INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.59' (ECDSA) to the list of known hosts. syzkaller login: [ 29.642535] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program [ 29.672401] IPVS: ftp: loaded support on port[0] = 21 [ 29.679844] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.693626] IPVS: stopping backup sync thread 4437 ... [ 29.702728] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.710371] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program [ 29.722144] IPVS: stopping backup sync thread 4440 ... [ 29.730882] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.745154] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.746588] IPVS: stopping backup sync thread 4445 ... [ 29.766069] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program [ 29.770111] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.780757] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.781943] IPVS: stopping backup sync thread 4453 ... [ 29.796848] IPVS: stopping backup sync thread 4447 ... [ 29.809437] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.811400] IPVS: stopping backup sync thread 4456 ... executing program executing program executing program executing program [ 29.820043] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.834382] IPVS: stopping backup sync thread 4459 ... [ 29.845315] IPVS: ftp: loaded support on port[0] = 21 [ 29.848963] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.852121] IPVS: stopping backup sync thread 4462 ... [ 29.864472] IPVS: stopping backup sync thread 4469 ... executing program executing program executing program [ 29.865768] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.871132] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.888805] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.895549] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.909794] IPVS: stopping backup sync thread 4474 ... [ 29.912685] IPVS: stopping backup sync thread 4479 ... executing program executing program executing program executing program [ 29.915784] IPVS: stopping backup sync thread 4470 ... [ 29.928488] IPVS: stopping backup sync thread 4478 ... [ 29.935771] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.939380] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.947155] IPVS: stopping backup sync thread 4488 ... [ 29.955640] IPVS: stopping backup sync thread 4487 ... [ 29.958277] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 executing program executing program executing program [ 29.975567] IPVS: stopping backup sync thread 4490 ... [ 29.982408] IPVS: ftp: loaded support on port[0] = 21 [ 29.984248] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 29.989871] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 30.006570] [ 30.008204] ============================================ [ 30.010255] IPVS: stopping backup sync thread 4500 ... [ 30.013629] WARNING: possible recursive locking detected [ 30.013635] 4.16.0-rc7+ #3 Not tainted [ 30.013637] -------------------------------------------- [ 30.013641] syzkaller688027/4497 is trying to acquire lock: [ 30.013644] (rtnl_mutex){+.+.}, at: [<00000000bb14d7fb>] rtnl_lock+0x17/0x20 [ 30.013670] [ 30.013670] but task is already holding lock: [ 30.022070] IPVS: stopping backup sync thread 4495 ... [ 30.024374] (rtnl_mutex){+.+.}, at: [<00000000bb14d7fb>] rtnl_lock+0x17/0x20 [ 30.024400] [ 30.024400] other info that might help us debug this: [ 30.024402] Possible unsafe locking scenario: [ 30.024402] [ 30.024407] CPU0 [ 30.080238] ---- [ 30.082789] lock(rtnl_mutex); [ 30.086043] lock(rtnl_mutex); [ 30.089290] [ 30.089290] *** DEADLOCK *** [ 30.089290] [ 30.095322] May be due to missing lock nesting notation [ 30.095322] [ 30.102217] 2 locks held by syzkaller688027/4497: [ 30.107031] #0: (rtnl_mutex){+.+.}, at: [<00000000bb14d7fb>] rtnl_lock+0x17/0x20 [ 30.114721] #1: (ipvs->sync_mutex){+.+.}, at: [<00000000703f78e3>] do_ip_vs_set_ctl+0x10f8/0x1cc0 [ 30.123888] [ 30.123888] stack backtrace: [ 30.128355] CPU: 1 PID: 4497 Comm: syzkaller688027 Not tainted 4.16.0-rc7+ #3 [ 30.135598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.144932] Call Trace: [ 30.147497] dump_stack+0x194/0x24d [ 30.151098] ? arch_local_irq_restore+0x53/0x53 [ 30.155832] __lock_acquire+0xe8f/0x3e00 [ 30.159869] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 30.165033] ? account_kernel_stack+0x25e/0x3c0 [ 30.169677] ? __lock_acquire+0x664/0x3e00 [ 30.173882] ? finish_task_switch+0x539/0x7e0 [ 30.178348] ? copy_overflow+0x20/0x20 [ 30.182209] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 