[....] Starting enhanced syslogd: rsyslogd[ 17.036782] audit: type=1400 audit(1517362461.918:5): avc: denied { syslog } for pid=3969 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.839734] audit: type=1400 audit(1517362467.721:6): avc: denied { map } for pid=4108 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.197' (ECDSA) to the list of known hosts. executing program [ 29.161782] audit: type=1400 audit(1517362474.043:7): avc: denied { map } for pid=4122 comm="syzkaller537311" path="/root/syzkaller537311349" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program [ 29.264756] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 29.354085] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 29.374453] [ 29.376132] ====================================================== [ 29.382432] WARNING: possible circular locking dependency detected [ 29.388723] 4.15.0+ #287 Not tainted [ 29.392414] ------------------------------------------------------ [ 29.398701] syzkaller537311/4122 is trying to acquire lock: [ 29.404380] (rtnl_mutex){+.+.}, at: [<00000000373c5fe8>] rtnl_lock+0x17/0x20 [ 29.411644] [ 29.411644] but task is already holding lock: [ 29.417610] (&xt[i].mutex){+.+.}, at: [<00000000158b3096>] xt_find_table_lock+0x40/0x3d0 [ 29.425915] [ 29.425915] which lock already depends on the new lock. [ 29.425915] [ 29.434199] [ 29.434199] the existing dependency chain (in reverse order) is: [ 29.441799] [ 29.441799] -> #2 (&xt[i].mutex){+.+.}: [ 29.447232] __mutex_lock+0x16f/0x1a80 [ 29.451619] mutex_lock_nested+0x16/0x20 [ 29.456175] xt_find_target+0x44/0x1e0 [ 29.460553] xt_request_find_target+0x2c/0xb0 [ 29.465542] find_check_entry.isra.7+0x669/0xcf0 [ 29.470788] translate_table+0xf52/0x1690 [ 29.475426] do_ip6t_set_ctl+0x370/0x5f0 [ 29.479981] nf_setsockopt+0x67/0xc0 [ 29.484188] ipv6_setsockopt+0x115/0x150 [ 29.488737] udpv6_setsockopt+0x45/0x80 [ 29.493214] sock_common_setsockopt+0x95/0xd0 [ 29.498200] SyS_setsockopt+0x189/0x360 [ 29.502669] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 29.507912] [ 29.507912] -> #1 (sk_lock-AF_INET6){+.+.}: [ 29.513695] lock_sock_nested+0xc2/0x110 [ 29.518251] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 [ 29.523758] ipv6_setsockopt+0xd7/0x150 [ 29.528227] sctp_setsockopt+0x2a0/0x5de0 [ 29.532866] sock_common_setsockopt+0x95/0xd0 [ 29.537853] SyS_setsockopt+0x189/0x360 [ 29.542323] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 29.547573] [ 29.547573] -> #0 (rtnl_mutex){+.+.}: [ 29.552826] lock_acquire+0x1d5/0x580 [ 29.557120] __mutex_lock+0x16f/0x1a80 [ 29.561497] mutex_lock_nested+0x16/0x20 [ 29.566052] rtnl_lock+0x17/0x20 [ 29.569910] unregister_netdevice_notifier+0x91/0x4e0 [ 29.575593] tee_tg_destroy+0x61/0xc0 [ 29.579889] cleanup_entry+0x218/0x350 [ 29.584274] __do_replace+0x7d7/0xa90 [ 29.588571] do_ipt_set_ctl+0x40f/0x5f0 [ 29.593043] nf_setsockopt+0x67/0xc0 [ 29.597266] ip_setsockopt+0xa1/0xb0 [ 29.601472] raw_setsockopt+0xb7/0xd0 [ 29.605775] sock_common_setsockopt+0x95/0xd0 [ 29.610761] SyS_setsockopt+0x189/0x360 [ 29.615230] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 29.620474] [ 29.620474] other info that might help us debug this: [ 29.620474] [ 29.628586] Chain exists of: [ 29.628586] rtnl_mutex --> sk_lock-AF_INET6 --> &xt[i].mutex [ 29.628586] [ 29.638884] Possible unsafe locking scenario: [ 29.638884] [ 29.644918] CPU0 CPU1 [ 29.649554] ---- ---- [ 29.654190] lock(&xt[i].mutex); [ 29.657611] lock(sk_lock-AF_INET6); [ 29.663899] lock(&xt[i].mutex); [ 29.669839] lock(rtnl_mutex); [ 29.673089] [ 29.673089] *** DEADLOCK *** [ 29.673089] [ 29.679118] 2 locks held by syzkaller537311/4122: [ 29.683926] #0: (sk_lock-AF_INET){+.+.}, at: [<000000004a5cf001>] ip_setsockopt+0x8c/0xb0 [ 29.692407] #1: (&xt[i].mutex){+.+.}, at: [<00000000158b3096>] xt_find_table_lock+0x40/0x3d0 [ 29.701135] [ 29.701135] stack backtrace: [ 29.705612] CPU: 1 PID: 4122 Comm: syzkaller537311 Not tainted 4.15.0+ #287 [ 29.712678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.722003] Call Trace: [ 29.724568] dump_stack+0x194/0x257 [ 29.728167] ? arch_local_irq_restore+0x53/0x53 [ 29.732810] print_circular_bug.isra.38+0x2cd/0x2dc [ 29.737801] ? save_trace+0xe0/0x2b0 [ 29.741531] __lock_acquire+0x30a8/0x3e00 [ 29.745655] ? print_irqtrace_events+0x270/0x270 [ 29.750385] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.755547] ? __lock_acquire+0x664/0x3e00 [ 29.759755] ? __lock_acquire+0x664/0x3e00 [ 29.763962] ? __lock_acquire+0x664/0x3e00 [ 29.768168] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.773332] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.778492] ? check_noncircular+0x20/0x20 [ 29.782709] lock_acquire+0x1d5/0x580 [ 29.786490] ? lock_acquire+0x1d5/0x580 [ 29.790439] ? rtnl_lock+0x17/0x20 [ 29.793952] ? __is_insn_slot_addr+0x1fc/0x330 [ 29.798506] ? lock_release+0xa40/0xa40 [ 29.802451] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 29.808308] ? rcu_note_context_switch+0x710/0x710 [ 29.813221] ? __lock_acquire+0x664/0x3e00 [ 