============================= WARNING: suspicious RCU usage 4.14.98+ #7 Not tainted ----------------------------- net/ipv6/ip6_fib.c:1590 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 8 locks held by syz-executor.0/28805: #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0xa6/0xc0 fs/file.c:768 #1: (sb_writers#4){.+.+}, at: [] file_start_write include/linux/fs.h:2726 [inline] #1: (sb_writers#4){.+.+}, at: [] vfs_write+0x3d8/0x4d0 fs/read_write.c:545 #2: (&sb->s_type->i_mutex_key#9){++++}, at: [] inode_trylock include/linux/fs.h:735 [inline] #2: (&sb->s_type->i_mutex_key#9){++++}, at: [] ext4_file_write_iter+0x1bb/0xe10 fs/ext4/file.c:230 #3: (&(&ei->i_raw_lock)->rlock){+.+.}, at: [] spin_lock include/linux/spinlock.h:317 [inline] #3: (&(&ei->i_raw_lock)->rlock){+.+.}, at: [] ext4_do_update_inode fs/ext4/inode.c:5108 [inline] #3: (&(&ei->i_raw_lock)->rlock){+.+.}, at: [] ext4_mark_iloc_dirty+0x1ff/0x27e0 fs/ext4/inode.c:5739 #4: (((&net->ipv6.ip6_fib_timer))){+.-.}, at: [] lockdep_copy_map include/linux/lockdep.h:174 [inline] #4: (((&net->ipv6.ip6_fib_timer))){+.-.}, at: [] call_timer_fn+0xc6/0x680 kernel/time/timer.c:1269 #5: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-.}, at: [] spin_lock_bh include/linux/spinlock.h:322 [inline] #5: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-.}, at: [] fib6_run_gc+0x93/0x2a0 net/ipv6/ip6_fib.c:1938 #6: (rcu_read_lock){....}, at: [] __fib6_clean_all+0x0/0x230 net/ipv6/ip6_fib.c:1823 #7: (&tb->tb6_lock){++--}, at: [] __fib6_clean_all+0xde/0x230 net/ipv6/ip6_fib.c:1837 stack backtrace: CPU: 0 PID: 28805 Comm: syz-executor.0 Not tainted 4.14.98+ #7 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xb9/0x10e lib/dump_stack.c:53 fib6_del+0x8c2/0xbe0 net/ipv6/ip6_fib.c:1590 fib6_clean_node+0x270/0x440 net/ipv6/ip6_fib.c:1777 fib6_walk_continue+0x3a5/0x5f0 net/ipv6/ip6_fib.c:1703 fib6_walk+0x8d/0xe0 net/ipv6/ip6_fib.c:1748 fib6_clean_tree+0xd4/0x110 net/ipv6/ip6_fib.c:1822 __fib6_clean_all+0xf5/0x230 net/ipv6/ip6_fib.c:1838 fib6_clean_all net/ipv6/ip6_fib.c:1849 [inline] fib6_run_gc+0x104/0x2a0 net/ipv6/ip6_fib.c:1947 call_timer_fn+0x14a/0x680 kernel/time/timer.c:1279 expire_timers+0x216/0x4b0 kernel/time/timer.c:1318 __run_timers kernel/time/timer.c:1634 [inline] run_timer_softirq+0x1eb/0x5d0 kernel/time/timer.c:1647 __do_softirq+0x234/0x9ca kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x114/0x150 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:648 [inline] smp_apic_timer_interrupt+0x185/0x620 arch/x86/kernel/apic/apic.c:1064 apic_timer_interrupt+0x84/0x90 arch/x86/entry/entry_64.S:787 RIP: 0010:ext4_do_update_inode fs/ext4/inode.c:5130 [inline] RIP: 0010:ext4_mark_iloc_dirty+0x5af/0x27e0 fs/ext4/inode.c:5739 RSP: 0018:ffff8881c6087700 EFLAGS: 00000a06 ORIG_RAX: ffffffffffffff10 RAX: dffffc0000000000 RBX: ffff8881bfe96310 RCX: 000000000002e509 RDX: 1ffff1102cde446f RSI: ffffc900027ba000 RDI: ffff888166f22378 RBP: ffff888166f22300 R08: 0000000000007222 R09: 00000000000402ee R10: ffff8881d4aee6a8 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: ffff8881d5829100 R15: ffff8881c6087860 ext4_mark_inode_dirty+0x1d6/0x7e0 fs/ext4/inode.c:5918 ext4_dirty_inode+0x6c/0x90 fs/ext4/inode.c:5949 __mark_inode_dirty+0x108/0x1030 fs/fs-writeback.c:2097 kauditd_printk_skb: 194 callbacks suppressed audit: type=1400 audit(2000000259.510:44674): avc: denied { create } for pid=28810 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(2000000259.510:44675): avc: denied { write } for pid=28810 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(2000000259.560:44676): avc: denied { map } for pid=28824 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000259.560:44677): avc: denied { map } for pid=28824 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000259.560:44678): avc: denied { map } for pid=28824 comm="modprobe" path="/etc/ld.so.cache" dev="sda1" ino=2503 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000259.560:44679): avc: denied { map } for pid=28824 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000259.560:44680): avc: denied { map } for pid=28824 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000259.610:44681): avc: denied { read } for pid=28810 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(2000000259.620:44682): avc: denied { create } for pid=28810 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(2000000259.620:44683): avc: denied { write } for pid=28810 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'. netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'. kauditd_printk_skb: 180 callbacks suppressed audit: type=1400 audit(2000000264.520:44864): avc: denied { map } for pid=29008 comm="modprobe" path="/etc/ld.so.cache" dev="sda1" ino=2503 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.590:44865): avc: denied { map } for pid=29008 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.590:44866): avc: denied { map } for pid=29008 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.600:44868): avc: denied { map } for pid=29008 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.600:44869): avc: denied { map } for pid=29008 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.600:44867): avc: denied { map_create } for pid=29009 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(2000000264.630:44870): avc: denied { map } for pid=29017 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.630:44871): avc: denied { map } for pid=29017 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.630:44872): avc: denied { map } for pid=29017 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(2000000264.630:44873): avc: denied { map } for pid=29017 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 syz-executor.3 (29047) used greatest stack depth: 23232 bytes left