INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.36' (ECDSA) to the list of known hosts. 2018/04/11 05:31:27 parsed 1 programs 2018/04/11 05:31:27 executed programs: 0 syzkaller login: [ 26.519296] IPVS: Creating netns size=2536 id=1 [ 26.531512] IPVS: Creating netns size=2536 id=2 [ 26.542859] IPVS: Creating netns size=2536 id=3 [ 26.564498] IPVS: Creating netns size=2536 id=4 [ 26.575696] IPVS: Creating netns size=2536 id=5 [ 26.615431] IPVS: Creating netns size=2536 id=6 [ 26.634354] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.638156] IPVS: stopping backup sync thread 3822 ... [ 26.648774] IPVS: Creating netns size=2536 id=7 [ 26.674253] IPVS: Creating netns size=2536 id=8 [ 26.701054] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.704126] IPVS: stopping backup sync thread 3836 ... [ 26.730204] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.730453] IPVS: stopping backup sync thread 3842 ... [ 26.801147] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.803756] IPVS: stopping backup sync thread 3849 ... [ 26.831993] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.832857] IPVS: stopping backup sync thread 3854 ... [ 26.860487] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.860756] IPVS: stopping backup sync thread 3861 ... [ 26.891041] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.893331] IPVS: stopping backup sync thread 3867 ... [ 26.920553] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.922847] IPVS: stopping backup sync thread 3873 ... [ 26.950528] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.953033] IPVS: stopping backup sync thread 3879 ... [ 26.979944] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 26.980181] IPVS: stopping backup sync thread 3884 ... [ 27.081172] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.081209] IPVS: stopping backup sync thread 3890 ... [ 27.081901] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.082153] IPVS: stopping backup sync thread 3891 ... [ 27.210310] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.210559] IPVS: stopping backup sync thread 3897 ... [ 27.331130] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.333652] IPVS: stopping backup sync thread 3902 ... [ 27.370808] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.371788] IPVS: stopping backup sync thread 3907 ... [ 27.373054] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.373088] IPVS: stopping backup sync thread 3911 ... [ 27.410077] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.410943] IPVS: stopping backup sync thread 3915 ... [ 27.450667] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.451162] IPVS: stopping backup sync thread 3919 ... [ 27.480478] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.480982] IPVS: stopping backup sync thread 3924 ... [ 27.510472] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.511058] IPVS: stopping backup sync thread 3929 ... [ 27.539960] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.540222] IPVS: stopping backup sync thread 3934 ... [ 27.619945] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.620185] IPVS: stopping backup sync thread 3939 ... [ 27.690120] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.690381] IPVS: stopping backup sync thread 3943 ... [ 27.809962] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.818406] IPVS: stopping backup sync thread 3948 ... [ 27.930728] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 27.931680] IPVS: stopping backup sync thread 3953 ... [ 28.020679] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 28.021117] IPVS: stopping backup sync thread 3958 ... [ 28.081005] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 28.083679] IPVS: stopping backup sync thread 3964 ... [ 28.120715] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 28.120928] IPVS: stopping backup sync thread 3970 ... [ 28.121774] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 28.121916] IPVS: stopping backup sync thread 3972 ... [ 28.122251] [ 