[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   20.262561] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   23.779103] random: sshd: uninitialized urandom read (32 bytes read)
[   24.304590] random: sshd: uninitialized urandom read (32 bytes read)
[   25.108397] random: sshd: uninitialized urandom read (32 bytes read)
[   27.072635] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.13' (ECDSA) to the list of known hosts.
[   32.869497] random: sshd: uninitialized urandom read (32 bytes read)
2018/04/24 19:10:05 parsed 1 programs
2018/04/24 19:10:05 executed programs: 0
[   33.361542] IPVS: ftp: loaded support on port[0] = 21
[   33.372185] IPVS: ftp: loaded support on port[0] = 21
[   33.377300] IPVS: ftp: loaded support on port[0] = 21
[   33.386912] IPVS: ftp: loaded support on port[0] = 21
[   33.388060] IPVS: ftp: loaded support on port[0] = 21
[   33.414930] IPVS: ftp: loaded support on port[0] = 21
[   33.429980] IPVS: ftp: loaded support on port[0] = 21
[   33.444302] IPVS: ftp: loaded support on port[0] = 21
[   33.648053] IPVS: stopping backup sync thread 4578 ...
[   33.658745] IPVS: stopping backup sync thread 4580 ...
[   33.670375] IPVS: stopping backup sync thread 4585 ...
[   33.711498] IPVS: stopping backup sync thread 4586 ...
[   33.721746] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   33.732765] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   33.753060] IPVS: stopping backup sync thread 4607 ...
[   33.753108] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   33.778935] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   33.779503] IPVS: stopping backup sync thread 4610 ...
[   33.795131] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   33.798292] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   33.804119] IPVS: stopping backup sync thread 4617 ...
[   33.812099] IPVS: stopping backup sync thread 4616 ...
[   33.818853] 
[   33.824209] ============================================
[   33.829646] WARNING: possible recursive locking detected
[   33.835087] 4.17.0-rc2+ #14 Not tainted
[   33.839049] --------------------------------------------
[   33.844494] syz-executor5/4576 is trying to acquire lock:
[   33.850022]         (ptrval) (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20
[   33.856911] 
[   33.856911] but task is already holding lock:
[   33.862880]         (ptrval) (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20
[   33.869718] 
[   33.869718] other info that might help us debug this:
[   33.876376]  Possible unsafe locking scenario:
[   33.876376] 
[   33.882418]        CPU0
[   33.884977]        ----
[   33.887535]   lock(rtnl_mutex);
[   33.890791]   lock(rtnl_mutex);
[   33.894050] 
[   33.894050]  *** DEADLOCK ***
[   33.894050] 
[   33.900091]  May be due to missing lock nesting notation
[   33.900091] 
[   33.907005] 2 locks held by syz-executor5/4576:
[   33.911657]  #0:         (ptrval) (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20
[   33.918929]  #1:         (ptrval) (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30
[   33.927595] 
[   33.927595] stack backtrace:
[   33.932084] CPU: 1 PID: 4576 Comm: syz-executor5 Not tainted 4.17.0-rc2+ #14
[   33.939256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   33.948587] Call Trace:
[   33.951170]  dump_stack+0x1b9/0x294
[   33.954785]  ? dump_stack_print_info.cold.2+0x52/0x52
[   33.959957]  ? print_lock+0xd1/0xd6
[   33.963571]  ? vprintk_func+0x81/0xe7
[   33.967352]  __lock_acquire.cold.62+0x18c/0x55b
[   33.972014]  ? debug_check_no_locks_freed+0x310/0x310
[   33.977194]  ? account_kernel_stack+0x2bd/0x410
[   33.981847]  ? trace_hardirqs_on+0xd/0x10
[   33.985977]  ? put_task_stack+0x188/0x2c0
[   33.990114]  ? __lock_acquire+0x7f5/0x5140
[   33.994338]  ? preempt_notifier_register+0x1e0/0x1e0
[   33.999432]  ? __schedule+0x809/0x1e30
[   34.003303]  ? graph_lock+0x170/0x170
[   34.007089]  ? graph_lock+0x170/0x170
[   34.010869]  ? resched_curr+0x10f/0x190
[   34.014823]  ? graph_lock+0x170/0x170
[   34.018604]  ? graph_lock+0x170/0x170
[   34.022404]  lock_acquire+0x1dc/0x520
[   34.026191]  ? rtnl_lock+0x17/0x20
[   34.029721]  ? lock_release+0xa10/0xa10
[   34.033693]  ? check_same_owner+0x320/0x320
[   34.037995]  ? schedule+0xef/0x430
[   34.041523]  ? rcu_note_context_switch+0x710/0x710
[   34.046436]  ? __schedule+0x1e30/0x1e30
