[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.44' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   60.835273][ T6835] IPVS: ftp: loaded support on port[0] = 21
[   60.879099][ T6856] IPVS: ftp: loaded support on port[0] = 21
[   60.917279][    T7] tipc: TX() has been purged, node left!
[   60.917852][ T6835] 
[   60.925502][ T6835] ======================================================
[   60.932492][ T6835] WARNING: possible circular locking dependency detected
[   60.939485][ T6835] 5.9.0-rc2-next-20200828-syzkaller #0 Not tainted
[   60.945948][ T6835] ------------------------------------------------------
[   60.952935][ T6835] syz-executor338/6835 is trying to acquire lock:
[   60.959425][ T6835] ffffffff8a879430 (pernet_ops_rwsem){++++}-{3:3}, at: unregister_netdevice_notifier+0x1e/0x170
[   60.969821][ T6835] 
[   60.969821][ T6835] but task is already holding lock:
[   60.977178][ T6835] ffff88808ab64210 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[   60.987230][ T6835] 
[   60.987230][ T6835] which lock already depends on the new lock.
[   60.987230][ T6835] 
[   60.997603][ T6835] 
[   60.997603][ T6835] the existing dependency chain (in reverse order) is:
[   61.006587][ T6835] 
[   61.006587][ T6835] -> #3 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}:
[   61.015262][ T6835]        down_write+0x8d/0x150
[   61.020004][ T6835]        __sock_release+0x86/0x280
[   61.025090][ T6835]        sock_close+0x18/0x20
[   61.029741][ T6835]        __fput+0x285/0x920
[   61.034214][ T6835]        delayed_fput+0x56/0x70
[   61.039040][ T6835]        process_one_work+0x94c/0x1670
[   61.044475][ T6835]        worker_thread+0x64c/0x1120
[   61.049642][ T6835]        kthread+0x3b5/0x4a0
[   61.054204][ T6835]        ret_from_fork+0x1f/0x30
[   61.059103][ T6835] 
[   61.059103][ T6835] -> #2 ((delayed_fput_work).work){+.+.}-{0:0}:
[   61.067495][ T6835]        process_one_work+0x8bb/0x1670
[   61.072924][ T6835]        worker_thread+0x64c/0x1120
[   61.078102][ T6835]        kthread+0x3b5/0x4a0
[   61.082660][ T6835]        ret_from_fork+0x1f/0x30
[   61.087557][ T6835] 
[   61.087557][ T6835] -> #1 ((wq_completion)events){+.+.}-{0:0}:
[   61.095690][ T6835]        flush_workqueue+0x110/0x13e0
[   61.101029][ T6835]        tipc_exit_net+0x47/0x2a0
[   61.106023][ T6835]        ops_exit_list+0xb0/0x160
[   61.111019][ T6835]        cleanup_net+0x4ea/0xb10
[   61.115930][ T6835]        process_one_work+0x94c/0x1670
[   61.121360][ T6835]        worker_thread+0x64c/0x1120
[   61.126526][ T6835]        kthread+0x3b5/0x4a0
[   61.131175][ T6835]        ret_from_fork+0x1f/0x30
[   61.136092][ T6835] 
[   61.136092][ T6835] -> #0 (pernet_ops_rwsem){++++}-{3:3}:
[   61.143792][ T6835]        __lock_acquire+0x2a6b/0x5640
[   61.149134][ T6835]        lock_acquire+0x1f1/0xad0
[   61.154126][ T6835]        down_write+0x8d/0x150
[   61.158858][ T6835]        unregister_netdevice_notifier+0x1e/0x170
[   61.165256][ T6835]        raw_release+0x58/0x890
[   61.170080][ T6835]        __sock_release+0xcd/0x280
[   61.175162][ T6835]        sock_close+0x18/0x20
[   61.179813][ T6835]        __fput+0x285/0x920
[   61.184285][ T6835]        task_work_run+0xdd/0x190
[   61.189279][ T6835]        do_exit+0xb7d/0x29f0
[   61.193925][ T6835]        do_group_exit+0x125/0x310
[   61.199012][ T6835]        __x64_sys_exit_group+0x3a/0x50
[   61.204527][ T6835]        do_syscall_64+0x2d/0x70
[   61.209436][ T6835]        entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.215816][ T6835] 
[   61.215816][ T6835] other info that might help us debug this:
[   61.215816][ T6835] 
[   61.226012][ T6835] Chain exists of:
[   61.226012][ T6835]   pernet_ops_rwsem --> (delayed_fput_work).work --> &sb->s_type->i_mutex_key#13
[   61.226012][ T6835] 
