[ 13.971443] audit: type=1400 audit(1552084144.755:4): avc: denied { syslog } for pid=1915 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.250' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 45.214801] [ 45.216466] ====================================================== [ 45.222764] [ INFO: possible circular locking dependency detected ] [ 45.229157] 4.4.174+ #17 Not tainted [ 45.232860] ------------------------------------------------------- [ 45.239252] syz-executor995/2082 is trying to acquire lock: [ 45.244947] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 45.253076] [ 45.253076] but task is already holding lock: [ 45.259035] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.0+0x28a/0x30c0 [ 45.269175] [ 45.269175] which lock already depends on the new lock. [ 45.269175] [ 45.277478] [ 45.277478] the existing dependency chain (in reverse order) is: [ 45.285079] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 45.290256] [] lock_acquire+0x15e/0x450 [ 45.296528] [] lock_sock_nested+0xc6/0x120 [ 45.303065] [] do_ipv6_setsockopt.isra.0+0x2eba/0x30c0 [ 45.310647] [] ipv6_setsockopt+0xda/0x140 [ 45.317090] [] compat_mc_setsockopt+0x4f7/0x690 [ 45.324071] [] compat_ipv6_setsockopt+0x124/0x1d0 [ 45.331302] [] inet_csk_compat_setsockopt+0x99/0x120 [ 45.338707] [] compat_tcp_setsockopt+0x40/0x70 [ 45.345587] [] compat_sock_common_setsockopt+0xb4/0x150 [ 45.353682] [] compat_SyS_setsockopt+0x15c/0x720 [ 45.360740] [] do_fast_syscall_32+0x32d/0xa90 [ 45.367642] [] sysenter_flags_fixed+0xd/0x1a [ 45.374352] -> #0 (rtnl_mutex){+.+.+.}: [ 45.379029] [] __lock_acquire+0x37d6/0x4f50 [ 45.385645] [] lock_acquire+0x15e/0x450 [ 45.391989] [] mutex_lock_nested+0xc1/0xb80 [ 45.398747] [] rtnl_lock+0x17/0x20 [ 45.404774] [] ipv6_sock_mc_close+0x10e/0x350 [ 45.411588] [] do_ipv6_setsockopt.isra.0+0x1bd1/0x30c0 [ 45.419528] [] compat_ipv6_setsockopt+0xe7/0x1d0 [ 45.426602] [] inet_csk_compat_setsockopt+0x99/0x120 [ 45.434113] [] compat_tcp_setsockopt+0x40/0x70 [ 45.441110] [] compat_sock_common_setsockopt+0xb4/0x150 [ 45.448941] [] compat_SyS_setsockopt+0x15c/0x720 [ 45.456360] [] do_fast_syscall_32+0x32d/0xa90 [ 45.463167] [] sysenter_flags_fixed+0xd/0x1a [ 45.469988] [ 45.469988] other info that might help us debug this: [ 45.469988] [ 45.478120] Possible unsafe locking scenario: [ 45.478120] [ 45.484363] CPU0 CPU1 [ 45.489137] ---- ---- [ 45.493795] lock(sk_lock-AF_INET6); [ 45.497859] lock(rtnl_mutex); [ 45.504081] lock(sk_lock-AF_INET6); [ 45.510763] lock(rtnl_mutex); [ 45.514438] [ 45.514438] *** DEADLOCK *** [ 45.514438] [ 45.520500] 1 lock held by syz-executor995/2082: [ 45.525413] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.0+0x28a/0x30c0 [ 45.536771] [ 45.536771] stack backtrace: [ 45.541263] CPU: 1 PID: 2082 Comm: syz-executor995 Not tainted 4.4.174+ #17 [ 45.548838] 0000000000000000 fecfe4daa00a7957 ffff8800b6ef7500 ffffffff81aad1a1 [ 45.556892] ffffffff84057a80 ffff8800b7d12f80 ffffffff83a8db50 ffffffff83acc910 [ 45.565072] ffffffff83a8db50 ffff8800b6ef7550 ffffffff813abcda ffff8800b6ef7630 [ 45.573483] Call Trace: [ 45.576189] [] dump_stack+0xc1/0x120 [ 45.581549] [] print_circular_bug.cold+0x2f7/0x44e [ 45.588240] [] __lock_acquire+0x37d6/0x4f50 [ 45.594415] [] ? check_irq_usage+0xb1/0xe0 [ 45.600515] [] ? trace_hardirqs_on+0x10/0x10 [ 45.606682] [] ? trace_hardirqs_on+0x10/0x10 [ 45.612748] [] lock_acquire+0x15e/0x450 [ 45.618482] [] ? rtnl_lock+0x17/0x20 [ 45.623885] [] ? rtnl_lock+0x17/0x20 [ 45.629250] [] mutex_lock_nested+0xc1/0xb80 [ 45.635214] [] ? rtnl_lock+0x17/0x20 [ 45.640687] [] ? kvm_clock_read+0x23/0x40 [ 45.646476] [] ? kvm_clock_get_cycles+0x9/0x10 [ 45.652726] [] ? ktime_get_with_offset+0x176/0x240 [ 45.659674] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 45.666426] [] ? mutex_trylock+0x500/0x500 [ 45.672816] [] ? mark_held_locks+0xb1/0x100 [ 45.678781] [] ? __local_bh_enable_ip+0x6a/0xe0 [ 45.685102] [] rtnl_lock+0x17/0x20 [ 45.690386] [] ipv6_sock_mc_close+0x10e/0x350 [ 45.696649] [] ? fl6_free_socklist+0xb7/0x240 [ 45.702873] [] do_ipv6_setsockopt.isra.0+0x1bd1/0x30c0 [ 45.709813] [] ? ip6_ra_control+0x3c0/0x3c0 [ 45.716042] [] ? trace_hardirqs_on+0x10/0x10 [ 45.722090] [] ? tcp_v4_connect+0x1070/0x1930 [ 45.728354] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 45.735181] [] ? avc_has_perm+0x164/0x3a0 [ 45.740989] [] ? avc_has_perm+0x1d2/0x3a0 [ 45.746984] [] ? avc_has_perm+0xac/0x3a0 [ 45.752779] [] ? avc_has_perm_noaudit+0x300/0x300 [ 45.759294] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 45.766170] [] ? check_preemption_disabled+0x3c/0x200 [ 45.773121] [] ? check_preemption_disabled+0x3c/0x200 [ 45.780265] [] ? sock_has_perm+0x1c8/0x400 [ 45.786381] [] ? sock_has_perm+0x2a8/0x400 [ 45.792268] [] ? sock_has_perm+0xa6/0x400 [ 45.798588] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 45.806232] [] ? check_preemption_disabled+0x3c/0x200 [ 45.813195] [] compat_ipv6_setsockopt+0xe7/0x1d0 [ 45.819997] [] inet_csk_compat_setsockopt+0x99/0x120 [ 45.826854] [] ? ipv6_setsockopt+0x140/0x140 [ 45.832906] [] compat_tcp_setsockopt+0x40/0x70 [ 45.839375] [] compat_sock_common_setsockopt+0xb4/0x150 [ 45.846573] [] ? do_tcp_setsockopt.isra.0+0x19a0/0x19a0 [ 45.853765] [] compat_SyS_setsockopt+0x15c/0x720 [ 45.860193] [] ? sock_common_setsockopt+0xe0/0xe0 [ 45.86667