============================= WARNING: suspicious RCU usage 4.14.281-syzkaller #0 Not tainted ----------------------------- net/netfilter/nf_queue.c:244 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 4 locks held by syz-executor.4/8013: #0: (sb_writers#3){.+.+}, at: [] sb_start_write include/linux/fs.h:1551 [inline] #0: (sb_writers#3){.+.+}, at: [] mnt_want_write+0x3a/0xb0 fs/namespace.c:386 #1: (sb_internal){.+.+}, at: [] sb_start_intwrite include/linux/fs.h:1598 [inline] #1: (sb_internal){.+.+}, at: [] ext4_evict_inode+0x1079/0x1530 fs/ext4/inode.c:258 #2: (rcu_callback){....}, at: [] __rcu_reclaim kernel/rcu/rcu.h:185 [inline] #2: (rcu_callback){....}, at: [] rcu_do_batch kernel/rcu/tree.c:2699 [inline] #2: (rcu_callback){....}, at: [] invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline] #2: (rcu_callback){....}, at: [] __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline] #2: (rcu_callback){....}, at: [] rcu_process_callbacks+0x84e/0x1180 kernel/rcu/tree.c:2946 #3: (&(&inst->lock)->rlock){+.-.}, at: [] spin_lock_bh include/linux/spinlock.h:322 [inline] #3: (&(&inst->lock)->rlock){+.-.}, at: [] nfqnl_flush+0x2f/0x2a0 net/netfilter/nfnetlink_queue.c:232 stack backtrace: CPU: 0 PID: 8013 Comm: syz-executor.4 Not tainted 4.14.281-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. nf_reinject+0x56e/0x700 net/netfilter/nf_queue.c:244 nfqnl_flush+0x1ab/0x2a0 net/netfilter/nfnetlink_queue.c:237 instance_destroy_rcu+0x19/0x30 net/netfilter/nfnetlink_queue.c:171 __rcu_reclaim kernel/rcu/rcu.h:195 [inline] rcu_do_batch kernel/rcu/tree.c:2699 [inline] invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline] __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline] rcu_process_callbacks+0x780/0x1180 kernel/rcu/tree.c:2946 ip_tables: iptables: counters copy to user failed while replacing table __do_softirq+0x24d/0x9ff kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x193/0x240 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:638 [inline] smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793 RIP: 0010:ext4_clear_inode+0x0/0x1d0 fs/ext4/super.c:1107 RSP: 0018:ffff8880a1b2fbf0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10 RAX: 000000000000a1ff RBX: 1ffff11014365f8a RCX: ffff88807436e5fc RDX: 1ffff1100e86dcbe RSI: 00000000ffffffff RDI: ffff88807436e5f0 RBP: ffff88823515a080 R08: ffff8880742f3b28 R09: 0000000000000002 R10: 0000000000000000 R11: 0000000062968b64 R12: 0000000000003672 R13: ffff88807436e5f0 R14: 0000000000000000 R15: ffff8880a404d400 ext4_free_inode+0x1de/0x1460 fs/ext4/ialloc.c:282 ext4_evict_inode+0x8fd/0x1530 fs/ext4/inode.c:349 evict+0x2c8/0x700 fs/inode.c:555 iput_final fs/inode.c:1524 [inline] iput+0x458/0x7e0 fs/inode.c:1551 do_unlinkat+0x35b/0x5c0 fs/namei.c:4098 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x7f6bf9ac0a47 RSP: 002b:00007ffdb23922d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6bf9ac0a47 RDX: 00007ffdb2392310 RSI: 00007ffdb2392310 RDI: 00007ffdb23923a0 RBP: 00007ffdb23923a0 R08: 0000000000000001 R09: 00007ffdb2392170 R10: 0000555556300873 R11: 0000000000000206 R12: 00007f6bf9b1a1f8 R13: 00007ffdb2393460 R14: 0000555556300810 R15: 00007ffdb23934a0 ip_tables: iptables: counters copy to user failed while replacing table netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. ip_tables: iptables: counters copy to user failed while replacing table netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. ip_tables: iptables: counters copy to user failed while replacing table netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. ip_tables: iptables: counters copy to user failed while replacing table BTRFS info (device loop0): setting 8 feature flag BTRFS info (device loop0): force lzo compression BTRFS info (device loop0): disabling tree log BTRFS info (device loop0): disk space caching is enabled BTRFS info (device loop0): has skinny extents netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. ip_tables: iptables: counters copy to user failed while replacing table BTRFS info (device loop0): setting 8 feature flag BTRFS info (device loop0): force lzo compression BTRFS info (device loop0): disabling tree log BTRFS info (device loop0): disk space caching is enabled BTRFS info (device loop0): has skinny extents (syz-executor.2,10035,0):ocfs2_parse_options:1498 ERROR: Invalid heartbeat mount options (syz-executor.2,10035,0):ocfs2_fill_super:1217 ERROR: status = -22 overlayfs: fs on './file0' does not support file handles, falling back to index=off. overlayfs: fs on './file0' does not support file handles, falling back to index=off. overlayfs: fs on './file0' does not support file handles, falling back to index=off. overlayfs: fs on './file0' does not support file handles, falling back to index=off.