binder: 13754:13756 ioctl 40046207 0 returned -16
binder: undelivered TRANSACTION_ERROR: 29201

===============================
[ INFO: suspicious RCU usage. ]
4.9.79-g71f1469 #25 Not tainted
-------------------------------
net/ipv6/ip6_fib.c:1471 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 0
3 locks held by syz-executor2/13792:
 #0:  (rtnl_mutex){+.+.+.}, at: [<ffffffff82f76697>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70
 #1:  (rcu_read_lock){......}, at: [<ffffffff8346f470>] __fib6_clean_all+0x0/0x230 net/ipv6/ip6_fib.c:740
 #2:  (&tb->tb6_lock){++--..}, at: [<ffffffff8346f550>] __fib6_clean_all+0xe0/0x230 net/ipv6/ip6_fib.c:1717

stack backtrace:
CPU: 0 PID: 13792 Comm: syz-executor2 Not tainted 4.9.79-g71f1469 #25
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d52cf2d8 ffffffff81d94829 ffff8801d4c19800 0000000000000000
 0000000000000002 ffffffff83f4be40 ffffed003aa59eab ffff8801d52cf308
 ffffffff81238379 ffff8801cb166e00 ffff8801cb166e00 dffffc0000000000
Call Trace:
 [<ffffffff81d94829>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d94829>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff81238379>] lockdep_rcu_suspicious+0x139/0x180 kernel/locking/lockdep.c:4455
 [<ffffffff8347456b>] fib6_del+0x6ab/0xa30 net/ipv6/ip6_fib.c:1470
 [<ffffffff83474c26>] fib6_clean_node+0x336/0x4a0 net/ipv6/ip6_fib.c:1657
 [<ffffffff8346bafb>] fib6_walk_continue+0x39b/0x620 net/ipv6/ip6_fib.c:1583
 [<ffffffff8346e499>] fib6_walk+0xd9/0x150 net/ipv6/ip6_fib.c:1628
 [<ffffffff8346e5f5>] fib6_clean_tree+0xe5/0x130 net/ipv6/ip6_fib.c:1702
 [<ffffffff8346f569>] __fib6_clean_all+0xf9/0x230 net/ipv6/ip6_fib.c:1718
 [<ffffffff83474db7>] fib6_clean_all+0x27/0x30 net/ipv6/ip6_fib.c:1729
 [<ffffffff8346a551>] rt6_ifdown+0xa1/0x7f0 net/ipv6/route.c:2715
 [<ffffffff83444e50>] addrconf_ifdown+0xd0/0x10f0 net/ipv6/addrconf.c:3566
 [<ffffffff8344cd58>] addrconf_notify+0x948/0x2230 net/ipv6/addrconf.c:3490
 [<ffffffff8119efe0>] notifier_call_chain+0x90/0x1a0 kernel/notifier.c:93
 [<ffffffff8119f16d>] __raw_notifier_call_chain kernel/notifier.c:394 [inline]
 [<ffffffff8119f16d>] raw_notifier_call_chain+0x2d/0x40 kernel/notifier.c:401
 [<ffffffff82f29dd1>] call_netdevice_notifiers_info+0x51/0x90 net/core/dev.c:1647
 [<ffffffff82f4ddb7>] call_netdevice_notifiers net/core/dev.c:1663 [inline]
 [<ffffffff82f4ddb7>] __dev_notify_flags+0x197/0x270 net/core/dev.c:6500
 [<ffffffff82f4f335>] dev_change_flags+0xf5/0x140 net/core/dev.c:6531
 [<ffffffff82f9a70c>] dev_ifsioc+0x5cc/0x820 net/core/dev_ioctl.c:255
 [<ffffffff82f9acd5>] dev_ioctl+0x1d5/0xd40 net/core/dev_ioctl.c:533
 [<ffffffff82ed1f24>] sock_do_ioctl+0x94/0xb0 net/socket.c:899
 [<ffffffff82ed2940>] sock_ioctl+0x2e0/0x3d0 net/socket.c:978
 [<ffffffff815ae42a>] vfs_ioctl fs/ioctl.c:43 [inline]
 [<ffffffff815ae42a>] do_vfs_ioctl+0x1aa/0x1140 fs/ioctl.c:679
 [<ffffffff815af44f>] SYSC_ioctl fs/ioctl.c:694 [inline]
 [<ffffffff815af44f>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685
 [<ffffffff838b346e>] entry_SYSCALL_64_fastpath+0x29/0xe8
binder: 13824:13828 got reply transaction with no transaction stack
binder: 13824:13828 transaction failed 29201/-71, size 0-0 line 2920
binder: undelivered TRANSACTION_ERROR: 29201
binder: 13824:13844 got reply transaction with no transaction stack
binder: 13824:13844 transaction failed 29201/-71, size 0-0 line 2920
binder: undelivered TRANSACTION_ERROR: 29201
SELinux:  policydb magic number 0x9e44aa76 does not match expected magic number 0xf97cff8c
SELinux:  policydb magic number 0x9e44aa76 does not match expected magic number 0xf97cff8c
device gre0 entered promiscuous mode
audit_printk_skb: 2283 callbacks suppressed
audit: type=1400 audit(1517591812.622:4443): avc:  denied  { net_admin } for  pid=4147 comm="syz-executor6" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.622:4445): avc:  denied  { dac_override } for  pid=14447 comm="syz-executor7" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.622:4444): avc:  denied  { net_admin } for  pid=14449 comm="syz-executor0" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.622:4446): avc:  denied  { dac_override } for  pid=14449 comm="syz-executor0" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.622:4447): avc:  denied  { sys_admin } for  pid=14447 comm="syz-executor7" capability=21  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.622:4448): avc:  denied  { net_admin } for  pid=14449 comm="syz-executor0" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.622:4449): avc:  denied  { dac_override } for  pid=14449 comm="syz-executor0" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.652:4450): avc:  denied  { net_admin } for  pid=4151 comm="syz-executor2" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.652:4451): avc:  denied  { net_admin } for  pid=4151 comm="syz-executor2" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591812.652:4452): avc:  denied  { net_admin } for  pid=4125 comm="syz-executor0" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
SELinux: ebitmap: truncated map
SELinux: ebitmap: truncated map
audit_printk_skb: 3900 callbacks suppressed
audit: type=1400 audit(1517591817.652:5755): avc:  denied  { net_admin } for  pid=4127 comm="syz-executor7" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.672:5756): avc:  denied  { dac_override } for  pid=15854 comm="syz-executor6" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.682:5757): avc:  denied  { dac_override } for  pid=15854 comm="syz-executor6" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.682:5758): avc:  denied  { sys_admin } for  pid=15853 comm="syz-executor2" capability=21  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.692:5759): avc:  denied  { net_admin } for  pid=4153 comm="syz-executor1" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.692:5760): avc:  denied  { net_admin } for  pid=4147 comm="syz-executor6" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.712:5761): avc:  denied  { net_admin } for  pid=4123 comm="syz-executor3" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.712:5762): avc:  denied  { dac_override } for  pid=15850 comm="syz-executor0" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.722:5763): avc:  denied  { dac_override } for  pid=15869 comm="syz-executor6" capability=1  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
audit: type=1400 audit(1517591817.732:5764): avc:  denied  { net_admin } for  pid=15850 comm="syz-executor0" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1