[   61.240914][ T6835]  Possible unsafe locking scenario:
[   61.240914][ T6835] 
[   61.248460][ T6835]        CPU0                    CPU1
[   61.253796][ T6835]        ----                    ----
[   61.259134][ T6835]   lock(&sb->s_type->i_mutex_key#13);
[   61.264584][ T6835]                                lock((delayed_fput_work).work);
[   61.272271][ T6835]                                lock(&sb->s_type->i_mutex_key#13);
[   61.280219][ T6835]   lock(pernet_ops_rwsem);
[   61.284694][ T6835] 
[   61.284694][ T6835]  *** DEADLOCK ***
[   61.284694][ T6835] 
[   61.292925][ T6835] 1 lock held by syz-executor338/6835:
[   61.298362][ T6835]  #0: ffff88808ab64210 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[   61.308854][ T6835] 
[   61.308854][ T6835] stack backtrace:
[   61.314720][ T6835] CPU: 1 PID: 6835 Comm: syz-executor338 Not tainted 5.9.0-rc2-next-20200828-syzkaller #0
[   61.324587][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   61.334606][ T6835] Call Trace:
[   61.337869][ T6835]  dump_stack+0x18f/0x20d
[   61.342181][ T6835]  check_noncircular+0x324/0x3e0
[   61.347105][ T6835]  ? print_circular_bug+0x3a0/0x3a0
[   61.352271][ T6835]  ? find_held_lock+0x2d/0x110
[   61.357007][ T6835]  ? is_bpf_text_address+0xa9/0x160
[   61.362187][ T6835]  ? lock_repin_lock+0x460/0x460
[   61.367102][ T6835]  ? mark_lock+0xbc/0x1710
[   61.371503][ T6835]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.377543][ T6835]  __lock_acquire+0x2a6b/0x5640
[   61.382387][ T6835]  ? lockdep_hardirqs_on_prepare+0x530/0x530
[   61.388344][ T6835]  lock_acquire+0x1f1/0xad0
[   61.392848][ T6835]  ? unregister_netdevice_notifier+0x1e/0x170
[   61.398892][ T6835]  ? lock_release+0x8e0/0x8e0
[   61.403641][ T6835]  ? lock_is_held_type+0xbb/0xf0
[   61.408552][ T6835]  ? __sock_release+0x86/0x280
[   61.413287][ T6835]  down_write+0x8d/0x150
[   61.417513][ T6835]  ? unregister_netdevice_notifier+0x1e/0x170
[   61.423567][ T6835]  ? down_write_killable+0x170/0x170
[   61.428825][ T6835]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[   61.434601][ T6835]  ? lock_is_held_type+0xbb/0xf0
[   61.439509][ T6835]  unregister_netdevice_notifier+0x1e/0x170
[   61.445381][ T6835]  raw_release+0x58/0x890
[   61.449704][ T6835]  ? fcntl_setlk+0xf60/0xf60
[   61.454268][ T6835]  __sock_release+0xcd/0x280
[   61.458829][ T6835]  sock_close+0x18/0x20
[   61.462957][ T6835]  __fput+0x285/0x920
[   61.466912][ T6835]  ? __sock_release+0x280/0x280
[   61.471743][ T6835]  task_work_run+0xdd/0x190
[   61.476219][ T6835]  do_exit+0xb7d/0x29f0
[   61.480473][ T6835]  ? try_to_wake_up+0xd6/0x12b0
[   61.485329][ T6835]  ? do_group_exit+0x29a/0x310
[   61.490091][ T6835]  ? mm_update_next_owner+0x7a0/0x7a0
[   61.495446][ T6835]  ? lock_downgrade+0x830/0x830
[   61.500268][ T6835]  ? _raw_spin_unlock_irq+0x1f/0x80
[   61.505459][ T6835]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[   61.511412][ T6835]  ? trace_hardirqs_on+0x5f/0x220
[   61.516423][ T6835]  do_group_exit+0x125/0x310
[   61.521096][ T6835]  __x64_sys_exit_group+0x3a/0x50
[   61.526095][ T6835]  do_syscall_64+0x2d/0x70
[   61.530483][ T6835]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.536431][ T6835] RIP: 0033:0x444e18
[   61.540312][ T6835] Code: Bad RIP value.
[   61.544352][ T6835] RSP: 002b:00007fff6577efe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   61.552846][ T6835] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000444e18
[   61.560793][ T6835] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001
[   61.568735][ T6835] RBP: 00000000004ccd50 R08: 00000000000000e7 R09: ffffffffffffffd0
[   61.576674][ T6835] R10: 00007fff6577f040 R11: 0000000000000246 R12: 0000000000000001
[   61.584617][ T6835] R13: 00000000006e0320 R14: 000000000000002d R15: 0000000000000064