netlink: 220 bytes leftover after parsing attributes in process `syz-executor.5'. ============================= WARNING: suspicious RCU usage 5.10.156 #1 Not tainted ----------------------------- net/xfrm/xfrm_user.c:1110 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by syz-executor.5/77131: #0: ffff888045504510 (&net->xfrm.xfrm_cfg_mutex){+.+.}-{3:3}, at: xfrm_netlink_rcv+0x5c/0x90 net/xfrm/xfrm_user.c:2878 stack backtrace: CPU: 1 PID: 77131 Comm: syz-executor.5 Not tainted 5.10.156 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x167 lib/dump_stack.c:118 xfrm_nlmsg_multicast net/xfrm/xfrm_user.c:1110 [inline] xfrm_notify_userpolicy net/xfrm/xfrm_user.c:1941 [inline] xfrm_set_default+0x64a/0x750 net/xfrm/xfrm_user.c:1967 xfrm_user_rcv_msg+0x416/0x830 net/xfrm/xfrm_user.c:2857 netlink_rcv_skb+0x14b/0x430 net/netlink/af_netlink.c:2515 xfrm_netlink_rcv+0x6b/0x90 net/xfrm/xfrm_user.c:2879 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] netlink_unicast+0x549/0x7f0 net/netlink/af_netlink.c:1339 netlink_sendmsg+0x905/0xdf0 net/netlink/af_netlink.c:1934 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x154/0x190 net/socket.c:671 ____sys_sendmsg+0x70d/0x870 net/socket.c:2342 ___sys_sendmsg+0xf3/0x170 net/socket.c:2396 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2429 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x61/0xc6 RIP: 0033:0x7fd4aa9eeb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd4a7f64188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007fd4aab01f60 RCX: 00007fd4aa9eeb19 RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 RBP: 00007fd4aaa48f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd29bd5edf R14: 00007fd4a7f64300 R15: 0000000000022000 SELinux: Context system_u:object_r:hald_log_t:s0 is not valid (left unmapped). audit: type=1400 audit(1670017976.740:95): avc: denied { associate } for pid=77125 comm="syz-executor.2" name="sr0" dev="devtmpfs" ino=116 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 srawcon="system_u:object_r:hald_log_t:s0" FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 77166 Comm: syz-executor.0 Not tainted 5.10.156 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x107/0x167 lib/dump_stack.c:118 fail_dump lib/fault-inject.c:52 [inline] should_fail.cold+0x5/0xa lib/fault-inject.c:146 should_failslab+0x5/0x20 mm/slab_common.c:1193 slab_pre_alloc_hook mm/slab.h:515 [inline] slab_alloc_node mm/slub.c:2821 [inline] slab_alloc mm/slub.c:2904 [inline] kmem_cache_alloc+0x5b/0x360 mm/slub.c:2909 mem_pool_alloc mm/kmemleak.c:423 [inline] create_object.isra.0+0x3a/0xa20 mm/kmemleak.c:578 kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] slab_post_alloc_hook mm/slab.h:534 [inline] slab_alloc_node mm/slub.c:2896 [inline] kmem_cache_alloc_node+0x169/0x370 mm/slub.c:2932 __alloc_skb+0x6d/0x620 net/core/skbuff.c:198 alloc_skb include/linux/skbuff.h:1096 [inline] bt_skb_alloc include/net/bluetooth/bluetooth.h:391 [inline] create_monitor_event+0x371/0x850 net/bluetooth/hci_sock.c:433 send_monitor_replay net/bluetooth/hci_sock.c:665 [inline] hci_sock_bind+0xb7c/0x1480 net/bluetooth/hci_sock.c:1292 __sys_bind+0x1f2/0x260 net/socket.c:1645 __do_sys_bind net/socket.c:1656 [inline] __se_sys_bind net/socket.c:1654 [inline] __x64_sys_bind+0x6f/0xb0 net/socket.c:1654 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x61/0xc6 RIP: 0033:0x7fe8cfce0b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fe8cd256188 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 00007fe8cfdf3f60 RCX: 00007fe8cfce0b19 RDX: 0000000000000006 RSI: 0000000020000040 RDI: 0000000000000005 RBP: 00007fe8cd2561d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffe65e4c4cf R14: 00007fe8cd256300 R15: 0000000000022000 netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. EXT4-fs (loop7): bad geometry: block count 256 exceeds size of device (2 blocks) EXT4-fs (loop7): bad geometry: block count 256 exceeds size of device (2 blocks) netlink: 220 bytes leftover after parsing attributes in process `syz-executor.5'. EXT4-fs warning (device sda): verify_group_input:170: Bad blocks count 0 netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.