INFO: suspicious RCU usage in fib_compute_spec

audit: type=1400 audit(1561628165.857:5): avc:  denied  { associate } for  pid=2078 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
===============================
[ INFO: suspicious RCU usage. ]
4.9.183+ #4 Not tainted
-------------------------------
./include/linux/inetdevice.h:205 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 0
4 locks held by syz-executor.0/2226:
 #0:  (rcu_read_lock_bh){......}, at: [<00000000c5940ef2>] ip_finish_output2+0x20b/0x1280 net/ipv4/ip_output.c:198
 #1:  (rcu_read_lock_bh){......}, at: [<000000004906d2d5>] __dev_queue_xmit+0x1d4/0x1bd0 net/core/dev.c:3407
 #2:  (_xmit_TUNNEL6#2){+.....}, at: [<00000000d2778364>] spin_lock include/linux/spinlock.h:302 [inline]
 #2:  (_xmit_TUNNEL6#2){+.....}, at: [<00000000d2778364>] __netif_tx_lock include/linux/netdevice.h:3573 [inline]
 #2:  (_xmit_TUNNEL6#2){+.....}, at: [<00000000d2778364>] __dev_queue_xmit+0x1116/0x1bd0 net/core/dev.c:3469
 #3:  (slock-AF_INET){+.-...}, at: [<000000005ae1bfeb>] spin_trylock include/linux/spinlock.h:312 [inline]
 #3:  (slock-AF_INET){+.-...}, at: [<000000005ae1bfeb>] icmp_xmit_lock net/ipv4/icmp.c:220 [inline]
 #3:  (slock-AF_INET){+.-...}, at: [<000000005ae1bfeb>] __icmp_send+0x48b/0x1420 net/ipv4/icmp.c:656

stack backtrace:
CPU: 0 PID: 2226 Comm: syz-executor.0 Not tainted 4.9.183+ #4
 ffff8801cb056dd8 ffffffff81b580a1 ffff8801d24d08c0 0000000000000000
 0000000000000002 00000000000000cd ffff8801cb5b4740 ffff8801cb056e08
 ffffffff81404fb9 ffff8801d24d0918 ffff8801cb056f28 ffff8801ce0b0000
Call Trace:
 [<00000000b3225a42>] __dump_stack lib/dump_stack.c:15 [inline]
 [<00000000b3225a42>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<00000000ca097d23>] lockdep_rcu_suspicious.cold+0x10a/0x149 kernel/locking/lockdep.c:4455
 [<00000000ec0ed201>] __in_dev_get_rcu include/linux/inetdevice.h:205 [inline]
 [<00000000ec0ed201>] fib_compute_spec_dst+0x6c4/0xcc0 net/ipv4/fib_frontend.c:284
 [<00000000e9320994>] __ip_options_echo+0x4be/0x13e0 net/ipv4/ip_options.c:177
 [<0000000097f5256e>] __icmp_send+0x648/0x1420 net/ipv4/icmp.c:685
 [<00000000cecf0234>] ipv4_send_dest_unreach net/ipv4/route.c:1202 [inline]
 [<00000000cecf0234>] ipv4_link_failure+0x460/0x850 net/ipv4/route.c:1209
 [<00000000e7613375>] dst_link_failure include/net/dst.h:490 [inline]
 [<00000000e7613375>] vti6_xmit net/ipv6/ip6_vti.c:522 [inline]
 [<00000000e7613375>] vti6_tnl_xmit+0xb08/0x17f0 net/ipv6/ip6_vti.c:561
 [<00000000a169d3c0>] __netdev_start_xmit include/linux/netdevice.h:4072 [inline]
 [<00000000a169d3c0>] netdev_start_xmit include/linux/netdevice.h:4081 [inline]
 [<00000000a169d3c0>] xmit_one net/core/dev.c:2977 [inline]
 [<00000000a169d3c0>] dev_hard_start_xmit+0x195/0x8b0 net/core/dev.c:2993
 [<000000001c3e7a60>] __dev_queue_xmit+0x11a3/0x1bd0 net/core/dev.c:3473
 [<00000000a7305b31>] dev_queue_xmit+0x18/0x20 net/core/dev.c:3506
 [<000000008999fedf>] neigh_direct_output+0x16/0x20 net/core/neighbour.c:1366
 [<00000000229d2d30>] dst_neigh_output include/net/dst.h:470 [inline]
 [<00000000229d2d30>] ip_finish_output2+0x6a2/0x1280 net/ipv4/ip_output.c:225
 [<00000000e2b3aed9>] ip_finish_output+0x3c4/0xce0 net/ipv4/ip_output.c:313
 [<00000000d28d90d4>] NF_HOOK_COND include/linux/netfilter.h:246 [inline]
 [<00000000d28d90d4>] ip_output+0x1ec/0x5b0 net/ipv4/ip_output.c:401
 [<000000001235560a>] dst_output include/net/dst.h:507 [inline]
 [<000000001235560a>] NF_HOOK_THRESH include/linux/netfilter.h:232 [inline]
 [<000000001235560a>] NF_HOOK include/linux/netfilter.h:255 [inline]
 [<000000001235560a>] raw_send_hdrinc net/ipv4/raw.c:421 [inline]
 [<000000001235560a>] raw_sendmsg+0x1c5c/0x23e0 net/ipv4/raw.c:643
 [<00000000c5ef49bb>] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:766
 [<00000000d881e55c>] sock_sendmsg_nosec net/socket.c:649 [inline]
 [<00000000d881e55c>] sock_sendmsg+0xbe/0x110 net/socket.c:659
 [<0000000016773a78>] sock_write_iter+0x235/0x3d0 net/socket.c:857
 [<0000000033a255e3>] new_sync_write fs/read_write.c:498 [inline]
 [<0000000033a255e3>] __vfs_write+0x3c1/0x560 fs/read_write.c:511
 [<00000000beff5a4c>] vfs_write+0x185/0x520 fs/read_write.c:559
 [<00000000ec80668c>] SYSC_write fs/read_write.c:607 [inline]
 [<00000000ec80668c>] SyS_write+0x121/0x270 fs/read_write.c:599
 [<00000000ed7d111c>] ? do_sys

