INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.30' (ECDSA) to the list of known hosts. 2018/03/27 19:25:00 parsed 1 programs 2018/03/27 19:25:00 executed programs: 0 syzkaller login: [ 29.132295] IPVS: ftp: loaded support on port[0] = 21 [ 29.175184] IPVS: ftp: loaded support on port[0] = 21 [ 29.212675] IPVS: ftp: loaded support on port[0] = 21 [ 29.227654] IPVS: stopping backup sync thread 4440 ... [ 29.236065] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.239762] IPVS: stopping backup sync thread 4441 ... [ 29.256242] IPVS: stopping backup sync thread 4444 ... [ 29.265760] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.265868] IPVS: stopping backup sync thread 4447 ... [ 29.284554] IPVS: ftp: loaded support on port[0] = 21 [ 29.299278] IPVS: stopping backup sync thread 4450 ... [ 29.301502] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.314592] IPVS: stopping backup sync thread 4454 ... [ 29.321107] IPVS: stopping backup sync thread 4456 ... [ 29.322442] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.350895] IPVS: ftp: loaded support on port[0] = 21 [ 29.358912] IPVS: stopping backup sync thread 4461 ... [ 29.369708] IPVS: stopping backup sync thread 4462 ... [ 29.374198] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.388699] IPVS: stopping backup sync thread 4467 ... [ 29.392188] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.394251] IPVS: stopping backup sync thread 4468 ... [ 29.402705] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.418732] IPVS: stopping backup sync thread 4472 ... [ 29.428675] IPVS: ftp: loaded support on port[0] = 21 [ 29.463415] IPVS: stopping backup sync thread 4479 ... [ 29.473595] IPVS: stopping backup sync thread 4480 ... [ 29.476898] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.482162] IPVS: stopping backup sync thread 4483 ... [ 29.492157] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.495165] IPVS: stopping backup sync thread 4484 ... [ 29.501810] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.522104] IPVS: ftp: loaded support on port[0] = 21 [ 29.544541] IPVS: stopping backup sync thread 4487 ... [ 29.547042] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.565617] IPVS: stopping backup sync thread 4492 ... [ 29.572054] IPVS: stopping backup sync thread 4494 ... [ 29.573502] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.583398] IPVS: ftp: loaded support on port[0] = 21 [ 29.590953] IPVS: stopping backup sync thread 4496 ... [ 29.621163] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.621196] IPVS: stopping backup sync thread 4499 ... [ 29.648852] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.648889] IPVS: stopping backup sync thread 4502 ... [ 29.676402] IPVS: stopping backup sync thread 4515 ... [ 29.683503] IPVS: stopping backup sync thread 4518 ... [ 29.684142] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.697631] IPVS: stopping backup sync thread 4521 ... [ 29.698004] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.703826] IPVS: stopping backup sync thread 4522 ... [ 29.712690] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.717438] IPVS: stopping backup sync thread 4524 ... [ 29.726431] [ 29.732067] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 0, id = 0 [ 29.732407] ============================================ [ 29.732409] WARNING: possible recursive locking detected [ 29.732414] 4.16.0-rc7+ #278 Not tainted [ 29.732415] -------------------------------------------- [ 29.732419] syz-executor2/4514 is trying to acquire lock: [ 29.732424] (rtnl_mutex){+.