INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.3' (ECDSA) to the list of known hosts. syzkaller login: [ 29.770981] IPVS: ftp: loaded support on port[0] = 21 [ 29.773196] IPVS: ftp: loaded support on port[0] = 21 [ 29.784144] IPVS: ftp: loaded support on port[0] = 21 [ 29.784449] IPVS: ftp: loaded support on port[0] = 21 [ 29.791050] IPVS: ftp: loaded support on port[0] = 21 [ 29.798451] IPVS: ftp: loaded support on port[0] = 21 [ 29.802757] IPVS: ftp: loaded support on port[0] = 21 [ 29.807459] IPVS: ftp: loaded support on port[0] = 21 [ 29.919873] IPVS: stopping backup sync thread 4512 ... [ 29.944882] IPVS: stopping backup sync thread 4520 ... [ 29.949850] IPVS: stopping backup sync thread 4527 ... [ 29.956180] IPVS: stopping backup sync thread 4530 ... [ 29.963716] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.963774] IPVS: stopping backup sync thread 4531 ... [ 29.972627] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.982258] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.986393] IPVS: stopping backup sync thread 4534 ... [ 29.995266] IPVS: stopping backup sync thread 4537 ... [ 30.004193] IPVS: stopping backup sync thread 4539 ... [ 30.006550] IPVS: stopping backup sync thread 4544 ... [ 30.011819] [ 30.017798] ============================================ [ 30.023218] WARNING: possible recursive locking detected [ 30.028643] 4.16.0+ #2 Not tainted [ 30.032156] -------------------------------------------- [ 30.037581] syzkaller006243/4519 is trying to acquire lock: [ 30.043263] 0000000091b818eb (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.050088] [ 30.050088] but task is already holding lock: [ 30.056029] 0000000091b818eb (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.062852] [ 30.062852] other info that might help us debug this: [ 30.069504] Possible unsafe locking scenario: [ 30.069504] [ 30.075532] CPU0 [ 30.078086] ---- [ 30.080636] lock(rtnl_mutex); [ 30.083884] lock(rtnl_mutex); [ 30.087136] [ 30.087136] *** DEADLOCK *** [ 30.087136] [ 30.093168] May be due to missing lock nesting notation [ 30.093168] [ 30.100075] 2 locks held by syzkaller006243/4519: [ 30.104884] #0: 0000000091b818eb (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 30.112142] #1: 00000000712d8334 (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30 [ 30.120788] [ 30.120788] stack backtrace: [ 30.125258] CPU: 1 PID: 4519 Comm: syzkaller006243 Not tainted 4.16.0+ #2 [ 30.132151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.141476] Call Trace: [ 30.144043] dump_stack+0x1b9/0x294 [ 30.147641] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.152805] ? print_lock+0xd1/0xd6 [ 30.156404] ? vprintk_func+0x81/0xe7 [ 30.160180] __lock_acquire.cold.62+0x18c/0x55b [ 30.164827] ? debug_check_no_locks_freed+0x310/0x310 [ 30.169994] ? account_kernel_stack+0x2bd/0x410 [ 30.174642] ? trace_hardirqs_on+0xd/0x10 [ 30.178763] ? put_task_stack+0x188/0x2c0 [ 30.182884] ? __lock_acquire+0x7f5/0x5130 [ 30.187093] ? copy_overflow+0x20/0x20 [ 30.190953] ? debug_check_no_locks_freed+0x310/0x310 [ 30.196116] ? __schedule+0x809/0x1e30 [ 30.199983] ? graph_lock+0x170/0x170 [ 30.203761] ? graph_lock+0x170/0x170 [ 30.207536] ? graph_lock+0x170/0x170 [ 30.211315] lock_acquire+0x1dc/0x520 [ 30.215096] ? rtnl_lock+0x17/0x20 [ 30.218616] ? lock_release+0xa10/0xa10 [ 30.222565] ? check_same_owner+0x320/0x320 [ 30.226860] ? schedule+0xef/0x430 [ 30.230377] ? rcu_note_context_switch+0x710/0x710 [ 30.235278] ? __schedule+0x1e30/0x1e30 [ 30.239227] ? __might_sleep+0x95/0x190 [ 30.243178] ? rtnl_lock+0x17/0x20 [ 30.246700] __mutex_lock+0x16d/0x17f0 [ 30.250564] ? rtnl_lock+0x17/0x20 [ 30.254081] ? rtnl_lock+0x17/0x20 [ 30.257596] ? mutex_trylock+0x2a0/0x2a0 [ 30.261640] ? mark_held_locks+0xc9/0x160 [ 