syzbot

 sign-in | mailing list | source | docs
🐞 Open [1607]
Subsystems
🐞 Fixed [5937]
🐞 Invalid [14468]
Missing Backports [106]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

BUG: unable to handle kernel NULL pointer dereference in neigh_resolve_output

Status: closed as invalid on 2024/11/27 19:42
Subsystems: net
[Documentation on labels]
First crash: 60d, last: 60d

Sample crash report:
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 8000000059f71067 P4D 8000000059f71067 PUD 34ed7067 PMD 0 
Oops: Oops: 0010 [#1] PREEMPT SMP KASAN PTI
CPU: 1 UID: 0 PID: 5882 Comm: kworker/1:4 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: mld mld_ifc_work
RIP: 0010:0x0
Code: Unable to access opcode bytes at 0xffffffffffffffd6.
RSP: 0018:ffffc90004337960 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888061f8c800 RCX: ffffffff8900273f
RDX: 000000000000dd86 RSI: ffff888061f8c9c8 RDI: ffff888061f8c800
RBP: ffff888029209640 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888061f8c9c8
R13: ffff888061f8c828 R14: 000000000000dd86 R15: ffffffff8ca931e0
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 000000004ace0000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 neigh_hh_init net/core/neighbour.c:1538 [inline]
 neigh_resolve_output net/core/neighbour.c:1555 [inline]
 neigh_resolve_output+0x6fd/0x950 net/core/neighbour.c:1545
 neigh_output include/net/neighbour.h:542 [inline]
 ip6_finish_output2+0x6a7/0x1a50 net/ipv6/ip6_output.c:141
 __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]
 ip6_finish_output+0x3f9/0x1300 net/ipv6/ip6_output.c:226
 NF_HOOK_COND include/linux/netfilter.h:303 [inline]
 ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247
 dst_output include/net/dst.h:450 [inline]
 NF_HOOK include/linux/netfilter.h:314 [inline]
 NF_HOOK include/linux/netfilter.h:308 [inline]
 mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819
 mld_send_cr net/ipv6/mcast.c:2120 [inline]
 mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
 process_scheduled_works kernel/workqueue.c:3310 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Modules linked in:
CR2: 0000000000000000
---[ end trace 0000000000000000 ]---
RIP: 0010:0x0
Code: Unable to access opcode bytes at 0xffffffffffffffd6.
RSP: 0018:ffffc90004337960 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888061f8c800 RCX: ffffffff8900273f
RDX: 000000000000dd86 RSI: ffff888061f8c9c8 RDI: ffff888061f8c800
RBP: ffff888029209640 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff888061f8c9c8
R13: ffff888061f8c828 R14: 000000000000dd86 R15: ffffffff8ca931e0
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 000000004ace0000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/27 10:48 upstream 850925a8133c 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: unable to handle kernel NULL pointer dereference in neigh_resolve_output
* Struck through repros no longer work on HEAD.