IPVS: Creating netns size=2552 id=18

===============================
[ INFO: suspicious RCU usage. ]
4.4.141-gbda6b6e #70 Not tainted
-------------------------------
kernel/rcu/tree_plugin.h:685 Illegal synchronize_rcu() in RCU read-side critical section!

other info that might help us debug this:


rcu_scheduler_active = 1, debug_locks = 0
4 locks held by syz-executor2/12064:
 #0:  (l2tp_sock){+.....}, at: [<ffffffff8359b59c>] spin_lock include/linux/spinlock.h:302 [inline]
 #0:  (l2tp_sock){+.....}, at: [<ffffffff8359b59c>] l2tp_xmit_skb+0x38c/0xeb0 net/l2tp/l2tp_core.c:1139
 #1:  (rcu_read_lock){......}, at: [<ffffffff834ec7bf>] inet6_csk_xmit+0xff/0x490 net/ipv6/inet6_connection_sock.c:163
 #2:  (rcu_read_lock_bh){......}, at: [<ffffffff83429845>] ip6_finish_output2+0x1d5/0x1ca0 net/ipv6/ip6_output.c:71
 #3:  (&n->lock){++--..}, at: [<ffffffff82fa2c2f>] __neigh_event_send+0x2f/0xc50 net/core/neighbour.c:969

stack backtrace:
CPU: 1 PID: 12064 Comm: syz-executor2 Not tainted 4.4.141-gbda6b6e #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 9ae73de1a6c084f1 ffff8801bb06f090 ffffffff81e0e16d
 ffff8801bb7de000 0000000000000000 0000000000000001 ffffffff83a676c0
 ffff8800af6b52d8 ffff8801bb06f0c0 ffffffff8140e3f7 ffff8800af6b5180
Call Trace:
 [<ffffffff81e0e16d>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81e0e16d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
 [<ffffffff8140e3f7>] lockdep_rcu_suspicious.cold.47+0x110/0x141 kernel/locking/lockdep.c:4305
 [<ffffffff81281a98>] synchronize_rcu+0x78/0xa0 kernel/rcu/tree_plugin.h:682
 [<ffffffff8359f51a>] __l2tp_session_unhash+0x38a/0x520 net/l2tp/l2tp_core.c:1702
 [<ffffffff8359f87b>] l2tp_tunnel_closeall+0x1cb/0x350 net/l2tp/l2tp_core.c:1270
 [<ffffffff835a0152>] l2tp_tunnel_destruct+0x2f2/0x590 net/l2tp/l2tp_core.c:1230
 [<ffffffff82f2f3cc>] sk_destruct+0x4c/0x4c0 net/core/sock.c:1447
 [<ffffffff82f2f88f>] __sk_free+0x4f/0x220 net/core/sock.c:1480
 [<ffffffff82f31813>] sock_wfree+0x103/0x140 net/core/sock.c:1667
 [<ffffffff82f35493>] skb_release_head_state+0x103/0x210 net/core/skbuff.c:646
 [<ffffffff82f37375>] skb_release_all+0x15/0x60 net/core/skbuff.c:659
 [<ffffffff82f373d5>] __kfree_skb+0x15/0x20 net/core/skbuff.c:675
 [<ffffffff82f374d7>] kfree_skb+0xf7/0x3e0 net/core/skbuff.c:696
 [<ffffffff82fa3252>] __neigh_event_send+0x652/0xc50 net/core/neighbour.c:1016
 [<ffffffff82fa8b6b>] neigh_event_send include/net/neighbour.h:431 [inline]
 [<ffffffff82fa8b6b>] neigh_resolve_output+0x4eb/0x790 net/core/neighbour.c:1310
 [<ffffffff83429f99>] dst_neigh_output include/net/dst.h:461 [inline]
 [<ffffffff83429f99>] ip6_finish_output2+0x929/0x1ca0 net/ipv6/ip6_output.c:113
 [<ffffffff834335d8>] ip6_finish_output+0x3b8/0x760 net/ipv6/ip6_output.c:131
 [<ffffffff83433b38>] NF_HOOK_COND include/linux/netfilter.h:240 [inline]
 [<ffffffff83433b38>] ip6_output+0x1b8/0x520 net/ipv6/ip6_output.c:145
 [<ffffffff8342bf8a>] dst_output include/net/dst.h:498 [inline]
