device bridge0 entered promiscuous mode
device bridge0 left promiscuous mode

=============================
WARNING: suspicious RCU usage
4.15.0+ #221 Not tainted
-----------------------------
net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
2 locks held by syz-executor2/15546:
 #0:  (cb_lock){++++}, at: [<000000001e4d0fe6>] genl_rcv+0x19/0x40 net/netlink/genetlink.c:634
 #1:  (genl_mutex){+.+.}, at: [<000000008ab4b239>] genl_lock net/netlink/genetlink.c:33 [inline]
 #1:  (genl_mutex){+.+.}, at: [<000000008ab4b239>] genl_rcv_msg+0x115/0x140 net/netlink/genetlink.c:622

stack backtrace:
CPU: 0 PID: 15546 Comm: syz-executor2 Not tainted 4.15.0+ #221
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:53
 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4592
 tipc_bearer_find+0x2b4/0x3b0 net/tipc/bearer.c:177
 tipc_nl_compat_link_set+0x329/0x9f0 net/tipc/netlink_compat.c:729
 __tipc_nl_compat_doit net/tipc/netlink_compat.c:288 [inline]
 tipc_nl_compat_doit+0x15b/0x670 net/tipc/netlink_compat.c:335
 tipc_nl_compat_handle net/tipc/netlink_compat.c:1119 [inline]
 tipc_nl_compat_recv+0x1135/0x18f0 net/tipc/netlink_compat.c:1201
 genl_family_rcv_msg+0x7b7/0xfb0 net/netlink/genetlink.c:599
 genl_rcv_msg+0xb2/0x140 net/netlink/genetlink.c:624
 netlink_rcv_skb+0x14b/0x380 net/netlink/af_netlink.c:2442
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:635
 netlink_unicast_kernel net/netlink/af_netlink.c:1308 [inline]
 netlink_unicast+0x4c4/0x6b0 net/netlink/af_netlink.c:1334
 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1897
 sock_sendmsg_nosec net/socket.c:630 [inline]
 sock_sendmsg+0xca/0x110 net/socket.c:640
 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2046
 __sys_sendmsg+0xe5/0x210 net/socket.c:2080
 SYSC_sendmsg net/socket.c:2091 [inline]
 SyS_sendmsg+0x2d/0x50 net/socket.c:2087
 entry_SYSCALL_64_fastpath+0x29/0xa0
RIP: 0033:0x4537d9
RSP: 002b:00007f09ab3e6c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 00000000004537d9
RDX: 0000000000000000 RSI: 0000000020003000 RDI: 0000000000000013
RBP: 00000000000005ca R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f7b90
R13: 00000000ffffffff R14: 00007f09ab3e76d4 R15: 0000000000000000
ipt_CLUSTERIP: no such interface syz
ipt_CLUSTERIP: no such interface syz
xt_CT: You must specify a L4 protocol, and not use inversions on it.
xt_CT: You must specify a L4 protocol, and not use inversions on it.
xt_SECMARK: invalid security context 'system_u:object_r%ldconfig_cache_t
-0'
xt_SECMARK: invalid security context 'system_u:object_r%ldconfig_cache_t
-0'
netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'.
audit: type=1400 audit(1518205327.446:36): avc:  denied  { net_bind_service } for  pid=15769 comm="syz-executor0" capability=10  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'.
mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
audit: type=1400 audit(1518205327.536:37): avc:  denied  { read } for  pid=15782 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
device syz3 left promiscuous mode
device syz3 entered promiscuous mode
device syz3 left promiscuous mode
device syz3 entered promiscuous mode
device syz3 left promiscuous mode
device syz3 entered promiscuous mode
device syz3 left promiscuous mode
device syz3 entered promiscuous mode
device syz3 left promiscuous mode
device syz3 entered promiscuous mode
audit: type=1400 audit(1518205329.163:38): avc:  denied  { getattr } for  pid=16313 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
validate_nla: 5 callbacks suppressed
netlink: 'syz-executor5': attribute type 3 has an invalid length.
netlink: 'syz-executor5': attribute type 3 has an invalid length.
device syz2 entered promiscuous mode
device syz2 left promiscuous mode
netlink: 'syz-executor0': attribute type 21 has an invalid length.
netlink: 'syz-executor0': attribute type 4 has an invalid length.
netlink: 'syz-executor0': attribute type 21 has an invalid length.
netlink: 'syz-executor0': attribute type 4 has an invalid length.
syz-executor5 (16627) used greatest stack depth: 12192 bytes left
Dead loop on virtual device ip6_vti0, fix it urgently!
sctp: [Deprecated]: syz-executor2 (pid 16741) Use of int in max_burst socket option.
Use struct sctp_assoc_value instead
sctp: [Deprecated]: syz-executor2 (pid 16741) Use of int in max_burst socket option.
Use struct sctp_assoc_value instead
netlink: 180 bytes leftover after parsing attributes in process `syz-executor1'.
netlink: 180 bytes leftover after parsing attributes in process `syz-executor1'.
netlink: 'syz-executor6': attribute type 1 has an invalid length.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16822 comm=syz-executor0
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16831 comm=syz-executor0
netlink: 'syz-executor6': attribute type 1 has an invalid length.
netlink: 'syz-executor6': attribute type 1 has an invalid length.
netlink: 'syz-executor6': attribute type 1 has an invalid length.
TCP: request_sock_TCPv6: Possible SYN flooding on port 20026. Sending cookies.  Check SNMP counters.
dccp_close: ABORT with 1 bytes unread
netlink: 16 bytes leftover after parsing attributes in process `syz-executor3'.
netlink: 16 bytes leftover after parsing attributes in process `syz-executor3'.
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
sock: process `syz-executor7' is using obsolete getsockopt SO_BSDCOMPAT
netlink: 16 bytes leftover after parsing attributes in process `syz-executor6'.
tc_dump_action: action bad kind
netlink: 16 bytes leftover after parsing attributes in process `syz-executor6'.
tc_dump_action: action bad kind
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=26 sclass=netlink_tcpdiag_socket pig=18161 comm=syz-executor2
audit: type=1400 audit(1518205335.170:39): avc:  denied  { accept } for  pid=18157 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
audit: type=1400 audit(1518205335.170:40): avc:  denied  { setopt } for  pid=18157 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=26 sclass=netlink_tcpdiag_socket pig=18186 comm=syz-executor2
audit: type=1400 audit(1518205335.337:41): avc:  denied  { map } for  pid=18195 comm="syz-executor5" path="socket:[42637]" dev="sockfs" ino=42637 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_xfrm_socket permissive=1
audit: type=1400 audit(1518205335.374:42): avc:  denied  { getattr } for  pid=18200 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
TCP: request_sock_TCPv6: Possible SYN flooding on port 20010. Sending cookies.  Check SNMP counters.
audit: type=1400 audit(1518205335.726:43): avc:  denied  { relabelto } for  pid=18315 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=packet permissive=1
sctp: [Deprecated]: syz-executor0 (pid 18328) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
sctp: [Deprecated]: syz-executor0 (pid 18333) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
sctp: [Deprecated]: syz-executor0 (pid 18367) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
device lo entered promiscuous mode
IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
sctp: [Deprecated]: syz-executor0 (pid 18423) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
sctp: [Deprecated]: syz-executor0 (pid 18467) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
audit: type=1400 audit(1518205336.352:44): avc:  denied  { accept } for  pid=18473 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
sctp: [Deprecated]: syz-executor0 (pid 18496) Use of struct sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead