[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.10.28' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   60.336220][ T6859] IPVS: ftp: loaded support on port[0] = 21
[   60.390650][ T6859] IPVS: ftp: loaded support on port[0] = 21
[   60.444276][  T173] tipc: TX() has been purged, node left!
[   60.469386][ T6859] 
[   60.471857][ T6859] ======================================================
[   60.478847][ T6859] WARNING: possible circular locking dependency detected
[   60.485886][ T6859] 5.9.0-rc2-next-20200828-syzkaller #0 Not tainted
[   60.492356][ T6859] ------------------------------------------------------
[   60.499348][ T6859] syz-executor588/6859 is trying to acquire lock:
[   60.505730][ T6859] ffffffff8a879430 (pernet_ops_rwsem){++++}-{3:3}, at: unregister_netdevice_notifier+0x1e/0x170
[   60.516127][ T6859] 
[   60.516127][ T6859] but task is already holding lock:
[   60.523481][ T6859] ffff888091f65750 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[   60.533545][ T6859] 
[   60.533545][ T6859] which lock already depends on the new lock.
[   60.533545][ T6859] 
[   60.545405][ T6859] 
[   60.545405][ T6859] the existing dependency chain (in reverse order) is:
[   60.554568][ T6859] 
[   60.554568][ T6859] -> #3 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}:
[   60.563235][ T6859]        down_write+0x8d/0x150
[   60.567974][ T6859]        __sock_release+0x86/0x280
[   60.573062][ T6859]        sock_close+0x18/0x20
[   60.577732][ T6859]        __fput+0x285/0x920
[   60.582211][ T6859]        delayed_fput+0x56/0x70
[   60.587047][ T6859]        process_one_work+0x94c/0x1670
[   60.592483][ T6859]        worker_thread+0x64c/0x1120
[   60.597672][ T6859]        kthread+0x3b5/0x4a0
[   60.602237][ T6859]        ret_from_fork+0x1f/0x30
[   60.607141][ T6859] 
[   60.607141][ T6859] -> #2 ((delayed_fput_work).work){+.+.}-{0:0}:
[   60.615538][ T6859]        process_one_work+0x8bb/0x1670
[   60.620989][ T6859]        worker_thread+0x64c/0x1120
[   60.626160][ T6859]        kthread+0x3b5/0x4a0
[   60.630727][ T6859]        ret_from_fork+0x1f/0x30
[   60.635632][ T6859] 
[   60.635632][ T6859] -> #1 ((wq_completion)events){+.+.}-{0:0}:
[   60.643795][ T6859]        flush_workqueue+0x110/0x13e0
[   60.649141][ T6859]        tipc_exit_net+0x47/0x2a0
[   60.654167][ T6859]        ops_exit_list+0xb0/0x160
[   60.659166][ T6859]        cleanup_net+0x4ea/0xb10
[   60.664094][ T6859]        process_one_work+0x94c/0x1670
[   60.669703][ T6859]        worker_thread+0x64c/0x1120
[   60.674888][ T6859]        kthread+0x3b5/0x4a0
[   60.679470][ T6859]        ret_from_fork+0x1f/0x30
[   60.684373][ T6859] 
[   60.684373][ T6859] -> #0 (pernet_ops_rwsem){++++}-{3:3}:
[   60.692089][ T6859]        __lock_acquire+0x2a6b/0x5640
[   60.697449][ T6859]        lock_acquire+0x1f1/0xad0
[   60.702505][ T6859]        down_write+0x8d/0x150
[   60.707252][ T6859]        unregister_netdevice_notifier+0x1e/0x170
[   60.713767][ T6859]        raw_release+0x58/0x890
[   60.718595][ T6859]        __sock_release+0xcd/0x280
[   60.723683][ T6859]        sock_close+0x18/0x20
[   60.728338][ T6859]        __fput+0x285/0x920
[   60.732823][ T6859]        task_work_run+0xdd/0x190
[   60.737868][ T6859]        do_exit+0xb7d/0x29f0
[   60.742525][ T6859]        do_group_exit+0x125/0x310
[   60.747631][ T6859]        __x64_sys_exit_group+0x3a/0x50
[   60.753411][ T6859]        do_syscall_64+0x2d/0x70
[   60.758325][ T6859]        entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   60.764710][ T6859] 
[   60.764710][ T6859] other info that might help us debug this:
[   60.764710][ T6859] 
