INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts. syzkaller login: [ 29.985563] IPVS: ftp: loaded support on port[0] = 21 [ 29.986480] IPVS: ftp: loaded support on port[0] = 21 [ 29.991530] IPVS: ftp: loaded support on port[0] = 21 [ 29.996592] IPVS: ftp: loaded support on port[0] = 21 [ 30.001546] IPVS: ftp: loaded support on port[0] = 21 [ 30.006900] IPVS: ftp: loaded support on port[0] = 21 [ 30.012134] IPVS: ftp: loaded support on port[0] = 21 [ 30.022535] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program [ 30.207631] IPVS: stopping backup sync thread 4516 ... [ 30.215011] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.222072] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.230255] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.235447] IPVS: stopping backup sync thread 4517 ... [ 30.241707] IPVS: stopping backup sync thread 4522 ... [ 30.246635] IPVS: stopping backup sync thread 4521 ... executing program executing program executing program executing program executing program executing program executing program [ 30.253582] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.265976] IPVS: stopping backup sync thread 4531 ... [ 30.265991] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.276752] IPVS: stopping backup sync thread 4538 ... [ 30.280769] IPVS: stopping backup sync thread 4524 ... [ 30.287721] IPVS: stopping backup sync thread 4540 ... [ 30.293227] IPVS: stopping backup sync thread 4542 ... executing program executing program executing program executing program [ 30.322767] IPVS: stopping backup sync thread 4553 ... [ 30.331471] IPVS: stopping backup sync thread 4561 ... [ 30.333528] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.340669] IPVS: stopping backup sync thread 4562 ... [ 30.347304] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.355604] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.360294] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.368280] IPVS: stopping backup sync thread 4570 ... [ 30.377378] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.381556] IPVS: stopping backup sync thread 4566 ... [ 30.389994] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.398390] IPVS: stopping backup sync thread 4578 ... [ 30.403671] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.410140] executing program [ 30.417287] IPVS: stopping backup sync thread 4571 ... [ 30.418847] ============================================ [ 30.418851] WARNING: possible recursive locking detected [ 30.418858] 4.16.0+ #1 Not tainted [ 30.418860] -------------------------------------------- [ 30.418870] syzkaller271037/4569 is trying to acquire lock: [ 30.443111] IPVS: stopping backup sync thread 4576 ... [ 30.443896] 00000000bedfeca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.461665] [ 30.461665] but task is already holding lock: [ 30.467613] 00000000bedfeca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.474443] [ 30.474443] other info that might help us debug this: [ 30.481093] Possible unsafe locking scenario: [ 30.481093] [ 30.487127] CPU0 [ 30.489683] ---- [ 30.492242] lock(rtnl_mutex); [ 30.495494] lock(rtnl_mutex); [ 30.498747] [ 30.498747] *** DEADLOCK *** [ 30.498747] [ 30.504781] May be due to missing lock nesting notation [ 30.504781] [ 30.511682] 2 locks held by syzkaller271037/4569: [ 30.516496] #0: 00000000bedfeca0 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.523763] #1: 000000007861f9f1 (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30 [ 30.532415] [ 30.532415] stack backtrace: [ 30.536898] CPU: 0 PID: 4569 Comm: syzkaller271037 Not tainted 4.16.0+ #1 [ 30.543807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.553140] Call Trace: [ 30.555720] dump_stack+0x1b9/0x294 [ 30.559328] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.564498] ? print_lock+0xd1/0xd6 [ 30.568119] ? vprintk_func+0x81/0xe7 [ 30.571908] __lock_acquire.cold.62+0x18c/0x55b [ 30.576557] ? debug_check_no_locks_freed+0x310/0x310 [ 30.581726] ? __enqueue_entity+0x10d/0x1f0 [ 30.586036] ? __lock_acquire+0x7f5/0x5140 [ 30.590260] ? put_prev_task_fair+0x80/0x80 [ 30.594558] ? debug_check_no_locks_freed+0x310/0x310 [ 30.599725] ? debug_check_no_locks_freed+0x310/0x310 [ 30.604894] ? select_idle_sibling+0xd70/0xd70 [ 30.609460] ? lock_downgrade+0x8e0/0x8e0 [ 30.613584] ? graph_lock+0x170/0x170 [ 30.617360] ? graph_lock+0x170/0x170 [ 30.621141] ? rcu_is_watching+0x85/0x140 [ 30.625274] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 30.630441] ? graph_lock+0x170/0x170 [ 