ci starts bisection 2023-08-14 01:59:39.433055068 +0000 UTC m=+213758.072576378 bisecting cause commit starting from 21ef7b1e17d039053edaeaf41142423810572741 building syzkaller on 39990d513277ce9372a4cc89bdac23d9fc30b056 ensuring issue is reproducible on original commit 21ef7b1e17d039053edaeaf41142423810572741 testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a275432c27b84542de88214614834e6b55a002dcc53740ebff324187d036047f all runs: crashed: general protection fault in skb_segment representative crash: general protection fault in skb_segment, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d84ae7e3eeec3dc3d464bc00dad92056294c35e771010761dcd10d99770397b2 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed kconfig minimization: base=3883 full=7676 leaves diff=2013 split chunks (needed=false): <2013> split chunk #0 of len 2013 into 5 parts testing without sub-chunk 1/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 368efa019158867e5cd4f6102149ceb8b1aef05cd0c39435a76483bc0004972b all runs: OK false negative chance: 0.000 testing without sub-chunk 2/5 disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: fc5cf62a51826d21cdb11d70e54e76c194890f69aeea65dfbda36f117c8e8082 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 481aa979ffe4be5fbe4211227bf446f91270c5bc794ff1f67d7eb3dcb4346be3 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9bb5e4fd27e009e36a8ed543f511a0e1e81633b4f249f4c61f12b230cebb5fc6 all runs: OK false negative chance: 0.000 testing without sub-chunk 5/5 disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 21ef7b1e17d039053edaeaf41142423810572741 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4a847bb454658772365240d59413fd051613685f4c250c98b4186373a76a7ae0 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] the chunk can be dropped minimized to 806 configs; suspects: [6LOWPAN 6LOWPAN_GHC_EXT_HDR_DEST 6LOWPAN_GHC_EXT_HDR_FRAG 6LOWPAN_GHC_EXT_HDR_HOP 6LOWPAN_GHC_EXT_HDR_ROUTE 6LOWPAN_GHC_ICMPV6 6LOWPAN_GHC_UDP 6LOWPAN_NHC 6LOWPAN_NHC_DEST 6LOWPAN_NHC_FRAGMENT 6LOWPAN_NHC_HOP 6LOWPAN_NHC_IPV6 6LOWPAN_NHC_MOBILITY 6LOWPAN_NHC_ROUTING 6LOWPAN_NHC_UDP 6PACK 842_COMPRESS 842_DECOMPRESS 9P_FSCACHE 9P_FS_POSIX_ACL 9P_FS_SECURITY ACORN_PARTITION ACORN_PARTITION_ADFS ACORN_PARTITION_CUMANA ACORN_PARTITION_EESOX ACORN_PARTITION_ICS ACORN_PARTITION_POWERTEC ACORN_PARTITION_RISCIX ACPI_NFIT ACPI_PLATFORM_PROFILE ADDRESS_MASKING ADFS_FS AFFS_FS AFS_FS AFS_FSCACHE AF_KCM AF_RXRPC AF_RXRPC_IPV6 AIX_PARTITION AMIGA_PARTITION ANDROID_BINDERFS ANDROID_BINDER_IPC ANON_VMA_NAME APERTURE_HELPERS AR5523 ARCH_ENABLE_MEMORY_HOTREMOVE ARCH_ENABLE_THP_MIGRATION ARCH_SUPPORTS_CRASH_DUMP ARCH_SUPPORTS_KEXEC ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG ARCH_SUPPORTS_KEXEC_FILE ARCH_SUPPORTS_KEXEC_JUMP ARCH_SUPPORTS_KEXEC_SIG ARCH_SUPPORTS_KEXEC_SIG_FORCE ARCH_WANT_OPTIMIZE_DAX_VMEMMAP ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP ASM_MODVERSIONS ASYNC_CORE ASYNC_MEMCPY ASYNC_PQ ASYNC_RAID6_RECOV ASYNC_TX_DMA ASYNC_XOR ATARI_PARTITION ATA_GENERIC ATA_OVER_ETH ATH10K ATH10K_CE ATH10K_PCI ATH10K_USB ATH11K ATH6KL ATH6KL_USB ATH9K ATH9K_AHB ATH9K_BTCOEX_SUPPORT ATH9K_CHANNEL_CONTEXT ATH9K_COMMON ATH9K_COMMON_DEBUG ATH9K_DEBUGFS ATH9K_DYNACK ATH9K_HTC ATH9K_HTC_DEBUGFS ATH9K_HW ATH9K_PCI ATH9K_PCOEM ATH9K_RFKILL ATH_COMMON ATM ATM_BR2684 ATM_CLIP ATM_DRIVERS ATM_LANE ATM_MPOA ATM_TCP AUXILIARY_BUS AX25 AX25_DAMA_SLAVE AX88796B_PHY BAREUDP BATMAN_ADV BATMAN_ADV_BATMAN_V BATMAN_ADV_BLA BATMAN_ADV_DAT BATMAN_ADV_MCAST BATMAN_ADV_NC BCACHE BCMA BCMA_HOST_PCI_POSSIBLE BEFS_FS BFQ_CGROUP_DEBUG