============================= WARNING: suspicious RCU usage 4.14.0-rc5-mm1+ #18 Not tainted ----------------------------- ./include/linux/inetdevice.h:231 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by syz-executor3/20204: #0: (rcu_read_lock){....}, at: [] inet_rtm_getroute+0xaa0/0x2d70 net/ipv4/route.c:2738 stack backtrace: CPU: 1 PID: 20204 Comm: syz-executor3 Not tainted 4.14.0-rc5-mm1+ #18 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4662 __in_dev_get_rtnl include/linux/inetdevice.h:231 [inline] fib_dump_info+0x1136/0x13d0 net/ipv4/fib_semantics.c:1368 inet_rtm_getroute+0xf97/0x2d70 net/ipv4/route.c:2785 rtnetlink_rcv_msg+0x51c/0x1020 net/core/rtnetlink.c:4334 netlink_rcv_skb+0x216/0x440 net/netlink/af_netlink.c:2409 rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4358 netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1862 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 sock_write_iter+0x31a/0x5d0 net/socket.c:911 call_write_iter include/linux/fs.h:1770 [inline] new_sync_write fs/read_write.c:468 [inline] __vfs_write+0x684/0x970 fs/read_write.c:481 vfs_write+0x189/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x452719 RSP: 002b:00007f326513dbe8 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452719 RDX: 0000000000000024 RSI: 00000000205b5fdc RDI: 0000000000000013 RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 R13: 0000000000a6f7ff R14: 00007f326513e9c0 R15: 0000000000000000 QAT: Invalid ioctl QAT: Invalid ioctl IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl device lo entered promiscuous mode device gre0 entered promiscuous mode QAT: Invalid ioctl device gre0 left promiscuous mode QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode print_req_error: 250 callbacks suppressed print_req_error: I/O error, dev loop3, sector 0 buffer_io_error: 250 callbacks suppressed Buffer I/O error on dev loop3, logical block 0, lost async page write print_req_error: I/O error, dev loop3, sector 8 Buffer I/O error on dev loop3, logical block 1, lost async page write print_req_error: I/O error, dev loop3, sector 16 Buffer I/O error on dev loop3, logical block 2, lost async page write print_req_error: I/O error, dev loop3, sector 24 Buffer I/O error on dev loop3, logical block 3, lost async page write print_req_error: I/O error, dev loop3, sector 32 Buffer I/O error on dev loop3, logical block 4, lost async page write print_req_error: I/O error, dev loop3, sector 40 Buffer I/O error on dev loop3, logical block 5, lost async page write print_req_error: I/O error, dev loop3, sector 48 Buffer I/O error on dev loop3, logical block 6, lost async page write print_req_error: I/O error, dev loop3, sector 56 Buffer I/O error on dev loop3, logical block 7, lost async page write print_req_error: I/O error, dev loop3, sector 64 Buffer I/O error on dev loop3, logical block 8, lost async page write print_req_error: I/O error, dev loop3, sector 72 Buffer I/O error on dev loop3, logical block 9, lost async page write netlink: 5 bytes leftover after parsing attributes in process `syz-executor5'. device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 5 bytes leftover after parsing attributes in process `syz-executor5'. device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode QAT: Invalid ioctl device gre0 left promiscuous mode device gre0 entered promiscuous mode QAT: Invalid ioctl device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. device gre0 left promiscuous mode device gre0 entered promiscuous mode QAT: Invalid ioctl device gre0 left promiscuous mode QAT: Invalid ioctl device gre0 entered promiscuous mode sctp: [Deprecated]: syz-executor0 (pid 20899) Use of int in max_burst socket option. Use struct sctp_assoc_value instead device gre0 left promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 left promiscuous mode sctp: [Deprecated]: syz-executor0 (pid 20920) Use of int in max_burst socket option. Use struct sctp_assoc_value instead QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 left promiscuous mode audit: type=1326 audit(1508380175.729:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=20980 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=21014 comm=syz-executor6 device gre0 left promiscuous mode audit: type=1326 audit(1508380175.908:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=20980 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 device gre0 entered promiscuous mode device gre0 left promiscuous mode SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=21041 comm=syz-executor6 RDS: rds_bind could not find a transport for 172.20.3.170, load rds_tcp or rds_rdma? device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 13 bytes leftover after parsing attributes in process `syz-executor2'. device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 13 bytes leftover after parsing attributes in process `syz-executor2'. RDS: rds_bind could not find a transport for 172.20.3.170, load rds_tcp or rds_rdma? device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode kvm [21128]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0x186 data 0x8 kvm [21128]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0x186 data 0x8 device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode RDS: rds_bind could not find a transport for 172.20.6.170, load rds_tcp or rds_rdma? device gre0 left promiscuous mode RDS: rds_bind could not find a transport for 172.20.6.170, load rds_tcp or rds_rdma? device gre0 entered promiscuous mode device gre0 left promiscuous mode audit: type=1326 audit(1508380176.907:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21211 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 device gre0 entered promiscuous mode device gre0 left promiscuous mode audit: type=1326 audit(1508380177.113:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21211 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl device gre0 left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor6'. device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4099 sclass=netlink_route_socket pig=21446 comm=syz-executor1 QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 left promiscuous mode sg_write: data in/out 1453903184/34 bytes for SCSI command 0x33-- guessing data in; program syz-executor5 not setting count and/or reply_len properly device gre0 entered promiscuous mode device gre0 left promiscuous mode sg_write: data in/out 1453903184/34 bytes for SCSI command 0x33-- guessing data in; program syz-executor5 not setting count and/or reply_len properly audit: type=1326 audit(1508380178.329:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21479 comm="syz-executor0" exe="/root/syz-executor0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4099 sclass=netlink_route_socket pig=21486 comm=syz-executor1 device gre0 entered promiscuous mode RDS: rds_bind could not find a transport for 172.20.2.170, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 172.20.2.170, load rds_tcp or rds_rdma? device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. sctp: [Deprecated]: syz-executor0 (pid 21566) Use of int in max_burst socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor0 (pid 21571) Use of int in max_burst socket option. Use struct sctp_assoc_value instead device gre0 entered promiscuous mode device gre0 left promiscuous mode do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app device gre0 entered promiscuous mode device gre0 left promiscuous mode audit: type=1326 audit(1508380179.002:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21578 comm="syz-executor7" exe="/root/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app device gre0 left promiscuous mode device gre0 entered promiscuous mode audit: type=1326 audit(1508380179.141:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21578 comm="syz-executor7" exe="/root/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0xffff0000 device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode audit: type=1326 audit(1508380179.339:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21686 comm="" exe="/root/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0x0 device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode audit: type=1326 audit(1508380179.491:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=21686 comm="syz-executor3" exe="/root/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0x0 device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_CREATE should be set when creating new route IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE syz2: Invalid MTU 537735136 requested, hw max 65535 syz2: Invalid MTU 537735136 requested, hw max 65535 device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode QAT: Invalid ioctl SELinux: failure in selinux_parse_skb(), unable to parse packet QAT: Invalid ioctl dccp_invalid_packet: P.CsCov 15 exceeds packet length 1020 dccp_invalid_packet: P.CsCov 15 exceeds packet length 1020 device gre0 entered promiscuous mode audit: type=1326 audit(1508380180.813:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=22006 comm="syz-executor1" exe="/root/syz-executor1" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0x0 device gre0 left promiscuous mode device gre0 entered promiscuous mode audit: type=1326 audit(1508380180.993:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=22006 comm="syz-executor1" exe="/root/syz-executor1" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452719 code=0x0 device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode