=============================== [ INFO: suspicious RCU usage. ] 4.9.141+ #1 Not tainted ------------------------------- net/ipv6/ip6_fib.c:1471 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 0 7 locks held by sshd/2069: #0: (sk_lock-AF_INET){+.+.+.}, at: [] lock_sock include/net/sock.h:1404 [inline] #0: (sk_lock-AF_INET){+.+.+.}, at: [] tcp_sendmsg+0xbd/0x2fd0 net/ipv4/tcp.c:1140 #1: (rcu_read_lock){......}, at: [] read_pnet include/net/net_namespace.h:271 [inline] #1: (rcu_read_lock){......}, at: [] sock_net include/net/sock.h:2207 [inline] #1: (rcu_read_lock){......}, at: [] ip_queue_xmit+0x3e/0x18c0 net/ipv4/ip_output.c:425 #2: (rcu_read_lock){......}, at: [] __ip_local_out+0x1da/0x5b0 net/ipv4/ip_output.c:113 #3: (((&net->ipv6.ip6_fib_timer))){+.-...}, at: [] lockdep_copy_map include/linux/lockdep.h:165 [inline] #3: (((&net->ipv6.ip6_fib_timer))){+.-...}, at: [] call_timer_fn+0xda/0x6e0 kernel/time/timer.c:1309 #4: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-...}, at: [] spin_lock_bh include/linux/spinlock.h:307 [inline] #4: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-...}, at: [] fib6_run_gc+0xa5/0x2c0 net/ipv6/ip6_fib.c:1816 #5: (rcu_read_lock){......}, at: [] __fib6_clean_all+0x0/0x220 net/ipv6/ip6_fib.c:1703 #6: (&tb->tb6_lock){++--..}, at: [] __fib6_clean_all+0xe0/0x220 net/ipv6/ip6_fib.c:1717 stack backtrace: CPU: 0 PID: 2069 Comm: sshd Not tainted 4.9.141+ #1 ffff8801db6078c8 ffffffff81b42e79 ffff8801cf094740 0000000000000000 0000000000000002 ffffffff82cc2480 ffffed003b6c0f67 ffff8801db6078f8 ffffffff813fe948 ffff8801d74a6fc0 ffff8801db607ae8 ffff8801d74a6fc0 Call Trace: [ 674.502497] [] __dump_stack lib/dump_stack.c:15 [inline] [ 674.502497] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] lockdep_rcu_suspicious.cold.32+0x110/0x141 kernel/locking/lockdep.c:4455 [] fib6_del+0x810/0xb10 net/ipv6/ip6_fib.c:1470 [] fib6_clean_node+0x220/0x4c0 net/ipv6/ip6_fib.c:1657 [] fib6_walk_continue+0x3e5/0x640 net/ipv6/ip6_fib.c:1583 [] fib6_walk+0x91/0xf0 net/ipv6/ip6_fib.c:1628 [] fib6_clean_tree+0xd3/0x110 net/ipv6/ip6_fib.c:1702 [] __fib6_clean_all+0xf9/0x220 net/ipv6/ip6_fib.c:1718 [] fib6_clean_all net/ipv6/ip6_fib.c:1729 [inline] [] fib6_run_gc+0x117/0x2c0 net/ipv6/ip6_fib.c:1826 [] fib6_gc_timer_cb+0x1c/0x20 net/ipv6/ip6_fib.c:1841 [] call_timer_fn+0x163/0x6e0 kernel/time/timer.c:1319 [] expire_timers+0x234/0x580 kernel/time/timer.c:1359 [] __run_timers kernel/time/timer.c:1674 [inline] [] run_timer_softirq+0x208/0x5e0 kernel/time/timer.c:1687 [] __do_softirq+0x20e/0x964 kernel/softirq.c:288 [] invoke_softirq kernel/softirq.c:368 [inline] [] irq_exit+0x11c/0x150 kernel/softirq.c:409 [] exiting_irq arch/x86/include/asm/apic.h:669 [inline] [] smp_apic_timer_interrupt+0x81/0xb0 arch/x86/kernel/apic/apic.c:962 [] apic_timer_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:648 [ 674.760538] [] ? nf_nat_ipv4_local_fn+0x244/0x470 net/ipv4/netfilter/nf_nat_l3proto_ipv4.c:414 [] iptable_nat_ipv4_local_fn+0x2c/0x40 net/ipv4/netfilter/iptable_nat.c:67 [] nf_iterate+0x126/0x310 net/netfilter/core.c:324 [] nf_hook_slow+0x114/0x1e0 net/netfilter/core.c:355 [] nf_hook_thresh include/linux/netfilter.h:191 [inline] [] nf_hook include/linux/netfilter.h:203 [inline] [] __ip_local_out+0x42e/0x5b0 net/ipv4/ip_output.c:113 [] ip_local_out+0x29/0x180 net/ipv4/ip_output.c:122 [] ip_queue_xmit+0x897/0x18c0 net/ipv4/ip_output.c:500 [] __tcp_transmit_skb+0x18bb/0x2df0 net/ipv4/tcp_output.c:1041 [] tcp_transmit_skb net/ipv4/tcp_output.c:1057 [inline] [] tcp_write_xmit+0xf7d/0x4580 net/ipv4/tcp_output.c:2221 [] __tcp_push_pending_frames+0xa4/0x250 net/ipv4/tcp_output.c:2402 [] tcp_push+0x3fe/0x5e0 net/ipv4/tcp.c:688 [] tcp_sendmsg+0x112b/0x2fd0 net/ipv4/tcp.c:1348 [] inet_sendmsg+0x203/0x4d0 net/ipv4/af_inet.c:770 [] sock_sendmsg_nosec net/socket.c:648 [inline] [] sock_sendmsg+0xbb/0x110 net/socket.c:658 [] sock_write_iter+0x223/0x3b0 net/socket.c:856 [] new_sync_write fs/read_write.c:496 [inline] [] __vfs_write+0x3d7/0x580 fs/read_write.c:509 [] vfs_write+0x187/0x520 fs/read_write.c:557 [] SYSC_write fs/read_write.c:604 [inline] [] SyS_write+0xd9/0x1c0 fs/read_write.c:596 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9300 comm=syz-executor.0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9326 comm=syz-executor.0 binder: BINDER_SET_CONTEXT_MGR already set binder: 9596:9600 ioctl 40046207 0 returned -16 binder: 9596:9600 got transaction with invalid parent offset or type binder: 9596:9600 transaction failed 29201/-22, size 40-8 line 3259 binder: undelivered TRANSACTION_ERROR: 29201 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1793 sclass=netlink_xfrm_socket pig=10269 comm=syz-executor.0 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1793 sclass=netlink_xfrm_socket pig=10281 comm=syz-executor.0