BFQ_GROUP_IOSCHED BFS_FS BIG_KEYS BLK_CGROUP_PUNT_BIO BLK_CGROUP_RWSTAT BLK_DEBUG_FS_ZONED BLK_DEV_BSGLIB BLK_DEV_FD BLK_DEV_INTEGRITY BLK_DEV_INTEGRITY_T10 BLK_DEV_NBD BLK_DEV_NULL_BLK BLK_DEV_NULL_BLK_FAULT_INJECTION BLK_DEV_NVME BLK_DEV_PMEM BLK_DEV_RAM BLK_DEV_RNBD BLK_DEV_RNBD_CLIENT BLK_DEV_THROTTLING BLK_ICQ BLK_INLINE_ENCRYPTION BLK_INLINE_ENCRYPTION_FALLBACK BLK_WBT BLK_WBT_MQ BONDING BOOT_VESA_SUPPORT BPF_EVENTS BPF_JIT BPF_JIT_ALWAYS_ON BPF_JIT_DEFAULT_ON BPF_LSM BPF_PRELOAD BPF_PRELOAD_UMD BPF_STREAM_PARSER BPF_SYSCALL BPQETHER BRIDGE BRIDGE_CFM BRIDGE_EBT_802_3 BRIDGE_EBT_AMONG BRIDGE_EBT_ARP BRIDGE_EBT_ARPREPLY BRIDGE_EBT_BROUTE BRIDGE_EBT_DNAT BRIDGE_EBT_IP BRIDGE_EBT_IP6 BRIDGE_EBT_LIMIT BRIDGE_EBT_LOG BRIDGE_EBT_MARK BRIDGE_EBT_MARK_T BRIDGE_EBT_NFLOG BRIDGE_EBT_PKTTYPE BRIDGE_EBT_REDIRECT BRIDGE_EBT_SNAT BRIDGE_EBT_STP BRIDGE_EBT_T_FILTER BRIDGE_EBT_T_NAT BRIDGE_EBT_VLAN BRIDGE_IGMP_SNOOPING BRIDGE_MRP BRIDGE_NF_EBTABLES BRIDGE_VLAN_FILTERING BSD_DISKLABEL BSD_PROCESS_ACCT_V3 BT BTRFS_ASSERT BTRFS_FS BTRFS_FS_POSIX_ACL BTRFS_FS_REF_VERIFY BTT BT_6LOWPAN BT_ATH3K BT_BCM BT_BNEP BT_BNEP_MC_FILTER BT_BNEP_PROTO_FILTER BT_BREDR BT_CMTP BT_HCIBCM203X BT_HCIBFUSB BT_HCIBPA10X BT_HCIBTUSB BT_HCIBTUSB_BCM BT_HCIBTUSB_MTK BT_HCIBTUSB_POLL_SYNC BT_HCIBTUSB_RTL BT_HCIUART BT_HCIUART_3WIRE BT_HCIUART_AG6XX BT_HCIUART_BCSP BT_HCIUART_H4 BT_HCIUART_LL BT_HCIUART_MRVL BT_HCIUART_QCA BT_HCIUART_SERDEV BT_HCIVHCI BT_HIDP BT_HS BT_INTEL BT_LE BT_LEDS BT_LE_L2CAP_ECRED BT_MSFTEXT BT_MTK BT_QCA BT_RFCOMM BT_RFCOMM_TTY BT_RTL BUFFER_HEAD CACHEFILES CAIF CAIF_DEBUG CAIF_DRIVERS CAIF_NETDEV CAIF_TTY CAIF_USB CAIF_VIRTIO CAN CAN_8DEV_USB CAN_BCM CAN_CALC_BITTIMING CAN_DEV CAN_EMS_USB CAN_GS_USB CAN_GW CAN_IFI_CANFD CAN_ISOTP CAN_J1939 CAN_KVASER_USB CAN_MCBA_USB CAN_NETLINK CAN_PEAK_USB CAN_RAW CAN_RX_OFFLOAD CAN_SLCAN CAN_VCAN CAN_VXCAN CAPI_TRACE CARL9170 CARL9170_HWRNG CARL9170_LEDS CARL9170_WPC CEC_CORE CEPH_FS CEPH_FSCACHE CEPH_FS_POSIX_ACL CEPH_LIB CEPH_LIB_USE_DNS_RESOLVER CFG80211 CFG80211_CRDA_SUPPORT CFG80211_DEBUGFS CFG80211_DEFAULT_PS CFG80211_REQUIRE_SIGNED_REGDB CFG80211_USE_KERNEL_REGDB_KEYS CFG80211_WEXT CFS_BANDWIDTH CGROUP_BPF CHARGER_BQ24190 CHARGER_ISP1704 CHR_DEV_ST CIFS CIFS_ALLOW_INSECURE_LEGACY CIFS_DEBUG CIFS_DFS_UPCALL CIFS_FSCACHE CIFS_POSIX CIFS_SMB_DIRECT CIFS_SWN_UPCALL CIFS_UPCALL CIFS_XATTR CLS_U32_MARK CLS_U32_PERF CMA CMA_SIZE_SEL_MBYTES CMDLINE_PARTITION COMEDI COMEDI_DT9812 COMEDI_NI_USB6501 COMEDI_USBDUX COMEDI_USBDUXFAST COMEDI_USBDUXSIGMA COMEDI_USB_DRIVERS COMEDI_VMK80XX COMPAT_NETLINK_MESSAGES COUNTER CRAMFS CRAMFS_BLOCKDEV CRAMFS_MTD CRC4 CRC64 CRC64_ROCKSOFT CRC7 CRC8 CRC_ITU_T CRC_T10DIF CRYPTO_ADIANTUM CRYPTO_AEGIS128 CRYPTO_AEGIS128_AESNI_SSE2 CRYPTO_AES_NI_INTEL CRYPTO_AES_TI CRYPTO_ANSI_CPRNG CRYPTO_ANUBIS CRYPTO_ARC4 CRYPTO_ARCH_HAVE_LIB_BLAKE2S CRYPTO_ARCH_HAVE_LIB_CHACHA CRYPTO_ARCH_HAVE_LIB_CURVE25519 CRYPTO_ARCH_HAVE_LIB_POLY1305 CRYPTO_ARIA CRYPTO_ARIA_AESNI_AVX_X86_64 CRYPTO_BLAKE2B CRYPTO_BLAKE2S_X86 CRYPTO_BLOWFISH CRYPTO_BLOWFISH_COMMON CRYPTO_BLOWFISH_X86_64 CRYPTO_CAMELLIA CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 CRYPTO_CAMELLIA_AESNI_AVX_X86_64 CRYPTO_CAMELLIA_X86_64 CRYPTO_CAST5 CRYPTO_CAST5_AVX_X86_64 CRYPTO_CAST6 CRYPTO_CAST6_AVX_X86_64 CRYPTO_CAST_COMMON CRYPTO_CFB CRYPTO_CHACHA20 CRYPTO_CHACHA20POLY1305 CRYPTO_CHACHA20_X86_64 CRYPTO_CRC32 CRYPTO_CRC32C_INTEL CRYPTO_CRC32_PCLMUL CRYPTO_CRC64_ROCKSOFT CRYPTO_CRCT10DIF CRYPTO_CRCT10DIF_PCLMUL CRYPTO_CRYPTD CRYPTO_CTS CRYPTO_CURVE25519 CRYPTO_CURVE25519_X86 CRYPTO_DEFLATE CRYPTO_DES CRYPTO_DES3_EDE_X86_64 