Additional info: reporter: libreport-2.1.5 general protection fault: 0000 [#1] SMP Modules linked in: fuse ebtable_nat ipt_MASQUERADE nf_conntrack_netbios_ns nf_conntrack_broadcast ip6table_mangle ip6t_REJECT be2iscsi iscsi_boot_sysfs nf_conntrack_ipv6 bnx2i nf_defrag_ipv6 cnic uio cxgb4i cxgb4 cxgb3i iptable_nat nf_nat_ipv4 nf_nat iptable_mangle cxgb3 mdio libcxgbi nf_conntrack_ipv4 nf_defrag_ipv4 ib_iser xt_conntrack nf_conntrack bnep bluetooth rdma_cm ib_addr ebtable_filter iw_cm ebtables ib_cm ip6table_filter ib_sa ip6_tables ib_mad ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi arc4 brcmsmac snd_hda_codec_via cordic brcmutil snd_hda_intel snd_hda_codec mac80211 snd_hwdep snd_seq snd_seq_device snd_pcm uvcvideo cfg80211 videobuf2_vmalloc videobuf2_memops mperf videobuf2_core rfkill coretemp videodev snd_page_alloc snd_timer snd iTCO_wdt iTCO_vendor_support media soundcore microcode lpc_ich i2c_i801 mfd_core bcma uinput i915 i2c_algo_bit drm_kms_helper r8169 drm mii i2c_core video usb_storage sunrpc CPU 0 Pid: 1789, comm: gnome-shell Not tainted 3.9.6-200.fc18.x86_64 #1 THD(Thread technology) DX1/DX1 RIP: 0010:[<ffffffff8162c0de>] [<ffffffff8162c0de>] ip6mr_fill_mroute+0xae/0x180 RSP: 0018:ffff880061b4fa08 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88007a6b3000 RCX: ff0088007b4450a8 RDX: 0000000000000004 RSI: ffff880061b4fa18 RDI: ffff88007a6b3024 RBP: ffff880061b4fa38 R08: 0000000000000ea4 R09: ffff88007a6b3024 R10: 0000000000000000 R11: 0000000000000000 R12: ffff88006175e500 R13: ff0088007b445088 R14: ffff88007b445000 R15: ffff8800355bbc80 FS: 00007f28e77e1a00(0000) GS:ffff88007f200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000003f304904a0 CR3: 00000000357ae000 CR4: 00000000000007f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process gnome-shell (pid: 1789, threadinfo ffff880061b4e000, task ffff88007946c650) Stack: ffff880061b4fa28 000000fe8160d498 ff0088007b445088 0000000000000000 0000000000000000 ffff88007b445088 ffff880061b4fab8 ffffffff8162ca9c 0000000000000000 ffffffff81cba550 0000000000000000 0000000000000000 Call Trace: [<ffffffff8162ca9c>] ip6mr_rtm_dumproute+0xfc/0x250 [<ffffffff8156022d>] rtnl_dump_all+0x10d/0x190 [<ffffffff8157cc83>] netlink_dump+0x73/0x1e0 [<ffffffff8157d268>] netlink_recvmsg+0x388/0x470 [<ffffffff8153bf31>] sock_recvmsg+0xc1/0xf0 [<ffffffff8115bc19>] ? __do_fault+0x3e9/0x550 [<ffffffff8153b913>] __sys_recvmsg+0x123/0x2c0 [<ffffffff811604e1>] ? handle_mm_fault+0x291/0x650 [<ffffffff81665cac>] ? __do_page_fault+0x25c/0x4f0 [<ffffffff8153e079>] sys_recvmsg+0x49/0x90 [<ffffffff8166a5d9>] system_call_fastpath+0x16/0x1b Code: be 0f 00 00 00 4c 89 e7 88 43 14 41 8b 46 18 89 45 dc e8 46 53 cf ff 85 c0 0f 85 ae 00 00 00 c6 43 17 05 c6 43 16 00 49 8d 4d 20 <41> 8b 45 34 ba 10 00 00 00 c7 43 18 00 00 00 00 be 02 00 00 00 RIP [<ffffffff8162c0de>] ip6mr_fill_mroute+0xae/0x180 RSP <ffff880061b4fa08>
Created attachment 777607 [details] File: dmesg
Pointer corruption ff0088007b4450a8 instead of ffff88007b4450a8. *** This bug has been marked as a duplicate of bug 984678 ***