============================= WARNING: suspicious RCU usage 4.15.0-rc6-next-20180102+ #86 Not tainted ----------------------------- net/netfilter/ipset/ip_set_core.c:2057 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 3 locks held by kworker/u4:0/5: #0: ((wq_completion)"%s""netns"){+.+.}, at: [<00000000652a22c1>] process_one_work+0x71f/0x14a0 kernel/workqueue.c:2083 #1: (net_cleanup_work){+.+.}, at: [<000000002e30e745>] process_one_work+0x757/0x14a0 kernel/workqueue.c:2087 #2: (net_mutex){+.+.}, at: [<0000000033f61318>] cleanup_net+0x139/0x8b0 net/core/net_namespace.c:450 stack backtrace: CPU: 1 PID: 5 Comm: kworker/u4:0 Not tainted 4.15.0-rc6-next-20180102+ #86 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: netns cleanup_net Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x137/0x198 lib/dump_stack.c:53 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585 ip_set_net_exit+0x2c6/0x480 net/netfilter/ipset/ip_set_core.c:2057 ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:142 cleanup_net+0x3f3/0x8b0 net/core/net_namespace.c:484 process_one_work+0x801/0x14a0 kernel/workqueue.c:2112 worker_thread+0xe0/0x1010 kernel/workqueue.c:2246 kthread+0x33c/0x400 kernel/kthread.c:238 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 CUSE: info not properly terminated netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. device syz6 entered promiscuous mode device eql entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl binder: 5204 RLIMIT_NICE not set binder: 5196:5211 BC_REQUEST_DEATH_NOTIFICATION death notification already set binder: 5204 RLIMIT_NICE not set binder: 5196:5211 BC_DEAD_BINDER_DONE 0000000000000003 not found binder: 5196:5211 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 binder: BINDER_SET_CONTEXT_MGR already set binder: 5196:5243 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 binder: 5194:5234 BC_FREE_BUFFER u000000002000c000 no match binder: 5194:5219 ioctl 40046207 0 returned -16 binder_alloc: 5194: binder_alloc_buf, no vma binder: 5194:5245 transaction failed 29189/-3, size 0-0 line 2960 binder: undelivered TRANSACTION_ERROR: 29189 binder: release 5194:5204 transaction 7 in, still active binder: send failed reply for transaction 7 to 5194:5219 binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29189 capability: warning: `syz-executor0' uses 32-bit capabilities (legacy support in use) kauditd_printk_skb: 59 callbacks suppressed audit: type=1326 audit(1514914122.164:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1400 audit(1514914122.171:187): avc: denied { map } for pid=5494 comm="syz-executor2" path="/proc/213/task/214/environ" dev="proc" ino=16852 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=file permissive=1 audit: type=1326 audit(1514914122.200:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=9 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914122.200:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914122.200:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1400 audit(1514914122.202:191): avc: denied { map } for pid=5488 comm="syz-executor1" path="/57/bus" dev="tmpfs" ino=16857 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:tmpfs_t:s0 tclass=file permissive=1 audit: type=1326 audit(1514914122.229:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=53 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914122.230:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914122.230:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914122.235:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=5493 comm="syz-executor4" exe="/root/syz-executor4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x452ac9 code=0x7ffc0000 netlink: 6 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor3'. dccp_xmit_packet: Payload too large (65407) for featneg. dccp_xmit_packet: Payload too large (65407) for featneg. binder_alloc: binder_alloc_mmap_handler: 5592 209a1000-209a4000 already mapped failed -16 sctp: [Deprecated]: syz-executor7 (pid 5651) Use of int in maxseg socket option. Use struct sctp_assoc_value instead binder: BINDER_SET_CONTEXT_MGR already set binder: 5657:5659 ioctl 40046207 0 returned -16 sctp: [Deprecated]: syz-executor7 (pid 5651) Use of int in maxseg socket option. Use struct sctp_assoc_value instead binder: BINDER_SET_CONTEXT_MGR already set binder: BINDER_SET_CONTEXT_MGR already set binder: 5657:5676 ioctl 40046207 0 returned -16 binder: 5657:5659 ioctl 40046207 0 returned -16 sctp: failed to load transform for md5: -2 device gre0 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl device syz5 entered promiscuous mode IPVS: length: 913 != 8 netlink: 11 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 'syz-executor6': attribute type 3 has an invalid length. dccp_invalid_packet: invalid packet type dccp_invalid_packet: invalid packet type netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'. binder: 6408:6409 ioctl 8 201c5000 returned -22 binder: 6409 RLIMIT_NICE not set binder: undelivered transaction 11, process died. binder: 6408:6424 ioctl 8 201c5000 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 6408:6409 ioctl 40046207 0 returned -16 binder_alloc: 6408: binder_alloc_buf, no vma binder: 6409 RLIMIT_NICE not set binder: 6408:6424 transaction failed 29189/-3, size 0-0 line 2960 binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_COMPLETE netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. binder: BINDER_SET_CONTEXT_MGR already set binder: 6719:6738 ioctl 40046207 0 returned -16 binder: 6719:6737 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 binder: 6719:6738 Release 1 refcount change on invalid ref 0 ret -22 binder: 6833:6839 ERROR: BC_REGISTER_LOOPER called without request binder: BINDER_SET_CONTEXT_MGR already set binder: 6833:6854 ioctl 40046207 0 returned -16 binder: undelivered transaction 17, process died. netlink: 'syz-executor0': attribute type 1 has an invalid length. netlink: 'syz-executor0': attribute type 1 has an invalid length. device eql entered promiscuous mode kauditd_printk_skb: 122 callbacks suppressed audit: type=1326 audit(1514914128.206:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.224:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=277 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.224:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.229:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=257 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.229:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 QAT: Invalid ioctl audit: type=1326 audit(1514914128.233:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=267 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.233:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.234:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=257 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.234:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000 audit: type=1326 audit(1514914128.236:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6984 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=16 compat=0 ip=0x452ac9 code=0x7ffc0000