30.187374] ? __schedule+0x903/0x1ec0 [ 30.191236] ? __sched_text_start+0x8/0x8 [ 30.195356] ? trace_hardirqs_off+0x10/0x10 [ 30.199648] ? trace_hardirqs_off+0x10/0x10 [ 30.203943] ? trace_hardirqs_off+0x10/0x10 [ 30.208243] ? trace_hardirqs_off+0x10/0x10 [ 30.212536] ? dequeue_task_fair+0x490/0x490 [ 30.216917] lock_acquire+0x1d5/0x580 [ 30.220687] ? lock_acquire+0x1d5/0x580 [ 30.224631] ? rtnl_lock+0x17/0x20 [ 30.228146] ? lock_release+0xa40/0xa40 [ 30.232105] ? check_same_owner+0x320/0x320 [ 30.236425] ? __schedule+0x1ec0/0x1ec0 [ 30.240412] ? rcu_note_context_switch+0x710/0x710 [ 30.245340] ? __might_sleep+0x95/0x190 [ 30.249294] ? rtnl_lock+0x17/0x20 [ 30.252814] __mutex_lock+0x16f/0x1a80 [ 30.256678] ? rtnl_lock+0x17/0x20 [ 30.260197] ? wait_for_completion_killable+0x63e/0x820 [ 30.265533] ? lock_downgrade+0x980/0x980 [ 30.269650] ? rtnl_lock+0x17/0x20 [ 30.273160] ? mutex_lock_io_nested+0x1900/0x1900 [ 30.277972] ? mark_held_locks+0xaf/0x100 [ 30.282090] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.286556] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.291541] ? trace_hardirqs_on+0xd/0x10 [ 30.295658] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.300125] ? wait_for_completion_killable+0x63e/0x820 [ 30.305468] ? wait_for_completion_interruptible_timeout+0x820/0x820 [ 30.311940] ? lock_downgrade+0x980/0x980 [ 30.316062] ? lock_release+0xa40/0xa40 [ 30.320010] ? __kthread_create_on_node+0x127/0x480 [ 30.325007] ? do_raw_spin_trylock+0x190/0x190 [ 30.329565] ? wake_up_q+0xe0/0xe0 [ 30.333080] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.338426] ? __kthread_create_on_node+0x36e/0x480 [ 30.343416] ? print_irqtrace_events+0x270/0x270 [ 30.348143] ? kthread_park+0x130/0x130 [ 30.352101] ? __lock_is_held+0xb6/0x140 [ 30.356137] mutex_lock_nested+0x16/0x20 [ 30.360174] ? mutex_lock_nested+0x16/0x20 [ 30.364392] rtnl_lock+0x17/0x20 [ 30.367732] ip_mc_drop_socket+0x88/0x230 [ 30.371850] inet_release+0x4e/0x1c0 [ 30.375534] sock_release+0x8d/0x1e0 [ 30.379219] start_sync_thread+0x2213/0x2b70 [ 30.383599] ? do_ip_vs_set_ctl+0x10f8/0x1cc0 [ 30.388073] ? ip_vs_process_message_v0+0x870/0x870 [ 30.393060] ? ip_vs_sync_conn+0x3950/0x3950 [ 30.397443] ? trace_hardirqs_off+0x10/0x10 [ 30.401735] ? lock_downgrade+0x980/0x980 [ 30.405852] ? lock_release+0xa40/0xa40 [ 30.409802] ? lock_acquire+0x1d5/0x580 [ 30.413750] ? lock_acquire+0x1d5/0x580 [ 30.417704] ? find_held_lock+0x35/0x1d0 [ 30.421736] ? __might_fault+0x110/0x1d0 [ 30.425767] ? lock_release+0xa40/0xa40 [ 30.429712] ? check_same_owner+0x320/0x320 [ 30.434006] ? module_unload_free+0x5b0/0x5b0 [ 30.438486] ? __might_sleep+0x95/0x190 [ 30.442440] do_ip_vs_set_ctl+0x1139/0x1cc0 [ 30.446732] ? do_ip_vs_set_ctl+0x1139/0x1cc0 [ 30.451214] ? find_held_lock+0x35/0x1d0 [ 30.455252] ? ip_vs_genl_dump_services+0x440/0x440 [ 30.460248] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 30.465509] ? lock_downgrade+0x980/0x980 [ 30.469632] ? __lock_is_held+0xb6/0x140 [ 30.473672] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 30.478488] ? wait_for_completion+0x770/0x770 [ 30.483051] ? module_unload_free+0x5b0/0x5b0 [ 30.487526] ? mutex_unlock+0xd/0x10 [ 30.491216] nf_setsockopt+0x67/0xc0 [ 30.494901] ? nf_setsockopt+0x67/0xc0 [ 30.498760] ip_setsockopt+0x97/0xa0 [ 30.502445] udp_setsockopt+0x45/0x80 [ 30.506219] sock_common_setsockopt+0x95/0xd0 [ 30.510687] SyS_setsockopt+0x189/0x360 [ 30.514631] ? SyS_recv+0x40/0x40 [ 30.518057] ? lock_release+0xa40/0xa40 [ 30.522003] ? __switch_to+0x6df/0x13c0 [ 30.525957] ? do_syscall_64+0xb7/0x940 [ 30.529899] ? SyS_recv+0x40/0x40 [ 30.533328] do_syscall_64+0x281/0x940 [ 30.537190] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.541656] ? finish_task_switch+0x1c1/0x7e0 [ 30.546122] ? syscall_return_slowpath+0x550/0x550 [ 30.551028] ? syscall_return_slowpath+0x2ac/0x550 [ 30.555933] ? prepare_exit_to_usermode+0x350/0x350 [ 30.560920] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 30.566254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.571072] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.576234] RIP: 0033:0x446a69 [ 30.579391] RSP: 002b:00007fa1c3a64da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 30.587068] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000446a69 [ 30.594307] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000003 [ 30.601548] RBP: 00000000006e29fc R08: 0000000000000018 R09: 0000000000000000 [ 30.608785] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000006e29f8 [ 30.616032] R13: 00676e697279656b R14: 00007fa1c3a659c0 R15: 00000000006e2b60