============================= WARNING: suspicious RCU usage 4.14.0-rc5-mm1+ #20 Not tainted ----------------------------- ./include/linux/inetdevice.h:231 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by syz-executor5/2697: #0: (rcu_read_lock){....}, at: [] inet_rtm_getroute+0xaa0/0x2d70 net/ipv4/route.c:2738 stack backtrace: CPU: 0 PID: 2697 Comm: syz-executor5 Not tainted 4.14.0-rc5-mm1+ #20 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4662 __in_dev_get_rtnl include/linux/inetdevice.h:231 [inline] fib_dump_info+0x1136/0x13d0 net/ipv4/fib_semantics.c:1368 inet_rtm_getroute+0xf97/0x2d70 net/ipv4/route.c:2785 rtnetlink_rcv_msg+0x51c/0x1020 net/core/rtnetlink.c:4334 netlink_rcv_skb+0x216/0x440 net/netlink/af_netlink.c:2409 rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4358 netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1862 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 sock_write_iter+0x31a/0x5d0 net/socket.c:911 call_write_iter include/linux/fs.h:1770 [inline] new_sync_write fs/read_write.c:468 [inline] __vfs_write+0x684/0x970 fs/read_write.c:481 vfs_write+0x189/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x452719 RSP: 002b:00007fb5f54aebe8 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452719 RDX: 0000000000000025 RSI: 0000000020e61000 RDI: 0000000000000013 RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 R13: 0000000000a6f7ff R14: 00007fb5f54af9c0 R15: 0000000000000000 dccp_v4_rcv: dropped packet with invalid checksum netlink: 9 bytes leftover after parsing attributes in process `syz-executor2'. dccp_v4_rcv: dropped packet with invalid checksum netlink: 9 bytes leftover after parsing attributes in process `syz-executor2'. QAT: Invalid ioctl 9pnet_virtio: no channels available for device zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG zG QAT: Invalid ioctl 9pnet_virtio: no channels available for device zG netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. sctp: [Deprecated]: syz-executor6 (pid 2997) Use of int in max_burst socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor6 (pid 2997) Use of int in max_burst socket option. Use struct sctp_assoc_value instead Bearer <> rejected, not supported in standalone mode QAT: Invalid ioctl Bearer <> rejected, not supported in standalone mode QAT: Invalid ioctl mmap: syz-executor2 (3147): VmData 13709312 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. dccp_close: ABORT with 287 bytes unread QAT: Invalid ioctl 9pnet_virtio: no channels available for device ./file0 device lo entered promiscuous mode QAT: Invalid ioctl TCP: request_sock_TCP: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. 9pnet_virtio: no channels available for device ./file0 sg_write: data in/out 822404280/197 bytes for SCSI command 0x12-- guessing data in; program syz-executor0 not setting count and/or reply_len properly sg_write: data in/out 822404280/197 bytes for SCSI command 0x12-- guessing data in; program syz-executor0 not setting count and/or reply_len properly QAT: Invalid ioctl nla_parse: 8 callbacks suppressed netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. QAT: Invalid ioctl netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. selinux_nlmsg_perm: 6 callbacks suppressed SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pig=3705 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pig=3705 comm=syz-executor2 netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 172 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 172 bytes leftover after parsing attributes in process `syz-executor2'. sg_write: data in/out 307260/1202 bytes for SCSI command 0x0-- guessing data in; program syz-executor3 not setting count and/or reply_len properly sg_write: data in/out 307260/1202 bytes for SCSI command 0x0-- guessing data in; program syz-executor3 not setting count and/or reply_len properly QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl tc_dump_action: action bad kind QAT: Invalid ioctl tc_dump_action: action bad kind sctp: [Deprecated]: syz-executor0 (pid 4299) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor0 (pid 4299) Use of int in maxseg socket option. Use struct sctp_assoc_value instead device gre0 entered promiscuous mode IPv6: NLM_F_REPLACE set, but no existing node found! QAT: Invalid ioctl device gre0 left promiscuous mode QAT: Invalid ioctl IPv6: NLM_F_REPLACE set, but no existing node found! sctp: [Deprecated]: syz-executor1 (pid 4588) Use of int in maxseg socket option. Use struct sctp_assoc_value instead nla_parse: 14 callbacks suppressed netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. sctp: [Deprecated]: syz-executor1 (pid 4600) Use of int in maxseg socket option. Use struct sctp_assoc_value instead SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=4660 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=4660 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=4660 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=4672 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=4671 comm=syz-executor0