INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.1' (ECDSA) to the list of known hosts. 2018/03/27 08:51:07 parsed 1 programs 2018/03/27 08:51:07 executed programs: 0 syzkaller login: [ 24.843998] IPVS: ftp: loaded support on port[0] = 21 [ 24.886170] IPVS: ftp: loaded support on port[0] = 21 [ 24.913750] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 24.930971] IPVS: ftp: loaded support on port[0] = 21 [ 24.946583] IPVS: stopping backup sync thread 4307 ... [ 24.968134] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 24.979410] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 24.996479] IPVS: ftp: loaded support on port[0] = 21 [ 24.997374] IPVS: stopping backup sync thread 4312 ... [ 25.011847] IPVS: stopping backup sync thread 4314 ... [ 25.027980] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.038247] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.049919] IPVS: ftp: loaded support on port[0] = 21 [ 25.067927] IPVS: stopping backup sync thread 4319 ... [ 25.070692] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.084784] IPVS: stopping backup sync thread 4320 ... [ 25.088078] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.107071] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.130503] IPVS: ftp: loaded support on port[0] = 21 [ 25.167706] IPVS: stopping backup sync thread 4326 ... [ 25.174768] IPVS: stopping backup sync thread 4329 ... [ 25.181693] IPVS: stopping backup sync thread 4328 ... [ 25.188386] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.190970] IPVS: ftp: loaded support on port[0] = 21 [ 25.203896] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.213840] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.222716] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.232205] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.255701] IPVS: stopping backup sync thread 4340 ... [ 25.272265] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.285284] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.303863] IPVS: ftp: loaded support on port[0] = 21 [ 25.330289] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.355419] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.378804] IPVS: stopping backup sync thread 4351 ... [ 25.379952] IPVS: stopping backup sync thread 4341 ... [ 25.386242] IPVS: stopping backup sync thread 4344 ... [ 25.396559] IPVS: stopping backup sync thread 4342 ... [ 25.397917] IPVS: stopping backup sync thread 4343 ... [ 25.404476] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.412223] IPVS: stopping backup sync thread 4349 ... [ 25.416370] IPVS: stopping backup sync thread 4354 ... [ 25.429669] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.442099] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.450674] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.459601] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.462101] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 25.470354] [ 25.478217] ============================================ [ 25.483649] WARNING: possible recursive locking detected [ 25.489081] 4.16.0-rc7+ #278 Not tainted [ 25.493109] -------------------------------------------- [ 25.498526] syz-executor1/4370 is trying to acquire lock: [ 25.504056] (rtnl_mutex){+.+.}, at: [<00000000089fd6f5>] rtnl_lock+0x17/0x20 [ 25.511315] [ 25.511315] but task is already holding lock: [ 25.517251] (rtnl_mutex){+.+.}, at: [<00000000089fd6f5>] rtnl_lock+0x17/0x20 [ 25.524498] [ 25.524498] other info that might help us debug this: [ 25.531132] Possible unsafe locking scenario: [ 25.531132] [ 25.537162] CPU0 [ 25.539711] ---- [ 25.542261] lock(rtnl_mutex); [ 25.545509] lock(rtnl_mutex); [ 25.548755] [ 25.548755] *** DEADLOCK *** [ 25.548755] [ 25.554781] May be due to missing lock nesting notation [ 25.554781] [ 25.561676] 2 locks held by syz-executor1/4370: [ 25.566309] #0: (rtnl_mutex){+.+.}, at: [<00000000089fd6f5>] rtnl_lock+0x17/0x20 [ 25.574004] #1: (ipvs->sync_mutex){+.+.}, at: [<00000000e07c1c9e>] do_ip_vs_set_ctl+0x10f8/0x1cc0 [ 25.583192] [ 25.583192] stack backtrace: [ 25.587679] CPU: 0 PID: 4370 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #278 [ 25.594935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.604271] Call Trace: [ 25.606856] dump_stack+0x194/0x24d [ 25.610459] ? arch_local_irq_restore+0x53/0x53 [ 25.615102] __lock_acquire+0xe8f/0x3e00 [ 25.619139] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 25.624390] ? account_kernel_stack+0x25e/0x3c0 [ 25.629033] ? __lock_acquire+0x664/0x3e00 [ 25.633240] ? finish_task_switch+0x539/0x7e0 [ 25.637705] ? copy_overflow+0x20/0x20 [ 25.641566] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 25.646730] ? __schedule+0x903/0x1ec0 [ 25.650591] ? __sched_text_start+0x8/0x8 [ 25.654713] ? trace_hardirqs_off+0x10/0x10 [ 25.659006] ? trace_hardirqs_off+0x10/0x10 [ 25.663301] ? trace_hardirqs_off+0x10/0x10 [ 25.667601] ? trace_hardirqs_off+0x10/0x10 [ 25.671897] ? dequeue_task_fair+0x490/0x490 [ 25.676280] lock_acquire+0x1d5/0x580 [ 25.680052] ? lock_acquire+0x1d5/0x580 [ 25.683997] ? rtnl_lock+0x17/0x20 [ 25.687513] ? lock_release+0xa40/0xa40 [ 25.691460] ? check_same_owner+0x320/0x320 [ 25.695768] ? __schedule+0x1ec0/0x1ec0 [ 25.699713] ? rcu_note_context_switch+0x710/0x710 [ 25.704612] ? __might_sleep+0x95/0x190 [ 25.708556] ? rtnl_lock+0x17/0x20 [ 25.712069] __mutex_lock+0x16f/0x1a80 [ 25.715936] ? rtnl_lock+0x17/0x20 [ 25.719454] ? wait_for_completion_killable+0x63e/0x820 [ 25.724790] ? lock_downgrade+0x980/0x980 [ 25.728912] ? rtnl_lock+0x17/0x20 [ 25.732426] ? mutex_lock_io_nested+0x1900/0x1900 [ 25.737245] ? mark_held_locks+0xaf/0x100 [ 25.741374] ? _raw_spin_unlock_irq+0x27/0x70 [ 25.745843] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 25.750834] ? trace_hardirqs_on+0xd/0x10 [ 25.754955] ? _raw_spin_unlock_irq+0x27/0x70 [ 25.759424] ? wait_for_completion_killable+0x63e/0x820 [ 25.764759] ? wait_for_completion_interruptible_timeout+0x820/0x820 [ 25.771221] ? lock_downgrade+0x980/0x980 [ 25.775340] ? lock_release+0xa40/0xa40 [ 25.779286] ? __kthread_create_on_node+0x127/0x480 [ 25.784272] ? do_raw_spin_trylock+0x190/0x190 [ 25.788825] ? wake_up_q+0xe0/0xe0 [ 25.792338] ? entry_SYSENTER_compat+0x70/0x7f [ 25.796898] ? __kthread_create_on_node+0x36e/0x480 [ 25.801889] ? print_irqtrace_events+0x270/0x270 [ 25.806617] ? kthread_park+0x130/0x130 [ 25.810561] ? lock_release+0xa40/0xa40 [ 25.814511] ? __lock_is_held+0xb6/0x140 [ 25.818544] mutex_lock_nested+0x16/0x20 [ 25.822577] ? mutex_lock_nested+0x16/0x20 [ 25.826785] rtnl_lock+0x17/0x20 [ 25.830127] ip_mc_drop_socket+0x88/0x230 [ 25.834268] inet_release+0x4e/0x1c0 [ 25.837952] sock_release+0x8d/0x1e0 [ 25.841637] start_sync_thread+0x2213/0x2b70 [ 25.846018] ? do_ip_vs_set_ctl+0x10f8/0x1cc0 [ 25.850484] ? ip_vs_process_message_v0+0x870/0x870 [ 25.855473] ? ip_vs_sync_conn+0x3950/0x3950 [ 25.859861] ? find_held_lock+0x35/0x1d0 [ 25.863908] ? trace_hardirqs_off+0x10/0x10 [ 25.868207] ? lock_downgrade+0x980/0x980 [ 25.872324] ? lock_downgrade+0x980/0x980 [ 25.876440] ? lock_release+0xa40/0xa40 [ 25.880384] ? lock_acquire+0x1d5/0x580 [ 25.884334] ? lock_acquire+0x1d5/0x580 [ 25.888281] ? find_held_lock+0x35/0x1d0 [ 25.892313] ? __might_fault+0x110/0x1d0 [ 25.896347] ? __release_sock+0x360/0x360 [ 25.900466] ? lock_release+0xa40/0xa40 [ 25.904413] ? check_same_owner+0x320/0x320 [ 25.909550] ? module_unload_free+0x5b0/0x5b0 [ 25.914024] ? __might_sleep+0x95/0x190 [ 25.917976] do_ip_vs_set_ctl+0x1139/0x1cc0 [ 25.922270] ? do_ip_vs_set_ctl+0x1139/0x1cc0 [ 25.926735] ? do_futex+0x86f/0x22a0 [ 25.930422] ? ip_vs_genl_dump_services+0x440/0x440 [ 25.935415] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 25.940664] ? lock_downgrade+0x980/0x980 [ 25.944785] ? __mutex_init+0x1c7/0x2a0 [ 25.948731] ? SyS_membarrier+0x700/0x700 [ 25.952863] ? find_held_lock+0x35/0x1d0 [ 25.956905] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 25.961718] ? lock_downgrade+0x980/0x980 [ 25.965834] ? wait_for_completion+0x770/0x770 [ 25.970389] ? module_unload_free+0x5b0/0x5b0 [ 25.974860] ? __fget+0x36b/0x5b0 [ 25.978291] compat_nf_setsockopt+0xfa/0x130 [ 25.982672] ? compat_nf_setsockopt+0xfa/0x130 [ 25.987241] compat_ip_setsockopt+0x8b/0xd0 [ 25.991535] compat_udp_setsockopt+0x45/0x80 [ 25.995915] compat_sock_common_setsockopt+0xb2/0x140 [ 26.001076] ? udp_lib_unhash+0xa10/0xa10 [ 26.005197] compat_SyS_setsockopt+0x17c/0x410 [ 26.009751] ? sock_common_setsockopt+0xd0/0xd0 [ 26.014395] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 26.019123] ? do_fast_syscall_32+0x156/0xf9f [ 26.023591] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 26.028329] do_fast_syscall_32+0x3ec/0xf9f [ 26.032624] ? _raw_spin_unlock_irq+0x27/0x70 [ 26.037092] ? do_int80_syscall_32+0x9c0/0x9c0 [ 26.041644] ? _raw_spin_unlock_irq+0x27/0x70 [ 26.046118] ? finish_task_switch+0x1c1/0x7e0 [ 26.050585] ? syscall_return_slowpath+0x2ac/0x550 [ 26.055484] ? prepare_exit_to_usermode+0x350/0x350 [ 26.060474] ? sysret32_from_system_call+0x5/0x3c [ 26.065290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.070103] entry_SYSENTER_compat+0x70/0x7f [ 26.074483] RIP: 0023:0xf7f54c99 [ 26.077818] RSP: 002b:00000000f7f5009c EFLAGS: 00000286 ORIG_RAX: 000000000000016e [ 26.085499] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 26.092741] RDX: 000000000000048b RSI: 00000000200000c0 RDI: 0000000000000018 [ 26.099983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 26.107226] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 26.114468] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000