[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.305339] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[ ok 8[?25h[?0c. [ 19.614278] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [ 19.945395] random: sshd: uninitialized urandom read (32 bytes read, 34 bits of entropy available) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.951700] random: sshd: uninitialized urandom read (32 bytes read, 109 bits of entropy available) [ 61.799780] random: sshd: uninitialized urandom read (32 bytes read, 126 bits of entropy available) Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. [ 67.270537] random: nonblocking pool is initialized 2018/04/11 05:45:18 parsed 1 programs 2018/04/11 05:45:18 executed programs: 0 [ 67.670917] IPVS: Creating netns size=2552 id=1 [ 67.723884] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 67.724205] IPVS: stopping backup sync thread 3786 ... [ 67.783613] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 67.784151] IPVS: stopping backup sync thread 3790 ... [ 67.833482] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 67.833729] IPVS: stopping backup sync thread 3795 ... [ 67.893263] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 67.894762] IPVS: stopping backup sync thread 3799 ... [ 67.943361] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 67.943584] IPVS: stopping backup sync thread 3804 ... [ 68.003480] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.003725] IPVS: stopping backup sync thread 3809 ... [ 68.073152] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.080932] IPVS: stopping backup sync thread 3813 ... [ 68.123429] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.123651] IPVS: stopping backup sync thread 3818 ... [ 68.183299] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.184779] IPVS: stopping backup sync thread 3822 ... [ 68.233432] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.233649] IPVS: stopping backup sync thread 3827 ... [ 68.303930] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.305135] IPVS: stopping backup sync thread 3832 ... [ 68.373267] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.374767] IPVS: stopping backup sync thread 3836 ... [ 68.423271] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.423492] IPVS: stopping backup sync thread 3841 ... [ 68.483245] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.483467] IPVS: stopping backup sync thread 3845 ... [ 68.534279] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.534529] IPVS: stopping backup sync thread 3850 ... [ 68.593411] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.593638] IPVS: stopping backup sync thread 3854 ... [ 68.653472] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.653737] IPVS: stopping backup sync thread 3859 ... [ 68.714120] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.714360] IPVS: stopping backup sync thread 3864 ... [ 68.773332] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.773554] IPVS: stopping backup sync thread 3868 ... [ 68.833759] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.841136] IPVS: stopping backup sync thread 3873 ... [ 68.903957] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.904231] IPVS: stopping backup sync thread 3878 ... [ 68.973468] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 68.973720] IPVS: stopping backup sync thread 3882 ... [ 69.033243] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.033467] IPVS: stopping backup sync thread 3887 ... [ 69.093386] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.093622] IPVS: stopping backup sync thread 3891 ... [ 69.143949] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.144206] IPVS: stopping backup sync thread 3896 ... [ 69.204200] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.204422] IPVS: stopping backup sync thread 3901 ... [ 69.273614] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.273839] IPVS: stopping backup sync thread 3906 ... [ 69.333566] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.333862] IPVS: stopping backup sync thread 3910 ... [ 69.394402] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.394647] IPVS: stopping backup sync thread 3915 ... [ 69.453210] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.454715] IPVS: stopping backup sync thread 3919 ... [ 69.503516] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.503765] IPVS: stopping backup sync thread 3924 ... [ 