sock: process `syz-executor0' is using obsolete getsockopt SO_BSDCOMPAT ============================= WARNING: suspicious RCU usage 4.15.0-rc9+ #206 Not tainted ----------------------------- net/ipv6/ip6_fib.c:1731 suspicious rcu_dereference_protected() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 4 locks held by modprobe/30853: #0: ((&net->ipv6.ip6_fib_timer)){+.-.}, at: [<0000000009873327>] lockdep_copy_map include/linux/lockdep.h:178 [inline] #0: ((&net->ipv6.ip6_fib_timer)){+.-.}, at: [<0000000009873327>] call_timer_fn+0x1c6/0x820 kernel/time/timer.c:1308 #1: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-.}, at: [<00000000aae2a989>] spin_lock_bh include/linux/spinlock.h:315 [inline] #1: (&(&net->ipv6.fib6_gc_lock)->rlock){+.-.}, at: [<00000000aae2a989>] fib6_run_gc+0x9d/0x3c0 net/ipv6/ip6_fib.c:2043 #2: (rcu_read_lock){....}, at: [<000000006b8ead6d>] __fib6_clean_all+0x0/0x3a0 net/ipv6/ip6_fib.c:1583 #3: (&(&tb->tb6_lock)->rlock){+.-.}, at: [<00000000a04c5541>] spin_lock_bh include/linux/spinlock.h:315 [inline] #3: (&(&tb->tb6_lock)->rlock){+.-.}, at: [<00000000a04c5541>] __fib6_clean_all+0x1d0/0x3a0 net/ipv6/ip6_fib.c:1984 stack backtrace: CPU: 1 PID: 30853 Comm: modprobe Not tainted 4.15.0-rc9+ #206 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585 fib6_del+0xc9c/0x12c0 net/ipv6/ip6_fib.c:1730 fib6_clean_node+0x42e/0x580 net/ipv6/ip6_fib.c:1921 fib6_walk_continue+0x46c/0x8a0 net/ipv6/ip6_fib.c:1844 fib6_walk+0x91/0xf0 net/ipv6/ip6_fib.c:1892 fib6_clean_tree+0x1e6/0x340 net/ipv6/ip6_fib.c:1969 __fib6_clean_all+0x1f4/0x3a0 net/ipv6/ip6_fib.c:1985 fib6_clean_all net/ipv6/ip6_fib.c:1996 [inline] fib6_run_gc+0x16b/0x3c0 net/ipv6/ip6_fib.c:2052 fib6_gc_timer_cb+0x20/0x30 net/ipv6/ip6_fib.c:2069 call_timer_fn+0x228/0x820 kernel/time/timer.c:1318 expire_timers kernel/time/timer.c:1355 [inline] __run_timers+0x7ee/0xb70 kernel/time/timer.c:1658 run_timer_softirq+0x4c/0x70 kernel/time/timer.c:1684 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:365 [inline] irq_exit+0x1cc/0x200 kernel/softirq.c:405 exiting_irq arch/x86/include/asm/apic.h:541 [inline] smp_apic_timer_interrupt+0x16b/0x700 arch/x86/kernel/apic/apic.c:1052 apic_timer_interrupt+0xa9/0xb0 arch/x86/entry/entry_64.S:937 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:777 [inline] RIP: 0010:kfree+0x103/0x260 mm/slab.c:3804 RSP: 0018:ffff8801c30b7be0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff11 RAX: 0000000000000007 RBX: ffff8801cf3a2900 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000282 RBP: ffff8801c30b7c00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000282 R13: ffff8801dac00340 R14: ffffffff81d7069c R15: ffff8801cdd38758 ext4_htree_free_dir_info fs/ext4/dir.c:426 [inline] ext4_release_dir+0x4c/0x60 fs/ext4/dir.c:623 __fput+0x327/0x7e0 fs/file_table.c:210 ____fput+0x15/0x20 fs/file_table.c:244 task_work_run+0x199/0x270 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:191 [inline] exit_to_usermode_loop+0x296/0x310 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] syscall_return_slowpath+0x490/0x550 arch/x86/entry/common.c:264 entry_SYSCALL_64_fastpath+0x9e/0xa0 RIP: 0033:0x7fa40040c2b0 RSP: 002b:00007ffda0027468 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 00007fa4006d7491 RCX: 00007fa40040c2b0 RDX: 00007fa4006c2e98 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00007fa4008dc2f8 R08: 0000556528007200 R09: 00007fa40045f9e0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffda0027693 R14: 00005565280071d0 R15: 00055facc5da8780 device syz7 left promiscuous mode netlink: 'syz-executor0': attribute type 3 has an invalid length. netlink: 'syz-executor0': attribute type 3 has an invalid length. nla_parse: 9 callbacks suppressed netlink: 11 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 'syz-executor0': attribute type 21 has an invalid length. openvswitch: netlink: Flow key attr not present in new flow. openvswitch: netlink: Flow key attr not present in new flow. openvswitch: netlink: Message has 4 unknown bytes. openvswitch: netlink: Message has 4 unknown bytes. netlink: 11 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor6'. sctp: [Deprecated]: syz-executor7 (pid 31420) Use of int in maxseg socket option. Use struct sctp_assoc_value instead RDS: rds_bind could not find a transport for 172.20.5.170, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 172.20.5.170, load rds_tcp or rds_rdma? sctp: [Deprecated]: syz-executor7 (pid 31433) Use of int in maxseg socket option. Use struct sctp_assoc_value instead netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 64 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 64 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 'syz-executor4': attribute type 1 has an invalid length. netlink: 'syz-executor2': attribute type 2 has an invalid length. netlink: 'syz-executor4': attribute type 1 has an invalid length. netlink: 17 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 'syz-executor2': attribute type 2 has an invalid length. Trying to set illegal importance in message Trying to set illegal importance in message netlink: 'syz-executor6': attribute type 21 has an invalid length. netlink: 'syz-executor6': attribute type 21 has an invalid length. mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app syz-executor3: vmalloc: allocation failure: 17179082752 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor3 cpuset=/ mems_allowed=0 CPU: 1 PID: 32385 Comm: syz-executor3 Not tainted 4.15.0-rc9+ #206 