[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 12.607945] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 17.370623] random: sshd: uninitialized urandom read (32 bytes read) [ 17.680518] random: sshd: uninitialized urandom read (32 bytes read) [ 18.423145] random: sshd: uninitialized urandom read (32 bytes read) [ 18.564641] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts. [ 24.334624] random: sshd: uninitialized urandom read (32 bytes read) 2018/04/25 20:25:34 parsed 1 programs 2018/04/25 20:25:34 executed programs: 0 [ 24.787002] IPVS: Creating netns size=2536 id=1 [ 24.819129] IPVS: Creating netns size=2536 id=2 [ 24.832397] IPVS: Creating netns size=2536 id=3 [ 24.844474] IPVS: stopping backup sync thread 3703 ... [ 24.857513] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 24.876950] IPVS: Creating netns size=2536 id=4 [ 24.896998] IPVS: stopping backup sync thread 3719 ... [ 24.908389] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 24.909534] IPVS: stopping backup sync thread 3709 ... [ 24.913893] IPVS: Creating netns size=2536 id=5 [ 24.916869] IPVS: stopping backup sync thread 3724 ... [ 24.925633] IPVS: stopping backup sync thread 3730 ... [ 24.926081] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 24.931301] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 24.947692] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 24.952782] IPVS: stopping backup sync thread 3734 ... [ 24.954979] IPVS: stopping backup sync thread 3732 ... [ 24.961956] IPVS: Creating netns size=2536 id=6 [ 24.977375] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 24.988474] IPVS: stopping backup sync thread 3741 ... [ 24.988505] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.005376] IPVS: stopping backup sync thread 3765 ... [ 25.005610] IPVS: stopping backup sync thread 3749 ... [ 25.006141] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.006895] IPVS: Creating netns size=2536 id=7 [ 25.022634] IPVS: stopping backup sync thread 3754 ... [ 25.032259] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.033510] IPVS: stopping backup sync thread 3767 ... [ 25.033945] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.036204] IPVS: Creating netns size=2536 id=8 [ 25.063394] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.082844] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.082896] IPVS: stopping backup sync thread 3775 ... [ 25.083079] IPVS: stopping backup sync thread 3778 ... [ 25.090954] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.104572] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.117330] IPVS: stopping backup sync thread 3810 ... [ 25.120900] IPVS: stopping backup sync thread 3790 ... [ 25.120910] IPVS: stopping backup sync thread 3789 ... [ 25.134687] IPVS: stopping backup sync thread 3819 ... [ 25.134939] IPVS: stopping backup sync thread 3801 ... [ 25.143565] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.160155] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.163255] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.163490] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.163749] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.179099] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.180389] IPVS: stopping backup sync thread 3829 ... [ 25.202008] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.352756] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.417209] IPVS: stopping backup sync thread 3821 ... [ 25.419481] IPVS: stopping backup sync thread 3837 ... [ 25.422327] IPVS: stopping backup sync thread 3835 ... [ 25.422479] IPVS: stopping backup sync thread 3804 ... [ 25.423901] IPVS: stopping backup sync thread 3828 ... [ 25.424433] IPVS: stopping backup sync thread 3827 ... [ 25.427163] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.431922] IPVS: stopping backup sync thread 3824 ... [ 25.443349] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.445304] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.450145] IPVS: stopping backup sync thread 3826 ... [ 25.455396] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 25.457052] [ 