+.}, at: [<0000000027e9f135>] rtnl_lock+0x17/0x20 [ 29.773994] [ 29.773994] but task is already holding lock: [ 29.779934] (rtnl_mutex){+.+.}, at: [<0000000027e9f135>] rtnl_lock+0x17/0x20 [ 29.787182] [ 29.787182] other info that might help us debug this: [ 29.793820] Possible unsafe locking scenario: [ 29.793820] [ 29.799852] CPU0 [ 29.802401] ---- [ 29.804950] lock(rtnl_mutex); [ 29.808195] lock(rtnl_mutex); [ 29.811443] [ 29.811443] *** DEADLOCK *** [ 29.811443] [ 29.817466] May be due to missing lock nesting notation [ 29.817466] [ 29.824364] 2 locks held by syz-executor2/4514: [ 29.828998] #0: (rtnl_mutex){+.+.}, at: [<0000000027e9f135>] rtnl_lock+0x17/0x20 [ 29.836725] #1: (ipvs->sync_mutex){+.+.}, at: [<0000000098b55d93>] do_ip_vs_set_ctl+0x10f8/0x1cc0 [ 29.845890] [ 29.845890] stack backtrace: [ 29.850363] CPU: 0 PID: 4514 Comm: syz-executor2 Not tainted 4.16.0-rc7+ #278 [ 29.857601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.866932] Call Trace: [ 29.869492] dump_stack+0x194/0x24d [ 29.873097] ? arch_local_irq_restore+0x53/0x53 [ 29.877747] __lock_acquire+0xe8f/0x3e00 [ 29.881794] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.886962] ? account_entity_enqueue+0x3c8/0x6e0 [ 29.891774] ? __lock_acquire+0x664/0x3e00 [ 29.895985] ? __enqueue_entity+0x109/0x1e0 [ 29.900280] ? select_idle_sibling+0x86d/0xda0 [ 29.904835] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.909992] ? find_held_lock+0x35/0x1d0 [ 29.914034] ? select_task_rq_fair+0xaa7/0x2910 [ 29.918680] ? lock_downgrade+0x980/0x980 [ 29.922803] ? __lock_acquire+0x664/0x3e00 [ 29.927011] ? trace_hardirqs_off+0x10/0x10 [ 29.931308] ? trace_hardirqs_off+0x10/0x10 [ 29.935599] ? trace_hardirqs_off+0x10/0x10 [ 29.939888] ? trace_hardirqs_off+0x10/0x10 [ 29.944177] ? dequeue_task_fair+0x490/0x490 [ 29.948555] lock_acquire+0x1d5/0x580 [ 29.952334] ? lock_acquire+0x1d5/0x580 [ 29.956276] ? rtnl_lock+0x17/0x20 [ 29.959785] ? lock_release+0xa40/0xa40 [ 29.963727] ? check_same_owner+0x320/0x320 [ 29.968021] ? try_to_wake_up+0xf9/0x15f0 [ 29.972147] ? rcu_note_context_switch+0x710/0x710 [ 29.977047] ? __might_sleep+0x95/0x190 [ 29.980991] ? rtnl_lock+0x17/0x20 [ 29.984501] __mutex_lock+0x16f/0x1a80 [ 29.988358] ? rtnl_lock+0x17/0x20 [ 29.991868] ? wait_for_completion_killable+0x63e/0x820 [ 29.997202] ? lock_downgrade+0x980/0x980 [ 30.001318] ? rtnl_lock+0x17/0x20 [ 30.004826] ? mutex_lock_io_nested+0x1900/0x1900 [ 30.009638] ? mark_held_locks+0xaf/0x100 [ 30.013759] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.018238] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.023234] ? trace_hardirqs_on+0xd/0x10 [ 30.027353] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.031817] ? wait_for_completion_killable+0x63e/0x820 [ 30.037149] ? wait_for_completion_interruptible_timeout+0x820/0x820 [ 30.043606] ? lock_downgrade+0x980/0x980 [ 30.047734] ? lock_release+0xa40/0xa40 [ 30.051688] ? __kthread_create_on_node+0x127/0x480 [ 30.056674] ? do_raw_spin_trylock+0x190/0x190 [ 30.061228] ? wake_up_q+0xe0/0xe0 [ 30.064742] ? do_fast_syscall_32+0x3ec/0xf9f [ 30.069212] ? entry_SYSENTER_compat+0x70/0x7f [ 30.073770] ? __kthread_create_on_node+0x36e/0x480 [ 30.078758] ? print_irqtrace_events+0x270/0x270 [ 