INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.22' (ECDSA) to the list of known hosts. 2018/04/13 02:07:47 parsed 1 programs 2018/04/13 02:07:47 executed programs: 0 syzkaller login: [ 29.327243] IPVS: ftp: loaded support on port[0] = 21 [ 29.337013] IPVS: ftp: loaded support on port[0] = 21 [ 29.345167] IPVS: ftp: loaded support on port[0] = 21 [ 29.368038] IPVS: ftp: loaded support on port[0] = 21 [ 29.383268] IPVS: ftp: loaded support on port[0] = 21 [ 29.419057] IPVS: ftp: loaded support on port[0] = 21 [ 29.436682] IPVS: ftp: loaded support on port[0] = 21 [ 29.467357] IPVS: ftp: loaded support on port[0] = 21 [ 29.546482] IPVS: stopping backup sync thread 4503 ... [ 29.557516] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 29.591376] IPVS: stopping backup sync thread 4512 ... [ 29.608810] IPVS: stopping backup sync thread 4505 ... [ 29.614758] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 29.627101] IPVS: stopping backup sync thread 4519 ... [ 29.629256] IPVS: stopping backup sync thread 4520 ... [ 29.670540] IPVS: stopping backup sync thread 4534 ... [ 29.678078] IPVS: stopping backup sync thread 4517 ... [ 29.679605] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 29.683631] [ 29.693311] ============================================ [ 29.698746] WARNING: possible recursive locking detected [ 29.704184] 4.16.0+ #1 Not tainted [ 29.707710] -------------------------------------------- [ 29.713152] syz-executor6/4521 is trying to acquire lock: [ 29.717837] IPVS: stopping backup sync thread 4540 ... [ 29.718672] 00000000e8900807 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 29.718700] [ 29.718700] but task is already holding lock: [ 29.718703] 00000000e8900807 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 29.743553] [ 29.743553] other info that might help us debug this: [ 29.750193] Possible unsafe locking scenario: [ 29.750193] [ 29.756227] CPU0 [ 29.758786] ---- [ 29.761347] lock(rtnl_mutex); [ 29.764603] lock(rtnl_mutex); [ 29.767858] [ 29.767858] *** DEADLOCK *** [ 29.767858] [ 29.773898] May be due to missing lock nesting notation [ 29.773898] [ 29.780799] 2 locks held by syz-executor6/4521: [ 29.785441] #0: 00000000e8900807 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 29.792709] #1: 00000000b023f7ad (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30 [ 29.801402] [ 29.801402] stack backtrace: [ 29.805876] CPU: 0 PID: 4521 Comm: syz-executor6 Not tainted 4.16.0+ #1 [ 29.812600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.821926] Call Trace: [ 29.824492] dump_stack+0x1b9/0x29f [ 29.828097] ? arch_local_irq_restore+0x52/0x52 [ 29.832743] ? print_lock+0xd1/0xd6 [ 29.836346] ? vprintk_func+0x81/0xe7 [ 29.840133] __lock_acquire.cold.62+0x18c/0x55b [ 29.844791] ? debug_check_no_locks_freed+0x310/0x310 [ 29.849963] ? __enqueue_entity+0x10d/0x1f0 [ 29.854261] ? __lock_is_held+0xb5/0x140 [ 29.858299] ? __lock_acquire+0x7f5/0x5130 [ 29.862516] ? update_curr+0x332/0xbf0 [ 29.866384] ? debug_check_no_locks_freed+0x310/0x310 [ 29.871553] ? select_idle_sibling+0xd80/0xd80 [ 29.876113] ? lock_downgrade+0x8e0/0x8e0 [ 29.880243] ? graph_lock+0x170/0x170 [ 29.884026] ? kasan_check_read+0x11/0x20 [ 29.888153] ? graph_lock+0x170/0x170 [ 29.891931] ? graph_lock+0x170/0x170 [ 29.895710] lock_acquire+0x1dc/0x520 [ 29.899486] ? rtnl_lock+0x17/0x20 [ 29.903011] ? lock_release+0xa10/0xa10 [ 29.906970] ? check_same_owner+0x320/0x320 [ 29.911267] ? graph_lock+0x170/0x170 [ 29.915051] ? rcu_note_context_switch+0x710/0x710 [ 29.919962] ? __might_sleep+0x95/0x190 [ 29.923911] ? rtnl_lock+0x17/0x20 [ 29.927427] __mutex_lock+0x16d/0x17f0 [ 29.931298] ? rtnl_lock+0x17/0x20 [ 29.934820] ? rtnl_lock+0x17/0x20 [ 29.938340] ? mutex_trylock+0x2a0/0x2a0 [ 29.942377] ? mark_held_locks+0xc9/0x160 [ 29.946501] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 