30.265766] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.270321] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.274787] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.279774] ? trace_hardirqs_on+0xd/0x10 [ 30.283893] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.288363] ? wait_for_completion_killable+0x56c/0x960 [ 30.293706] ? wait_for_completion_interruptible_timeout+0x960/0x960 [ 30.300351] ? lock_downgrade+0x8e0/0x8e0 [ 30.304477] ? kasan_check_read+0x11/0x20 [ 30.308597] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.312991] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.317548] ? wake_up_q+0x100/0x100 [ 30.321233] ? kasan_check_write+0x14/0x20 [ 30.325441] ? do_raw_spin_lock+0xc1/0x200 [ 30.329650] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.335158] ? __kthread_create_on_node+0x34f/0x4c0 [ 30.340147] ? __kthread_parkme+0x280/0x280 [ 30.344445] ? __lock_is_held+0xb5/0x140 [ 30.348481] mutex_lock_nested+0x16/0x20 [ 30.352515] ? mutex_lock_nested+0x16/0x20 [ 30.356723] rtnl_lock+0x17/0x20 [ 30.360073] ip_mc_drop_socket+0x8f/0x270 [ 30.364195] inet_release+0x4e/0x1f0 [ 30.367882] sock_release+0x96/0x1b0 [ 30.371570] start_sync_thread+0xdc3/0x2d40 [ 30.375862] ? ip_vs_process_message+0xa0a/0xa0a [ 30.380590] ? ip_vs_sync_conn+0x33a0/0x33a0 [ 30.384976] ? graph_lock+0x170/0x170 [ 30.388747] ? lock_downgrade+0x8e0/0x8e0 [ 30.392867] ? kasan_check_read+0x11/0x20 [ 30.396989] ? do_raw_spin_unlock+0x9e/0x2e0 [ 30.401369] ? find_held_lock+0x36/0x1c0 [ 30.405402] ? lock_downgrade+0x8e0/0x8e0 [ 30.409530] ? __release_sock+0x3a0/0x3a0 [ 30.413651] ? lock_release+0xa10/0xa10 [ 30.417597] ? check_same_owner+0x320/0x320 [ 30.421894] ? module_unload_free+0x5b0/0x5b0 [ 30.426366] do_ip_vs_set_ctl+0x59c/0x1d30 [ 30.430575] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.435042] ? lock_downgrade+0x8e0/0x8e0 [ 30.439162] ? kasan_check_read+0x11/0x20 [ 30.443281] ? rcu_is_watching+0x85/0x140 [ 30.447401] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 30.452565] ? kasan_check_write+0x14/0x20 [ 30.456775] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 30.461679] ? wait_for_completion+0x870/0x870 [ 30.466235] ? graph_lock+0x170/0x170 [ 30.470009] ? module_unload_free+0x5b0/0x5b0 [ 30.474475] ? find_held_lock+0x36/0x1c0 [ 30.478512] nf_setsockopt+0x7d/0xd0 [ 30.482200] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 30.486665] ? nf_setsockopt+0x7d/0xd0 [ 30.490528] ip_setsockopt+0xd8/0xf0 [ 30.494214] udp_setsockopt+0x62/0xa0 [ 30.497988] sock_common_setsockopt+0x9a/0xe0 [ 30.502459] __sys_setsockopt+0x1bd/0x390 [ 30.506580] ? kernel_accept+0x310/0x310 [ 30.510614] ? mm_fault_error+0x380/0x380 [ 30.514737] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 30.519291] SyS_setsockopt+0x34/0x50 [ 30.523285] ? SyS_recv+0x40/0x40 [ 30.526758] do_syscall_64+0x29e/0x9d0 [ 30.530698] ? vmalloc_sync_all+0x30/0x30 [ 30.534817] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.539286] ? finish_task_switch+0x1ca/0x810 [ 30.543753] ? syscall_return_slowpath+0x5c0/0x5c0 [ 30.548654] ? syscall_return_slowpath+0x30f/0x5c0 [ 30.553557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.559068] ? retint_user+0x18/0x18 [ 30.562768] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.567587] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.572748] RIP: 0033:0x44a729 [ 30.575912] RSP: 002b:00007fdcbf8fdda8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 30.583601] RAX: ffffffffffffffda RBX: 00000000006e29e4 RCX: 000000000044a729 [ 30.590847] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000004 [ 30.598698] RBP: 0000000000000000 R08: 0000000000000018 R09: 0000000000000000 [ 30.605946] R10: 0000000020000040 R11: 0000000000000246 R12: 00000000006e29e0 [ 30.613191] R13: 6e69622f7665642f R14: 1100000000000000 R15: 00000000006e2b60