Bug#804293: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect

To: 804293@bugs.debian.org
Subject: Bug#804293: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect
From: Gerald Turner <gturner@unzane.com>
Date: Tue, 17 Nov 2015 11:41:05 -0800
Message-id: <[🔎] 87k2pg76su.fsf@zoth-ommog.unzane.com>
Reply-to: Gerald Turner <gturner@unzane.com>, 804293@bugs.debian.org
In-reply-to: <[🔎] 87oaes7858.fsf_-_@zoth-ommog.unzane.com> (Gerald Turner's message of "Tue, 17 Nov 2015 11:12:03 -0800")
References: <871tc28wt9.fsf@zoth-ommog.unzane.com> <handler.804293.B.14468572811030.ack@bugs.debian.org> <[🔎] 87oaes7858.fsf_-_@zoth-ommog.unzane.com>
On Tue, Nov 17 2015, Gerald Turner wrote:
> The 'crash' tool is consistently showing the same backtraces.  The
> oops always occurs in an 'stunnel4' process.  GNOME HTTP Proxy
> setting, likely from 'pidgin.orig' which is auto-started upon login.
> stunnel4 is configured as client which connects to an IPv6 endpoint
> for which 'strongswan' has configured as "routed" in transport mode
> (ip xfrm policy), meaning there's a point-to-point IPsec tunnel
> between this workstation's IPv6 address and the IPv6 address of this
> stunnel4 server.

I've been able to refine the steps to reproduce the crash even further.
I disabled strongswan, therefore upon boot the 'ip xfrm policy' table is
empty.  Then I can login and use the system normally (albeit no IPsec
tunnels are running) without crashing.  Then as soon as I invoke
'systemctl start strongswan.service' the kernel panics.  Same NULL
dereference as all the other crashes seen on both machines.

The 'ip xfrm policy' table configured by strongswan contains 40 entries,
one example (the one which stunnel4 utilizes) is the following:

  src 2001:foo:bar::1/128 dst 2001:baz:qux::1/128
    dir in priority 2051 ptype main
    tmpl src :: dst ::
      proto comp reqid 7 mode transport
      level use
    tmpl src :: dst ::
      proto esp reqid 7 mode
      transport

The following is the 'crash' tool disassembly of the NULL dereference in
ip6_datagram_connect.  Unfortunately I'm a newbie at assembly, or C for
that matter.  What I have been able to gather is that the NULL pointer
dereference occurs in at net/ipv6/datagram.c line 192 with assembly "mov
0xa0(%rbp),%rax" and the RAX register contains 0x000000000000ffff.

crash> dis -lr ip6_datagram_connect+0x241

/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 209
0xffffffff81529960 <ip6_datagram_connect>:	nopl   0x0(%rax,%rax,1) [FTRACE NOP]
0xffffffff81529965 <ip6_datagram_connect+5>:	push   %r15
0xffffffff81529967 <ip6_datagram_connect+7>:	push   %r14
0xffffffff81529969 <ip6_datagram_connect+9>:	mov    %rsi,%r14
0xffffffff8152996c <ip6_datagram_connect+12>:	push   %r13
0xffffffff8152996e <ip6_datagram_connect+14>:	push   %r12
/build/linux-CrHvZ_/linux-4.2.6/include/net/sock.h: 1493
0xffffffff81529970 <ip6_datagram_connect+16>:	xor    %esi,%esi
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 209
0xffffffff81529972 <ip6_datagram_connect+18>:	push   %rbp
0xffffffff81529973 <ip6_datagram_connect+19>:	push   %rbx
0xffffffff81529974 <ip6_datagram_connect+20>:	mov    %edx,%r13d
0xffffffff81529977 <ip6_datagram_connect+23>:	mov    %rdi,%rbx
0xffffffff8152997a <ip6_datagram_connect+26>:	sub    $0x78,%rsp
0xffffffff8152997e <ip6_datagram_connect+30>:	mov    %gs:0x28,%rax
0xffffffff81529987 <ip6_datagram_connect+39>:	mov    %rax,0x68(%rsp)
0xffffffff8152998c <ip6_datagram_connect+44>:	xor    %eax,%eax
/build/linux-CrHvZ_/linux-4.2.6/include/net/sock.h: 1493
