Sent from my iPhone
> On Nov 22, 2016, at 1:11 PM, Cong Wang <xiyou.wangc...@gmail.com> wrote:
>
>> On Tue, Nov 22, 2016 at 2:23 AM, Andrey Konovalov <andreyk...@google.com>
>> wrote:
>> Hi,
>>
>> I've got the following error report while fuzzing the kernel with syzkaller.
>>
>> It seems that skb_dst(skb) may end up being NULL.
>>
>> As far as I can see the bug was introduced in commit 5d41ce29e ("net:
>> icmp6_send should use dst dev to determine L3 domain").
>> ICMP v4 probaly has similar issue due to 9d1a6c4ea ("net:
>> icmp_route_lookup should use rt dev to determine L3 domain").
>
>
> ipv6_parse_hopopts() is called before NF_INET_PRE_ROUTING,
> so the skb_dst could be NULL.
>
> I have no idea what commit 5d41ce29e tried to fix, but we already
> use skb->dev a few lines before l3mdev_master_ifindex(), so I don't
> understand why skb->dev could be NULL, maybe just for vrf dev?
On PTO this week and currently at the beach. Will take a look tonight. Thanks
for the report.
