[ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.98' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.487517] [ 27.489225] ============================= [ 27.493592] WARNING: suspicious RCU usage [ 27.497737] 4.14.293-syzkaller #0 Not tainted [ 27.502383] ----------------------------- [ 27.506531] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! [ 27.514201] [ 27.514201] other info that might help us debug this: [ 27.514201] [ 27.522870] [ 27.522870] rcu_scheduler_active = 2, debug_locks = 1 [ 27.529545] 2 locks held by syz-executor853/7968: [ 27.534556] #0: (cb_lock){++++}, at: [] genl_rcv+0x15/0x40 [ 27.542089] #1: (genl_mutex){+.+.}, at: [] genl_rcv_msg+0x112/0x140 [ 27.550339] [ 27.550339] stack backtrace: [ 27.554889] CPU: 0 PID: 7968 Comm: syz-executor853 Not tainted 4.14.293-syzkaller #0 [ 27.562934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 27.572391] Call Trace: [ 27.574984] dump_stack+0x1b2/0x281 [ 27.578736] tipc_bearer_find+0x1ff/0x2f0 [ 27.582864] tipc_nl_compat_link_set+0x40b/0xb90 [ 27.587704] ? __alloc_skb+0x3dc/0x510 [ 27.591571] tipc_nl_compat_doit+0x192/0x5d0 [ 27.595957] ? tipc_nl_compat_link_set+0xb90/0xb90 [ 27.601022] ? security_capable+0x88/0xb0 [ 27.605170] ? ns_capable_common+0x127/0x150 [ 27.609584] tipc_nl_compat_recv+0xa0b/0xae0 [ 27.613996] ? tipc_nl_compat_dumpit+0x7a0/0x7a0 [ 27.618733] ? tipc_nl_node_dump+0xc20/0xc20 [ 27.623114] ? __tipc_add_link_prop.isra.0+0x190/0x190 [ 27.628371] ? lock_downgrade+0x740/0x740 [ 27.632508] genl_family_rcv_msg+0x572/0xb20 [ 27.636901] ? __lock_acquire+0x5fc/0x3f20 [ 27.641119] ? genl_rcv+0x40/0x40 [ 27.644555] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 27.649988] ? __kmalloc_node_track_caller+0x4c/0x70 [ 27.655072] ? trace_hardirqs_on+0x10/0x10 [ 27.659294] genl_rcv_msg+0xaf/0x140 [ 27.662992] netlink_rcv_skb+0x125/0x390 [ 27.667054] ? genl_family_rcv_msg+0xb20/0xb20 [ 27.671627] ? netlink_ack+0x9a0/0x9a0 [ 27.675514] ? lock_acquire+0x170/0x3f0 [ 27.679502] genl_rcv+0x24/0x40 [ 27.682797] netlink_unicast+0x437/0x610 [ 27.686986] ? netlink_sendskb+0xd0/0xd0 [ 27.691298] ? __check_object_size+0x179/0x230 [ 27.695867] netlink_sendmsg+0x648/0xbc0 [ 27.699912] ? nlmsg_notify+0x1b0/0x1b0 [ 27.703865] ? kernel_recvmsg+0x210/0x210 [ 27.707996] ? security_socket_sendmsg+0x83/0xb0 [ 27.712731] ? nlmsg_notify+0x1b0/0x1b0 [ 27.716689] sock_sendmsg+0xb5/0x100 [ 27.720398] ___sys_sendmsg+0x6c8/0x800 [ 27.724370] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 27.729124] ? __lock_acquire+0x5fc/0x3f20 [ 27.733353] ? __dentry_kill+0x3f7/0x550 [ 27.737403] ? trace_hardirqs_on+0x10/0x10 [ 27.741630] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 27.747289] ? dentry_free+0xc6/0x120 [ 27.751076] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 27.756379] ? kmem_cache_free+0x23a/0x2b0 [ 27.760596] ? mntput_no_expire+0xc7/0x910 [ 27.764813] ? lock_acquire+0x170/0x3f0 [ 27.768767] ? __fdget+0x167/0x1f0 [ 27.772307] ? sockfd_lookup_light+0xb2/0x160 [ 27.776798] __sys_sendmsg+0xa3/0x120 [ 27.780586] ? SyS_shutdown+0x160/0x160 [ 27.784806] SyS_sendmsg+0x27/0x40 [ 27.788349] ? __sys_sendmsg+0x120/0x120 [ 27.792410] do_syscall_64+0x1d5/0x640 [ 27.796356] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.801529] RIP: 0033:0x7f283229db79 [ 27.805332] RSP: 002b:00007fff243bb0f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 27.813173] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f283229db79 [ 27.820427] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003 [ 27.827699] RBP: 00007f28322615e0 R08: 0000000000000000 R09: 0000000000000000 [ 27.834966] R10: 0000000000001800 R11: 0000000