 [<ffffffff8342bf8a>] NF_HOOK_THRESH include/linux/netfilter.h:226 [inline]
 [<ffffffff8342bf8a>] NF_HOOK include/linux/netfilter.h:249 [inline]
 [<ffffffff8342bf8a>] ip6_xmit+0xc7a/0x1a00 net/ipv6/ip6_output.c:242
 [<ffffffff834ec905>] inet6_csk_xmit+0x245/0x490 net/ipv6/inet6_connection_sock.c:176
 [<ffffffff8359bdfb>] l2tp_xmit_core net/l2tp/l2tp_core.c:1084 [inline]
 [<ffffffff8359bdfb>] l2tp_xmit_skb+0xbeb/0xeb0 net/l2tp/l2tp_core.c:1179
 [<ffffffff835a8330>] pppol2tp_sendmsg+0x4e0/0x7d0 net/l2tp/l2tp_ppp.c:355
 [<ffffffff82f1e2dc>] sock_sendmsg_nosec net/socket.c:625 [inline]
 [<ffffffff82f1e2dc>] sock_sendmsg+0xcc/0x110 net/socket.c:635
 [<ffffffff82f1faa1>] ___sys_sendmsg+0x441/0x880 net/socket.c:1962
 [<ffffffff82f2207e>] __sys_sendmmsg+0x12e/0x2e0 net/socket.c:2047
 [<ffffffff82f22265>] SYSC_sendmmsg net/socket.c:2077 [inline]
 [<ffffffff82f22265>] SyS_sendmmsg+0x35/0x60 net/socket.c:2072
 [<ffffffff838c2be5>] entry_SYSCALL_64_fastpath+0x22/0x9e
BUG: sleeping function called from invalid context at kernel/sched/completion.c:90
in_atomic(): 1, irqs_disabled(): 0, pid: 12064, name: syz-executor2
INFO: lockdep is turned off.
Preemption disabled at:[<ffffffff82f1e2dc>] sock_sendmsg_nosec net/socket.c:625 [inline]
Preemption disabled at:[<ffffffff82f1e2dc>] sock_sendmsg+0xcc/0x110 net/socket.c:635

CPU: 1 PID: 12064 Comm: syz-executor2 Not tainted 4.4.141-gbda6b6e #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 9ae73de1a6c084f1 ffff8801bb06ee10 ffffffff81e0e16d
 ffff8801bb7de000 0000000000000000 ffff8801bb7de000 000000000000005a
 ffff8801bb7de000 ffff8801bb06ee48 ffffffff8140c515 ffff8801bb7de000
Call Trace:
 [<ffffffff81e0e16d>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81e0e16d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
 [<ffffffff8140c515>] ___might_sleep.cold.116+0x1bd/0x1d3 kernel/sched/core.c:7992
 [<ffffffff811a4790>] __might_sleep+0x90/0x1a0 kernel/sched/core.c:7952
 [<ffffffff838b7b89>] __wait_for_common kernel/sched/completion.c:90 [inline]
 [<ffffffff838b7b89>] wait_for_common kernel/sched/completion.c:101 [inline]
 [<ffffffff838b7b89>] wait_for_completion+0x89/0x2e0 kernel/sched/completion.c:122
 [<ffffffff81277397>] __wait_rcu_gp+0x137/0x1b0 kernel/rcu/update.c:347
 [<ffffffff8127fa94>] synchronize_rcu.part.55+0x94/0xd0 kernel/rcu/tree_plugin.h:691
 [<ffffffff81281a57>] synchronize_rcu+0x37/0xa0 kernel/rcu/tree_plugin.h:692
 [<ffffffff8359f51a>] __l2tp_session_unhash+0x38a/0x520 net/l2tp/l2tp_core.c:1702
 [<ffffffff8359f87b>] l2tp_tunnel_closeall+0x1cb/0x350 net/l2tp/l2tp_core.c:1270
 [<ffffffff835a0152>] l2tp_tunnel_destruct+0x2f2/0x590 net/l2tp/l2tp_core.c:1230
 [<ffffffff82f2f3cc>] sk_destruct+0x4c/0x4c0 net/core/sock.c:1447
 [<ffffffff82f2f88f>] __sk_free+0x4f/0x220 net/core/sock.c:1480
 [<ffffffff82f31813>] sock_wfree+0x103/0x140 net/core/sock.c:1667
 [<ffffffff82f35493>] skb_release_head_state+0x103/0x210 net/core/skbuff.c:646
