syzbot

===============================
[ INFO: suspicious RCU usage. ]
4.4.111-g1849cd3 #26 Not tainted
-------------------------------
net/ipv6/ip6_fib.c:1466 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 1, debug_locks = 0
5 locks held by syzkaller158887/3324:
 #0:  (&mm->mmap_sem){++++++}, at: [<ffffffff810dc5f0>] __do_page_fault+0x290/0xa00 arch/x86/mm/fault.c:1184
 #1:  (((&net->ipv6.ip6_fib_timer))){+.-...}, at: [<ffffffff8129fdbc>] lockdep_copy_map include/linux/lockdep.h:165 [inline]
 #1:  (((&net->ipv6.ip6_fib_timer))){+.-...}, at: [<ffffffff8129fdbc>] call_timer_fn+0xdc/0x860 kernel/time/timer.c:1168
 #2:  (fib6_gc_lock){+.-...}, at: [<ffffffff83358a6a>] spin_lock_bh include/linux/spinlock.h:307 [inline]
 #2:  (fib6_gc_lock){+.-...}, at: [<ffffffff83358a6a>] fib6_run_gc+0x3a/0x230 net/ipv6/ip6_fib.c:1811
 #3:  (rcu_read_lock){......}, at: [<ffffffff833531b0>] __fib6_clean_all+0x0/0x230 net/ipv6/ip6_fib.c:739
 #4:  (&tb->tb6_lock){++-...}, at: [<ffffffff83353295>] __fib6_clean_all+0xe5/0x230 net/ipv6/ip6_fib.c:1712

stack backtrace:
CPU: 1 PID: 3324 Comm: syzkaller158887 Not tainted 4.4.111-g1849cd3 #26
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 ffdc50c0e5d82798 ffff8801db307968 ffffffff81d0509d
 ffff8801d18b17c0 0000000000000000 0000000000000001 ffffffff83d10520
 ffffed003b660f7a ffff8801db307998 ffffffff81232909 ffff8800b7b29880
Call Trace:
 <IRQ>  [<ffffffff81d0509d>] __dump_stack lib/dump_stack.c:15 [inline]
 <IRQ>  [<ffffffff81d0509d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
 [<ffffffff81232909>] lockdep_rcu_suspicious+0x139/0x180 kernel/locking/lockdep.c:4305
 [<ffffffff83358193>] fib6_del+0x673/0xa00 net/ipv6/ip6_fib.c:1465
 [<ffffffff8335885a>] fib6_clean_node+0x33a/0x4e0 net/ipv6/ip6_fib.c:1652
 [<ffffffff8334fc8b>] fib6_walk_continue+0x39b/0x620 net/ipv6/ip6_fib.c:1578
 [<ffffffff83350029>] fib6_walk+0x89/0xd0 net/ipv6/ip6_fib.c:1623
 [<ffffffff83350152>] fib6_clean_tree+0xe2/0x130 net/ipv6/ip6_fib.c:1697
 [<ffffffff833532ae>] __fib6_clean_all+0xfe/0x230 net/ipv6/ip6_fib.c:1713
 [<ffffffff83358adf>] fib6_clean_all net/ipv6/ip6_fib.c:1724 [inline]
 [<ffffffff83358adf>] fib6_run_gc+0xaf/0x230 net/ipv6/ip6_fib.c:1821
 [<ffffffff83358c7c>] fib6_gc_timer_cb+0x1c/0x20 net/ipv6/ip6_fib.c:1836
 [<ffffffff8129fe6b>] call_timer_fn+0x18b/0x860 kernel/time/timer.c:1178
 [<ffffffff812a1f74>] __run_timers kernel/time/timer.c:1254 [inline]
 [<ffffffff812a1f74>] run_timer_softirq+0x604/0xbb0 kernel/time/timer.c:1437
 [<ffffffff83778dbd>] __do_softirq+0x24d/0xa59 kernel/softirq.c:273
 [<ffffffff8113da09>] invoke_softirq kernel/softirq.c:350 [inline]
 [<ffffffff8113da09>] irq_exit+0x119/0x140 kernel/softirq.c:391
 [<ffffffff837784fb>] exiting_irq arch/x86/include/asm/apic.h:653 [inline]
 [<ffffffff837784fb>] smp_apic_timer_interrupt+0x7b/0xa0 arch/x86/kernel/apic/apic.c:926
 [<ffffffff83777450>] apic_timer_interrupt+0xa0/0xb0 arch/x86/entry/entry_64.S:725
 <EOI>  [<ffffffff814a2e9c>] ? clear_huge_page+0x9c/0x4b0 mm/memory.c:3843
 [<ffffffff811a4cc9>] ___might_sleep+0x329/0x460 kernel/sched/core.c:7938
 [<ffffffff814a2eaf>] clear_huge_page+0xaf/0x4b0 mm/memory.c:3843
 [<ffffffff8150d400>] __do_huge_pmd_anonymous_page mm/huge_memory.c:739 [inline]
 [<ffffffff8150d400>] do_huge_pmd_anonymous_page+0x270/0xa10 mm/huge_memory.c:867
 [<ffffffff814a1c0a>] create_huge_pmd mm/memory.c:3242 [inline]
 [<ffffffff814a1c0a>] __handle_mm_fault mm/memory.c:3361 [inline]
 [<ffffffff814a1c0a>] handle_mm_fault+0x271a/0x3190 mm/memory.c:3455
 [<ffffffff810dc6bb>] __do_page_fault+0x35b/0xa00 arch/x86/mm/fault.c:1245
 [<ffffffff810dcd87>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1308
 [<ffffffff83776cc8>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1021