29.817437] ? __might_sleep+0x95/0x190 [ 29.821380] ? rtnl_lock+0x17/0x20 [ 29.824891] __mutex_lock+0x16f/0x1a80 [ 29.828749] ? rtnl_lock+0x17/0x20 [ 29.832259] ? rtnl_lock+0x17/0x20 [ 29.835771] ? mutex_lock_io_nested+0x1900/0x1900 [ 29.840586] ? rcutorture_record_progress+0x10/0x10 [ 29.845573] ? is_bpf_text_address+0xa4/0x120 [ 29.850049] ? kernel_text_address+0x102/0x140 [ 29.854604] ? __kernel_text_address+0xd/0x40 [ 29.859081] ? unwind_get_return_address+0x61/0xa0 [ 29.863983] ? __save_stack_trace+0x7e/0xd0 [ 29.868298] ? depot_save_stack+0x12c/0x490 [ 29.872592] ? check_noncircular+0x20/0x20 [ 29.876797] ? save_stack+0x43/0xd0 [ 29.880394] ? kasan_kmalloc+0xad/0xe0 [ 29.884252] ? __kmalloc+0x162/0x760 [ 29.887935] ? xt_replace_table+0x641/0x9d0 [ 29.892225] ? __do_replace+0x313/0xa90 [ 29.896168] ? do_ipt_set_ctl+0x40f/0x5f0 [ 29.900285] ? nf_setsockopt+0x67/0xc0 [ 29.904161] ? ip_setsockopt+0xa1/0xb0 [ 29.908020] ? raw_setsockopt+0xb7/0xd0 [ 29.911966] ? sock_common_setsockopt+0x95/0xd0 [ 29.916606] ? SyS_setsockopt+0x189/0x360 [ 29.920738] ? entry_SYSCALL_64_fastpath+0x29/0xa0 [ 29.925642] ? pcpu_chunk_relocate+0x315/0x770 [ 29.930195] ? print_irqtrace_events+0x270/0x270 [ 29.934923] ? free_percpu+0x229/0x830 [ 29.938792] ? lock_downgrade+0x980/0x980 [ 29.942912] ? __lock_is_held+0xb6/0x140 [ 29.946942] ? lock_release+0xa40/0xa40 [ 29.950887] ? _find_next_bit+0xee/0x120 [ 29.954922] ? tee_tg6+0x170/0x170 [ 29.958432] mutex_lock_nested+0x16/0x20 [ 29.962464] ? mutex_lock_nested+0x16/0x20 [ 29.966667] rtnl_lock+0x17/0x20 [ 29.970004] unregister_netdevice_notifier+0x91/0x4e0 [ 29.975164] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.980147] ? trace_hardirqs_on+0xd/0x10 [ 29.984268] ? register_netdevice_notifier+0x860/0x860 [ 29.989519] ? free_percpu+0x22e/0x830 [ 29.993378] ? __alloc_percpu+0x30/0x30 [ 29.997323] ? find_next_bit+0x27/0x30 [ 30.001182] ? cpumask_next+0x24/0x30 [ 30.004953] ? __lock_is_held+0xb6/0x140 [ 30.008984] ? tee_tg6+0x170/0x170 [ 30.012498] tee_tg_destroy+0x61/0xc0 [ 30.016273] cleanup_entry+0x218/0x350 [ 30.020130] ? cleanup_match+0x220/0x220 [ 30.024163] ? find_next_bit+0x27/0x30 [ 30.028022] __do_replace+0x7d7/0xa90 [ 30.031804] ? compat_table_info+0x470/0x470 [ 30.036185] ? kasan_check_write+0x14/0x20 [ 30.040392] ? _copy_from_user+0x99/0x110 [ 30.044511] do_ipt_set_ctl+0x40f/0x5f0 [ 30.048457] ? translate_compat_table+0x1b90/0x1b90 [ 30.053445] ? mutex_unlock+0xd/0x10 [ 30.057140] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 30.062390] nf_setsockopt+0x67/0xc0 [ 30.066077] ip_setsockopt+0xa1/0xb0 [ 30.069759] raw_setsockopt+0xb7/0xd0 [ 30.073530] sock_common_setsockopt+0x95/0xd0 [ 30.077994] SyS_setsockopt+0x189/0x360 [ 30.081941] ? SyS_recv+0x40/0x40 [ 30.085368] ? entry_SYSCALL_64_fastpath+0x5/0xa0 [ 30.090183] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.095174] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 30.099904] entry_SYSCALL_64_fastpath+0x29/0xa0 executing program [ 30.104630] RIP: 0033:0x442049 [ 30.107789] RSP: 002b:00007ffc1cd2d7f8 EFLAGS: 00000207 ORIG_RAX: 0000000000000036 [ 30.115467] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000442049 [ 30.122707] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 30.129950] RBP: 31affa775212f497 R08: 00000000000002e0 R09: 0000000000000000 [ 30.137201] R10: 000000002000dcf0 R11: 0000000000000207 R12: f3023f5f5df3bc21 [ 30.144451] R13: f6fcce9cd855ec40 R14: fbfe5b6031634428 R15: 0000000000000000 executing program [ 30.211082] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.303058] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.389082] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.477062] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.561072] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.647060] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.733052] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.819056] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.907066] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 30.991063] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.083055] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.169054] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.255054] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.343059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.435061] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.521057] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.607064] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.695056] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.770059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.858060] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 31.946059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.032061] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.120059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.208058] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.294061] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.382080] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.468064] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.552062] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.638068] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.724061] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.810052] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.898062] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 32.984078] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.070059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.156065] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.242083] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.328060] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.414065] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.500059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.586059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.674065] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.760058] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.852063] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 33.938057] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.024059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.110059] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.196054] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.282062] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.368054] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.454062] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.540056] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.626053] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.712058] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.798057] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.884053] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 34.960057] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.050071] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.138063] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.224075] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.310084] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.396065] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.482060] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.568061] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.654075] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.742106] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.828075] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 35.916075] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.004083] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.092075] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.180130] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.268077] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.356069] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.448070] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.536062] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.622072] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.710081] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.791071] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.879071] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 36.965073] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.053066] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.141101] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.227074] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.315067] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.403077] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.491066] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.577080] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.665070] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.753076] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.841088] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 37.929091] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.017080] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.105088] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.193077] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.281081] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.369078] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.455087] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.541083] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.629082] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.717088] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.805079] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.893083] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 38.981097] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 39.069092] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 39.157083] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 39.245083] xt_AUDIT: Audit type out of range (valid range: 0..2) executing program [ 39.327089] xt_AUDIT: Audit type out of range (valid range: 0..2)