 [<ffffffff82f37375>] skb_release_all+0x15/0x60 net/core/skbuff.c:659
 [<ffffffff82f373d5>] __kfree_skb+0x15/0x20 net/core/skbuff.c:675
 [<ffffffff82f374d7>] kfree_skb+0xf7/0x3e0 net/core/skbuff.c:696
 [<ffffffff82fa3252>] __neigh_event_send+0x652/0xc50 net/core/neighbour.c:1016
 [<ffffffff82fa8b6b>] neigh_event_send include/net/neighbour.h:431 [inline]
 [<ffffffff82fa8b6b>] neigh_resolve_output+0x4eb/0x790 net/core/neighbour.c:1310
 [<ffffffff83429f99>] dst_neigh_output include/net/dst.h:461 [inline]
 [<ffffffff83429f99>] ip6_finish_output2+0x929/0x1ca0 net/ipv6/ip6_output.c:113
 [<ffffffff834335d8>] ip6_finish_output+0x3b8/0x760 net/ipv6/ip6_output.c:131
 [<ffffffff83433b38>] NF_HOOK_COND include/linux/netfilter.h:240 [inline]
 [<ffffffff83433b38>] ip6_output+0x1b8/0x520 net/ipv6/ip6_output.c:145
 [<ffffffff8342bf8a>] dst_output include/net/dst.h:498 [inline]
 [<ffffffff8342bf8a>] NF_HOOK_THRESH include/linux/netfilter.h:226 [inline]
 [<ffffffff8342bf8a>] NF_HOOK include/linux/netfilter.h:249 [inline]
 [<ffffffff8342bf8a>] ip6_xmit+0xc7a/0x1a00 net/ipv6/ip6_output.c:242
 [<ffffffff834ec905>] inet6_csk_xmit+0x245/0x490 net/ipv6/inet6_connection_sock.c:176
 [<ffffffff8359bdfb>] l2tp_xmit_core net/l2tp/l2tp_core.c:1084 [inline]
 [<ffffffff8359bdfb>] l2tp_xmit_skb+0xbeb/0xeb0 net/l2tp/l2tp_core.c:1179
 [<ffffffff835a8330>] pppol2tp_sendmsg+0x4e0/0x7d0 net/l2tp/l2tp_ppp.c:355
 [<ffffffff82f1e2dc>] sock_sendmsg_nosec net/socket.c:625 [inline]
 [<ffffffff82f1e2dc>] sock_sendmsg+0xcc/0x110 net/socket.c:635
 [<ffffffff82f1faa1>] ___sys_sendmsg+0x441/0x880 net/socket.c:1962
 [<ffffffff82f2207e>] __sys_sendmmsg+0x12e/0x2e0 net/socket.c:2047
 [<ffffffff82f22265>] SYSC_sendmmsg net/socket.c:2077 [inline]
 [<ffffffff82f22265>] SyS_sendmmsg+0x35/0x60 net/socket.c:2072
 [<ffffffff838c2be5>] entry_SYSCALL_64_fastpath+0x22/0x9e
BUG: scheduling while atomic: syz-executor2/12064/0x00000603
INFO: lockdep is turned off.
Modules linked in:
Preemption disabled at:[<ffffffff82f1e2dc>] sock_sendmsg_nosec net/socket.c:625 [inline]
Preemption disabled at:[<ffffffff82f1e2dc>] sock_sendmsg+0xcc/0x110 net/socket.c:635

CPU: 1 PID: 12064 Comm: syz-executor2 Not tainted 4.4.141-gbda6b6e #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 9ae73de1a6c084f1 ffff8801bb06ec68 ffffffff81e0e16d
 ffff8801bb7de000 0000000000000603 000000000001f4c0 0000000000000000
 0000000000000001 ffff8801bb06ec88 ffffffff8140c609 ffff8801db31f4c0
Call Trace:
 [<ffffffff81e0e16d>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81e0e16d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
 [<ffffffff8140c609>] __schedule_bug.cold.117+0xde/0x100 kernel/sched/core.c:3142
 [<ffffffff838b3e4f>] schedule_debug kernel/sched/core.c:3157 [inline]
 [<ffffffff838b3e4f>] __schedule+0x11ff/0x1d70 kernel/sched/core.c:3269
 [<ffffffff838b4bba>] schedule+0x7a/0x1b0 kernel/sched/core.c:3359
 [<ffffffff838bffd1>] schedule_timeout+0x481/0x8b0 kernel/time/timer.c:1515