0xffffffff8152998e <ip6_datagram_connect+46>:	callq  0xffffffff81447760 <lock_sock_nested>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 56
0xffffffff81529993 <ip6_datagram_connect+51>:	movzwl (%r14),%eax
/build/linux-CrHvZ_/linux-4.2.6/include/linux/ipv6.h: 266
0xffffffff81529997 <ip6_datagram_connect+55>:	mov    0x2c0(%rbx),%r15
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 56
0xffffffff8152999e <ip6_datagram_connect+62>:	cmp    $0x2,%ax
0xffffffff815299a2 <ip6_datagram_connect+66>:	je     0xffffffff81529c0e <ip6_datagram_connect+686>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 63
0xffffffff815299a8 <ip6_datagram_connect+72>:	cmp    $0x17,%r13d
0xffffffff815299ac <ip6_datagram_connect+76>:	jle    0xffffffff81529db6 <ip6_datagram_connect+1110>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 66
0xffffffff815299b2 <ip6_datagram_connect+82>:	cmp    $0xa,%ax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 58
0xffffffff815299b6 <ip6_datagram_connect+86>:	mov    $0xffffff9f,%ebp
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 66
0xffffffff815299bb <ip6_datagram_connect+91>:	jne    0xffffffff81529be1 <ip6_datagram_connect+641>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 69
0xffffffff815299c1 <ip6_datagram_connect+97>:	xor    %eax,%eax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 70
0xffffffff815299c3 <ip6_datagram_connect+99>:	testb  $0x2,0x4e(%r15)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 69
0xffffffff815299c8 <ip6_datagram_connect+104>:	lea    0x28(%rsp),%rbp
0xffffffff815299cd <ip6_datagram_connect+109>:	mov    $0x8,%ecx
0xffffffff815299d2 <ip6_datagram_connect+114>:	mov    %rbp,%rdi
0xffffffff815299d5 <ip6_datagram_connect+117>:	rep stos %rax,%es:(%rdi)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 70
0xffffffff815299d8 <ip6_datagram_connect+120>:	je     0xffffffff815299f3 <ip6_datagram_connect+147>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 71
0xffffffff815299da <ip6_datagram_connect+122>:	mov    0x4(%r14),%eax
0xffffffff815299de <ip6_datagram_connect+126>:	mov    %eax,%esi
0xffffffff815299e0 <ip6_datagram_connect+128>:	and    $0xf,%sil
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 72
0xffffffff815299e4 <ip6_datagram_connect+132>:	test   $0xffff0f00,%eax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 71
0xffffffff815299e9 <ip6_datagram_connect+137>:	mov    %esi,0x5c(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 72
0xffffffff815299ed <ip6_datagram_connect+141>:	jne    0xffffffff81529da2 <ip6_datagram_connect+1090>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 51
0xffffffff815299f3 <ip6_datagram_connect+147>:	xor    %r12d,%r12d
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 79
0xffffffff815299f6 <ip6_datagram_connect+150>:	lea    0x8(%r14),%rdi
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 317
0xffffffff815299fa <ip6_datagram_connect+154>:	callq  0xffffffff81535650 <__ipv6_addr_type>
0xffffffff815299ff <ip6_datagram_connect+159>:	movzwl %ax,%ecx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 81
0xffffffff81529a02 <ip6_datagram_connect+162>:	test   %ecx,%ecx
0xffffffff81529a04 <ip6_datagram_connect+164>:	jne    0xffffffff81529cca <ip6_datagram_connect+874>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 85
0xffffffff81529a0a <ip6_datagram_connect+170>:	movb   $0x1,0x17(%r14)
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 337
0xffffffff81529a0f <ip6_datagram_connect+175>:	xor    %esi,%esi
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 147
0xffffffff81529a11 <ip6_datagram_connect+177>:	mov    0x8(%r14),%rax
0xffffffff81529a15 <ip6_datagram_connect+181>:	mov    0x10(%r14),%rdx
