INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts. syzkaller login: [ 35.133662] IPVS: ftp: loaded support on port[0] = 21 [ 35.134805] IPVS: ftp: loaded support on port[0] = 21 [ 35.143742] IPVS: ftp: loaded support on port[0] = 21 [ 35.147176] IPVS: ftp: loaded support on port[0] = 21 [ 35.151731] IPVS: ftp: loaded support on port[0] = 21 [ 35.157753] IPVS: ftp: loaded support on port[0] = 21 [ 35.163345] IPVS: ftp: loaded support on port[0] = 21 [ 35.167983] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program [ 35.274679] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 35.307628] IPVS: stopping backup sync thread 4479 ... [ 35.311606] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 executing program executing program executing program executing program executing program executing program [ 35.315710] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 35.332680] IPVS: stopping backup sync thread 4492 ... [ 35.333217] IPVS: stopping backup sync thread 4486 ... [ 35.341583] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 35.352052] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 35.352796] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 35.365670] IPVS: stopping backup sync thread 4504 ... executing program executing program [ 35.374451] [ 35.376069] ============================================ [ 35.377020] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 35.381494] WARNING: possible recursive locking detected [ 35.381501] 4.16.0+ #4 Not tainted [ 35.381502] -------------------------------------------- [ 35.381506] syzkaller154199/4500 is trying to acquire lock: [ 35.381510] 0000000004f10f56 ( [ 35.395833] IPVS: stopping backup sync thread 4505 ... [ 35.398775] rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 35.398797] [ 35.398797] but task is already holding lock: [ 35.409737] IPVS: stopping backup sync thread 4503 ... [ 35.409925] 0000000004f10f56 [ 35.414527] IPVS: stopping backup sync thread 4510 ... [ 35.418355] (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 35.418370] [ 35.418370] other info that might help us debug this: [ 35.418371] Possible unsafe locking scenario: [ 35.418371] [ 35.418373] CPU0 [ 35.418374] ---- [ 35.418375] lock(rtnl_mutex); [ 35.418378] lock(rtnl_mutex); [ 35.418383] [ 35.418383] *** DEADLOCK *** [ 35.418383] [ 35.418385] May be due to missing lock nesting notation [ 35.418385] [ 35.418389] 2 locks held by syzkaller154199/4500: [ 35.418395] #0: 0000000004f10f56 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 35.497811] #1: 00000000fe488caf (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30 [ 35.506460] [ 35.506460] stack backtrace: [ 35.510933] CPU: 0 PID: 4500 Comm: syzkaller154199 Not tainted 4.16.0+ #4 [ 35.517831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.527158] Call Trace: [ 35.529726] dump_stack+0x1b9/0x294 [ 35.533328] ? dump_stack_print_info.cold.2+0x52/0x52 [ 35.538495] ? print_lock+0xd1/0xd6 [ 35.542110] ? vprintk_func+0x81/0xe7 [ 35.545885] __lock_acquire.cold.62+0x18c/0x55b [ 35.550532] ? debug_check_no_locks_freed+0x310/0x310 [ 35.555698] ? __enqueue_entity+0x10d/0x1f0 [ 35.559994] ? __lock_is_held+0xb5/0x140 [ 35.564031] ? __lock_acquire+0x7f5/0x5140 [ 35.568241] ? update_curr+0x332/0xbe0 [ 35.572117] ? debug_check_no_locks_freed+0x310/0x310 [ 35.577287] ? select_idle_sibling+0xd70/0xd70 [ 35.581844] ? lock_downgrade+0x8e0/0x8e0 [ 35.585967] ? graph_lock+0x170/0x170 [ 35.589746] ? kasan_check_read+0x11/0x20 [ 35.593869] ? graph_lock+0x170/0x170 [ 35.597646] ? graph_lock+0x170/0x170 [ 35.601426] lock_acquire+0x1dc/0x520 [ 35.605212] ? rtnl_lock+0x17/0x20 [ 35.608728] ? lock_release+0xa10/0xa10 [ 35.612678] ? check_same_owner+0x320/0x320 [ 35.616974] ? graph_lock+0x170/0x170 [ 35.620750] ? rcu_note_context_switch+0x710/0x710 [ 35.625654] ? __might_sleep+0x95/0x190 [ 35.629603] ? rtnl_lock+0x17/0x20 [ 35.633117] __mutex_lock+0x16d/0x17f0 [ 35.636981] ? rtnl_lock+0x17/0x20 [ 35.640971] ? rtnl_lock+0x17/0x20 [ 