CRYPTO_DEV_CCP CRYPTO_DEV_CCP_DD CRYPTO_DEV_PADLOCK CRYPTO_DEV_PADLOCK_AES CRYPTO_DEV_PADLOCK_SHA CRYPTO_DEV_QAT CRYPTO_DEV_QAT_C3XXX CRYPTO_DEV_QAT_C3XXXVF CRYPTO_DEV_QAT_C62X CRYPTO_DEV_QAT_C62XVF CRYPTO_DEV_QAT_DH895xCC CRYPTO_DEV_QAT_DH895xCCVF CRYPTO_DEV_VIRTIO CRYPTO_DH CRYPTO_DRBG_CTR CRYPTO_DRBG_HASH CRYPTO_ECB CRYPTO_ECC CRYPTO_ECDH CRYPTO_ECRDSA CRYPTO_ENGINE CRYPTO_ESSIV CRYPTO_FCRYPT CRYPTO_GHASH_CLMUL_NI_INTEL CRYPTO_HCTR2 CRYPTO_KDF800108_CTR CRYPTO_KEYWRAP CRYPTO_KHAZAD CRYPTO_KPP CRYPTO_LIB_ARC4 CRYPTO_LIB_CHACHA CRYPTO_LIB_CHACHA20POLY1305 CRYPTO_LIB_CHACHA_GENERIC CRYPTO_LIB_CURVE25519 CRYPTO_LIB_CURVE25519_GENERIC CRYPTO_LIB_DES CRYPTO_LIB_POLY1305 CRYPTO_LIB_POLY1305_GENERIC CRYPTO_LRW CRYPTO_MICHAEL_MIC CRYPTO_NHPOLY1305 CRYPTO_NHPOLY1305_AVX2 CRYPTO_NHPOLY1305_SSE2 CRYPTO_OFB CRYPTO_PCBC CRYPTO_PCRYPT CRYPTO_POLY1305 CRYPTO_POLY1305_X86_64 CRYPTO_POLYVAL CRYPTO_POLYVAL_CLMUL_NI CRYPTO_RMD160 CRYPTO_SEED CRYPTO_SERPENT CRYPTO_SERPENT_AVX2_X86_64 CRYPTO_SERPENT_AVX_X86_64 CRYPTO_SERPENT_SSE2_X86_64 CRYPTO_SHA1_SSSE3 CRYPTO_SHA256_SSSE3 CRYPTO_SHA512_SSSE3 CRYPTO_SIMD CRYPTO_SM2 CRYPTO_SM3 CRYPTO_SM3_AVX_X86_64 CRYPTO_SM4 CRYPTO_SM4_AESNI_AVX2_X86_64 CRYPTO_SM4_AESNI_AVX_X86_64 CRYPTO_SM4_GENERIC CRYPTO_STREEBOG CRYPTO_TEA CRYPTO_TWOFISH CRYPTO_TWOFISH_AVX_X86_64 CRYPTO_TWOFISH_COMMON CRYPTO_TWOFISH_X86_64 CRYPTO_TWOFISH_X86_64_3WAY CRYPTO_USER CRYPTO_USER_API CRYPTO_USER_API_AEAD CRYPTO_USER_API_ENABLE_OBSOLETE CRYPTO_USER_API_HASH CRYPTO_USER_API_RNG CRYPTO_USER_API_SKCIPHER CRYPTO_VMAC CRYPTO_WP512 CRYPTO_XCBC CRYPTO_XCTR CRYPTO_XTS CRYPTO_XXHASH CUSE CYPRESS_FIRMWARE DAMON DAMON_DBGFS DAMON_PADDR DAMON_RECLAIM DAMON_VADDR DAX DCA DCB DEFAULT_PFIFO_FAST DEVICE_MIGRATION DEVICE_PRIVATE DEV_COREDUMP DEV_DAX DIMLIB DLM DLN2_ADC DMABUF_HEAPS DMABUF_HEAPS_CMA DMABUF_HEAPS_SYSTEM DMABUF_MOVE_NOTIFY DMA_CMA DMA_ENGINE_RAID DMA_NUMA_CMA DM_AUDIT DM_BIO_PRISON DM_BUFIO DM_CACHE DM_CACHE_SMQ DM_CLONE DM_CRYPT DM_FLAKEY DM_INTEGRITY DM_MULTIPATH DM_MULTIPATH_QL DM_MULTIPATH_ST DM_PERSISTENT_DATA DM_RAID DM_SNAPSHOT DM_THIN_PROVISIONING DVB_CORE ENCRYPTED_KEYS EXTCON FSCACHE FUSE_FS GENEVE GPIOLIB HAMRADIO HAVE_CLK HID_SENSOR_HUB HID_SMARTJOYPLUS HID_THRUSTMASTER IIO INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_IPOIB INFINIBAND_RTRS_CLIENT INFINIBAND_USER_ACCESS INFINIBAND_VIRT_DMA INPUT_TABLET INPUT_TOUCHSCREEN IOSCHED_BFQ IP_SCTP ISDN ISDN_CAPI L2TP LIBNVDIMM MAC80211 MAC80211_LEDS MEDIA_COMMON_OPTIONS MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_DLN2 MFD_RETU MMC MTD MTD_UBI NETFILTER_ADVANCED NETFILTER_CONNCOUNT NET_CLS_U32 NET_IPGRE NET_IPGRE_DEMUX NET_SCH_DEFAULT NFS_V4_1 NF_CONNTRACK_SNMP NF_NAT_OVS NF_NAT_PPTP NF_NAT_REDIRECT NF_NAT_SNMP_BASIC NF_NAT_TFTP NF_SOCKET_IPV4 NF_SOCKET_IPV6 NF_TABLES NF_TABLES_ARP NF_TPROXY_IPV4 NF_TPROXY_IPV6 NILFS2_FS NLMON NLS_CODEPAGE_1250 NLS_CODEPAGE_1251 NLS_CODEPAGE_737 NLS_CODEPAGE_775 NLS_CODEPAGE_850 NLS_CODEPAGE_852 NLS_CODEPAGE_855 NLS_CODEPAGE_857 NLS_CODEPAGE_860 NLS_CODEPAGE_861 NLS_CODEPAGE_862 NLS_CODEPAGE_863 NLS_CODEPAGE_864 NLS_CODEPAGE_865 NLS_CODEPAGE_866 NLS_CODEPAGE_869 NLS_CODEPAGE_874 NLS_CODEPAGE_932 NLS_CODEPAGE_936 NLS_CODEPAGE_949 NLS_CODEPAGE_950 NLS_ISO8859_13 NLS_ISO8859_14 NLS_ISO8859_15 NLS_ISO8859_2 NLS_ISO8859_3 NLS_ISO8859_4 NLS_ISO8859_5 NLS_ISO8859_6 NLS_ISO8859_7 NLS_ISO8859_8 NLS_ISO8859_9 NLS_KOI8_R NLS_KOI8_U NLS_MAC_CELTIC NLS_MAC_CENTEURO NLS_MAC_CROATIAN NLS_MAC_CYRILLIC NLS_MAC_GAELIC NLS_MAC_GREEK NLS_MAC_ICELAND NLS_MAC_INUIT NLS_MAC_ROMAN NLS_MAC_ROMANIAN NLS_MAC_TURKISH NOP_USB_XCEIV NOZOMI