30.634218] ? graph_lock+0x170/0x170 [ 30.637999] lock_acquire+0x1dc/0x520 [ 30.641794] ? rtnl_lock+0x17/0x20 [ 30.645315] ? lock_release+0xa10/0xa10 [ 30.649269] ? check_same_owner+0x320/0x320 [ 30.653566] ? graph_lock+0x170/0x170 [ 30.657356] ? rcu_note_context_switch+0x710/0x710 [ 30.662265] ? __might_sleep+0x95/0x190 [ 30.666221] ? rtnl_lock+0x17/0x20 [ 30.669743] __mutex_lock+0x16d/0x17f0 [ 30.673610] ? rtnl_lock+0x17/0x20 [ 30.677131] ? rtnl_lock+0x17/0x20 [ 30.680653] ? mutex_trylock+0x2a0/0x2a0 [ 30.684694] ? mark_held_locks+0xc9/0x160 [ 30.688822] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.693391] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.697872] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.702868] ? trace_hardirqs_on+0xd/0x10 [ 30.706993] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.711471] ? wait_for_completion_killable+0x56c/0x960 [ 30.716817] ? wait_for_completion_interruptible_timeout+0x960/0x960 [ 30.723290] ? lock_downgrade+0x8e0/0x8e0 [ 30.727434] ? kasan_check_read+0x11/0x20 [ 30.731558] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.735943] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.740508] ? wake_up_q+0x100/0x100 [ 30.744207] ? kasan_check_write+0x14/0x20 [ 30.748427] ? do_raw_spin_lock+0xc1/0x200 [ 30.752646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.758167] ? __kthread_create_on_node+0x34f/0x4c0 [ 30.763172] ? __kthread_parkme+0x280/0x280 [ 30.767479] ? kasan_check_read+0x11/0x20 [ 30.771610] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.775999] ? __lock_is_held+0xb5/0x140 [ 30.780057] mutex_lock_nested+0x16/0x20 [ 30.784097] ? mutex_lock_nested+0x16/0x20 [ 30.788310] rtnl_lock+0x17/0x20 [ 30.791654] ip_mc_drop_socket+0x8f/0x270 [ 30.795779] inet_release+0x4e/0x1f0 [ 30.799473] sock_release+0x96/0x1b0 [ 30.803164] start_sync_thread+0xdc3/0x2d40 [ 30.807464] ? __lock_acquire+0x7f5/0x5140 [ 30.811688] ? ip_vs_process_message+0xa0a/0xa0a [ 30.816422] ? ip_vs_sync_conn+0x33a0/0x33a0 [ 30.820826] ? graph_lock+0x170/0x170 [ 30.824609] ? lock_downgrade+0x8e0/0x8e0 [ 30.828740] ? lock_downgrade+0x8e0/0x8e0 [ 30.832868] ? kasan_check_read+0x11/0x20 [ 30.837000] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.841400] ? __local_bh_enable_ip+0x161/0x230 [ 30.846057] ? find_held_lock+0x36/0x1c0 [ 30.850100] ? lock_downgrade+0x8e0/0x8e0 [ 30.854235] ? lock_release+0xa10/0xa10 [ 30.858189] ? check_same_owner+0x320/0x320 [ 30.862491] ? module_unload_free+0x5b0/0x5b0 [ 30.866965] do_ip_vs_set_ctl+0x59c/0x1d30 [ 30.871184] ? find_held_lock+0x36/0x1c0 [ 30.875224] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.879702] ? lock_downgrade+0x8e0/0x8e0 [ 30.883836] ? kasan_check_read+0x11/0x20 [ 30.887969] ? rcu_is_watching+0x85/0x140 [ 30.892099] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 30.897277] ? kasan_check_write+0x14/0x20 [ 30.901494] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 30.906401] ? wait_for_completion+0x870/0x870 [ 30.910962] ? module_unload_free+0x5b0/0x5b0 [ 30.915443] ? find_held_lock+0x36/0x1c0 [ 30.919494] ? mutex_unlock+0xd/0x10 [ 30.923184] nf_setsockopt+0x7d/0xd0 [ 30.926874] ? nf_setsockopt+0x7d/0xd0 [ 30.930749] ip_setsockopt+0xd8/0xf0 [ 30.934449] tcp_setsockopt+0x93/0xe0 [ 30.938230] sock_common_setsockopt+0x9a/0xe0 [ 30.942716] __sys_setsockopt+0x1bd/0x390 [ 30.946848] ? kernel_accept+0x310/0x310 [ 30.950889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.956406] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 30.961232] SyS_setsockopt+0x34/0x50 [ 30.965025] ? SyS_recv+0x40/0x40 [ 30.968463] do_syscall_64+0x29e/0x9d0 [ 30.972327] ? vmalloc_sync_all+0x30/0x30 [ 30.976458] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.980948] ? finish_task_switch+0x1ca/0x810 [ 30.985428] ? syscall_return_slowpath+0x5c0/0x5c0 [ 30.990335] ? syscall_return_slowpath+0x30f/0x5c0 [ 30.995249] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 31.000591] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.005421] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 31.010590] RIP: 0033:0x447cc9 [ 31.013757] RSP: 002b:00007f31f6662db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 31.021444] RAX: ffffffffffffffda RBX: 0000000000700024 RCX: 0000000000447cc9 [ 31.028693] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000003 [ 31.035951] RBP: 0000000000700020 R08: 0000000000000018 R09: 0000000000000000 [ 31.043290] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000 [ 31.050536] R13: 000000000080fdff R14: 00007f31f66639c0 R15: 0000000000000004