INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.62' (ECDSA) to the list of known hosts. syzkaller login: [ 31.227883] IPVS: ftp: loaded support on port[0] = 21 [ 31.231253] IPVS: ftp: loaded support on port[0] = 21 [ 31.238875] IPVS: ftp: loaded support on port[0] = 21 [ 31.242691] IPVS: ftp: loaded support on port[0] = 21 [ 31.248681] IPVS: ftp: loaded support on port[0] = 21 [ 31.250516] IPVS: ftp: loaded support on port[0] = 21 [ 31.254640] IPVS: ftp: loaded support on port[0] = 21 [ 31.261089] IPVS: ftp: loaded support on port[0] = 21 [ 31.407340] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.414400] IPVS: stopping backup sync thread 4537 ... [ 31.431592] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.431687] IPVS: stopping backup sync thread 4539 ... [ 31.476278] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.484972] IPVS: stopping backup sync thread 4547 ... [ 31.495135] IPVS: stopping backup sync thread 4551 ... [ 31.503472] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.511147] IPVS: stopping backup sync thread 4562 ... [ 31.516899] IPVS: stopping backup sync thread 4565 ... [ 31.526319] IPVS: stopping backup sync thread 4569 ... [ 31.534485] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.536229] IPVS: stopping backup sync thread 4574 ... [ 31.546784] IPVS: stopping backup sync thread 4577 ... [ 31.560154] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.560510] IPVS: stopping backup sync thread 4581 ... [ 31.571536] IPVS: stopping backup sync thread 4585 ... [ 31.577645] IPVS: stopping backup sync thread 4587 ... [ 31.581757] IPVS: stopping backup sync thread 4558 ... [ 31.591775] IPVS: stopping backup sync thread 4589 ... [ 31.599347] IPVS: stopping backup sync thread 4591 ... [ 31.611774] IPVS: stopping backup sync thread 4598 ... [ 31.619916] IPVS: stopping backup sync thread 4602 ... [ 31.644128] IPVS: stopping backup sync thread 4613 ... [ 31.645672] IPVS: stopping backup sync thread 4617 ... [ 31.656290] IPVS: stopping backup sync thread 4618 ... [ 31.660011] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.671681] IPVS: stopping backup sync thread 4621 ... [ 31.672250] IPVS: stopping backup sync thread 4620 ... [ 31.682654] IPVS: stopping backup sync thread 4627 ... [ 31.696714] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.706668] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 31.714368] IPVS: stopping backup sync thread 4641 ... [ 31.717887] [ 31.721979] ============================================ [ 31.727413] WARNING: possible recursive locking detected [ 31.732934] 4.16.0+ #19 Not tainted [ 31.734505] IPVS: stopping backup sync thread 4631 ... [ 31.736543] -------------------------------------------- [ 31.736550] syzkaller886572/4615 is trying to acquire lock: [ 31.736556] 000000007019c5bf (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 31.736588] [ 31.736588] but task is already holding lock: [ 31.736591] 000000007019c5bf (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 31.736608] [ 31.736608] other info that might help us debug this: [ 31.736610] Possible