Crashes (2211):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	Manager
2019/06/27 09:39	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 09:20	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 08:59	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 07:34	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 07:10	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 06:51	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 06:30	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/27 02:24	https://android.googlesource.com/kernel/common android-4.9	a80a7ab5f7c3	7509bf36	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/21 15:46	https://android.googlesource.com/kernel/common android-4.9	b9dc7bb832a3	34bf9440	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/06/21 15:17	https://android.googlesource.com/kernel/common android-4.9	b9dc7bb832a3	34bf9440	.config	console log	report	syz	ci-android-49-kasan-gce-root
2019/12/04 08:15	android-4.9	a36b5017c810	0ecb9746	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/04 07:12	android-4.9	a36b5017c810	ae13a849	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/04 03:44	android-4.9	a36b5017c810	ae13a849	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 21:43	android-4.9	a36b5017c810	ae13a849	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 18:33	android-4.9	a36b5017c810	ae13a849	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 16:29	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 11:00	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 09:43	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 08:58	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 05:07	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/03 00:05	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 21:21	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 20:20	android-4.9	a36b5017c810	ab342da3	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 17:58	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 14:59	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 09:34	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 08:24	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 06:19	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/02 01:45	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 23:56	android-4.9	a36b5017c810	f879db37	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 20:51	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 18:52	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 16:19	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 14:35	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 13:24	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 11:50	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 10:00	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 08:33	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/12/01 04:07	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 22:20	android-4.9	a36b5017c810	a76bf83f	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 19:59	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 18:41	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 16:54	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 15:44	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 13:55	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 11:59	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 10:53	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/30 01:12	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/29 23:46	android-4.9	a36b5017c810	3a75be00	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/29 22:39	android-4.9	a36b5017c810	d29b9e84	.config	console log	report		ci-android-49-kasan-gce-root
2019/11/29 20:36	android-4.9	a36b5017c810	d29b9e84	.config	console log	report		ci-android-49-kasan-gce-root

Crashes (2211):

Time

Assets (help?)

2019/06/27 09:39

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 09:20

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 08:59

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 07:34

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 07:10

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 06:51

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 06:30

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/27 02:24

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/21 15:46

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/06/21 15:17

https://android.googlesource.com/kernel/common android-4.9

syz

ci-android-49-kasan-gce-root

2019/12/04 08:15

android-4.9

ci-android-49-kasan-gce-root

2019/12/04 07:12

android-4.9

ci-android-49-kasan-gce-root

2019/12/04 03:44

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 21:43

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 18:33

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 16:29

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 11:00

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 09:43

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 08:58

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 05:07

android-4.9

ci-android-49-kasan-gce-root

2019/12/03 00:05

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 21:21

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 20:20

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 17:58

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 14:59

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 09:34

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 08:24

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 06:19

android-4.9

ci-android-49-kasan-gce-root

2019/12/02 01:45

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 23:56

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 20:51

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 18:52

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 16:19

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 14:35

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 13:24

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 11:50

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 10:00

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 08:33

android-4.9

ci-android-49-kasan-gce-root

2019/12/01 04:07

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 22:20

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 19:59

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 18:41

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 16:54

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 15:44

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 13:55

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 11:59

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 10:53

android-4.9

ci-android-49-kasan-gce-root

2019/11/30 01:12

android-4.9

ci-android-49-kasan-gce-root

2019/11/29 23:46

android-4.9

ci-android-49-kasan-gce-root

2019/11/29 22:39

android-4.9

ci-android-49-kasan-gce-root

2019/11/29 20:36

android-4.9

ci-android-49-kasan-gce-root