25.457054] ============================================= [ 25.457055] [ INFO: possible recursive locking detected ] [ 25.457060] 4.9.96-g8c01d00 #8 Not tainted [ 25.457061] --------------------------------------------- [ 25.457064] syz-executor7/3858 is trying to acquire lock: [ 25.457082] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 25.457084] but task is already holding lock: [ 25.457093] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 25.457095] other info that might help us debug this: [ 25.457096] Possible unsafe locking scenario: [ 25.457096] [ 25.457098] CPU0 [ 25.457099] ---- [ 25.457102] lock(rtnl_mutex); [ 25.457105] lock(rtnl_mutex); [ 25.457106] [ 25.457106] *** DEADLOCK *** [ 25.457106] [ 25.457107] May be due to missing lock nesting notation [ 25.457107] [ 25.457111] 2 locks held by syz-executor7/3858: [ 25.457121] #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 25.457132] #1: (ipvs->sync_mutex){+.+.+.}, at: [] do_ip_vs_set_ctl+0x90d/0xbd0 [ 25.457134] [ 25.457134] stack backtrace: [ 25.457140] CPU: 1 PID: 3858 Comm: syz-executor7 Not tainted 4.9.96-g8c01d00 #8 [ 25.457143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.457154] ffff8801d8897410 ffffffff81eb0b69 ffffffff8539d290 ffffffff8539d290 [ 25.457161] ffffffff8539d290 ffff8801c0d6d0e8 67b62b3a4271ebc1 ffff8801d88975d0 [ 25.457169] ffffffff81425a1f ffffffff84c98ca0 ffffffff84fec8a8 ffffffff84c98ca4 [ 25.457170] Call Trace: [ 25.457179] [] dump_stack+0xc1/0x128 [ 25.457190] [] __lock_acquire.cold.59+0x166/0x5f8 [ 25.457200] [] ? debug_check_no_locks_freed+0x210/0x210 [ 25.457206] [] ? mark_held_locks+0xc7/0x130 [ 25.457212] [] ? retint_kernel+0x2d/0x2d [ 25.457219] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 25.457224] [] ? __lock_is_held+0xa2/0xf0 [ 25.457231] [] lock_acquire+0x130/0x3e0 [ 25.457236] [] ? rtnl_lock+0x17/0x20 [ 25.457242] [] ? rtnl_lock+0x17/0x20 [ 25.457250] [] mutex_lock_nested+0xc0/0x870 [ 25.457259] [] ? rtnl_lock+0x17/0x20 [ 25.457265] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 25.457272] [] ? qtaguid_untag+0x41a/0x620 [ 25.457278] [] ? mutex_trylock+0x3e0/0x3e0 [ 25.457285] [] ? _raw_spin_unlock_bh+0x30/0x40 [ 25.457292] [] ? qtaguid_untag+0x31e/0x620 [ 25.457300] [] ? __lock_is_held+0xa2/0xf0 [ 25.457308] [] rtnl_lock+0x17/0x20 [ 25.457319] [] ip_mc_drop_socket+0x8c/0x230 [ 25.457326] [] inet_release+0x5b/0x1d0 [ 25.457333] [] sock_release+0x96/0x1c0 [ 25.457340] [] start_sync_thread+0xa0e/0x1ea0 [ 25.457348] [] ? ip_vs_proc_sync_conn+0x952/0x952 [ 25.457354] [] ? ip_vs_sync_conn+0x2a90/0x2a90 [ 25.457361] [] ? mark_held_locks+0xc7/0x130 [ 25.457367] [] ? mutex_lock_nested+0x572/0x870 [ 25.457374] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 25.457381] [] ? mutex_lock_nested+0x596/0x870 [ 25.457386] [] ? do_ip_vs_set_ctl+0x90d/0xbd0 [ 25.457392] [] ? mutex_trylock+0x3e0/0x3e0 [ 25.457398] [] ? memcpy+0x45/0x50 [ 25.457404] [] do_ip_vs_set_ctl+0x91f/0xbd0 [ 25.457410] [] ? __lock_acquire+0x654/0x4070 [ 25.457415] [] ? ip_vs_genl_set_cmd+0x9c0/0x9c0 [ 25.457422] [] ? mutex_lock_nested+0x572/0x870 [ 25.457428] [] ? __mutex_unlock_slowpath+0x25b/0x3c0 [ 25.457434] [] ? __mutex_unlock_slowpath+0x221/0x3c0 [ 25.457440] [] ? __ww_mutex_lock+0x14c0/0x14c0 [ 25.457449] [] ? check_preemption_disabled+0x3b/0x170 [ 25.457455] [] ? mutex_unlock+0x9/0x10 [ 25.457463] [] nf_setsockopt+0x6d/0xc0 [ 25.457470] [] ip_setsockopt+0x9a/0xb0 [ 25.457479] [] udp_setsockopt+0x4a/0x90 [ 25.457487] [] ipv6_setsockopt+0x10a/0x130 [ 25.457493] [] udpv6_setsockopt+0x4a/0x90 [ 25.457499] [] sock_common_setsockopt+0x9a/0xe0 [ 25.457506] [] SyS_setsockopt+0x166/0x260 [ 25.457512] [] ? SyS_recv+0x40/0x40 [ 25.457521] [] ? __do_page_fault+0x183/0xd50 [ 25.457528] [] ? do_syscall_64+0x48/0x490 [ 25.457536] [] ? SyS_recv+0x40/0x40 [ 25.457543] [] do_syscall_64+0x1a6/0x490 [ 25.457550] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.240069] IPVS: stopping backup sync thread 3860 ... [ 26.244774] IPVS: stopping backup sync thread 3861 ... [ 26.255721] IPVS: stopping backup sync thread 3862 ... [ 26.268694] IPVS: stopping backup sync thread 3870 ...