NTFS3_FS NTFS3_FS_POSIX_ACL NTFS3_LZX_XPRESS NTFS_FS NTFS_RW NULL_TTY NUMA_BALANCING NUMA_BALANCING_DEFAULT_ENABLED NUMA_EMU NUMA_KEEP_MEMINFO NVDIMM_DAX NVDIMM_KEYS NVDIMM_PFN NVME_CORE NVME_FABRICS NVME_FC NVME_MULTIPATH NVME_RDMA NVME_TARGET NVME_TARGET_FC NVME_TARGET_FCLOOP NVME_TARGET_LOOP NVME_TARGET_RDMA NVME_TARGET_TCP NVME_TCP N_GSM N_HDLC OCFS2_DEBUG_FS OCFS2_FS OCFS2_FS_O2CB OCFS2_FS_STATS OCFS2_FS_USERSPACE_CLUSTER OF_GPIO OF_PMEM OMFS_FS OPENVSWITCH OPENVSWITCH_GENEVE OPENVSWITCH_GRE OPENVSWITCH_VXLAN ORANGEFS_FS OSF_PARTITION OVERLAY_FS OVERLAY_FS_INDEX OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW OVERLAY_FS_REDIRECT_DIR PACKET_DIAG PADATA PAGE_IDLE_FLAG PAGE_POOL PAGE_REPORTING PAHOLE_HAS_LANG_EXCLUDE PAHOLE_HAS_SPLIT_BTF PARPORT PARPORT_NOT_PC PARTITION_ADVANCED PCCARD PCCARD_NONSTATIC PCIEAER PCI_ENDPOINT PCI_IOV PCMCIA PCMCIA_LOAD_CIS PERCPU_STATS PERSISTENT_KEYRINGS PHONET PHYLINK PHY_CPCAP_USB PHY_QCOM_USB_HS PHY_QCOM_USB_HSIC PHY_SAMSUNG_USB2 PHY_TUSB1210 PKCS7_TEST_KEY PKCS8_PRIVATE_KEY_PARSER PM_CLK PNFS_BLOCK PNFS_FILE_LAYOUT PNFS_FLEXFILE_LAYOUT PPP PPPOATM PPPOE PPPOE_HASH_BITS_4 PPPOL2TP PPP_ASYNC PPP_BSDCOMP PPP_DEFLATE PPP_FILTER PPP_MPPE PPP_MULTILINK PPP_SYNC_TTY PPTP PREEMPT PREEMPT_NOTIFIERS PRISM2_USB PROC_CHILDREN PSI PSTORE PSTORE_COMPRESS QCOM_QMI_HELPERS QNX4FS_FS QNX6FS_FS QRTR QRTR_TUN R8712U RADIO_ADAPTERS RADIO_SHARK RADIO_SHARK2 RADIO_TEA575X RAID6_PQ RAID_ATTRS RC_ATI_REMOTE RC_CORE RC_DEVICES RDMA_RXE RDMA_SIW RDS RDS_RDMA RDS_TCP READ_ONLY_THP_FOR_FS REALTEK_AUTOPM REED_SOLOMON REED_SOLOMON_DEC8 REGMAP REGMAP_I2C REGMAP_IRQ REGMAP_MMIO REGULATOR REGULATOR_TWL4030 REISERFS_FS REISERFS_FS_POSIX_ACL REISERFS_FS_SECURITY REISERFS_FS_XATTR REISERFS_PROC_INFO RESET_CONTROLLER RFKILL RFKILL_INPUT RFKILL_LEDS RMI4_2D_SENSOR RMI4_CORE RMI4_F03 RMI4_F03_SERIO RMI4_F11 RMI4_F12 RMI4_F30 ROMFS_BACKED_BY_BOTH ROMFS_FS ROMFS_ON_BLOCK ROMFS_ON_MTD ROSE RTC_DRV_HID_SENSOR_TIME RXKAD SCHED_CORE SCSI_FC_ATTRS SCSI_HPSA SCSI_ISCSI_ATTRS SCSI_LOGGING SCSI_NETLINK SCSI_SAS_ATA SCSI_SAS_ATTRS SCSI_SAS_LIBSAS SCSI_SCAN_ASYNC SCSI_SRP_ATTRS SCTP_COOKIE_HMAC_MD5 SCTP_COOKIE_HMAC_SHA1 SCTP_DEFAULT_COOKIE_HMAC_MD5 SECONDARY_TRUSTED_KEYRING SECURITY_INFINIBAND SECURITY_NETWORK_XFRM SERIAL_DEV_BUS SERIAL_DEV_CTRL_TTYPORT SERIAL_MCTRL_GPIO SGI_PARTITION SIGNATURE SIGNED_PE_FILE_VERIFICATION SLHC SLIP SLIP_COMPRESSED SLIP_MODE_SLIP6 SLIP_SMART SMARTJOYPLUS_FF SMBFS SMC SMC_DIAG SMSC_PHY SMS_SIANO_MDTV SMS_SIANO_RC SMS_USB_DRV SND SND_ALOOP SND_BCD2000 SND_CTL_FAST_LOOKUP SND_CTL_LED SND_DEBUG SND_DMA_SGBUF SND_DRIVERS SND_DUMMY SND_DYNAMIC_MINORS SND_HDA SND_HDA_CODEC_ANALOG SND_HDA_CODEC_CA0110 SND_HDA_CODEC_CA0132 SND_HDA_CODEC_CIRRUS SND_HDA_CODEC_CMEDIA SND_HDA_CODEC_CONEXANT SND_HDA_CODEC_HDMI SND_HDA_CODEC_REALTEK SND_HDA_CODEC_SI3054 SND_HDA_CODEC_SIGMATEL SND_HDA_CODEC_VIA SND_HDA_COMPONENT SND_HDA_CORE SND_HDA_GENERIC SND_HDA_GENERIC_LEDS SND_HDA_HWDEP SND_HDA_I915 SND_HDA_INPUT_BEEP SND_HDA_INTEL SND_HDA_PATCH_LOADER SND_HDA_RECONFIG SND_HRTIMER SND_HWDEP SND_INTEL_DSP_CONFIG SND_INTEL_NHLT SND_INTEL_SOUNDWIRE_ACPI SND_JACK SND_JACK_INPUT_DEV SND_MIXER_OSS SND_OSSEMUL SND_PCI SND_PCM SND_PCMCIA SND_PCM_OSS SND_PCM_OSS_PLUGINS SND_PCM_TIMER SND_PCM_XRUN_DEBUG SND_PROC_FS SND_RAWMIDI SND_SEQUENCER SND_SEQUENCER_OSS SND_SEQ_DEVICE SND_SEQ_DUMMY SND_SEQ_HRTIMER_DEFAULT SND_SEQ_MIDI SND_SEQ_MIDI_EVENT SND_SEQ_VIRMIDI SND_SUPPORT_OLD_API SND_TIMER SND_USB SND_USB_6FIRE SND_USB_AUDIO SND_USB_AUDIO_USE_MEDIA_CONTROLLER SND_USB_CAIAQ SND_USB_CAIAQ_INPUT SND_USB_HIFACE SND_USB_LINE6 