=============================
WARNING: suspicious RCU usage
6.8.0-rc3-syzkaller-00010-g6d280f4d760e #0 Not tainted
-----------------------------
net/netfilter/ipset/ip_set_hash_gen.h:455 suspicious rcu_dereference_protected() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
4 locks held by syz-executor.2/5115:
#0: ffff88803065a420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:409
#1: ffff88803065a610 (sb_internal){.+.+}-{0:0}, at: __sb_start_write include/linux/fs.h:1639 [inline]
#1: ffff88803065a610 (sb_internal){.+.+}-{0:0}, at: sb_start_intwrite include/linux/fs.h:1822 [inline]
#1: ffff88803065a610 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2e3/0xf30 fs/ext4/inode.c:212
#2: ffff88803065e950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x203c/0x22a0 fs/jbd2/transaction.c:463
#3: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
#3: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2184 [inline]
#3: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xcfc/0x1810 kernel/rcu/tree.c:2465
stack backtrace:
CPU: 0 PID: 5115 Comm: syz-executor.2 Not tainted 6.8.0-rc3-syzkaller-00010-g6d280f4d760e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106
lockdep_rcu_suspicious+0x220/0x340 kernel/locking/lockdep.c:6712
hash_netportnet6_destroy+0xf0/0x2c0 net/netfilter/ipset/ip_set_hash_gen.h:455
ip_set_destroy_set net/netfilter/ipset/ip_set_core.c:1180 [inline]
ip_set_destroy_set_rcu+0x6c/0xe0 net/netfilter/ipset/ip_set_core.c:1190
rcu_do_batch kernel/rcu/tree.c:2190 [inline]
rcu_core+0xd78/0x1810 kernel/rcu/tree.c:2465
__do_softirq+0x2bd/0x942 kernel/softirq.c:553
invoke_softirq kernel/softirq.c:427 [inline]
__irq_exit_rcu+0xf1/0x1c0 kernel/softirq.c:632
irq_exit_rcu+0x9/0x30 kernel/softirq.c:644
sysvec_apic_timer_interrupt+0x97/0xb0 arch/x86/kernel/apic/apic.c:1076
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:native_irq_disable arch/x86/include/asm/irqflags.h:37 [inline]
RIP: 0010:arch_local_irq_disable arch/x86/include/asm/irqflags.h:72 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/irqflags.h:104 [inline]
RIP: 0010:lock_acquire+0x199/0x530 kernel/locking/lockdep.c:5750
Code: 00 00 00 00 00 00 9c 8f 84 24 80 00 00 00 42 80 3c 2b 00 74 08 4c 89 ff e8 e4 6f 84 00 48 8d 5c 24 60 4c 8b bc 24 80 00 00 00 48 c7 c7 40 c2 aa 8b e8 da 69 f5 09 65 ff 05 f3 77 91 7e 45 31
RSP: 0018:ffffc900045d7600 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffc900045d7660 RCX: ffffffff817111f4
RDX: 0000000000000000 RSI: ffffffff8bfe6780 RDI: ffffffff8bfe6740
RBP: ffffc900045d7758 R08: ffffffff8f85576f R09: 1ffffffff1f0aaed
R10: dffffc0000000000 R11: fffffbfff1f0aaee R12: 1ffff920008baec8
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000246
fs_reclaim_acquire+0xae/0x130 mm/page_alloc.c:3709
might_alloc include/linux/sched/mm.h:303 [inline]
bdev_getblk+0x42/0x610 fs/buffer.c:1425
__getblk include/linux/buffer_head.h:355 [inline]
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x54a/0xe30 fs/ext4/inode.c:4369
ext4_get_inode_loc fs/ext4/inode.c:4497 [inline]
ext4_reserve_inode_write+0x182/0x360 fs/ext4/inode.c:5728
__ext4_mark_inode_dirty+0x1db/0x870 fs/ext4/inode.c:5905
ext4_evict_inode+0x839/0xf30 fs/ext4/inode.c:251
evict+0x2aa/0x630 fs/inode.c:665
do_unlinkat+0x512/0x830 fs/namei.c:4405
__do_sys_unlink fs/namei.c:4446 [inline]
__se_sys_unlink fs/namei.c:4444 [inline]
__x64_sys_unlink+0x49/0x60 fs/namei.c:4444
do_syscall_64+0xfb/0x240
entry_SYSCALL_64_after_hwframe+0x6f/0x77
RIP: 0033:0x7fc74307d557
Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe85221508 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc74307d557
RDX: 00007ffe85221530 RSI: 00007ffe852215c0 RDI: 00007ffe852215c0
RBP: 00007ffe852215c0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe85222680
R13: 00007fc7430c93b9 R14: 000000000010281d R15: 0000000000000003
----------------
Code disassembly (best guess):
0: 00 00 add %al,(%rax)
2: 00 00 add %al,(%rax)
4: 00 00 add %al,(%rax)
6: 9c pushf
7: 8f 84 24 80 00 00 00 pop 0x80(%rsp)
e: 42 80 3c 2b 00 cmpb $0x0,(%rbx,%r13,1)
13: 74 08 je 0x1d
15: 4c 89 ff mov %r15,%rdi
18: e8 e4 6f 84 00 call 0x847001
1d: 48 8d 5c 24 60 lea 0x60(%rsp),%rbx
22: 4c 8b bc 24 80 00 00 mov 0x80(%rsp),%r15
29: 00
* 2a: fa cli <-- trapping instruction
2b: 48 c7 c7 40 c2 aa 8b mov $0xffffffff8baac240,%rdi
32: e8 da 69 f5 09 call 0x9f56a11
37: 65 ff 05 f3 77 91 7e incl %gs:0x7e9177f3(%rip) # 0x7e917831
3e: 45 rex.RB
3f: 31 .byte 0x31