=============================
WARNING: suspicious RCU usage
6.8.0-rc2-syzkaller-00251-g6897cea71837 #0 Not tainted
-----------------------------
net/netfilter/ipset/ip_set_hash_gen.h:455 suspicious rcu_dereference_protected() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syz-executor.2/11768:
#0: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
#0: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2184 [inline]
#0: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xcfc/0x1810 kernel/rcu/tree.c:2465
stack backtrace:
CPU: 1 PID: 11768 Comm: syz-executor.2 Not tainted 6.8.0-rc2-syzkaller-00251-g6897cea71837 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106
lockdep_rcu_suspicious+0x220/0x340 kernel/locking/lockdep.c:6712
hash_netportnet6_destroy+0xf0/0x2c0 net/netfilter/ipset/ip_set_hash_gen.h:455
ip_set_destroy_set net/netfilter/ipset/ip_set_core.c:1180 [inline]
ip_set_destroy_set_rcu+0x6a/0xe0 net/netfilter/ipset/ip_set_core.c:1190
rcu_do_batch kernel/rcu/tree.c:2190 [inline]
rcu_core+0xd76/0x1810 kernel/rcu/tree.c:2465
__do_softirq+0x2bb/0x942 kernel/softirq.c:553
invoke_softirq kernel/softirq.c:427 [inline]
__irq_exit_rcu+0xf1/0x1c0 kernel/softirq.c:632
irq_exit_rcu+0x9/0x30 kernel/softirq.c:644
sysvec_apic_timer_interrupt+0x97/0xb0 arch/x86/kernel/apic/apic.c:1076
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:finish_task_switch+0x1ea/0x850 kernel/sched/core.c:5274
Code: c9 50 e8 d9 c9 0b 00 48 83 c4 08 4c 89 f7 e8 3d 37 00 00 0f 1f 44 00 00 4c 89 f7 e8 60 d5 0b 0a e8 1b 4d 35 00 fb 48 8b 5d c0 <48> 8d bb d8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
RSP: 0018:ffffc900056a7968 EFLAGS: 00000286
RAX: 19d2b891b3c5ed00 RBX: ffff88802c6c3b80 RCX: ffffffff94481303
RDX: dffffc0000000000 RSI: ffffffff8baab560 RDI: ffffffff8bfe67e0
RBP: ffffc900056a79b0 R08: ffffffff8f85546f R09: 1ffffffff1f0aa8d
R10: dffffc0000000000 R11: fffffbfff1f0aa8e R12: dffffc0000000000
R13: 1ffff110172a7ad7 R14: ffff8880b953c940 R15: ffff8880b953d6b8
context_switch kernel/sched/core.c:5403 [inline]
__schedule+0x17d9/0x49f0 kernel/sched/core.c:6727
__schedule_loop kernel/sched/core.c:6802 [inline]
schedule+0x149/0x260 kernel/sched/core.c:6817
do_nanosleep+0x196/0x600 kernel/time/hrtimer.c:2047
hrtimer_nanosleep+0x226/0x470 kernel/time/hrtimer.c:2100
__do_sys_clock_nanosleep kernel/time/posix-timers.c:1396 [inline]
__se_sys_clock_nanosleep+0x32a/0x3c0 kernel/time/posix-timers.c:1373
do_syscall_64+0xf9/0x240
entry_SYSCALL_64_after_hwframe+0x6f/0x77
RIP: 0033:0x7fe09dca91b5
Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 b9 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f ba ff ff 48 8b 04 24 48 83 c4 28 f7 d8
RSP: 002b:00007fe09decfac0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: ffffffffffffffda RBX: 00007fe09decfc90 RCX: 00007fe09dca91b5
RDX: 00007fe09decfb00 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000000000 R09: 00007fe09decfa47
R10: 0000000000000000 R11: 0000000000000293 R12: 00007fe09ddac050
R13: 0000000000000028 R14: 00007fe09ddac050 R15: 00007fe09dc34bb0
=============================
WARNING: suspicious RCU usage
6.8.0-rc2-syzkaller-00251-g6897cea71837 #0 Not tainted
-----------------------------
net/netfilter/ipset/ip_set_hash_gen.h:455 suspicious rcu_dereference_protected() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
3 locks held by syz-executor.1/18207:
#0: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
#0: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]
#0: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: release_task+0xd5/0x1810 kernel/exit.c:250
#1: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
#1: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]
