============================= WARNING: suspicious RCU usage 4.15.0-rc6-next-20180102+ #86 Not tainted ----------------------------- net/netfilter/ipset/ip_set_core.c:2057 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 3 locks held by kworker/u4:0/5: #0: ((wq_completion)"%s""netns"){+.+.}, at: [<00000000478b6e99>] process_one_work+0x71f/0x14a0 kernel/workqueue.c:2083 #1: (net_cleanup_work){+.+.}, at: [<0000000053570181>] process_one_work+0x757/0x14a0 kernel/workqueue.c:2087 #2: (net_mutex){+.+.}, at: [<00000000640b9751>] cleanup_net+0x139/0x8b0 net/core/net_namespace.c:450 stack backtrace: CPU: 1 PID: 5 Comm: kworker/u4:0 Not tainted 4.15.0-rc6-next-20180102+ #86 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: netns cleanup_net Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x137/0x198 lib/dump_stack.c:53 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585 ip_set_net_exit+0x2c6/0x480 net/netfilter/ipset/ip_set_core.c:2057 ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:142 cleanup_net+0x3f3/0x8b0 net/core/net_namespace.c:484 process_one_work+0x801/0x14a0 kernel/workqueue.c:2112 worker_thread+0xe0/0x1010 kernel/workqueue.c:2246 kthread+0x33c/0x400 kernel/kthread.c:238 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 kauditd_printk_skb: 163 callbacks suppressed audit: type=1400 audit(1514913401.736:182): avc: denied { ipc_lock } for pid=4595 comm="syz-executor3" capability=14 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 : renamed from gre0 audit: type=1400 audit(1514913402.533:183): avc: denied { setopt } for pid=4821 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. audit: type=1326 audit(1514913402.652:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.652:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.657:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=292 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.657:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.657:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.664:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.664:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913402.665:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4856 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 netlink: 2 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor0'. device syz7 entered promiscuous mode netlink: 13 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 13 bytes leftover after parsing attributes in process `syz-executor5'. mmap: syz-executor1 (5407) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. binder: 5435:5444 got transaction to invalid handle binder: 5435:5444 transaction failed 29201/-22, size 0-32 line 2845 binder: 5435:5444 got transaction to invalid handle binder: 5435:5444 transaction failed 29201/-22, size 0-32 line 2845 binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29201 device lo entered promiscuous mode device lo left promiscuous mode binder: BINDER_SET_CONTEXT_MGR already set binder: 5564:5570 ioctl 40046207 0 returned -16 binder_alloc: 5564: binder_alloc_buf, no vma binder: 5564:5578 transaction failed 29189/-3, size 0-0 line 2960 binder: undelivered TRANSACTION_ERROR: 29189 kauditd_printk_skb: 143 callbacks suppressed audit: type=1326 audit(1514913406.738:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=94 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.738:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.738:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=29 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=30 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=5 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=54 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514913406.739:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5656 comm="syz-executor2" exe="/root/syz-executor2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 device syz3 entered promiscuous mode device eql entered promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. device lo entered promiscuous mode netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. device lo left promiscuous mode QAT: Invalid ioctl netlink: 188 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 188 bytes leftover after parsing attributes in process `syz-executor2'. QAT: Invalid ioctl netlink: 4 bytes leftover after parsing attributes in process `syz-executor1'. device syz3 entered promiscuous mode skbuff: bad partial csum: csum=65535/0 len=28 netlink: 4 bytes leftover after parsing attributes in process `syz-executor1'. skbuff: bad partial csum: csum=65535/0 len=28 device eql entered promiscuous mode kvm_pmu: event creation failed -2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6296 comm=syz-executor0 QAT: Invalid ioctl QAT: Invalid ioctl RDS: rds_bind could not find a transport for 172.20.1.187, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 172.20.1.187, load rds_tcp or rds_rdma? binder: 6484:6488 BC_CLEAR_DEATH_NOTIFICATION death notification not active binder: 6484:6488 got new transaction with bad transaction stack, transaction 8 has target 6484:0 binder: 6484:6488 transaction failed 29201/-71, size 0-8 line 2872 binder_alloc: binder_alloc_mmap_handler: 6484 20000000-20002000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 6484:6488 ioctl 40046207 0 returned -16 binder_alloc: 6484: binder_alloc_buf, no vma binder: 6484:6494 transaction failed 29189/-3, size 80-16 line 2960 binder: 6484:6488 BC_CLEAR_DEATH_NOTIFICATION invalid ref 2 binder_alloc: 6484: binder_alloc_buf, no vma binder: 6484:6488 transaction failed 29189/-3, size 0-8 line 2960 binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29189 binder: release 6484:6488 transaction 8 out, still active binder: unexpected work type, 4, not freed binder: unexpected work type, 4, not freed binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29201 binder: send failed reply for transaction 8, target dead device eql entered promiscuous mode binder: 6508:6512 transaction failed 29189/-22, size 0-0 line 2845 binder: 6508:6519 transaction failed 29189/-22, size 0-0 line 2845 device syz3 entered promiscuous mode binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29189 device eql entered promiscuous mode SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=6608 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=6608 comm=syz-executor4