30.083487] ? kthread_park+0x130/0x130 [ 30.087437] ? __lock_is_held+0xb6/0x140 [ 30.091471] mutex_lock_nested+0x16/0x20 [ 30.095864] ? mutex_lock_nested+0x16/0x20 [ 30.100072] rtnl_lock+0x17/0x20 [ 30.103408] ip_mc_drop_socket+0x88/0x230 [ 30.107527] inet_release+0x4e/0x1c0 [ 30.111210] sock_release+0x8d/0x1e0 [ 30.114897] start_sync_thread+0x2213/0x2b70 [ 30.119274] ? do_ip_vs_set_ctl+0x10f8/0x1cc0 [ 30.123744] ? ip_vs_process_message_v0+0x870/0x870 [ 30.128753] ? ip_vs_sync_conn+0x3950/0x3950 [ 30.133145] ? find_held_lock+0x35/0x1d0 [ 30.137177] ? trace_hardirqs_off+0x10/0x10 [ 30.141469] ? lock_downgrade+0x980/0x980 [ 30.145586] ? lock_downgrade+0x980/0x980 [ 30.149705] ? lock_release+0xa40/0xa40 [ 30.153646] ? lock_acquire+0x1d5/0x580 [ 30.157594] ? lock_acquire+0x1d5/0x580 [ 30.161538] ? find_held_lock+0x35/0x1d0 [ 30.165570] ? __might_fault+0x110/0x1d0 [ 30.169605] ? __release_sock+0x360/0x360 [ 30.173724] ? lock_release+0xa40/0xa40 [ 30.177676] ? check_same_owner+0x320/0x320 [ 30.181969] ? module_unload_free+0x5b0/0x5b0 [ 30.186437] ? __might_sleep+0x95/0x190 [ 30.190384] do_ip_vs_set_ctl+0x1139/0x1cc0 [ 30.194677] ? do_ip_vs_set_ctl+0x1139/0x1cc0 [ 30.199142] ? percpu_ref_put_many+0x11a/0x220 [ 30.203700] ? ip_vs_genl_dump_services+0x440/0x440 [ 30.208696] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 30.213947] ? lock_downgrade+0x980/0x980 [ 30.218068] ? trace_hardirqs_off+0x10/0x10 [ 30.222359] ? exit_robust_list+0x240/0x240 [ 30.226651] ? debug_mutex_init+0x2d/0x60 [ 30.230789] ? __mutex_init+0x1c7/0x2a0 [ 30.234750] ? SyS_membarrier+0x700/0x700 [ 30.238895] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 30.243726] ? wait_for_completion+0x770/0x770 [ 30.248284] ? module_unload_free+0x5b0/0x5b0 [ 30.252748] ? lock_release+0xa40/0xa40 [ 30.256696] ? __lock_is_held+0xb6/0x140 [ 30.260735] compat_nf_setsockopt+0xfa/0x130 [ 30.265118] ? compat_nf_setsockopt+0xfa/0x130 [ 30.269678] compat_ip_setsockopt+0x8b/0xd0 [ 30.273970] inet_csk_compat_setsockopt+0x95/0x120 [ 30.278879] ? ip_setsockopt+0xa0/0xa0 [ 30.282737] compat_tcp_setsockopt+0x3d/0x70 [ 30.287114] compat_sock_common_setsockopt+0xb2/0x140 [ 30.292278] ? tcp_setsockopt+0xd0/0xd0 [ 30.296223] compat_SyS_setsockopt+0x17c/0x410 [ 30.300772] ? sock_common_setsockopt+0xd0/0xd0 [ 30.305410] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 30.310136] ? do_fast_syscall_32+0x156/0xf9f [ 30.314606] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 30.319345] do_fast_syscall_32+0x3ec/0xf9f [ 30.323639] ? do_int80_syscall_32+0x9c0/0x9c0 [ 30.328190] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.332665] ? finish_task_switch+0x1c1/0x7e0 [ 30.337130] ? syscall_return_slowpath+0x2ac/0x550 [ 30.342034] ? prepare_exit_to_usermode+0x350/0x350 [ 30.347025] ? sysret32_from_system_call+0x5/0x3c [ 30.351841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.356656] entry_SYSENTER_compat+0x70/0x7f [ 30.361036] RIP: 0023:0xf7f08c99 [ 30.364373] RSP: 002b:00000000f7f0409c EFLAGS: 00000286 ORIG_RAX: 000000000000016e [ 30.372050] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 30.379288] RDX: 000000000000048b RSI: 0000000020000040 RDI: 0000000000000018 [ 30.386524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 30.393763] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 30.401000] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 30.436246] IPVS: stopping backup sync thread 4529 ...