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 warn_alloc+0x19a/0x2b0 mm/page_alloc.c:3299 __vmalloc_node_range+0x4f0/0x650 mm/vmalloc.c:1775 __vmalloc_node mm/vmalloc.c:1804 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1826 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:541 [inline] kvmalloc_array include/linux/mm.h:557 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1690 net/ipv6/netfilter/ip6_tables.c:704 do_replace net/ipv6/netfilter/ip6_tables.c:1165 [inline] do_ip6t_set_ctl+0x370/0x5f0 net/ipv6/netfilter/ip6_tables.c:1691 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:928 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2872 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2978 SYSC_setsockopt net/socket.c:1823 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1802 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x452f19 RSP: 002b:00007f783e309c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452f19 RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000015 RBP: 00000000000005c9 R08: 0000000000000004 R09: 0000000000000000 R10: 0000000020001fde R11: 0000000000000212 R12: 00000000006f7b78 R13: 00000000ffffffff R14: 00007f783e30a6d4 R15: 0000000000000000 warn_alloc_show_mem: 1 callbacks suppressed Mem-Info: active_anon:36273 inactive_anon:63 isolated_anon:0 active_file:3842 inactive_file:9011 isolated_file:0 unevictable:0 dirty:190 writeback:0 unstable:0 slab_reclaimable:9547 slab_unreclaimable:89140 mapped:24033 shmem:70 pagetables:661 bounce:0 free:1452620 free_pcp:473 free_cma:0 Node 0 active_anon:149188kB inactive_anon:252kB active_file:15368kB inactive_file:36044kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:96132kB dirty:760kB writeback:0kB shmem:280kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 59392kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB syz-executor3: vmalloc: allocation failure: 17179082752 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor3 cpuset=/ mems_allowed=0 CPU: 0 PID: 32404 Comm: syz-executor3 Not tainted 4.15.0-rc9+ #206 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 warn_alloc+0x19a/0x2b0 mm/page_alloc.c:3299 __vmalloc_node_range+0x4f0/0x650 mm/vmalloc.c:1775 __vmalloc_node mm/vmalloc.c:1804 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1826 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:541 [inline] kvmalloc_array include/linux/mm.h:557 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1690 net/ipv6/netfilter/ip6_tables.c:704 do_replace net/ipv6/netfilter/ip6_tables.c:1165 [inline] do_ip6t_set_ctl+0x370/0x5f0 net/ipv6/netfilter/ip6_tables.c:1691 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:928 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2872 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2978 SYSC_setsockopt net/socket.c:1823 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1802 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x452f19 RSP: 002b:00007f783e2e8c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 000000000071bf58 RCX: 0000000000452f19 RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000019 RBP: 00000000000003d6 R08: 0000000000000004 R09: 0000000000000000 R10: 0000000020001fde R11: 0000000000000212 R12: 00000000006f4cb0 R13: 00000000ffffffff R14: 00007f783e2e96d4 R15: 000000000000000e lowmem_reserve[]: 0 2870 6381 6381 Node 0 DMA32 free:2941636kB min:30328kB low:37908kB high:45488kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2942308kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:672kB local_pcp:628kB free_cma:0kB lowmem_reserve[]: 0 0 3510 3510 Node 0 Normal free:2868236kB min:37084kB low:46352kB high:55620kB active_anon:134424kB inactive_anon:252kB active_file:15368kB inactive_file:36080kB unevictable:0kB writepending:796kB present:4718592kB managed:3594624kB mlocked:0kB kernel_stack:4096kB pagetables:2380kB bounce:0kB free_pcp:1324kB local_pcp:688kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB Node 0 DMA32: 3*4kB (M) 1*8kB (M) 1*16kB (M) 1*32kB (M) 2*64kB (M) 4*128kB (M) 4*256kB (M) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 716*4096kB (M) = 2941636kB Node 0 Normal: 505*4kB (UME) 763*8kB (UME) 1141*16kB (UME) 630*32kB (UME) 333*64kB (UME) 172*128kB (UM) 55*256kB (UM) 31*512kB (UME) 12*1024kB (UM) 10*2048kB (UME) 663*4096kB (UM) = 2868236kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 12931 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 327769 pages reserved RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or rds_rdma? netlink: 'syz-executor7': attribute type 2 has an invalid length. netlink: 'syz-executor7': attribute type 2 has an invalid length. netlink: 'syz-executor7': attribute type 1 has an invalid length. netlink: 'syz-executor7': attribute type 1 has an invalid length. sctp: [Deprecated]: syz-executor4 (pid 32724) Use of int in maxseg socket option. Use struct sctp_assoc_value instead nla_parse: 1 callbacks suppressed netlink: 416 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 416 bytes leftover after parsing attributes in process `syz-executor6'. A link change request failed with some changes committed already. Interface syz6 may have been left with an inconsistent configuration, please check. A link change request failed with some changes committed already. Interface syz6 may have been left with an inconsistent configuration, please check. netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. Bearer <> rejected, not supported in standalone mode