0xffffffff81529a19 <ip6_datagram_connect+185>:	mov    %rax,0x38(%rbx)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 148
0xffffffff81529a1d <ip6_datagram_connect+189>:	mov    0x5c(%rsp),%eax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 147
0xffffffff81529a21 <ip6_datagram_connect+193>:	mov    %rdx,0x40(%rbx)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 148
0xffffffff81529a25 <ip6_datagram_connect+197>:	mov    %eax,0x38(%r15)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 157
0xffffffff81529a29 <ip6_datagram_connect+201>:	movzbl 0x149(%rbx),%eax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 150
0xffffffff81529a30 <ip6_datagram_connect+208>:	movzwl 0x2(%r14),%ecx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 158
0xffffffff81529a35 <ip6_datagram_connect+213>:	mov    0x40(%rbx),%rdx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 157
0xffffffff81529a39 <ip6_datagram_connect+217>:	mov    %al,0x36(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 158
0xffffffff81529a3d <ip6_datagram_connect+221>:	mov    0x38(%rbx),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 150
0xffffffff81529a41 <ip6_datagram_connect+225>:	mov    %cx,0xc(%rbx)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 158
0xffffffff81529a45 <ip6_datagram_connect+229>:	mov    %rdx,0x44(%rsp)
0xffffffff81529a4a <ip6_datagram_connect+234>:	mov    %rax,0x3c(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 159
0xffffffff81529a4f <ip6_datagram_connect+239>:	mov    0x8(%r15),%rdx
0xffffffff81529a53 <ip6_datagram_connect+243>:	mov    (%r15),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 162
0xffffffff81529a56 <ip6_datagram_connect+246>:	mov    %cx,0x60(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 159
0xffffffff81529a5b <ip6_datagram_connect+251>:	mov    %rdx,0x54(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 161
0xffffffff81529a60 <ip6_datagram_connect+256>:	mov    0x280(%rbx),%edx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 159
0xffffffff81529a66 <ip6_datagram_connect+262>:	mov    %rax,0x4c(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 160
0xffffffff81529a6b <ip6_datagram_connect+267>:	mov    0x14(%rbx),%eax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 161
0xffffffff81529a6e <ip6_datagram_connect+270>:	mov    %edx,0x30(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 163
0xffffffff81529a72 <ip6_datagram_connect+274>:	movzwl 0x2d0(%rbx),%edx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 165
0xffffffff81529a79 <ip6_datagram_connect+281>:	test   %eax,%eax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 160
0xffffffff81529a7b <ip6_datagram_connect+283>:	mov    %eax,0x28(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 163
0xffffffff81529a7f <ip6_datagram_connect+287>:	mov    %dx,0x62(%rsp)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 165
0xffffffff81529a84 <ip6_datagram_connect+292>:	je     0xffffffff81529d14 <ip6_datagram_connect+948>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 168
0xffffffff81529a8a <ip6_datagram_connect+298>:	mov    %rbp,%rsi
0xffffffff81529a8d <ip6_datagram_connect+301>:	mov    %rbx,%rdi
0xffffffff81529a90 <ip6_datagram_connect+304>:	callq  0xffffffff8124b030 <security_sk_classify_flow>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 170
0xffffffff81529a95 <ip6_datagram_connect+309>:	test   %r12,%r12
0xffffffff81529a98 <ip6_datagram_connect+312>:	je     0xffffffff81529dea <ip6_datagram_connect+1162>
0xffffffff81529a9e <ip6_datagram_connect+318>:	mov    0x20(%r12),%rsi
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 171