unsafe locking scenario: [ 31.736610] [ 31.736612] CPU0 [ 31.736614] ---- [ 31.736615] lock(rtnl_mutex); [ 31.736621] lock(rtnl_mutex); [ 31.736627] [ 31.736627] *** DEADLOCK *** [ 31.736627] [ 31.736630] May be due to missing lock nesting notation [ 31.736630] [ 31.736636] 2 locks held by syzkaller886572/4615: [ 31.736639] #0: 000000007019c5bf (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 [ 31.736658] #1: 000000009d93decd (ipvs->sync_mutex){+.+.}, at: do_ip_vs_set_ctl+0x562/0x1d30 [ 31.736679] [ 31.736679] stack backtrace: [ 31.736691] CPU: 0 PID: 4615 Comm: syzkaller886572 Not tainted 4.16.0+ #19 [ 31.736702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.747564] IPVS: stopping backup sync thread 4639 ... [ 31.753164] Call Trace: [ 31.753189] dump_stack+0x1b9/0x294 [ 31.753205] ? dump_stack_print_info.cold.2+0x52/0x52 [ 31.753219] ? print_lock+0xd1/0xd6 [ 31.753232] ? vprintk_func+0x81/0xe7 [ 31.753246] __lock_acquire.cold.62+0x18c/0x55b [ 31.880218] ? lock_downgrade+0x8e0/0x8e0 [ 31.884361] ? finish_task_switch+0x182/0x820 [ 31.888872] ? debug_check_no_locks_freed+0x310/0x310 [ 31.894059] ? _raw_spin_unlock_irq+0x27/0x70 [ 31.898563] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 31.903603] ? trace_hardirqs_on+0xd/0x10 [ 31.907745] ? __lock_acquire+0x7f5/0x5130 [ 31.911980] ? copy_overflow+0x20/0x20 [ 31.915863] ? debug_check_no_locks_freed+0x310/0x310 [ 31.921140] ? __schedule+0x80f/0x1e40 [ 31.925031] ? graph_lock+0x170/0x170 [ 31.928917] ? kasan_check_read+0x11/0x20 [ 31.933060] ? graph_lock+0x170/0x170 [ 31.936853] ? graph_lock+0x170/0x170 [ 31.940641] lock_acquire+0x1dc/0x520 [ 31.944429] ? rtnl_lock+0x17/0x20 [ 31.947950] ? lock_release+0xa10/0xa10 [ 31.951902] ? check_same_owner+0x320/0x320 [ 31.956209] ? schedule+0xef/0x430 [ 31.959739] ? rcu_note_context_switch+0x710/0x710 [ 31.964671] ? __schedule+0x1e40/0x1e40 [ 31.968639] ? __might_sleep+0x95/0x190 [ 31.972606] ? rtnl_lock+0x17/0x20 [ 31.976132] __mutex_lock+0x16d/0x17f0 [ 31.980000] ? rtnl_lock+0x17/0x20 [ 31.983525] ? rtnl_lock+0x17/0x20 [ 31.987055] ? mutex_trylock+0x2a0/0x2a0 [ 31.991098] ? mark_held_locks+0xc9/0x160 [ 31.995224] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 31.999790] ? _raw_spin_unlock_irq+0x27/0x70 [ 32.004265] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 32.009261] ? trace_hardirqs_on+0xd/0x10 [ 32.013387] ? _raw_spin_unlock_irq+0x27/0x70 [ 32.017865] ? wait_for_completion_killable+0x56c/0x960 [ 32.023212] ? wait_for_completion_interruptible_timeout+0x960/0x960 [ 32.029698] ? lock_downgrade+0x8e0/0x8e0 [ 32.033845] ? kasan_check_read+0x11/0x20 [ 32.037995] ? do_raw_spin_unlock+0x9e/0x2e0 [ 32.042404] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 32.046971] ? wake_up_q+0x100/0x100 [ 32.050675] ? kasan_check_write+0x14/0x20 [ 32.054897] ? do_raw_spin_lock+0xc1/0x200 [ 32.059125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 32.064667] ? __kthread_create_on_node+0x34f/0x4c0 [ 32.069666] ? __kthread_parkme+0x280/0x280 [ 32.073976] ? kasan_check_read+0x11/0x20 [ 32.078105] ? do_raw_spin_unlock+0x9e/0x2e0 [ 32.082492] ? __lock_is_held+0xb5/0x140 [ 32.086536] mutex_lock_nested+0x16/0x20 [ 32.090583] ? mutex_lock_nested+0x16/0x20 [ 32.094796] rtnl_lock+0x17/0x20 [ 32.098143] ip_mc_drop_socket+0x8f/0x270 [ 32.102270] inet_release+0x4e/0x1f0 [ 32.105971] sock_release+0x96/0x1b0 [ 32.109671] start_sync_thread+0xdc3/0x2d40 [ 32.113981] ? ip_vs_process_message+0xa0a/0xa0a [ 32.118722] ? ip_vs_sync_conn+0x33a0/0x33a0 [ 32.123110] ? graph_lock+0x170/0x170 [ 32.126894] ? lock_downgrade+0x8e0/0x8e0 [ 32.131034] ? kasan_check_read+0x11/0x20 [ 32.135178] ? do_raw_spin_unlock+0x9e/0x2e0 [ 32.139570] ? find_held_lock+0x36/0x1c0 [ 32.143609] ? lock_downgrade+0x8e0/0x8e0 [ 32.147739] ? __release_sock+0x3a0/0x3a0 [ 32.151920] ? lock_release+0xa10/0xa10 [ 32.155891] ? check_same_owner+0x320/0x320 [ 32.160207] ? module_unload_free+0x5b0/0x5b0 [ 32.164695] do_ip_vs_set_ctl+0x59c/0x1d30 [ 32.168923] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 32.173405] ? lock_downgrade+0x8e0/0x8e0 [ 32.177538] ? lock_downgrade+0x8e0/0x8e0 [ 32.181673] ? kasan_check_read+0x11/0x20 [ 32.185799] ? rcu_is_watching+0x85/0x140 [ 32.189943] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 32.195232] ? kasan_check_write+0x14/0x20 [ 32.199469] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 32.204381] ? __fget+0x1a3/0x650 [ 32.207815] ? wait_for_completion+0x870/0x870 [ 32.212399] ? module_unload_free+0x5b0/0x5b0 [ 32.216896] ? expand_files.part.8+0x9a0/0x9a0 [ 32.221465] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 32.226205] ? rcu_is_watching+0x85/0x140 [ 32.230331] ? graph_lock+0x170/0x170 [ 32.234116] nf_setsockopt+0x7d/0xd0 [ 32.237815] ? ip_vs_genl_set_cmd+0xe80/0xe80 [ 32.242302] ? nf_setsockopt+0x7d/0xd0 [ 32.246180] ip_setsockopt+0xd8/0xf0 [ 32.249879] udp_setsockopt+0x62/0xa0 [ 32.253663] ipv6_setsockopt+0x149/0x170 [ 32.257717] udpv6_setsockopt+0x62/0xa0 [ 32.261675] sock_common_setsockopt+0x9a/0xe0 [ 32.266165] __sys_setsockopt+0x1bd/0x390 [ 32.270302] ? kernel_accept+0x310/0x310 [ 32.274354] ? mm_fault_error+0x380/0x380 [ 32.278492] SyS_setsockopt+0x34/0x50 [ 32.282290] ? SyS_recv+0x40/0x40 [ 32.285725] do_syscall_64+0x29e/0x9d0 [ 32.289600] ? vmalloc_sync_all+0x30/0x30 [ 32.293735] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 32.298571] ? syscall_return_slowpath+0x5c0/0x5c0 [ 32.303492] ? syscall_return_slowpath+0x30f/0x5c0 [ 32.308405] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 32.313926] ? retint_user+0x18/0x18 [ 32.317623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.322447] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 32.327619] RIP: 0033:0x446e39 [ 32.330791] RSP: 002b:00007f5057654db8 EFLAGS: 00000293 ORIG_RAX: 0000000000000036 [ 32.338493] RAX: ffffffffffffffda RBX: 00000000006e29e4 RCX: 0000000000446e39 [ 32.345750] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000005 [ 32.353019] RBP: 00000000006e29e0 R08: 0000000000000018 R09: 0000000000000000 [ 32.360278] R10: 0000000020000100 R11: 0000000000000293 R12: 0000000000000000 [ 32.367531] R13: 00007ffe3a7ac3ef R14: 00007f50576559c0 R15: 00000000006e2b60