SND_USB_POD SND_USB_PODHD SND_USB_TONEPORT SND_USB_UA101 SND_USB_US122L SND_USB_USX2Y SND_USB_VARIAX SND_VERBOSE_PROCFS SND_VIRMIDI SND_VIRTIO SND_VMASTER SND_X86 SOCK_VALIDATE_XMIT SOLARIS_X86_PARTITION SONY_FF SOUND SOUND_OSS_CORE SOUND_OSS_CORE_PRECLAIM SPI SPI_DLN2 SPI_DYNAMIC SPI_MASTER SQUASHFS SQUASHFS_4K_DEVBLK_SIZE SQUASHFS_COMPILE_DECOMP_SINGLE SQUASHFS_DECOMP_SINGLE SQUASHFS_FILE_DIRECT SQUASHFS_LZ4 SQUASHFS_LZO SQUASHFS_XATTR SQUASHFS_XZ SQUASHFS_ZLIB SQUASHFS_ZSTD SSB SSB_PCIHOST_POSSIBLE SSB_PCMCIAHOST_POSSIBLE SSB_SDIOHOST_POSSIBLE STAGING STP STREAM_PARSER SUNRPC_BACKCHANNEL SUN_PARTITION SW_SYNC SYSFB SYSV68_PARTITION SYSV_FS TABLET_USB_ACECAD TABLET_USB_AIPTEK TABLET_USB_HANWANG TABLET_USB_KBTAB TABLET_USB_PEGASUS TAHVO_USB TAHVO_USB_HOST_BY_DEFAULT TASKS_TRACE_RCU TCG_CRB TCG_TIS TCG_TIS_CORE TCG_TPM TCP_CONG_BBR TCP_CONG_BIC TCP_CONG_CDG TCP_CONG_DCTCP TCP_CONG_HSTCP TCP_CONG_HTCP TCP_CONG_HYBLA TCP_CONG_ILLINOIS TCP_CONG_LP TCP_CONG_NV TCP_CONG_SCALABLE TCP_CONG_VEGAS TCP_CONG_VENO TCP_CONG_WESTWOOD TCP_CONG_YEAH TEXTSEARCH TEXTSEARCH_BM TEXTSEARCH_FSM TEXTSEARCH_KMP THERMAL_NETLINK THP_SWAP THRUSTMASTER_FF TIPC TIPC_CRYPTO TIPC_DIAG TIPC_MEDIA_IB TIPC_MEDIA_UDP TLS TLS_DEVICE TLS_TOE TOUCHSCREEN_SUR40 TOUCHSCREEN_USB_3M TOUCHSCREEN_USB_COMPOSITE TOUCHSCREEN_USB_DMC_TSC10 TOUCHSCREEN_USB_E2I TOUCHSCREEN_USB_EASYTOUCH TOUCHSCREEN_USB_EGALAX TOUCHSCREEN_USB_ELO TOUCHSCREEN_USB_ETT_TC45USB TOUCHSCREEN_USB_ETURBO TOUCHSCREEN_USB_GENERAL_TOUCH TOUCHSCREEN_USB_GOTOP TOUCHSCREEN_USB_GUNZE TOUCHSCREEN_USB_IDEALTEK TOUCHSCREEN_USB_IRTOUCH TOUCHSCREEN_USB_ITM TOUCHSCREEN_USB_JASTEC TOUCHSCREEN_USB_NEXIO TOUCHSCREEN_USB_PANJIT TOUCHSCREEN_USB_ZYTRONIC TRANSPARENT_HUGEPAGE TRANSPARENT_HUGEPAGE_MADVISE TRUSTED_KEYS TTPCI_EEPROM TTY_PRINTK TUN_VNET_CROSS_LE TWL4030_CORE TYPEC TYPEC_FUSB302 TYPEC_TCPCI TYPEC_TCPM TYPEC_TPS6598X TYPEC_UCSI UBIFS_ATIME_SUPPORT UBIFS_FS UBIFS_FS_ADVANCED_COMPR UBIFS_FS_LZO UBIFS_FS_SECURITY UBIFS_FS_XATTR UBIFS_FS_ZLIB UBIFS_FS_ZSTD UCSI_ACPI UDF_FS UDMABUF UFS_FS UFS_FS_WRITE UHID ULTRIX_PARTITION UNICODE UNIXWARE_DISKLABEL UNIX_DIAG USB4 USB4_NET USBIP_CORE USBIP_HOST USBIP_VHCI_HCD USBIP_VUDC USBPCWATCHDOG USB_ACM USB_ADUTUX USB_AIRSPY USB_ALI_M5632 USB_AN2720 USB_APPLEDISPLAY USB_ARMLINUX USB_BDC_UDC USB_BELKIN USB_C67X00_HCD USB_CATC USB_CDC_PHONET USB_CHAOSKEY USB_CHIPIDEA USB_CHIPIDEA_HOST USB_CHIPIDEA_PCI USB_CHIPIDEA_UDC USB_CONFIGFS USB_CONFIGFS_ACM USB_CONFIGFS_ECM USB_CONFIGFS_ECM_SUBSET USB_CONFIGFS_EEM USB_DWC2 USB_GADGET USB_MUSB_HDRC USB_NET_CDC_SUBSET USB_PHY USB_ROLE_SWITCH USB_STORAGE_REALTEK USB_ULPI_BUS USB_USBNET VIDEO_DEV VLAN_8021Q VXLAN WANT_COMPAT_NETLINK_MESSAGES WEXT_CORE WIRELESS WIRELESS_EXT WLAN WLAN_VENDOR_ATH X86_X32_ABI ZONE_DEVICE] disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing release v6.4 testing commit 6995e2de6891c724bfeb2db33d7b87775f913ad1 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4a51c9a01d8469793119df3d61e57d84711f100da4555138b8d96c6d394c7ba6 all runs: OK false negative chance: 0.000 # git bisect start 21ef7b1e17d039053edaeaf41142423810572741 6995e2de6891c724bfeb2db33d7b87775f913ad1 Bisecting: 11096 revisions left to test after this (roughly 14 steps) [e8069f5a8e3bdb5fdeeff895780529388592ee7a] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit e8069f5a8e3bdb5fdeeff895780529388592ee7a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4d47382e93313f017202a8de7e1d1bbcdc98492bba5a8d81c9a2b9e61d37566a all runs: OK false negative chance: 0.000 # git bisect good e8069f5a8e3bdb5fdeeff895780529388592ee7a Bisecting: 5635 