[ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.255' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.902977] [ 26.904647] ============================= [ 26.909846] WARNING: suspicious RCU usage [ 26.913982] 4.14.300-syzkaller #0 Not tainted [ 26.919020] ----------------------------- [ 26.923149] net/sched/act_sample.c:95 suspicious rcu_dereference_protected() usage! [ 26.931637] [ 26.931637] other info that might help us debug this: [ 26.931637] [ 26.940196] [ 26.940196] rcu_scheduler_active = 2, debug_locks = 1 [ 26.946846] 1 lock held by syz-executor156/7973: [ 26.952169] #0: (rtnl_mutex){+.+.}, at: [] rtnetlink_rcv_msg+0x31d/0xb10 [ 26.961131] [ 26.961131] stack backtrace: [ 26.965610] CPU: 0 PID: 7973 Comm: syz-executor156 Not tainted 4.14.300-syzkaller #0 [ 26.973461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 26.982784] Call Trace: [ 26.985347] dump_stack+0x1b2/0x281 [ 26.988952] tcf_sample_init+0x71c/0x8c0 [ 26.992992] ? tcf_sample_cleanup_rcu+0x60/0x60 [ 26.997651] tcf_action_init_1+0x51a/0x9e0 [ 27.001861] ? tcf_action_dump_old+0x80/0x80 [ 27.006245] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 27.012104] ? nla_parse+0x157/0x1f0 [ 27.015789] tcf_action_init+0x26d/0x400 [ 27.019835] ? tcf_action_init_1+0x9e0/0x9e0 [ 27.024232] ? memset+0x20/0x40 [ 27.027484] ? nla_parse+0x157/0x1f0 [ 27.031262] tc_ctl_action+0x2e3/0x510 [ 27.035209] ? tca_action_gd+0x790/0x790 [ 27.039242] ? rtnetlink_rcv_msg+0x2e8/0xb10 [ 27.043641] ? tca_action_gd+0x790/0x790 [ 27.047677] rtnetlink_rcv_msg+0x3be/0xb10 [ 27.051886] ? rtnl_calcit.isra.0+0x3a0/0x3a0 [ 27.056355] ? __netlink_lookup+0x345/0x5d0 [ 27.060658] netlink_rcv_skb+0x125/0x390 [ 27.064692] ? rtnl_calcit.isra.0+0x3a0/0x3a0 [ 27.069159] ? netlink_ack+0x9a0/0x9a0 [ 27.073021] netlink_unicast+0x437/0x610 [ 27.077056] ? netlink_sendskb+0xd0/0xd0 [ 27.081090] ? __check_object_size+0x179/0x230 [ 27.085648] netlink_sendmsg+0x648/0xbc0 [ 27.089684] ? nlmsg_notify+0x1b0/0x1b0 [ 27.093630] ? kernel_recvmsg+0x210/0x210 [ 27.097755] ? security_socket_sendmsg+0x83/0xb0 [ 27.102489] ? nlmsg_notify+0x1b0/0x1b0 [ 27.106847] sock_sendmsg+0xb5/0x100 [ 27.110533] ___sys_sendmsg+0x6c8/0x800 [ 27.114482] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 27.119214] ? lock_downgrade+0x740/0x740 [ 27.123335] ? __lru_cache_add+0x178/0x250 [ 27.127542] ? do_raw_spin_unlock+0x164/0x220 [ 27.132012] ? _raw_spin_unlock+0x29/0x40 [ 27.136131] ? do_huge_pmd_anonymous_page+0x72e/0x1700 [ 27.141381] ? prep_transhuge_page+0xa0/0xa0 [ 27.145762] ? _raw_spin_unlock+0x29/0x40 [ 27.149884] ? __pmd_alloc+0x27f/0x3f0 [ 27.153747] ? __handle_mm_fault+0x80f/0x4620 [ 27.158216] ? lock_downgrade+0x740/0x740 [ 27.162335] ? vm_insert_page+0x7c0/0x7c0 [ 27.166458] ? __fdget+0x167/0x1f0 [ 27.169970] ? sockfd_lookup_light+0xb2/0x160 [ 27.174438] __sys_sendmsg+0xa3/0x120 [ 27.178210] ? SyS_shutdown+0x160/0x160 [ 27.182161] ? up_read+0x17/0x30 [ 27.185500] ? __do_page_fault+0x159/0xad0 [ 27.189723] SyS_sendmsg+0x27/0x40 [ 27.193243] ? __sys_sendmsg+0x120/0x120 [ 27.197361] do_syscall_64+0x1d5/0x640 [ 27.201229] entry_SYSCALL_64_aft