INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.23' (ECDSA) to the list of known hosts. syzkaller login: [ 29.840958] IPVS: ftp: loaded support on port[0] = 21 [ 29.850912] IPVS: ftp: loaded support on port[0] = 21 [ 29.860843] IPVS: ftp: loaded support on port[0] = 21 [ 29.866692] IPVS: ftp: loaded support on port[0] = 21 [ 29.872376] IPVS: ftp: loaded support on port[0] = 21 [ 29.879336] IPVS: ftp: loaded support on port[0] = 21 [ 29.882480] IPVS: ftp: loaded support on port[0] = 21 [ 29.893819] IPVS: ftp: loaded support on port[0] = 21 [ 29.949633] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 29.969712] IPVS: stopping backup sync thread 4514 ... [ 30.011674] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.020861] IPVS: stopping backup sync thread 4525 ... [ 30.027277] [ 30.028889] ============================================ [ 30.030047] IPVS: stopping backup sync thread 4531 ... [ 30.034306] WARNING: possible recursive locking detected [ 30.034312] 4.16.0+ #16 Not tainted [ 30.034313] -------------------------------------------- [ 30.034317] syzkaller843868/4521 is trying to acquire lock: [ 30.034320] 000000008c1ad75a (rtnl_mutex [ 30.040350] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 30.045013] ){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.045028] [ 30.045028] but task is already holding lock: [ 30.045029] 000000008c1ad75a (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.045040] [ 30.045040] other info that might help us debug this: [ 30.045042] Possible unsafe locking scenario: [ 30.045042] [ 30.045044] CPU0 [ 30.045045] ---- [ 30.045046] lock(rtnl_mutex); [ 30.045050] lock(rtnl_mutex); [ 30.045053] [ 30.045053] *** DEADLOCK *** [ 30.045053] [ 30.045060] May be due to missing lock nesting notation [ 30.045060] [ 30.126380] 2 locks held by syzkaller843868/4521: [ 30.131322] #0: 000000008c1ad75a (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.138596] #1: 00000000d4e26ba4 (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30 [ 30.147254] [ 30.147254] stack backtrace: [ 30.151729] CPU: 1 PID: 4521 Comm: syzkaller843868 Not tainted 4.16.0+ #16 [ 30.158713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.168038] Call Trace: [ 30.170607] dump_stack+0x1b9/0x294 [ 30.174209] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.179376] ? print_lock+0xd1/0xd6 [ 30.182979] ? vprintk_func+0x81/0xe7 [ 30.186754] __lock_acquire.cold.62+0x18c/0x55b [ 30.191397] ? debug_check_no_locks_freed+0x310/0x310 [ 30.196560] ? __enqueue_entity+0x10d/0x1f0 [ 30.200854] ? __lock_is_held+0xb5/0x140 [ 30.204899] ? __lock_acquire+0x7f5/0x5130 [ 30.209135] ? select_idle_sibling+0xd80/0xd80 [ 30.213694] ? lock_downgrade+0x8e0/0x8e0 [ 30.217819] ? graph_lock+0x170/0x170 [ 30.221601] ? kasan_check_read+0x11/0x20 [ 30.225740] ? graph_lock+0x170/0x170 [ 30.229530] ? graph_lock+0x170/0x170 [ 30.233357] lock_acquire+0x1dc/0x520 [ 30.237135] ? rtnl_lock+0x17/0x20 [ 30.240659] ? lock_release+0xa10/0xa10 [ 30.244614] ? check_same_owner+0x320/0x320 [ 30.248910] ? graph_lock+0x170/0x170 [ 30.252688] ? rcu_note_context_switch+0x710/0x710 [ 30.257593] ? __might_sleep+0x95/0x190 [ 30.261543] ? rtnl_lock+0x17/0x20 [ 30.265060] __mutex_lock+0x16d/0x17f0 [ 30.268922] ? rtnl_lock+0x17/0x20 [ 30.272438] ? rtnl_lock+0x17/0x20 [ 30.275957] ? mutex_trylock+0x2a0/0x2a0 [ 30.279994] ? mark_held_locks+0xc9/0x160 [ 30.284121] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.288684] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.293153] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.298147] ? trace_hardirqs_on+0xd/0x10 [ 30.302271] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.306745] ? wait_for_completion_killable+0x56c/0x960 [ 30.312083] ? wait_for_completion_interruptible_timeout+0x960/0x960 [ 30.318549] ? lock_downgrade+0x8e0/0x8e0 [ 30.322686] ? kasan_check_read+0x11/0x20 [ 30.326819] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.331211] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.335777] ? wake_up_q+0x100/0x100 [ 30.339468] ? kasan_check_write+0x14/0x20 [ 30.343683] ? do_raw_spin_lock+0xc1/0x200 [ 30.347906] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.353420] ? __kthread_create_on_node+0x34f/0x4c0 [ 30.358412] ? __kthread_parkme+0x280/0x280 [ 30.362706] ? kasan_check_read+0x11/0x20 [ 30.366836] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.371224] ? __lock_is_held+0xb5/0x140 [ 30.375257] mutex_lock_nested+0x16/0x20 [ 30.379294] ? mutex_lock_nested+0x16/0x20 [ 30.383508] rtnl_lock+0x17/0x20 [ 30.386852] ip_mc_drop_socket+0x8f/0x270 [ 30.390975] inet_release+0x4e/0x1f0 [ 30.394665] sock_release+0x96/0x1b0 [ 30.398355] start_sync_thread+0xdc3/0x2d40 [ 30.402755] ? ip_vs_process_message+0xa0a/0xa0a [ 30.407486] ? ip_vs_sync_conn+0x33a0/0x33a0 [ 30.411875] ? graph_lock+0x170/0x170 [ 30.415647] ? lock_downgrade+0x8e0/0x8e0 [ 30.419770] ? kasan_check_read+0x11/0x20 [ 30.423890] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.428283] ? find_held_lock+0x36/0x1c0 [ 30.432335] ? lock_downgrade+0x8e0/0x8e0 [ 30.436469] ? __release_sock+0x3a0/0x3a0 [ 30.440594] ? lock_release+0xa10/0xa10 [ 30.444545] ? check_same_owner+0x320/0x320 [ 30.448841] ? module_unload_free+0x5b0/0x5b0 [ 30.453315] do_ip_vs_set_ctl+0x59c/0x1d30 [ 30.457523] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.461990] ? lock_downgrade+0x8e0/0x8e0 [ 30.466110] ? lock_downgrade+0x8e0/0x8e0 [ 30.470243] ? kasan_check_read+0x11/0x20 [ 30.474364] ? rcu_is_watching+0x85/0x140 [ 30.478485] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 30.483647] ? kasan_check_write+0x14/0x20 [ 30.487856] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 30.492759] ? wait_for_completion+0x870/0x870 [ 30.497313] ? module_unload_free+0x5b0/0x5b0 [ 30.501784] ? expand_files.part.8+0x9a0/0x9a0 [ 30.506337] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 30.511065] ? m_show+0x5d0/0x5d0 [ 30.514494] ? graph_lock+0x170/0x170 [ 30.518272] nf_setsockopt+0x7d/0xd0 [ 30.521963] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.526434] ? nf_setsockopt+0x7d/0xd0 [ 30.530304] ip_setsockopt+0xd8/0xf0 [ 30.533996] udp_setsockopt+0x62/0xa0 [ 30.537785] ipv6_setsockopt+0x149/0x170 [ 30.541828] udpv6_setsockopt+0x62/0xa0 [ 30.545780] sock_common_setsockopt+0x9a/0xe0 [ 30.550257] __sys_setsockopt+0x1bd/0x390 [ 30.554417] ? kernel_accept+0x310/0x310 [ 30.558450] ? do_futex+0x27d0/0x27d0 [ 30.562225] ? mm_fault_error+0x380/0x380 [ 30.566349] SyS_setsockopt+0x34/0x50 [ 30.570130] ? SyS_recv+0x40/0x40 [ 30.573733] do_syscall_64+0x29e/0x9d0 [ 30.577593] ? vmalloc_sync_all+0x30/0x30 [ 30.581713] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.586183] ? finish_task_switch+0x1ca/0x820 [ 30.590651] ? syscall_return_slowpath+0x5c0/0x5c0 [ 30.595555] ? syscall_return_slowpath+0x30f/0x5c0 [ 30.600460] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 30.605795] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.610613] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.615775] RIP: 0033:0x447a39 [ 30.618939] RSP: 002b:00007f54b8597db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 30.626630] RAX: ffffffffffffffda RBX: 00000000006e39e4 RCX: 0000000000447a39 [ 30.633880] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000004 [ 30.641130] RBP: 00000000006e39e0 R08: 0000000000000018 R09: 0000000000000000 [ 30.648377] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000000 [ 30.655625] R13: 00007ffd482e0d9f R14: 00007f54b85989c0 R15: 0000000000000001 [ 30.666244] IPVS: stopping backup sync thread 4528 ...