revisions left to test after this (roughly 13 steps) [a4bf2861c142298e9f51078ba9627a277c6d22c9] Merge branch 'docs-next' of git://git.lwn.net/linux.git testing commit a4bf2861c142298e9f51078ba9627a277c6d22c9 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: fcbfe4ab9393060be1b38f764f75461bab73a7792174550c27b0e5a0ac10f5eb all runs: OK false negative chance: 0.000 # git bisect good a4bf2861c142298e9f51078ba9627a277c6d22c9 Bisecting: 2856 revisions left to test after this (roughly 12 steps) [db28faf6eae30ca67afac825d7a405af76b04520] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap.git testing commit db28faf6eae30ca67afac825d7a405af76b04520 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 95b99eac6330cf3e1eea7aa4c77ebcf63603666fa09d42cdd858a44c1994cfb5 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] # git bisect bad db28faf6eae30ca67afac825d7a405af76b04520 Bisecting: 1324 revisions left to test after this (roughly 11 steps) [5bd35ec70dbd7596d4146936ccaef13ce91fd74b] Merge branch 'main' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git testing commit 5bd35ec70dbd7596d4146936ccaef13ce91fd74b gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ccf75b2bc251980ac583d71b9b6d31c2cc6275c4cbc64f7468a6fdb21400ce63 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] # git bisect bad 5bd35ec70dbd7596d4146936ccaef13ce91fd74b Bisecting: 735 revisions left to test after this (roughly 10 steps) [35b1b1fd96388d5e3cf179bf36bd8a4153baf4a3] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 35b1b1fd96388d5e3cf179bf36bd8a4153baf4a3 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0b730337f5f56dee20dea30874206cd342b773a46b82c460983e59115b1165b1 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] # git bisect bad 35b1b1fd96388d5e3cf179bf36bd8a4153baf4a3 Bisecting: 358 revisions left to test after this (roughly 9 steps) [070e8bd31b288c3aa3f965778417708c8bfedb06] MAINTAINERS: net: fix sort order testing commit 070e8bd31b288c3aa3f965778417708c8bfedb06 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: dd767ab1a771d94967cd690d80fca20ea9e11be6fad5aa4e56f662ce3cbb0e8d all runs: OK false negative chance: 0.000 # git bisect good 070e8bd31b288c3aa3f965778417708c8bfedb06 Bisecting: 179 revisions left to test after this (roughly 8 steps) [d0e0e880122fb865884ef86372cd6221225c6459] mlxsw: spectrum_router: RIF: Use tracker helpers to hold & put netdevices testing commit d0e0e880122fb865884ef86372cd6221225c6459 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 66edf0e5a1d5889705d59d13418b43952421725b40b552e185e9311edf961ff4 all runs: OK false negative chance: 0.000 # git bisect good d0e0e880122fb865884ef86372cd6221225c6459 Bisecting: 89 revisions left to test after this (roughly 7 steps) [eb1388553ef4f30d75ed7d5b8eb55ed849f685b5] selftests: router_bridge: Add remastering tests testing commit eb1388553ef4f30d75ed7d5b8eb55ed849f685b5 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: fd239bcefce9226afe5215ddddcd5f3b4462fbbeee1473325f15dd9d0ebf81c4 all runs: OK false negative chance: 0.000 # git bisect good eb1388553ef4f30d75ed7d5b8eb55ed849f685b5 Bisecting: 44 revisions left to test after this (roughly 6 steps) [1762f132d54200ffa008e86f9f6c96ab4ee3fb71] net/mlx5e: Support IPsec packet offload for RX in switchdev mode testing commit 1762f132d54200ffa008e86f9f6c96ab4ee3fb71 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: dcdc2e3ce82f94e451334d449b713deab3ea24b63daaf5ea55f3a9844ff63fd1 all runs: OK false negative chance: 0.000 # git bisect good 1762f132d54200ffa008e86f9f6c96ab4ee3fb71 Bisecting: 22 