tc_dump_action: action bad kind
device syz0 entered promiscuous mode

=============================
WARNING: suspicious RCU usage
4.15.0-rc6-next-20180102+ #86 Not tainted
-----------------------------
net/netfilter/ipset/ip_set_core.c:2057 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u4:3/56:
 #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000b4e39560>] process_one_work+0x71f/0x14a0 kernel/workqueue.c:2083
 #1:  (net_cleanup_work){+.+.}, at: [<00000000ddcefcec>] process_one_work+0x757/0x14a0 kernel/workqueue.c:2087
 #2:  (net_mutex){+.+.}, at: [<000000002d9ea437>] cleanup_net+0x139/0x8b0 net/core/net_namespace.c:450

stack backtrace:
CPU: 1 PID: 56 Comm: kworker/u4:3 Not tainted 4.15.0-rc6-next-20180102+ #86
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x137/0x198 lib/dump_stack.c:53
 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585
 ip_set_net_exit+0x2c6/0x480 net/netfilter/ipset/ip_set_core.c:2057
 ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:142
 cleanup_net+0x3f3/0x8b0 net/core/net_namespace.c:484
 process_one_work+0x801/0x14a0 kernel/workqueue.c:2112
 worker_thread+0xe0/0x1010 kernel/workqueue.c:2246
 kthread+0x33c/0x400 kernel/kthread.c:238
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524
ptrace attach of "/root/syz-executor7"[3712] was attempted by "/root/syz-executor7"[8947]
dccp_invalid_packet: pskb_may_pull failed
ptrace attach of "/root/syz-executor7"[3712] was attempted by "/root/syz-executor7"[8947]
dccp_invalid_packet: pskb_may_pull failed
binder: BINDER_SET_CONTEXT_MGR already set
binder: 9050:9052 ioctl 40046207 0 returned -16
binder: undelivered transaction 41, process died.
kauditd_printk_skb: 218 callbacks suppressed
audit: type=1326 audit(1514912847.840:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.840:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.841:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=105 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.842:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.843:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.845:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=257 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.846:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
device syz0 entered promiscuous mode
audit: type=1326 audit(1514912847.846:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.847:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=55 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912847.847:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9119 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
device eql entered promiscuous mode
device syz4 entered promiscuous mode
QAT: Invalid ioctl
netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'.
QAT: Invalid ioctl
kvm: emulating exchange as write
binder: 9640:9646 ioctl c0046209 20001000 returned -22
netlink: 'syz-executor1': attribute type 29 has an invalid length.
netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'.
netlink: 'syz-executor1': attribute type 29 has an invalid length.
netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'.
QAT: Invalid ioctl
QAT: Invalid ioctl
netlink: 'syz-executor2': attribute type 1 has an invalid length.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pig=10348 comm=syz-executor6
netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'.
binder: 10451:10463 ERROR: BC_REGISTER_LOOPER called without request
binder: 10463 RLIMIT_NICE not set
binder: 10451:10463 got reply transaction with no transaction stack
binder: 10451:10463 transaction failed 29201/-71, size 24-8 line 2760
binder_alloc: binder_alloc_mmap_handler: 10451 20000000-20002000 already mapped failed -16
binder: BINDER_SET_CONTEXT_MGR already set
binder: 10451:10475 ERROR: BC_REGISTER_LOOPER called without request
binder: 10475 RLIMIT_NICE not set
binder: 10451:10492 got reply transaction with no transaction stack
binder: 10451:10492 transaction failed 29201/-71, size 24-8 line 2760
binder_alloc: 10451: binder_alloc_buf, no vma
binder: 10451:10463 ioctl 40046207 0 returned -16
binder: 10451:10475 transaction failed 29189/-3, size 0-0 line 2960
binder: undelivered TRANSACTION_ERROR: 29189
binder: undelivered TRANSACTION_ERROR: 29201
binder: undelivered TRANSACTION_ERROR: 29201
binder: release 10451:10475 transaction 43 out, still active
binder: undelivered TRANSACTION_COMPLETE
binder: send failed reply for transaction 43, target dead
kauditd_printk_skb: 86 callbacks suppressed
audit: type=1326 audit(1514912853.250:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=254 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=72 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=9 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ac9 code=0x7ffc0000
audit: type=1326 audit(1514912853.250:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10609 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=2 compat=0 ip=0x40ce01 code=0x7ffc0000
device eql entered promiscuous mode
netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'.
QAT: Invalid ioctl
netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'.
sctp: [Deprecated]: syz-executor0 (pid 11056) Use of int in maxseg socket option.
Use struct sctp_assoc_value instead
sctp: [Deprecated]: syz-executor0 (pid 11063) Use of int in maxseg socket option.
Use struct sctp_assoc_value instead
ICMPv6: NA: bb:bb:bb:bb:bb:07 advertised our address fe80::7aa on syz7!
ICMPv6: NA: bb:bb:bb:bb:bb:07 advertised our address fe80::7aa on syz7!
device gre0 left promiscuous mode
kvm: vcpu 0: requested 10176 ns lapic timer period limited to 500000 ns
device gre0 entered promiscuous mode
device gre0 left promiscuous mode
kvm: vcpu 0: requested 10176 ns lapic timer period limited to 500000 ns
device eql entered promiscuous mode