29.951065] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.955537] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.960535] ? trace_hardirqs_on+0xd/0x10 [ 29.964673] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.969158] ? wait_for_completion_killable+0x56c/0x960 [ 29.974501] ? wait_for_completion_interruptible_timeout+0x960/0x960 [ 29.980970] ? lock_downgrade+0x8e0/0x8e0 [ 29.985096] ? kasan_check_read+0x11/0x20 [ 29.989220] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.002382] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.006941] ? wake_up_q+0x100/0x100 [ 30.010651] ? kasan_check_write+0x14/0x20 [ 30.014870] ? do_raw_spin_lock+0xc1/0x200 [ 30.019088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.024615] ? __kthread_create_on_node+0x34f/0x4c0 [ 30.029614] ? __kthread_parkme+0x280/0x280 [ 30.033914] ? kasan_check_read+0x11/0x20 [ 30.038039] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.042428] ? __lock_is_held+0xb5/0x140 [ 30.046470] mutex_lock_nested+0x16/0x20 [ 30.050508] ? mutex_lock_nested+0x16/0x20 [ 30.054718] rtnl_lock+0x17/0x20 [ 30.058070] ip_mc_drop_socket+0x8f/0x270 [ 30.062196] inet_release+0x4e/0x1f0 [ 30.065889] sock_release+0x96/0x1b0 [ 30.069579] start_sync_thread+0xdc3/0x2d40 [ 30.073877] ? ip_vs_process_message+0xa0a/0xa0a [ 30.078608] ? ip_vs_sync_conn+0x33a0/0x33a0 [ 30.082994] ? graph_lock+0x170/0x170 [ 30.086774] ? lock_downgrade+0x8e0/0x8e0 [ 30.090900] ? kasan_check_read+0x11/0x20 [ 30.095038] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.099430] ? find_held_lock+0x36/0x1c0 [ 30.103471] ? lock_downgrade+0x8e0/0x8e0 [ 30.107595] ? __release_sock+0x3a0/0x3a0 [ 30.111719] ? lock_release+0xa10/0xa10 [ 30.115672] ? check_same_owner+0x320/0x320 [ 30.119976] ? module_unload_free+0x5b0/0x5b0 [ 30.124469] do_ip_vs_set_ctl+0x59c/0x1d30 [ 30.128683] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.133155] ? lock_downgrade+0x8e0/0x8e0 [ 30.137290] ? kasan_check_read+0x11/0x20 [ 30.141423] ? rcu_is_watching+0x85/0x140 [ 30.145546] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 30.150721] ? kasan_check_write+0x14/0x20 [ 30.154934] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 30.159843] ? wait_for_completion+0x870/0x870 [ 30.164410] ? module_unload_free+0x5b0/0x5b0 [ 30.168889] nf_setsockopt+0x7d/0xd0 [ 30.172582] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.177052] ? nf_setsockopt+0x7d/0xd0 [ 30.180916] ip_setsockopt+0xd8/0xf0 [ 30.184606] udp_setsockopt+0x62/0xa0 [ 30.188383] sock_common_setsockopt+0x9a/0xe0 [ 30.192854] __sys_setsockopt+0x1bd/0x390 [ 30.196988] ? kernel_accept+0x310/0x310 [ 30.201035] ? lock_downgrade+0x8e0/0x8e0 [ 30.205164] ? kasan_check_read+0x11/0x20 [ 30.209297] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.213681] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.218248] SyS_setsockopt+0x34/0x50 [ 30.222035] ? SyS_recv+0x40/0x40 [ 30.225472] do_syscall_64+0x29e/0x9d0 [ 30.229337] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.233806] ? finish_task_switch+0x1ca/0x820 [ 30.238285] ? syscall_return_slowpath+0x5c0/0x5c0 [ 30.243204] ? syscall_return_slowpath+0x30f/0x5c0 [ 30.248122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.253655] ? retint_user+0x18/0x18 [ 30.257358] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.262185] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.267359] RIP: 0033:0x455279 [ 30.270524] RSP: 002b:00007f9591b9ec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 30.278206] RAX: ffffffffffffffda RBX: 00007f9591b9f6d4 RCX: 0000000000455279 [ 30.285457] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000004 [ 30.292703] RBP: 000000000072bf58 R08: 0000000000000018 R09: 0000000000000000 [ 30.299948] R10: 0000000020000000 R11: 0000000000000246 R12: 00000000ffffffff [ 30.307195] R13: 0000000000000520 R14: 00000000006faba0 R15: 0000000000000001