revisions left to test after this (roughly 5 steps) [547b006d192261067323efe4b1a12287cf3e4ac2] net: fec: delete fec_ptp_disable_hwts() testing commit 547b006d192261067323efe4b1a12287cf3e4ac2 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f9f1d52e6f646c64de061351dba84869733937938edce684eb7bdd3510f6afc7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] # git bisect bad 547b006d192261067323efe4b1a12287cf3e4ac2 Bisecting: 10 revisions left to test after this (roughly 4 steps) [09c2c90705bb64986d499c4a4f3fd659761b637c] net: allow alloc_skb_with_frags() to allocate bigger packets testing commit 09c2c90705bb64986d499c4a4f3fd659761b637c gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e561bbcde3ca78622b8787b313ef49d4287571f62f7787d0c39cfa99ba212bdf all runs: OK false negative chance: 0.000 # git bisect good 09c2c90705bb64986d499c4a4f3fd659761b637c Bisecting: 5 revisions left to test after this (roughly 3 steps) [66f7223039c0cef81221e9779520479895995815] net: add NDOs for configuring hardware timestamping testing commit 66f7223039c0cef81221e9779520479895995815 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 36880d60f02aa39f86e4f46de2fa2e7a845c2dd0d61bc6d471e9da71888ee7fc all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] # git bisect bad 66f7223039c0cef81221e9779520479895995815 Bisecting: 2 revisions left to test after this (roughly 1 step) [ae6db08f8b5606ccd95ef2aadd741905d3c13bc0] net/packet: change packet_alloc_skb() to allow bigger paged allocations testing commit ae6db08f8b5606ccd95ef2aadd741905d3c13bc0 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5d6ae115ab03a5a9baf8249c4c8611c0f96d6fbc346b64b418b557b868fde757 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in skb_segment representative crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment, types: [UNKNOWN] # git bisect bad ae6db08f8b5606ccd95ef2aadd741905d3c13bc0 Bisecting: 0 revisions left to test after this (roughly 0 steps) [ce7c7fef147311d0675aa8351ff72e0be1d5b3eb] net: tun: change tun_alloc_skb() to allow bigger paged allocations testing commit ce7c7fef147311d0675aa8351ff72e0be1d5b3eb gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a73e65b9f4172102b997f89e2227c4fdfacfa5cd4e02def89c45a48f4389f193 all runs: OK false negative chance: 0.000 # git bisect good ce7c7fef147311d0675aa8351ff72e0be1d5b3eb ae6db08f8b5606ccd95ef2aadd741905d3c13bc0 is the first bad commit commit ae6db08f8b5606ccd95ef2aadd741905d3c13bc0 Author: Eric Dumazet Date: Tue Aug 1 20:52:53 2023 +0000 net/packet: change packet_alloc_skb() to allow bigger paged allocations packet_alloc_skb() is currently calling sock_alloc_send_pskb() forcing order-0 page allocations. Switch to PAGE_ALLOC_COSTLY_ORDER, to increase max size by 8x. Also add logic to increase the linear part if needed. Signed-off-by: Eric Dumazet Cc: Tahsin Erdogan Reviewed-by: Willem de Bruijn Link: https://lore.kernel.org/r/20230801205254.400094-4-edumazet@google.com Signed-off-by: Jakub Kicinski net/packet/af_packet.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) accumulated error probability: 0.00 culprit signature: 5d6ae115ab03a5a9baf8249c4c8611c0f96d6fbc346b64b418b557b868fde757 parent signature: a73e65b9f4172102b997f89e2227c4fdfacfa5cd4e02def89c45a48f4389f193 revisions tested: 22, total time: 4h6m43.220653735s (build: 1h41m44.403413024s, test: 2h12m6.63092947s) first bad commit: ae6db08f8b5606ccd95ef2aadd741905d3c13bc0 net/packet: change packet_alloc_skb() to allow bigger paged allocations recipients (to): ["edumazet@google.com" "kuba@kernel.org" "willemb@google.