syzbot

 sign-in | mailing list | source | docs
🐞 Open [1481]
Subsystems
🐞 Fixed [6786]
🐞 Invalid [17522]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

kernel BUG in ip6gre_header (6)

Status: upstream: reported C repro on 2025/12/11 17:32
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+43a2ebcf2a64b1102d64@syzkaller.appspotmail.com
First crash: 13d, last: 2h40m
Discussions (2)
Title Replies (including bot) Last reply
[PATCH net] ip6_gre: make ip6gre_header() robust 1 (1) 2025/12/11 17:35
[syzbot] [net?] kernel BUG in ip6gre_header (6) 0 (1) 2025/12/11 17:32
Similar bugs (9)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 kernel BUG at net/core/skbuff.c:LINE! -1 C unreliable 494 1200d 2420d 0/1 upstream: reported C repro on 2019/04/27 20:12
upstream kernel BUG in ip6gre_header (2) net -1 C 2 790d 804d 25/29 fixed on 2024/01/20 21:18
upstream kernel BUG in ip6gre_header net -1 C 5 841d 911d 23/29 fixed on 2023/09/28 17:51
upstream kernel BUG in ip6gre_header (5) net -1 1 493d 493d 0/29 closed as invalid on 2024/08/29 14:58
upstream kernel BUG in ip6gre_header (3) net -1 1 674d 674d 0/29 closed as invalid on 2024/03/01 17:31
upstream kernel BUG in ip6gre_header (4) net -1 1 582d 582d 0/29 closed as invalid on 2024/06/03 15:58
upstream kernel BUG in llc_sap_action_send_xid_c net -1 C error 61 1493d 1707d 20/29 fixed on 2021/11/10 00:50
upstream kernel BUG in pskb_expand_head net -1 C done 1600 1036d 1487d 22/29 fixed on 2023/02/25 08:02
linux-6.1 kernel BUG in ip6gre_header origin:upstream -1 C error 1 456d 911d 0/3 upstream: reported C repro on 2023/06/14 11:11
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/12/11 14:13 21m edumazet@google.com patch upstream OK log

Sample crash report:
skbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:213!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Workqueue: mld mld_ifc_work
RIP: 0010:skb_panic+0x157/0x160 net/core/skbuff.c:213
Code: c7 e0 1a 6f 8c 48 8b 74 24 08 48 8b 54 24 10 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 55 41 57 41 56 e8 8e 94 f5 ff 48 83 c4 20 90 <0f> 0b cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900001b7280 EFLAGS: 00010282
RAX: 0000000000000087 RBX: dffffc0000000000 RCX: 98444bb9450e1700
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 00000000000006c0 R08: ffffc900001b6f87 R09: 1ffff92000036df0
R10: dffffc0000000000 R11: fffff52000036df1 R12: ffff88804ce8add0
R13: ffff888059bc7000 R14: ffff888059bc6fe8 R15: 0000000000000070
FS:  0000000000000000(0000) GS:ffff88808d683000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055555bb765c8 CR3: 000000001fd7c000 CR4: 0000000000352ef0
Call Trace:
 <TASK>
 skb_under_panic net/core/skbuff.c:223 [inline]
 skb_push+0xc3/0xe0 net/core/skbuff.c:2641
 ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371
 dev_hard_header include/linux/netdevice.h:3436 [inline]
 neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618
 neigh_output include/net/neighbour.h:556 [inline]
 ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136
 __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline]
 ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220
 NF_HOOK_COND include/linux/netfilter.h:307 [inline]
 ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247
 NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318
 mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855
 mld_send_cr net/ipv6/mcast.c:2154 [inline]
 mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693
 process_one_work kernel/workqueue.c:3257 [inline]
 process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x599/0xb30 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:skb_panic+0x157/0x160 net/core/skbuff.c:213
Code: c7 e0 1a 6f 8c 48 8b 74 24 08 48 8b 54 24 10 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 55 41 57 41 56 e8 8e 94 f5 ff 48 83 c4 20 90 <0f> 0b cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900001b7280 EFLAGS: 00010282
RAX: 0000000000000087 RBX: dffffc0000000000 RCX: 98444bb9450e1700
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 00000000000006c0 R08: ffffc900001b6f87 R09: 1ffff92000036df0
R10: dffffc0000000000 R11: fffff52000036df1 R12: ffff88804ce8add0
R13: ffff888059bc7000 R14: ffff888059bc6fe8 R15: 0000000000000070
FS:  0000000000000000(0000) GS:ffff88808d683000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc5c02a230 CR3: 000000003b4e8000 CR4: 0000000000352ef0

Crashes (35):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/12/05 20:30 upstream 2061f18ad76e d1b870e1 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/05 02:20 upstream 6dfafbd0299a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root kernel BUG in ip6gre_header
2025/12/05 02:20 upstream 6dfafbd0299a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root kernel BUG in ip6gre_header
2025/12/11 19:24 upstream d358e5254674 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/11 18:06 upstream d358e5254674 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/07 17:44 upstream 9e906a9dead1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/07 17:38 upstream 9e906a9dead1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/07 17:38 upstream 9e906a9dead1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/06 19:28 upstream 416f99c3b16f d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/06 19:26 upstream 416f99c3b16f d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/06 19:26 upstream 416f99c3b16f d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/06 00:51 upstream 7203ca412fc8 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/06 00:51 upstream 7203ca412fc8 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/05 07:27 upstream fa5ef105618a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:28 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:16 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:13 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:13 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:11 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:09 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:08 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/04 11:07 upstream 559e608c4655 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 kernel BUG in ip6gre_header
2025/12/10 09:03 upstream c9b47175e913 d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream kernel BUG in ip6gre_header
2025/12/09 16:30 upstream cb015814f8b6 d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/09 11:33 upstream a110f942672c d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream kernel BUG in ip6gre_header
2025/12/09 04:03 upstream a110f942672c d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/06 20:26 upstream 416f99c3b16f d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/05 19:03 upstream 2061f18ad76e d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/05 14:14 upstream 2061f18ad76e d1b870e1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream kernel BUG in ip6gre_header
2025/12/05 13:23 upstream 2061f18ad76e d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/04 21:48 upstream 6dfafbd0299a d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root kernel BUG in ip6gre_header
2025/12/11 12:10 net-next 8f7aa3d3c732 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce kernel BUG in ip6gre_header
2025/12/06 09:23 linux-next 6987d58a9cbc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root kernel BUG in ip6gre_header
2025/12/06 09:20 linux-next 6987d58a9cbc d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root kernel BUG in ip6gre_header
2025/11/28 16:14 linux-next 7d31f578f323 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root kernel BUG in ip6gre_header
* Struck through repros no longer work on HEAD.