69.563621] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.563625] IPVS: stopping backup sync thread 3931 ... [ 69.624177] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.625630] IPVS: stopping backup sync thread 3939 ... [ 69.683713] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.683931] IPVS: stopping backup sync thread 3943 ... [ 69.723465] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 69.725043] IPVS: stopping backup sync thread 3948 ... [ 69.738762] [ 69.740370] ============================================= [ 69.745874] [ INFO: possible recursive locking detected ] [ 69.751377] 4.4.125-g38f41ec #21 Not tainted [ 69.755753] --------------------------------------------- [ 69.761257] syz-executor0/3947 is trying to acquire lock: [ 69.766781] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 69.774669] [ 69.774669] but task is already holding lock: [ 69.780643] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 69.788556] [ 69.788556] other info that might help us debug this: [ 69.795199] Possible unsafe locking scenario: [ 69.795199] [ 69.801222] CPU0 [ 69.803771] ---- [ 69.806321] lock(rtnl_mutex); [ 69.809799] lock(rtnl_mutex); [ 69.813276] [ 69.813276] *** DEADLOCK *** [ 69.813276] [ 69.819301] May be due to missing lock nesting notation [ 69.819301] [ 69.826195] 2 locks held by syz-executor0/3947: [ 69.830828] #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 69.839255] #1: (ipvs->sync_mutex){+.+.+.}, at: [] do_ip_vs_set_ctl+0x8d3/0xba0 [ 69.849010] [ 69.849010] stack backtrace: [ 69.853473] CPU: 1 PID: 3947 Comm: syz-executor0 Not tainted 4.4.125-g38f41ec #21 [ 69.861059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.870383] 0000000000000000 77f201cc7a0844e0 ffff8800ac55f440 ffffffff81d067bd [ 69.878343] ffffffff85170f60 ffffffff85170f60 ffff8800ac8a6000 dffffc0000000000 [ 69.886317] ffff8800ac8a68e0 ffff8800ac55f5f0 ffffffff81238c40 ffffffff84a258a8 [ 69.894291] Call Trace: [ 69.896849] [] dump_stack+0xc1/0x124 [ 69.902186] [] __lock_acquire+0x1350/0x4b50 [ 69.908131] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 69.915114] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 69.922107] [] ? __lock_is_held+0xa1/0xf0 [ 69.927876] [] lock_acquire+0x15e/0x460 [ 69.933469] [] ? rtnl_lock+0x17/0x20 [ 69.938802] [] ? rtnl_lock+0x17/0x20 [ 69.944134] [] mutex_lock_nested+0xbb/0x850 [ 69.950074] [] ? rtnl_lock+0x17/0x20 [ 69.955417] [] ? qtaguid_untag+0x495/0x690 [ 69.961281] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 69.967492] [] ? _raw_spin_unlock_bh+0x30/0x40 [ 69.973701] [] ? qtaguid_untag+0x322/0x690 [ 69.979555] [] rtnl_lock+0x17/0x20 [ 69.984731] [] ip_mc_drop_socket+0x88/0x230 [ 69.990676] [] inet_release+0x5b/0x1d0 [ 69.996382] [] sock_release+0x8d/0x1e0 [ 70.001888] [] start_sync_thread+0x196a/0x1f50 [ 70.008088] [] ? ip_vs_proc_sync_conn+0xb10/0xb10 [ 70.014558] [] ? ip_vs_sync_conn+0x2980/0x2980 [ 70.020777] [] ? mark_held_locks+0xaf/0x100 [ 70.026718] [] ? mutex_lock_nested+0x5d4/0x850 [ 70.032915] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 70.039721] [] ? mutex_lock_nested+0x560/0x850 [ 70.045919] [] ? do_ip_vs_set_ctl+0x8d3/0xba0 [ 70.052031] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 70.058230] [] ? memcpy+0x45/0x50 [ 70.063302] [] do_ip_vs_set_ctl+0x8e5/0xba0 [ 70.069240] [] ? __lock_acquire+0xb5f/0x4b50 [ 70.075271] [] ? ip_vs_genl_set_cmd+0x9a0/0x9a0 [ 70.081562] [] ? mark_held_locks+0xaf/0x100 [ 70.087500] [] ? mutex_lock_nested+0x5d4/0x850 [ 70.093700] [] ? __mutex_unlock_slowpath+0x208/0x3b0 [ 70.100425] [] ? __ww_mutex_lock_interruptible+0x14d0/0x14d0 [ 70.107838] [] ? mutex_unlock+0x9/0x10 [ 70.113343] [] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 70.120506] [] compat_nf_setsockopt+0xfa/0x130 [ 70.126704] [] compat_ip_setsockopt+0x8b/0xd0 [ 70.132814] [] compat_udp_setsockopt+0x45/0x80 [ 70.139012] [] ? udp_lib_setsockopt+0x560/0x560 [ 70.145300] [] compat_ipv6_setsockopt+0xb3/0x1c0 [ 70.151679] [] compat_udpv6_setsockopt+0x45/0x80 [ 70.158054] [] compat_sock_common_setsockopt+0xb2/0x140 [ 70.165036] [] ? udp_v6_push_pending_frames+0x340/0x340 [ 70.172017] [] compat_SyS_setsockopt+0x149/0x290 [ 70.178390] [] ? sock_common_setsockopt+0xd0/0xd0 [ 70.184936] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 70.191483] [] ? do_fast_syscall_32+0xd7/0x8a0 [ 70.197683] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 70.204227] [] do_fast_syscall_32+0x321/0x8a0 [ 70.210340] [] sysenter_flags_fixed+0xd/0x17