81c26e1 1c: 49 8b 2e mov (%r14),%rbp 1f: 48 83 c5 60 add $0x60,%rbp 23: 48 89 e8 mov %rbp,%rax 26: 48 c1 e8 03 shr $0x3,%rax * 2a: 80 3c 18 00 cmpb $0x0,(%rax,%rbx,1) <-- trapping instruction 2e: 74 08 je 0x38 30: 48 89 ef mov %rbp,%rdi 33: e8 a9 26 1c f8 call 0xf81c26e1 38: 4c 8b 6d 00 mov 0x0(%rbp),%r13 3c: e8 .byte 0xe8 3d: 60 (bad) 3e: 41 rex.B 3f: 4f rex.WRXB
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026/01/18 14:37 | upstream | e84d960149e7 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2026/01/09 15:24 | upstream | 623fb9912f6a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | general protection fault in rt6_find_cached_rt | ||
| 2026/01/09 12:54 | upstream | 623fb9912f6a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | general protection fault in rt6_find_cached_rt | ||
| 2025/12/20 07:14 | upstream | dd9b004b7ff3 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/11/30 17:05 | upstream | 6bda50f4333f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/11/25 08:55 | upstream | ac3fd01e4c1e | 64219f15 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/11/09 17:15 | upstream | 439fc29dfd3b | 4e1406b4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | general protection fault in rt6_find_cached_rt | ||
| 2025/12/12 05:31 | net | 885bebac9909 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/11 20:44 | net | 885bebac9909 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/10 22:23 | net | 5ace7ef87f05 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/04 05:30 | net | 8f7aa3d3c732 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/04 05:29 | net | 8f7aa3d3c732 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/04 05:29 | net | 8f7aa3d3c732 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/04 02:31 | net | 108f9405ce81 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/03 22:24 | net | 108f9405ce81 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/11/25 20:17 | net | 9780f535f8e0 | 64219f15 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-this-kasan-gce | general protection fault in rt6_find_cached_rt | ||
| 2025/12/17 14:39 | net-next | 8f7aa3d3c732 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-net-kasan-gce | general protection fault in rt6_find_cached_rt |