#1: ffffffff8e130ae0 (rcu_read_lock){....}-{1:2}, at: release_task+0xd5/0x1810 kernel/exit.c:250
#2: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
#2: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2184 [inline]
#2: ffffffff8e130ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xcfc/0x1810 kernel/rcu/tree.c:2465
stack backtrace:
CPU: 1 PID: 18207 Comm: syz-executor.1 Not tainted 6.8.0-rc2-syzkaller-00251-g6897cea71837 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106
lockdep_rcu_suspicious+0x220/0x340 kernel/locking/lockdep.c:6712
hash_netiface6_destroy+0xf0/0x2c0 net/netfilter/ipset/ip_set_hash_gen.h:455
ip_set_destroy_set net/netfilter/ipset/ip_set_core.c:1180 [inline]
ip_set_destroy_set_rcu+0x6a/0xe0 net/netfilter/ipset/ip_set_core.c:1190
rcu_do_batch kernel/rcu/tree.c:2190 [inline]
rcu_core+0xd76/0x1810 kernel/rcu/tree.c:2465
__do_softirq+0x2bb/0x942 kernel/softirq.c:553
invoke_softirq kernel/softirq.c:427 [inline]
__irq_exit_rcu+0xf1/0x1c0 kernel/softirq.c:632
irq_exit_rcu+0x9/0x30 kernel/softirq.c:644
sysvec_apic_timer_interrupt+0x97/0xb0 arch/x86/kernel/apic/apic.c:1076
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:rcu_dynticks_curr_cpu_in_eqs include/linux/context_tracking.h:122 [inline]
RIP: 0010:rcu_is_watching+0x2e/0xb0 kernel/rcu/tree.c:700
Code: 41 57 41 56 53 65 ff 05 78 f1 88 7e e8 ab ad eb 09 89 c3 83 f8 08 73 7a 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 40 f9 ad 8d <4c> 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 7c b4 7a 00
RSP: 0018:ffffc900142577c0 EFLAGS: 00000297
RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff81713840
RDX: 0000000000000000 RSI: ffffffff8bfe67c0 RDI: ffffffff8bfe6780
RBP: ffffc90014257910 R08: ffffffff8f85546f R09: 1ffffffff1f0aa8d
R10: dffffc0000000000 R11: fffffbfff1f0aa8e R12: 1ffff9200284af08
R13: ffffffff81583a05 R14: ffffffff8dadf948 R15: dffffc0000000000
trace_lock_release include/trace/events/lock.h:69 [inline]
lock_release+0xbf/0x9d0 kernel/locking/lockdep.c:5765
rcu_lock_release include/linux/rcupdate.h:308 [inline]
rcu_read_unlock include/linux/rcupdate.h:783 [inline]
release_task+0x345/0x1810 kernel/exit.c:251
exit_notify kernel/exit.c:767 [inline]
do_exit+0x1a62/0x2740 kernel/exit.c:891
do_group_exit+0x206/0x2c0 kernel/exit.c:1020
get_signal+0x176d/0x1850 kernel/signal.c:2893
arch_do_signal_or_restart+0x96/0x860 arch/x86/kernel/signal.c:310
exit_to_user_mode_loop kernel/entry/common.c:105 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:201 [inline]
syscall_exit_to_user_mode+0xc8/0x370 kernel/entry/common.c:212
do_syscall_64+0x108/0x240 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x6f/0x77
RIP: 0033:0x7f061707dda9
Code: Unable to access opcode bytes at 0x7f061707dd7f.
RSP: 002b:00007f0617dd7178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f06171abf88 RCX: 00007f061707dda9
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f06171abf88
RBP: 00007f06171abf80 R08: 00007f0617dd76c0 R09: 00007f0617dd76c0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f06171abf8c
R13: 000000000000000b R14: 00007f06172cf960 R15: 00007f06172cfa48
----------------
Code disassembly (best guess):
0: c9 leave
1: 50 push %rax
2: e8 d9 c9 0b 00 call 0xbc9e0
7: 48 83 c4 08 add $0x8,%rsp
b: 4c 89 f7 mov %r14,%rdi
e: e8 3d 37 00 00 call 0x3750
13: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
18: 4c 89 f7 mov %r14,%rdi
1b: e8 60 d5 0b 0a call 0xa0bd580
20: e8 1b 4d 35 00 call 0x354d40
25: fb sti
26: 48 8b 5d c0 mov -0x40(%rbp),%rbx
* 2a: 48 8d bb d8 15 00 00 lea 0x15d8(%rbx),%rdi <-- trapping instruction
31: 48 89 f8 mov %rdi,%rax
34: 48 c1 e8 03 shr $0x3,%rax
38: 49 rex.WB
39: be 00 00 00 00 mov $0x0,%esi
3e: 00 fc add %bh,%ah