[   34.050393]  ? __might_sleep+0x95/0x190
[   34.054359]  ? rtnl_lock+0x17/0x20
[   34.057885]  __mutex_lock+0x16d/0x17f0
[   34.061755]  ? rtnl_lock+0x17/0x20
[   34.065276]  ? rtnl_lock+0x17/0x20
[   34.068800]  ? mutex_trylock+0x2a0/0x2a0
[   34.072853]  ? mark_held_locks+0xc9/0x160
[   34.076983]  ? do_raw_spin_trylock+0x1b0/0x1b0
[   34.081549]  ? _raw_spin_unlock_irq+0x27/0x70
[   34.086036]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   34.091070]  ? trace_hardirqs_on+0xd/0x10
[   34.095214]  ? _raw_spin_unlock_irq+0x27/0x70
[   34.099713]  ? wait_for_completion_killable+0x56c/0x960
[   34.105068]  ? wait_for_completion_interruptible_timeout+0x960/0x960
[   34.111546]  ? lock_downgrade+0x8e0/0x8e0
[   34.115686]  ? kasan_check_read+0x11/0x20
[   34.119817]  ? do_raw_spin_unlock+0x9e/0x2e0
[   34.124206]  ? do_raw_spin_trylock+0x1b0/0x1b0
[   34.128769]  ? wake_up_q+0x100/0x100
[   34.132474]  ? kasan_check_write+0x14/0x20
[   34.136694]  ? do_raw_spin_lock+0xc1/0x200
[   34.140928]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.146450]  ? __kthread_create_on_node+0x34f/0x4c0
[   34.151473]  ? __kthread_parkme+0x280/0x280
[   34.155784]  ? kasan_check_read+0x11/0x20
[   34.159915]  ? do_raw_spin_unlock+0x9e/0x2e0
[   34.164303]  ? __lock_is_held+0xb5/0x140
[   34.168350]  mutex_lock_nested+0x16/0x20
[   34.172411]  ? mutex_lock_nested+0x16/0x20
[   34.176629]  rtnl_lock+0x17/0x20
[   34.179986]  ip_mc_drop_socket+0x8f/0x270
[   34.184135]  inet_release+0x4e/0x1f0
[   34.187842]  sock_release+0x96/0x1b0
[   34.191548]  start_sync_thread+0xdc3/0x2d40
[   34.195847]  ? ip_vs_process_message+0xa0a/0xa0a
[   34.201138]  ? ip_vs_sync_conn+0x33a0/0x33a0
[   34.205529]  ? graph_lock+0x170/0x170
[   34.209311]  ? lock_downgrade+0x8e0/0x8e0
[   34.213452]  ? lock_downgrade+0x8e0/0x8e0
[   34.217595]  ? kasan_check_read+0x11/0x20
[   34.221734]  ? do_raw_spin_unlock+0x9e/0x2e0
[   34.226142]  ? __local_bh_enable_ip+0x161/0x230
[   34.230793]  ? find_held_lock+0x36/0x1c0
[   34.234857]  ? lock_downgrade+0x8e0/0x8e0
[   34.238998]  ? lock_release+0xa10/0xa10
[   34.242961]  ? check_same_owner+0x320/0x320
[   34.247267]  ? module_unload_free+0x5b0/0x5b0
[   34.251752]  do_ip_vs_set_ctl+0x59c/0x1d30
[   34.255972]  ? find_held_lock+0x36/0x1c0
[   34.260036]  ? ip_vs_genl_set_cmd+0xe80/0xe80
[   34.264525]  ? lock_downgrade+0x8e0/0x8e0
[   34.268669]  ? kasan_check_read+0x11/0x20
[   34.272816]  ? rcu_is_watching+0x85/0x140
[   34.276955]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   34.282133]  ? kasan_check_write+0x14/0x20
[   34.286362]  ? __mutex_unlock_slowpath+0x180/0x8a0
[   34.291285]  ? wait_for_completion+0x870/0x870
[   34.295863]  ? module_unload_free+0x5b0/0x5b0
[   34.300344]  ? kasan_check_read+0x11/0x20
[   34.304473]  ? __lock_is_held+0xb5/0x140
[   34.308521]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   34.313715]  ? mutex_unlock+0xd/0x10
[   34.317423]  nf_setsockopt+0x7d/0xd0
[   34.321123]  ? nf_setsockopt+0x7d/0xd0
[   34.324997]  ip_setsockopt+0xd8/0xf0
[   34.328710]  tcp_setsockopt+0x93/0xe0
[   34.332492]  sock_common_setsockopt+0x9a/0xe0
[   34.336968]  __sys_setsockopt+0x1bd/0x390
[   34.341096]  ? kernel_accept+0x310/0x310
[   34.345145]  ? do_futex+0x27d0/0x27d0
[   34.348935]  ? syscall_slow_exit_work+0x4f0/0x4f0
[   34.353763]  __x64_sys_setsockopt+0xbe/0x150
[   34.358155]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   34.363153]  do_syscall_64+0x1b1/0x800
[   34.367043]  ? syscall_return_slowpath+0x5c0/0x5c0
[   34.371963]  ? syscall_return_slowpath+0x30f/0x5c0
[   34.376874]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[   34.382227]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.387059]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   34.392225] RIP: 0033:0x455389
[   34.395392] RSP: 002b:00007fe8d48c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   34.403083] RAX: ffffffffffffffda RBX: 00007fe8d48c76d4 RCX: 0000000000455389
[   34.410344] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000004
[   34.417597] RBP: 000000000072bea0 R08: 0000000000000018 R09: 0000000000000000
[   34.424855] R10: 0000000020000040 R11: 0000000000000246 R12: 00000000ffffffff
[   34.432103] R13: 0000000000000529 R14: 00000000006fac78 R15: 0000000000000000
[   34.550249] IPVS: stopping backup sync thread 4604 ...
[   34.570989] IPVS: stopping backup sync thread 4603 ...