[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.976612] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.873525] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 24.342351] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 25.355047] random: sshd: uninitialized urandom read (32 bytes read, 118 bits of entropy available) [ 25.516501] random: sshd: uninitialized urandom read (32 bytes read, 122 bits of entropy available) Warning: Permanently added '10.128.10.41' (ECDSA) to the list of known hosts. [ 31.010469] random: sshd: uninitialized urandom read (32 bytes read, 127 bits of entropy available) 2018/04/20 13:53:08 parsed 1 programs 2018/04/20 13:53:08 executed programs: 0 [ 31.474957] IPVS: Creating netns size=2552 id=1 [ 31.528168] IPVS: Creating netns size=2552 id=2 [ 31.546309] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.554792] IPVS: stopping backup sync thread 3792 ... [ 31.562443] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.563019] IPVS: stopping backup sync thread 3796 ... [ 31.588571] IPVS: Creating netns size=2552 id=3 [ 31.632512] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.633250] IPVS: stopping backup sync thread 3806 ... [ 31.647390] IPVS: stopping backup sync thread 3809 ... [ 31.647412] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.664603] IPVS: Creating netns size=2552 id=4 [ 31.706919] IPVS: Creating netns size=2552 id=5 [ 31.725523] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.726239] IPVS: stopping backup sync thread 3818 ... [ 31.746152] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.754662] IPVS: stopping backup sync thread 3822 ... [ 31.769349] IPVS: stopping backup sync thread 3827 ... [ 31.770585] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.791010] IPVS: Creating netns size=2552 id=6 [ 31.808151] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.819163] IPVS: stopping backup sync thread 3836 ... [ 31.836606] IPVS: stopping backup sync thread 3843 ... [ 31.842583] IPVS: stopping backup sync thread 3845 ... [ 31.843144] [ 31.843146] ============================================= [ 31.843148] [ INFO: possible recursive locking detected ] [ 31.843152] 4.4.125-g38f41ec #21 Not tainted [ 31.843154] --------------------------------------------- [ 31.843157] syz-executor1/3825 is trying to acquire lock: [ 31.843175] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 31.843176] [ 31.843176] but task is already holding lock: [ 31.843186] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 31.843187] [ 31.843187] other info that might help us debug this: [ 31.843189] Possible unsafe locking scenario: [ 31.843189] [ 31.843190] CPU0 [ 31.843191] ---- [ 31.843194] lock(rtnl_mutex); [ 31.843197] lock(rtnl_mutex); [ 31.843199] [ 31.843199] *** DEADLOCK *** [ 31.843199] [ 31.843200] May be due to missing lock nesting notation [ 31.843200] [ 31.843203] 2 locks held by syz-executor1/3825: [ 31.843213] #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 31.843227] #1: (ipvs->sync_mutex){+.+.+.}, at: [] do_ip_vs_set_ctl+0x8d3/0xba0 [ 31.843229] [ 31.843229] stack backtrace: [ 31.843235] CPU: 0 PID: 3825 Comm: syz-executor1 Not tainted 4.4.125-g38f41ec #21 [ 31.843238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.843246] 0000000000000000 1062e7a5f57e1046 ffff8801c828f470 ffffffff81d067bd [ 31.843253] ffffffff85170f60 ffffffff85170f60 ffff8800ad173000 dffffc0000000000 [ 31.843260] ffff8800ad1738e0 ffff8801c828f620 ffffffff81238c40 ffffffff84a258a8 [ 31.843261] Call Trace: [ 31.843269] [] dump_stack+0xc1/0x124 [ 31.843277] [] __lock_acquire+0x1350/0x4b50 [ 31.843284] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 31.843291] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 31.843296] [] ? __lock_is_held+0xa1/0xf0 [ 31.843302] [] lock_acquire+0x15e/0x460 [ 31.843307] [] ? rtnl_lock+0x17/0x20 [ 31.843313] [] ? rtnl_lock+0x17/0x20 [ 31.843320] [] mutex_lock_nested+0xbb/0x850 [ 31.843325] [] ? rtnl_lock+0x17/0x20 [ 31.843333] [] ? qtaguid_untag+0x495/0x690 [ 31.843338] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 31.843344] [] ? _raw_spin_unlock_bh+0x30/0x40 [ 31.843350] [] ? qtaguid_untag+0x322/0x690 [ 31.843356] [] rtnl_lock+0x17/0x20 [ 31.843362] [] ip_mc_drop_socket+0x88/0x230 [ 31.843370] [] inet_release+0x5b/0x1d0 [ 31.843376] [] sock_release+0x8d/0x1e0 [ 31.843383] [] start_sync_thread+0x196a/0x1f50 [ 31.843389] [] ? _raw_spin_unlock_irq+0x38/0x50 [ 31.843396] [] ? finish_task_switch+0x1bb/0x660 [ 31.843402] [] ? ip_vs_proc_sync_conn+0xb10/0xb10 [ 31.843408] [] ? ip_vs_sync_conn+0x2980/0x2980 [ 31.843414] [] ? mark_held_locks+0xaf/0x100 [ 31.843419] [] ? mutex_lock_nested+0x5d4/0x850 [ 31.843425] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 31.843430] [] ? mutex_lock_nested+0x560/0x850 [ 31.843436] [] ? do_ip_vs_set_ctl+0x8d3/0xba0 [ 31.843441] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 31.843448] [] ? memcpy+0x45/0x50 [ 31.843459] [] do_ip_vs_set_ctl+0x8e5/0xba0 [ 31.843465] [] ? ip_vs_genl_set_cmd+0x9a0/0x9a0 [ 31.843471] [] ? mark_held_locks+0xaf/0x100 [ 31.843480] [] ? mutex_lock_nested+0x5d4/0x850 [ 31.843486] [] ? __mutex_unlock_slowpath+0x208/0x3b0 [ 31.843492] [] ? __ww_mutex_lock_interruptible+0x14d0/0x14d0 [ 31.843500] [] ? sock_has_perm+0x1c1/0x400 [ 31.843505] [] ? mutex_unlock+0x9/0x10 [ 31.843512] [] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 31.843518] [] compat_nf_setsockopt+0xfa/0x130 [ 31.843526] [] compat_ip_setsockopt+0x8b/0xd0 [ 31.843532] [] inet_csk_compat_setsockopt+0x95/0x120 [ 31.843538] [] ? ip_setsockopt+0xa0/0xa0 [ 31.843545] [] compat_tcp_setsockopt+0x3d/0x70 [ 31.843552] [] compat_sock_common_setsockopt+0xb2/0x140 [ 31.843558] [] ? tcp_setsockopt+0xd0/0xd0 [ 31.843566] [] compat_SyS_setsockopt+0x149/0x290 [ 31.843572] [] ? sock_common_setsockopt+0xd0/0xd0 [ 31.843578] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 31.843585] [] ? do_fast_syscall_32+0xd7/0x8a0 [ 31.843591] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 31.843596] [] do_fast_syscall_32+0x321/0x8a0 [ 31.843603] [] sysenter_flags_fixed+0xd/0x17 [ 31.843693] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.876584] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 32.347367] IPVS: Creating netns size=2552 id=7 [ 35.315620] random: nonblocking pool is initialized