[   60.774910][ T6859] Chain exists of:
[   60.774910][ T6859]   pernet_ops_rwsem --> (delayed_fput_work).work --> &sb->s_type->i_mutex_key#13
[   60.774910][ T6859] 
[   60.789834][ T6859]  Possible unsafe locking scenario:
[   60.789834][ T6859] 
[   60.797270][ T6859]        CPU0                    CPU1
[   60.802608][ T6859]        ----                    ----
[   60.807946][ T6859]   lock(&sb->s_type->i_mutex_key#13);
[   60.813379][ T6859]                                lock((delayed_fput_work).work);
[   60.821154][ T6859]                                lock(&sb->s_type->i_mutex_key#13);
[   60.829105][ T6859]   lock(pernet_ops_rwsem);
[   60.833581][ T6859] 
[   60.833581][ T6859]  *** DEADLOCK ***
[   60.833581][ T6859] 
[   60.841717][ T6859] 1 lock held by syz-executor588/6859:
[   60.847145][ T6859]  #0: ffff888091f65750 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[   60.857646][ T6859] 
[   60.857646][ T6859] stack backtrace:
[   60.863520][ T6859] CPU: 0 PID: 6859 Comm: syz-executor588 Not tainted 5.9.0-rc2-next-20200828-syzkaller #0
[   60.873380][ T6859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   60.883429][ T6859] Call Trace:
[   60.886697][ T6859]  dump_stack+0x18f/0x20d
[   60.891020][ T6859]  check_noncircular+0x324/0x3e0
[   60.895934][ T6859]  ? print_circular_bug+0x3a0/0x3a0
[   60.901107][ T6859]  ? find_held_lock+0x2d/0x110
[   60.905958][ T6859]  ? lock_repin_lock+0x460/0x460
[   60.910883][ T6859]  ? mark_lock+0xbc/0x1710
[   60.915278][ T6859]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   60.921320][ T6859]  __lock_acquire+0x2a6b/0x5640
[   60.926150][ T6859]  ? lockdep_hardirqs_on_prepare+0x530/0x530
[   60.932105][ T6859]  lock_acquire+0x1f1/0xad0
[   60.936584][ T6859]  ? unregister_netdevice_notifier+0x1e/0x170
[   60.942633][ T6859]  ? lock_release+0x8e0/0x8e0
[   60.947303][ T6859]  ? lock_is_held_type+0xbb/0xf0
[   60.952217][ T6859]  ? __sock_release+0x86/0x280
[   60.956955][ T6859]  down_write+0x8d/0x150
[   60.961173][ T6859]  ? unregister_netdevice_notifier+0x1e/0x170
[   60.967218][ T6859]  ? down_write_killable+0x170/0x170
[   60.972486][ T6859]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[   60.978359][ T6859]  ? lock_is_held_type+0xbb/0xf0
[   60.983291][ T6859]  unregister_netdevice_notifier+0x1e/0x170
[   60.989163][ T6859]  raw_release+0x58/0x890
[   60.993557][ T6859]  ? fcntl_setlk+0xf60/0xf60
[   60.998172][ T6859]  __sock_release+0xcd/0x280
[   61.002755][ T6859]  sock_close+0x18/0x20
[   61.006884][ T6859]  __fput+0x285/0x920
[   61.010849][ T6859]  ? __sock_release+0x280/0x280
[   61.015678][ T6859]  task_work_run+0xdd/0x190
[   61.020158][ T6859]  do_exit+0xb7d/0x29f0
[   61.024287][ T6859]  ? mm_update_next_owner+0x7a0/0x7a0
[   61.029651][ T6859]  ? lock_is_held_type+0xbb/0xf0
[   61.034563][ T6859]  do_group_exit+0x125/0x310
[   61.039130][ T6859]  __x64_sys_exit_group+0x3a/0x50
[   61.044131][ T6859]  do_syscall_64+0x2d/0x70
[   61.048524][ T6859]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   61.054392][ T6859] RIP: 0033:0x4400d8
[   61.058255][ T6859] Code: Bad RIP value.
[   61.062308][ T6859] RSP: 002b:00007ffe390f2d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   61.070714][ T6859] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004400d8
[   61.078661][ T6859] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001
[   61.086620][ T6859] RBP: 00000000004c63d0 R08: 00000000000000e7 R09: ffffffffffffffd0
[   61.094583][ T6859] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001
[   61.102531][ T6859] R13: 00000000006d85e0 R14: 0000000000000000 R15: 0000000000000000