0xffffffff81529aa3 <ip6_datagram_connect+323>:	lea    0x10(%rsp),%rdx
0xffffffff81529aa8 <ip6_datagram_connect+328>:	mov    %rbp,%rdi
0xffffffff81529aab <ip6_datagram_connect+331>:	callq  0xffffffff81528310 <fl6_update_dst>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 173
0xffffffff81529ab0 <ip6_datagram_connect+336>:	mov    %rbp,%rsi
0xffffffff81529ab3 <ip6_datagram_connect+339>:	mov    %rax,%rdx
0xffffffff81529ab6 <ip6_datagram_connect+342>:	mov    %rbx,%rdi
0xffffffff81529ab9 <ip6_datagram_connect+345>:	callq  0xffffffff814fcc20 <ip6_dst_lookup_flow>
0xffffffff81529abe <ip6_datagram_connect+350>:	mov    %rax,%rbp
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 175
0xffffffff81529ac1 <ip6_datagram_connect+353>:	cmp    $0xfffffffffffff000,%rbp
0xffffffff81529ac8 <ip6_datagram_connect+360>:	ja     0xffffffff81529bd0 <ip6_datagram_connect+624>
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 524
0xffffffff81529ace <ip6_datagram_connect+366>:	mov    0x8(%r15),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 182
0xffffffff81529ad2 <ip6_datagram_connect+370>:	or     (%r15),%rax
0xffffffff81529ad5 <ip6_datagram_connect+373>:	jne    0xffffffff81529ae8 <ip6_datagram_connect+392>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 183
0xffffffff81529ad7 <ip6_datagram_connect+375>:	mov    0x4c(%rsp),%r9
0xffffffff81529adc <ip6_datagram_connect+380>:	mov    0x54(%rsp),%r10
0xffffffff81529ae1 <ip6_datagram_connect+385>:	mov    %r9,(%r15)
0xffffffff81529ae4 <ip6_datagram_connect+388>:	mov    %r10,0x8(%r15)
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 524
0xffffffff81529ae8 <ip6_datagram_connect+392>:	mov    0x50(%rbx),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 185
0xffffffff81529aec <ip6_datagram_connect+396>:	or     0x48(%rbx),%rax
0xffffffff81529af0 <ip6_datagram_connect+400>:	jne    0xffffffff81529b20 <ip6_datagram_connect+448>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 186
0xffffffff81529af2 <ip6_datagram_connect+402>:	mov    0x4c(%rsp),%r9
0xffffffff81529af7 <ip6_datagram_connect+407>:	mov    0x54(%rsp),%r10
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 188
0xffffffff81529afc <ip6_datagram_connect+412>:	mov    0x28(%rbx),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 187
0xffffffff81529b00 <ip6_datagram_connect+416>:	movl   $0x600007f,0x4(%rbx)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 186
0xffffffff81529b07 <ip6_datagram_connect+423>:	mov    %r9,0x48(%rbx)
0xffffffff81529b0b <ip6_datagram_connect+427>:	mov    %r10,0x50(%rbx)
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 188
0xffffffff81529b0f <ip6_datagram_connect+431>:	mov    0xa8(%rax),%rax
0xffffffff81529b16 <ip6_datagram_connect+438>:	test   %rax,%rax
0xffffffff81529b19 <ip6_datagram_connect+441>:	je     0xffffffff81529b20 <ip6_datagram_connect+448>
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 189
0xffffffff81529b1b <ip6_datagram_connect+443>:	mov    %rbx,%rdi
0xffffffff81529b1e <ip6_datagram_connect+446>:	callq  *%rax
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 420
0xffffffff81529b20 <ip6_datagram_connect+448>:	mov    0x8(%r15),%rdx
0xffffffff81529b24 <ip6_datagram_connect+452>:	mov    (%r15),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 192
0xffffffff81529b27 <ip6_datagram_connect+455>:	xor    %esi,%esi
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 420
0xffffffff81529b29 <ip6_datagram_connect+457>:	xor    0x54(%rsp),%rdx
0xffffffff81529b2e <ip6_datagram_connect+462>:	xor    0x4c(%rsp),%rax
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 192
0xffffffff81529b33 <ip6_datagram_connect+467>:	mov    %r15,%r8