35.644490] ? mutex_trylock+0x2a0/0x2a0 [ 35.648527] ? mark_held_locks+0xc9/0x160 [ 35.652650] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 35.657209] ? _raw_spin_unlock_irq+0x27/0x70 [ 35.661681] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 35.666674] ? trace_hardirqs_on+0xd/0x10 [ 35.670796] ? _raw_spin_unlock_irq+0x27/0x70 [ 35.675271] ? wait_for_completion_killable+0x56c/0x960 [ 35.680613] ? wait_for_completion_interruptible_timeout+0x960/0x960 [ 35.687090] ? lock_downgrade+0x8e0/0x8e0 [ 35.691218] ? kasan_check_read+0x11/0x20 [ 35.695339] ? do_raw_spin_unlock+0x9e/0x2e0 [ 35.699732] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 35.704292] ? wake_up_q+0x100/0x100 [ 35.707990] ? kasan_check_write+0x14/0x20 [ 35.712212] ? do_raw_spin_lock+0xc1/0x200 [ 35.716429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.721943] ? __kthread_create_on_node+0x34f/0x4c0 [ 35.726934] ? __kthread_parkme+0x280/0x280 [ 35.731239] ? kasan_check_read+0x11/0x20 [ 35.735371] ? do_raw_spin_unlock+0x9e/0x2e0 [ 35.739757] ? __lock_is_held+0xb5/0x140 [ 35.743793] mutex_lock_nested+0x16/0x20 [ 35.747840] ? mutex_lock_nested+0x16/0x20 [ 35.752052] rtnl_lock+0x17/0x20 [ 35.755397] ip_mc_drop_socket+0x8f/0x270 [ 35.759522] inet_release+0x4e/0x1f0 [ 35.763213] sock_release+0x96/0x1b0 [ 35.766904] start_sync_thread+0xdc3/0x2d40 [ 35.771208] ? __lock_acquire+0x7f5/0x5140 [ 35.775420] ? ip_vs_process_message+0xa0a/0xa0a [ 35.780154] ? ip_vs_sync_conn+0x33a0/0x33a0 [ 35.784537] ? graph_lock+0x170/0x170 [ 35.788320] ? lock_downgrade+0x8e0/0x8e0 [ 35.792444] ? lock_downgrade+0x8e0/0x8e0 [ 35.796567] ? kasan_check_read+0x11/0x20 [ 35.800689] ? do_raw_spin_unlock+0x9e/0x2e0 [ 35.805079] ? __local_bh_enable_ip+0x161/0x230 [ 35.809724] ? find_held_lock+0x36/0x1c0 [ 35.813761] ? lock_downgrade+0x8e0/0x8e0 [ 35.817896] ? lock_release+0xa10/0xa10 [ 35.821855] ? check_same_owner+0x320/0x320 [ 35.826158] ? module_unload_free+0x5b0/0x5b0 [ 35.830642] do_ip_vs_set_ctl+0x59c/0x1d30 [ 35.834851] ? find_held_lock+0x36/0x1c0 [ 35.838886] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 35.843359] ? lock_downgrade+0x8e0/0x8e0 [ 35.847484] ? kasan_check_read+0x11/0x20 [ 35.851617] ? rcu_is_watching+0x85/0x140 [ 35.855751] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 35.860917] ? kasan_check_write+0x14/0x20 [ 35.865140] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 35.870046] ? wait_for_completion+0x870/0x870 [ 35.874606] ? module_unload_free+0x5b0/0x5b0 [ 35.879074] ? find_held_lock+0x36/0x1c0 [ 35.883114] ? mutex_unlock+0xd/0x10 [ 35.886803] nf_setsockopt+0x7d/0xd0 [ 35.890499] ? nf_setsockopt+0x7d/0xd0 [ 35.894365] ip_setsockopt+0xd8/0xf0 [ 35.898065] tcp_setsockopt+0x93/0xe0 [ 35.901856] sock_common_setsockopt+0x9a/0xe0 [ 35.906326] __sys_setsockopt+0x1bd/0x390 [ 35.910451] ? kernel_accept+0x310/0x310 [ 35.914490] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.920003] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 35.924830] SyS_setsockopt+0x34/0x50 [ 35.928604] ? SyS_recv+0x40/0x40 [ 35.932033] do_syscall_64+0x29e/0x9d0 [ 35.935894] ? vmalloc_sync_all+0x30/0x30 [ 35.940016] ? _raw_spin_unlock_irq+0x27/0x70 [ 35.944485] ? finish_task_switch+0x1ca/0x810 [ 35.948956] ? syscall_return_slowpath+0x5c0/0x5c0 [ 35.953861] ? syscall_return_slowpath+0x30f/0x5c0 [ 35.958768] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 35.964123] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.968943] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 35.974106] RIP: 0033:0x447619 [ 35.977270] RSP: 002b:00007f79e3fafdb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 35.984953] RAX: ffffffffffffffda RBX: 00000000006e39e4 RCX: 0000000000447619 [ 35.992214] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000003 [ 35.999461] RBP: 00000000006e39e0 R08: 0000000000000018 R09: 0000000000000000 [ 36.006709] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000 [ 36.013954] R13: 00007fffd6094f5f R14: 00007f79e3fb09c0 R15: 0000000000002710