 [<ffffffff838b7cfe>] do_wait_for_common kernel/sched/completion.c:75 [inline]
 [<ffffffff838b7cfe>] __wait_for_common kernel/sched/completion.c:93 [inline]
 [<ffffffff838b7cfe>] wait_for_common kernel/sched/completion.c:101 [inline]
 [<ffffffff838b7cfe>] wait_for_completion+0x1fe/0x2e0 kernel/sched/completion.c:122
 [<ffffffff81277397>] __wait_rcu_gp+0x137/0x1b0 kernel/rcu/update.c:347
 [<ffffffff8127fa94>] synchronize_rcu.part.55+0x94/0xd0 kernel/rcu/tree_plugin.h:691
 [<ffffffff81281a57>] synchronize_rcu+0x37/0xa0 kernel/rcu/tree_plugin.h:692
 [<ffffffff8359f51a>] __l2tp_session_unhash+0x38a/0x520 net/l2tp/l2tp_core.c:1702
 [<ffffffff8359f87b>] l2tp_tunnel_closeall+0x1cb/0x350 net/l2tp/l2tp_core.c:1270
 [<ffffffff835a0152>] l2tp_tunnel_destruct+0x2f2/0x590 net/l2tp/l2tp_core.c:1230
 [<ffffffff82f2f3cc>] sk_destruct+0x4c/0x4c0 net/core/sock.c:1447
 [<ffffffff82f2f88f>] __sk_free+0x4f/0x220 net/core/sock.c:1480
 [<ffffffff82f31813>] sock_wfree+0x103/0x140 net/core/sock.c:1667
 [<ffffffff82f35493>] skb_release_head_state+0x103/0x210 net/core/skbuff.c:646
 [<ffffffff82f37375>] skb_release_all+0x15/0x60 net/core/skbuff.c:659
 [<ffffffff82f373d5>] __kfree_skb+0x15/0x20 net/core/skbuff.c:675
 [<ffffffff82f374d7>] kfree_skb+0xf7/0x3e0 net/core/skbuff.c:696
 [<ffffffff82fa3252>] __neigh_event_send+0x652/0xc50 net/core/neighbour.c:1016
 [<ffffffff82fa8b6b>] neigh_event_send include/net/neighbour.h:431 [inline]
 [<ffffffff82fa8b6b>] neigh_resolve_output+0x4eb/0x790 net/core/neighbour.c:1310
 [<ffffffff83429f99>] dst_neigh_output include/net/dst.h:461 [inline]
 [<ffffffff83429f99>] ip6_finish_output2+0x929/0x1ca0 net/ipv6/ip6_output.c:113
 [<ffffffff834335d8>] ip6_finish_output+0x3b8/0x760 net/ipv6/ip6_output.c:131
 [<ffffffff83433b38>] NF_HOOK_COND include/linux/netfilter.h:240 [inline]
 [<ffffffff83433b38>] ip6_output+0x1b8/0x520 net/ipv6/ip6_output.c:145
 [<ffffffff8342bf8a>] dst_output include/net/dst.h:498 [inline]
 [<ffffffff8342bf8a>] NF_HOOK_THRESH include/linux/netfilter.h:226 [inline]
 [<ffffffff8342bf8a>] NF_HOOK include/linux/netfilter.h:249 [inline]
 [<ffffffff8342bf8a>] ip6_xmit+0xc7a/0x1a00 net/ipv6/ip6_output.c:242
 [<ffffffff834ec905>] inet6_csk_xmit+0x245/0x490 net/ipv6/inet6_connection_sock.c:176
 [<ffffffff8359bdfb>] l2tp_xmit_core net/l2tp/l2tp_core.c:1084 [inline]
 [<ffffffff8359bdfb>] l2tp_xmit_skb+0xbeb/0xeb0 net/l2tp/l2tp_core.c:1179
 [<ffffffff835a8330>] pppol2tp_sendmsg+0x4e0/0x7d0 net/l2tp/l2tp_ppp.c:355
 [<ffffffff82f1e2dc>] sock_sendmsg_nosec net/socket.c:625 [inline]
 [<ffffffff82f1e2dc>] sock_sendmsg+0xcc/0x110 net/socket.c:635
 [<ffffffff82f1faa1>] ___sys_sendmsg+0x441/0x880 net/socket.c:1962
 [<ffffffff82f2207e>] __sys_sendmmsg+0x12e/0x2e0 net/socket.c:2047
 [<ffffffff82f22265>] SYSC_sendmmsg net/socket.c:2077 [inline]
 [<ffffffff82f22265>] SyS_sendmmsg+0x35/0x60 net/socket.c:2072
 [<ffffffff838c2be5>] entry_SYSCALL_64_fastpath+0x22/0x9e