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 420
0xffffffff81529b36 <ip6_datagram_connect+470>:	mov    0x40(%rbx),%rcx
/build/linux-CrHvZ_/linux-4.2.6/include/linux/spinlock.h: 312
0xffffffff81529b3a <ip6_datagram_connect+474>:	lea    0x120(%rbx),%r13
0xffffffff81529b41 <ip6_datagram_connect+481>:	mov    %r13,%rdi
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 192
0xffffffff81529b44 <ip6_datagram_connect+484>:	or     %rax,%rdx
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 420
0xffffffff81529b47 <ip6_datagram_connect+487>:	mov    0x38(%rbx),%rdx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 192
0xffffffff81529b4b <ip6_datagram_connect+491>:	lea    0x38(%rbx),%rax
0xffffffff81529b4f <ip6_datagram_connect+495>:	cmovne %rsi,%r8
/build/linux-CrHvZ_/linux-4.2.6/include/net/ipv6.h: 420
0xffffffff81529b53 <ip6_datagram_connect+499>:	xor    0x44(%rsp),%rcx
0xffffffff81529b58 <ip6_datagram_connect+504>:	xor    0x3c(%rsp),%rdx
/build/linux-CrHvZ_/linux-4.2.6/net/ipv6/datagram.c: 192
0xffffffff81529b5d <ip6_datagram_connect+509>:	mov    %r8,0x8(%rsp)
0xffffffff81529b62 <ip6_datagram_connect+514>:	or     %rdx,%rcx
0xffffffff81529b65 <ip6_datagram_connect+517>:	cmove  %rax,%rsi
0xffffffff81529b69 <ip6_datagram_connect+521>:	mov    %rsi,%r15
/build/linux-CrHvZ_/linux-4.2.6/include/linux/spinlock.h: 312
0xffffffff81529b6c <ip6_datagram_connect+524>:	callq  0xffffffff81553640 <_raw_spin_lock>
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_route.h: 143
0xffffffff81529b71 <ip6_datagram_connect+529>:	mov    %rbp,%rsi
0xffffffff81529b74 <ip6_datagram_connect+532>:	mov    %rbx,%rdi
/build/linux-CrHvZ_/linux-4.2.6/include/linux/ipv6.h: 266
0xffffffff81529b77 <ip6_datagram_connect+535>:	mov    0x2c0(%rbx),%r14
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_route.h: 143
0xffffffff81529b7e <ip6_datagram_connect+542>:	callq  0xffffffff81446ef0 <sk_setup_caps>
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_route.h: 146
0xffffffff81529b83 <ip6_datagram_connect+547>:	mov    0x8(%rsp),%r8
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_route.h: 144
0xffffffff81529b88 <ip6_datagram_connect+552>:	mov    %r15,0x28(%r14)
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_route.h: 146
0xffffffff81529b8c <ip6_datagram_connect+556>:	mov    %r8,0x30(%r14)
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_fib.h: 168
0xffffffff81529b90 <ip6_datagram_connect+560>:	testb  $0x40,0x117(%rbp)
0xffffffff81529b97 <ip6_datagram_connect+567>:	je     0xffffffff81529d2a <ip6_datagram_connect+970>
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_fib.h: 169
0xffffffff81529b9d <ip6_datagram_connect+573>:	mov    0x40(%rbp),%rbp
/build/linux-CrHvZ_/linux-4.2.6/include/net/ip6_fib.h: 171
0xffffffff81529ba1 <ip6_datagram_connect+577>:	mov    0xa0(%rbp),%rax

-- 
Gerald Turner <gturner@unzane.com>        Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D
Attachment: signature.asc
Description: PGP signature
Reply to:
Follow-Ups:
- Bug#804293: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect
  - From: Gerald Turner <gturner@unzane.com>
References:
- Bug#804293: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect
  - From: Gerald Turner <gturner@unzane.com>
Prev by Date: Bug#804293: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect
Next by Date: Bug#805168: linux-image-4.2.0-1-amd64: sudden USB disconnect
Previous by thread: Processed: Re: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect
Next by thread: Bug#804293: linux-image-4.2.0-1-amd64: Crash in ip6_datagram_connect
Index(es):
- Date
- Thread