=============================== [ INFO: suspicious RCU usage. ] 4.9.153+ #18 Not tainted ------------------------------- net/ipv6/ip6_fib.c:1470 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 0 4 locks held by syz-executor1/1977: #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 #1: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-...}, at: [] spin_trylock_bh include/linux/spinlock.h:367 [inline] #1: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-...}, at: [] fib6_run_gc+0x22c/0x2e0 net/ipv6/ip6_fib.c:1817 #2: (rcu_read_lock){......}, at: [] __fib6_clean_all+0x0/0x230 net/ipv6/ip6_fib.c:1703 #3: (&tb->tb6_lock){++--..}, at: [] __fib6_clean_all+0xe3/0x230 net/ipv6/ip6_fib.c:1717 stack backtrace: CPU: 1 PID: 1977 Comm: syz-executor1 Not tainted 4.9.153+ #18 ffff88019feb74d8 ffffffff81b47491 ffff8801c64de540 0000000000000000 0000000000000002 00000000000005be ffff88018cff5f00 ffff88019feb7508 ffffffff813feb85 ffff88019feb7728 dffffc0000000000 00000000ffffffff Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] lockdep_rcu_suspicious.cold+0x10a/0x149 kernel/locking/lockdep.c:4455 [] fib6_del+0x81f/0xb20 net/ipv6/ip6_fib.c:1470 [] fib6_clean_node+0x29c/0x4d0 net/ipv6/ip6_fib.c:1657 [] fib6_walk_continue+0x3e0/0x630 net/ipv6/ip6_fib.c:1583 [] fib6_walk+0x9d/0xf0 net/ipv6/ip6_fib.c:1628 [] fib6_clean_tree+0xe7/0x120 net/ipv6/ip6_fib.c:1702 [] __fib6_clean_all+0xfb/0x230 net/ipv6/ip6_fib.c:1718 [] fib6_clean_all net/ipv6/ip6_fib.c:1729 [inline] [] fib6_run_gc+0x124/0x2e0 net/ipv6/ip6_fib.c:1826 [] ndisc_netdev_event+0x2ab/0x350 net/ipv6/ndisc.c:1750 [] notifier_call_chain+0xb4/0x1d0 kernel/notifier.c:93 [] __raw_notifier_call_chain kernel/notifier.c:394 [inline] [] raw_notifier_call_chain+0x2e/0x40 kernel/notifier.c:401 [] call_netdevice_notifiers_info+0x56/0x70 net/core/dev.c:1647 [] call_netdevice_notifiers net/core/dev.c:1663 [inline] [] __dev_notify_flags+0x1a8/0x270 net/core/dev.c:6541 [] dev_change_flags+0xf7/0x140 net/core/dev.c:6572 [] dev_ifsioc+0x292/0x7a0 net/core/dev_ioctl.c:255 [] dev_ioctl+0x1d8/0xce0 net/core/dev_ioctl.c:533 [] sock_do_ioctl+0x99/0xb0 net/socket.c:912 [] sock_ioctl+0x24c/0x3d0 net/socket.c:991 [] vfs_ioctl fs/ioctl.c:43 [inline] [] file_ioctl fs/ioctl.c:493 [inline] [] do_vfs_ioctl+0xb87/0x11d0 fs/ioctl.c:677 [] SYSC_ioctl fs/ioctl.c:694 [inline] [] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685 [] do_syscall_64+0x1ad/0x570 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65160 sclass=netlink_route_socket pig=2022 comm=syz-executor3 netlink: 24 bytes leftover after parsing attributes in process `syz-executor2'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65160 sclass=netlink_route_socket pig=2075 comm=syz-executor3 audit_printk_skb: 78 callbacks suppressed audit: type=1400 audit(1592.595:4303): avc: denied { prog_load } for pid=2067 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1592.635:4304): avc: denied { wake_alarm } for pid=2080 comm="syz-executor2" capability=35 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 audit: type=1400 audit(1593.145:4305): avc: denied { prog_load } for pid=2099 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1595.085:4306): avc: denied { wake_alarm } for pid=2105 comm="syz-executor2" capability=35 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 audit: type=1400 audit(1595.155:4307): avc: denied { create } for pid=2119 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1595.175:4308): avc: denied { write } for pid=2119 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1595.235:4309): avc: denied { create } for pid=2119 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1595.325:4310): avc: denied { prog_load } for pid=2125 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1595.475:4311): avc: denied { prog_load } for pid=2135 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1595.725:4312): avc: denied { prog_load } for pid=2145 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit_printk_skb: 15 callbacks suppressed audit: type=1400 audit(1598.785:4318): avc: denied { wake_alarm } for pid=2199 comm="syz-executor2" capability=35 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 audit: type=1400 audit(1599.355:4319): avc: denied { wake_alarm } for pid=2227 comm="syz-executor2" capability=35 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 audit: type=1400 audit(1599.885:4320): avc: denied { prog_load } for pid=2238 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1599.985:4321): avc: denied { wake_alarm } for pid=2245 comm="syz-executor2" capability=35 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 audit: type=1400 audit(1600.235:4322): avc: denied { prog_load } for pid=2263 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1