28.122253] ============================================= [ 28.122254] [ INFO: possible recursive locking detected ] [ 28.122259] 4.9.93-gf6bec4e #4 Not tainted [ 28.122261] --------------------------------------------- [ 28.122263] syz-executor3/3969 is trying to acquire lock: [ 28.122283] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 28.122284] but task is already holding lock: [ 28.122295] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 28.122296] other info that might help us debug this: [ 28.122298] Possible unsafe locking scenario: [ 28.122298] [ 28.122299] CPU0 [ 28.122300] ---- [ 28.122304] lock(rtnl_mutex); [ 28.122307] lock(rtnl_mutex); [ 28.122309] [ 28.122309] *** DEADLOCK *** [ 28.122309] [ 28.122310] May be due to missing lock nesting notation [ 28.122310] [ 28.122314] 2 locks held by syz-executor3/3969: [ 28.122325] #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 28.122338] #1: (ipvs->sync_mutex){+.+.+.}, at: [] do_ip_vs_set_ctl+0x90d/0xbd0 [ 28.122340] [ 28.122340] stack backtrace: [ 28.122346] CPU: 1 PID: 3969 Comm: syz-executor3 Not tainted 4.9.93-gf6bec4e #4 [ 28.122349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.122360] ffff8801d810f440 ffffffff81d9c299 ffffffff853730a0 ffffffff853730a0 [ 28.122369] ffffffff853730a0 ffff8801b5a6b8e0 214efaffe0b9d4e0 ffff8801d810f600 [ 28.122377] ffffffff814258cf ffffffff84c6ec60 ffffffff84fc55e0 ffffffff84c6ec64 [ 28.122379] Call Trace: [ 28.122388] [] dump_stack+0xc1/0x128 [ 28.122398] [] __lock_acquire.cold.59+0x166/0x5f8 [ 28.122407] [] ? debug_check_no_locks_freed+0x210/0x210 [ 28.122415] [] ? __lock_is_held+0xa2/0xf0 [ 28.122422] [] lock_acquire+0x130/0x3e0 [ 28.122428] [] ? rtnl_lock+0x17/0x20 [ 28.122435] [] ? rtnl_lock+0x17/0x20 [ 28.122444] [] mutex_lock_nested+0xc0/0x870 [ 28.122451] [] ? rtnl_lock+0x17/0x20 [ 28.122459] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 28.122466] [] ? qtaguid_untag+0x41a/0x620 [ 28.122473] [] ? mutex_trylock+0x3e0/0x3e0 [ 28.122480] [] ? _raw_spin_unlock_bh+0x30/0x40 [ 28.122486] [] ? qtaguid_untag+0x31e/0x620 [ 28.122493] [] ? __lock_is_held+0xa2/0xf0 [ 28.122500] [] rtnl_lock+0x17/0x20 [ 28.122508] [] ip_mc_drop_socket+0x8c/0x230 [ 28.122515] [] inet_release+0x5b/0x1d0 [ 28.122523] [] sock_release+0x96/0x1c0 [ 28.122530] [] start_sync_thread+0xa0e/0x1eb0 [ 28.122538] [] ? ip_vs_proc_sync_conn+0x952/0x952 [ 28.122549] [] ? ip_vs_sync_conn+0x2a90/0x2a90 [ 28.122556] [] ? mark_held_locks+0xc7/0x130 [ 28.122564] [] ? mutex_lock_nested+0x572/0x870 [ 28.122571] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 28.122578] [] ? mutex_lock_nested+0x596/0x870 [ 28.122584] [] ? do_ip_vs_set_ctl+0x90d/0xbd0 [ 28.122596] [] ? mutex_trylock+0x3e0/0x3e0 [ 28.122602] [] ? memcpy+0x45/0x50 [ 28.122609] [] do_ip_vs_set_ctl+0x91f/0xbd0 [ 28.122616] [] ? __lock_acquire+0x654/0x4080 [ 28.122631] [] ? ip_vs_genl_set_cmd+0x9c0/0x9c0 [ 28.122639] [] ? mutex_lock_nested+0x572/0x870 [ 28.122647] [] ? __mutex_unlock_slowpath+0x221/0x3c0 [ 28.122654] [] ? __ww_mutex_lock+0x14c0/0x14c0 [ 28.122662] [] ? check_preemption_disabled+0x3b/0x170 [ 28.122669] [] ? mutex_unlock+0x9/0x10 [ 28.122678] [] ? nf_sockopt_find.constprop.0+0x1b1/0x230 [ 28.122686] [] compat_nf_setsockopt+0x10d/0x130 [ 28.122694] [] compat_ip_setsockopt+0xa7/0xe0 [ 28.122700] [] compat_udp_setsockopt+0x4a/0x90 [ 28.122707] [] ? udp_lib_setsockopt+0x570/0x570 [ 28.122714] [] compat_ipv6_setsockopt+0xb4/0x1d0 [ 28.122721] [] compat_udpv6_setsockopt+0x4a/0x90 [ 28.122728] [] compat_sock_common_setsockopt+0xb4/0x150 [ 28.122734] [] ? udpv6_destroy_sock+0xd0/0xd0 [ 28.122744] [] compat_SyS_setsockopt+0x14c/0x2a0 [ 28.122750] [] ? sock_common_setsockopt+0xe0/0xe0 [ 28.122757] [] ? scm_detach_fds_compat+0x3b0/0x3b0 [ 28.122765] [] ? do_fast_syscall_32+0xcf/0x870 [ 28.122772] [] ? scm_detach_fds_compat+0x3b0/0x3b0 [ 28.122779] [] do_fast_syscall_32+0x2f7/0x870 [ 28.122785] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.122793] [] entry_SYSENTER_compat+0x90/0xa2