============================= WARNING: suspicious RCU usage 4.14.307-syzkaller #0 Not tainted ----------------------------- net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 2 locks held by syz-executor.3/10408: #0: (cb_lock){++++}, at: [] genl_rcv+0x15/0x40 net/netlink/genetlink.c:635 NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds #1: (genl_mutex){+.+.}, at: [] genl_lock net/netlink/genetlink.c:33 [inline] #1: (genl_mutex){+.+.}, at: [] genl_rcv_msg+0x112/0x140 net/netlink/genetlink.c:623 stack backtrace: CPU: 0 PID: 10408 Comm: syz-executor.3 Not tainted 4.14.307-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 tipc_bearer_find+0x1ff/0x2f0 net/tipc/bearer.c:177 tipc_nl_compat_link_set+0x40b/0xb90 net/tipc/netlink_compat.c:807 __tipc_nl_compat_doit net/tipc/netlink_compat.c:316 [inline] tipc_nl_compat_doit+0x192/0x5d0 net/tipc/netlink_compat.c:364 tipc_nl_compat_handle net/tipc/netlink_compat.c:1215 [inline] tipc_nl_compat_recv+0xa0b/0xae0 net/tipc/netlink_compat.c:1297 genl_family_rcv_msg+0x572/0xb20 net/netlink/genetlink.c:600 genl_rcv_msg+0xaf/0x140 net/netlink/genetlink.c:625 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2461 genl_rcv+0x24/0x40 net/netlink/genetlink.c:636 netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1328 netlink_sendmsg+0x651/0xbc0 net/netlink/af_netlink.c:1900 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f223ed3c0f9 RSP: 002b:00007f223d2ae168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f223ee5bf80 RCX: 00007f223ed3c0f9 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 RBP: 00007f223ed97ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffdc703842f R14: 00007f223d2ae300 R15: 0000000000022000 XFS (loop5): Superblock has unknown read-only compatible features (0x8) enabled. XFS (loop5): Attempted to mount read-only compatible filesystem read-write. XFS (loop5): Filesystem can only be safely mounted read only. XFS (loop5): SB validate failed with error -22. audit: type=1804 audit(1677999241.841:9): pid=10399 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir3496618692/syzkaller.Ss5vTg/43/bus" dev="sda1" ino=13982 res=1 audit: type=1804 audit(1677999241.861:10): pid=10399 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir3496618692/syzkaller.Ss5vTg/43/file1" dev="sda1" ino=13967 res=1 audit: type=1804 audit(1677999241.861:11): pid=10399 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir3496618692/syzkaller.Ss5vTg/43/bus" dev="sda1" ino=13982 res=1 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. Bluetooth: hci3 command 0x0401 tx timeout unregister_netdevice: waiting for ip6gre0 to become free. Usage count = -1 QAT: failed to copy from user cfg_data. TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. syz-executor.0 (10822) used greatest stack depth: 24088 bytes left x_tables: ip6_tables: REDIRECT target: used from hooks INPUT/OUTPUT, but only usable from PREROUTING/OUTPUT TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. kauditd_printk_skb: 2 callbacks suppressed audit: type=1400 audit(1677999249.622:14): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name=01 pid=11376 comm="syz-executor.2" F2FS-fs (loop5): Unrecognized mount option "whint_mode=user-based" or missing value F2FS-fs (loop5): Unrecognized mount option "whint_mode=user-based" or missing value