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in skb_segment BUG: kernel NULL pointer dereference, address: 0000000000000070 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 104bb3067 P4D 104bb3067 PUD 111c83067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 0 PID: 2999 Comm: syz-executor.0 Not tainted 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 RIP: 0010:skb_segment+0x739/0xf10 net/core/skbuff.c:4455 Code: fb 48 85 d2 0f 85 6f fd ff ff eb ba 48 8b 94 24 80 00 00 00 48 c1 ea 23 89 d0 41 21 d2 83 e0 01 e9 e6 fc ff ff 48 8b 54 24 60 <44> 8b 72 70 e9 97 fa ff ff 48 8b 84 24 80 00 00 00 48 d1 e8 83 e0 RSP: 0018:ffffc90002dbb930 EFLAGS: 00010246 RAX: 000000000001ffc6 RBX: 000000000001fffe RCX: 000000000000ffff RDX: 0000000000000000 RSI: ffff888102e44000 RDI: 0000000000000001 RBP: ffffc90002dbba00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000030 R13: ffff88810478bc00 R14: 000000000000ffff R15: 0000000000000000 FS: 00007fe31cd326c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000070 CR3: 0000000104702000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: udp6_ufo_fragment+0x21e/0x290 net/ipv6/udp_offload.c:109 ipv6_gso_segment+0x119/0x530 net/ipv6/ip6_offload.c:120 skb_mac_gso_segment+0xc0/0x160 net/core/gso.c:53 __skb_gso_segment+0xb2/0x160 net/core/gso.c:124 skb_gso_segment include/net/gso.h:83 [inline] validate_xmit_skb.constprop.0+0x166/0x350 net/core/dev.c:3623 __dev_queue_xmit+0x248/0xee0 net/core/dev.c:4327 packet_snd net/packet/af_packet.c:3083 [inline] packet_sendmsg+0xb84/0x1a00 net/packet/af_packet.c:3115 sock_sendmsg_nosec net/socket.c:725 [inline] sock_sendmsg+0x37/0x70 net/socket.c:748 ____sys_sendmsg+0x25f/0x290 net/socket.c:2494 ___sys_sendmsg+0x95/0xe0 net/socket.c:2548 __sys_sendmsg+0x75/0xc0 net/socket.c:2577 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x38/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fe31c07cae9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fe31cd320c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007fe31c19bf80 RCX: 00007fe31c07cae9 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 RBP: 00007fe31c0c847a R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000006 R14: 00007fe31c19bf80 R15: 00007ffdfc80ca38 Modules linked in: CR2: 0000000000000070 ---[ end trace 0000000000000000 ]--- RIP: 0010:skb_segment+0x739/0xf10 net/core/skbuff.c:4455 Code: fb 48 85 d2 0f 85 6f fd ff ff eb ba 48 8b 94 24 80 00 00 00 48 c1 ea 23 89 d0 41 21 d2 83 e0 01 e9 e6 fc ff ff 48 8b 54 24 60 <44> 8b 72 70 e9 97 fa ff ff 48 8b 84 24 80 00 00 00 48 d1 e8 83 e0 RSP: 0018:ffffc90002dbb930 EFLAGS: 00010246 RAX: 000000000001ffc6 RBX: 000000000001fffe RCX: 000000000000ffff RDX: 0000000000000000 RSI: ffff888102e44000 RDI: 0000000000000001 RBP: ffffc90002dbba00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000030 R13: ffff88810478bc00 R14: 000000000000ffff R15: 0000000000000000 FS: 00007fe31cd326c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000070 CR3: 0000000104702000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: fb sti 1: 48 85 d2 test %rdx,%rdx 4: 0f 85 6f fd ff ff jne 0xfffffd79 a: eb ba jmp 0xffffffc6 c: 48 8b 94 24 80 00 00 mov 0x80(%rsp),%rdx 13: 00 14: 48 c1 ea 23 shr $0x23,%rdx 18: 89 d0 mov %edx,%eax 1a: 41 21 d2 and %edx,%r10d 1d: 83 e0 01 and $0x1,%eax 20: e9 e6 fc ff ff jmp 0xfffffd0b 25: 48 8b 54 24 60 mov 0x60(%rsp),%rdx * 2a: 44 8b 72 70 mov 0x70(%rdx),%r14d <-- trapping instruction 2e: e9 97 fa ff ff jmp 0xfffffaca 33: 48 8b 84 24 80 00 00 mov 0x80(%rsp),%rax 3a: 00 3b: 48 d1 e8 shr %rax 3e: 83 .byte 0x83 3f: e0 .byte 0xe0