=============================
WARNING: suspicious RCU usage
6.8.0-rc3-syzkaller-00041-g547ab8fc4cb0 #0 Not tainted
-----------------------------
net/netfilter/ipset/ip_set_hash_gen.h:455 suspicious rcu_dereference_protected() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
2 locks held by syz-executor.3/24730:
#0: ffff88802ad0c420 (sb_writers#4){.+.+}-{0:0}, at: do_coredump+0x1b78/0x2b50 fs/coredump.c:763
#1: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
#1: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2184 [inline]
#1: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xcfc/0x1810 kernel/rcu/tree.c:2465
stack backtrace:
CPU: 1 PID: 24730 Comm: syz-executor.3 Not tainted 6.8.0-rc3-syzkaller-00041-g547ab8fc4cb0 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106
lockdep_rcu_suspicious+0x220/0x340 kernel/locking/lockdep.c:6712
hash_netportnet6_destroy+0xf0/0x2c0 net/netfilter/ipset/ip_set_hash_gen.h:455
ip_set_destroy_set net/netfilter/ipset/ip_set_core.c:1180 [inline]
ip_set_destroy_set_rcu+0x6a/0xe0 net/netfilter/ipset/ip_set_core.c:1190
rcu_do_batch kernel/rcu/tree.c:2190 [inline]
rcu_core+0xd76/0x1810 kernel/rcu/tree.c:2465
__do_softirq+0x2bb/0x942 kernel/softirq.c:553
invoke_softirq kernel/softirq.c:427 [inline]
__irq_exit_rcu+0xf1/0x1c0 kernel/softirq.c:632
irq_exit_rcu+0x9/0x30 kernel/softirq.c:644
sysvec_apic_timer_interrupt+0x97/0xb0 arch/x86/kernel/apic/apic.c:1076
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:finish_task_switch+0x1ea/0x850 kernel/sched/core.c:5274
Code: c9 50 e8 d9 c9 0b 00 48 83 c4 08 4c 89 f7 e8 3d 37 00 00 e9 e0 04 00 00 4c 89 f7 e8 80 11 03 0a e8 6b 4d 35 00 fb 48 8b 5d c0 <48> 8d bb d8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
RSP: 0018:ffffc90009c1e768 EFLAGS: 00000286
RAX: bacb16a8a2fa2700 RBX: ffff888028a39dc0 RCX: ffffffff817182ea
RDX: dffffc0000000000 RSI: ffffffff8baab5e0 RDI: ffffffff8bfd9460
RBP: ffffc90009c1e7b0 R08: ffffffff92c524bf R09: 1ffffffff258a497
R10: dffffc0000000000 R11: fffffbfff258a498 R12: dffffc0000000000
R13: 1ffff110172a7acf R14: ffff8880b943c900 R15: ffff8880b953d678
context_switch kernel/sched/core.c:5403 [inline]
__schedule+0x1787/0x49a0 kernel/sched/core.c:6727
__schedule_loop kernel/sched/core.c:6802 [inline]
schedule+0x149/0x260 kernel/sched/core.c:6817
io_schedule+0x8c/0x110 kernel/sched/core.c:9023
folio_wait_bit_common+0x881/0x12b0 mm/filemap.c:1274
folio_wait_writeback+0xe7/0x1e0 mm/page-writeback.c:3061
__filemap_fdatawait_range+0x17b/0x400 mm/filemap.c:523
file_write_and_wait_range+0x25c/0x300 mm/filemap.c:783
ext4_sync_file+0x24f/0xb40 fs/ext4/fsync.c:158
generic_write_sync include/linux/fs.h:2735 [inline]
ext4_buffered_write_iter+0x286/0x350 fs/ext4/file.c:305
ext4_file_write_iter+0x1dc/0x19c0
__kernel_write_iter+0x434/0x8c0 fs/read_write.c:523
dump_emit_page fs/coredump.c:888 [inline]
dump_user_range+0x46c/0x910 fs/coredump.c:915
elf_core_dump+0x3d5d/0x4630 fs/binfmt_elf.c:2077
do_coredump+0x1baa/0x2b50 fs/coredump.c:764
get_signal+0x146a/0x1850 kernel/signal.c:2879
arch_do_signal_or_restart+0x96/0x860 arch/x86/kernel/signal.c:310
exit_to_user_mode_loop kernel/entry/common.c:105 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
irqentry_exit_to_user_mode+0x78/0x280 kernel/entry/common.c:225
exc_general_protection+0x40d/0x5c0 arch/x86/kernel/traps.c:643
asm_exc_general_protection+0x26/0x30 arch/x86/include/asm/idtentry.h:564
RIP: 0033:0x7ff101a7ddb1
Code: c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
RSP: 002b:0000000020000030 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007ff101babf80 RCX: 00007ff101a7dda9
RDX: 00000000200000c0 RSI: 0000000020000030 RDI: 0000000040000080
RBP: 00007ff101aca47a R08: 0000000020000140 R09: 0000000020000140
R10: 0000000020000100 R11: 0000000000000202 R12: 0000000000000000
R13: 000000000000000b R14: 00007ff101babf80 R15: 00007ffd15314428
----------------
Code disassembly (best guess):
0: c9 leave
1: 50 push %rax
2: e8 d9 c9 0b 00 call 0xbc9e0
7: 48 83 c4 08 add $0x8,%rsp
b: 4c 89 f7 mov %r14,%rdi
e: e8 3d 37 00 00 call 0x3750
13: e9 e0 04 00 00 jmp 0x4f8
18: 4c 89 f7 mov %r14,%rdi
1b: e8 80 11 03 0a call 0xa0311a0
20: e8 6b 4d 35 00 call 0x354d90
25: fb sti
26: 48 8b 5d c0 mov -0x40(%rbp),%rbx
* 2a: 48 8d bb d8 15 00 00 lea 0x15d8(%rbx),%rdi <-- trapping instruction
31: 48 89 f8 mov %rdi,%rax
34: 48 c1 e8 03 shr $0x3,%rax
38: 49 rex.WB
39: be 00 00 00 00 mov $0x0,%esi
3e: 00 fc add %bh,%ah