[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.234' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 37.935125] [ 37.937022] ============================= [ 37.941151] WARNING: suspicious RCU usage [ 37.946921] 4.14.212-syzkaller #0 Not tainted [ 37.951410] ----------------------------- [ 37.956751] net/sched/act_sample.c:95 suspicious rcu_dereference_protected() usage! [ 37.964722] [ 37.964722] other info that might help us debug this: [ 37.964722] [ 37.973846] [ 37.973846] rcu_scheduler_active = 2, debug_locks = 1 [ 37.980758] 1 lock held by syz-executor914/8016: [ 37.985609] #0: (rtnl_mutex){+.+.}, at: [] rtnetlink_rcv_msg+0x31d/0xb10 [ 37.994313] [ 37.994313] stack backtrace: [ 37.999001] CPU: 0 PID: 8016 Comm: syz-executor914 Not tainted 4.14.212-syzkaller #0 [ 38.007052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.016586] Call Trace: [ 38.019158] dump_stack+0x1b2/0x283 [ 38.022999] tcf_sample_init+0x71c/0x8c0 [ 38.027050] ? tcf_sample_cleanup_rcu+0x60/0x60 [ 38.031723] tcf_action_init_1+0x51a/0x9e0 [ 38.035945] ? tcf_action_dump_old+0x80/0x80 [ 38.040377] ? nla_parse+0x157/0x1f0 [ 38.044268] tcf_action_init+0x26d/0x400 [ 38.048329] ? tcf_action_init_1+0x9e0/0x9e0 [ 38.052728] ? memset+0x20/0x40 [ 38.056018] ? nla_parse+0x157/0x1f0 [ 38.059728] tc_ctl_action+0x2e3/0x50f [ 38.063617] ? tca_action_gd+0x790/0x790 [ 38.067679] ? rtnetlink_rcv_msg+0x2e8/0xb10 [ 38.072080] ? tca_action_gd+0x790/0x790 [ 38.076136] rtnetlink_rcv_msg+0x3be/0xb10 [ 38.080373] ? rtnl_calcit.isra.0+0x3a0/0x3a0 [ 38.084871] ? __netlink_lookup+0x345/0x5d0 [ 38.089266] netlink_rcv_skb+0x125/0x390 [ 38.093405] ? rtnl_calcit.isra.0+0x3a0/0x3a0 [ 38.097995] ? netlink_ack+0x9a0/0x9a0 [ 38.101893] netlink_unicast+0x437/0x610 [ 38.106077] ? netlink_sendskb+0xd0/0xd0 [ 38.110129] ? __check_object_size+0x179/0x22c [ 38.114720] netlink_sendmsg+0x62e/0xb80 [ 38.118783] ? nlmsg_notify+0x170/0x170 [ 38.122757] ? kernel_recvmsg+0x210/0x210 [ 38.126903] ? security_socket_sendmsg+0x83/0xb0 [ 38.131673] ? nlmsg_notify+0x170/0x170 [ 38.135650] sock_sendmsg+0xb5/0x100 [ 38.139489] ___sys_sendmsg+0x6c8/0x800 [ 38.143460] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 38.148274] ? lock_downgrade+0x740/0x740 [ 38.152427] ? do_raw_spin_unlock+0x164/0x220 [ 38.156914] ? _raw_spin_unlock+0x29/0x40 [ 38.161061] ? do_huge_pmd_anonymous_page+0x72e/0x1700 [ 38.166432] ? prep_transhuge_page+0xa0/0xa0 [ 38.170843] ? __handle_mm_fault+0x80f/0x4620 [ 38.175335] ? vm_insert_page+0x7c0/0x7c0 [ 38.179471] ? __fdget+0x167/0x1f0 [ 38.183001] ? sockfd_lookup_light+0xb2/0x160 [ 38.187497] __sys_sendmsg+0xa3/0x120 [ 38.191301] ? SyS_shutdown+0x160/0x160 [ 38.195287] ? up_read+0x17/0x30 [ 38.198646] ? __do_page_fault+0x159/0xad0 [ 38.202888] SyS_sendmsg+0x27/0x40 [ 38.206428] ? __sys_sendmsg+0x120/0x120 [ 38.210492] do_syscall_64+0x1d5/0x640 [ 38.214383] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 38.219608] RIP: 0033:0x440499 [ 38.222894] RSP: 002b:00007ffe4319c8b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 38.230608] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000