[....] Starting enhanced syslogd: rsyslogd[ 13.169936] audit: type=1400 audit(1540809809.278:4): avc: denied { syslog } for pid=1923 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.81' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 41.279806] [ 41.281459] ====================================================== [ 41.287747] [ INFO: possible circular locking dependency detected ] [ 41.294125] 4.4.162+ #7 Not tainted [ 41.297728] ------------------------------------------------------- [ 41.304104] syz-executor279/2081 is trying to acquire lock: [ 41.309785] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 41.317687] [ 41.317687] but task is already holding lock: [ 41.323629] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 41.333708] [ 41.333708] which lock already depends on the new lock. [ 41.333708] [ 41.342006] [ 41.342006] the existing dependency chain (in reverse order) is: [ 41.349605] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 41.354728] [] lock_acquire+0x15e/0x450 [ 41.360967] [] lock_sock_nested+0xc6/0x120 [ 41.367466] [] do_ipv6_setsockopt.isra.4+0x1d2/0x2d50 [ 41.374928] [] ipv6_setsockopt+0x97/0x130 [ 41.381341] [] compat_mc_setsockopt+0x278/0x6e0 [ 41.388271] [] compat_ipv6_setsockopt+0x126/0x1d0 [ 41.395382] [] compat_udpv6_setsockopt+0x4a/0x90 [ 41.402401] [] compat_sock_common_setsockopt+0xb4/0x150 [ 41.410035] [] compat_SyS_setsockopt+0x169/0x700 [ 41.417060] [] do_fast_syscall_32+0x31e/0xa80 [ 41.423837] [] sysenter_flags_fixed+0xd/0x1a [ 41.430509] -> #0 (rtnl_mutex){+.+.+.}: [ 41.435113] [] __lock_acquire+0x3e6c/0x5f10 [ 41.441708] [] lock_acquire+0x15e/0x450 [ 41.447949] [] mutex_lock_nested+0xbb/0x8d0 [ 41.454538] [] rtnl_lock+0x17/0x20 [ 41.460356] [] ipv6_sock_mc_close+0x10e/0x350 [ 41.467115] [] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 41.474571] [] compat_ipv6_setsockopt+0xe9/0x1d0 [ 41.481603] [] compat_udpv6_setsockopt+0x4a/0x90 [ 41.488639] [] compat_sock_common_setsockopt+0xb4/0x150 [ 41.496287] [] compat_SyS_setsockopt+0x169/0x700 [ 41.503310] [] do_fast_syscall_32+0x31e/0xa80 [ 41.510090] [] sysenter_flags_fixed+0xd/0x1a [ 41.516781] [ 41.516781] other info that might help us debug this: [ 41.516781] [ 41.524897] Possible unsafe locking scenario: [ 41.524897] [ 41.530925] CPU0 CPU1 [ 41.535565] ---- ---- [ 41.540204] lock(sk_lock-AF_INET6); [ 41.544215] lock(rtnl_mutex); [ 41.550217] lock(sk_lock-AF_INET6); [ 41.556743] lock(rtnl_mutex); [ 41.560233] [ 41.560233] *** DEADLOCK *** [ 41.560233] [ 41.566265] 1 lock held by syz-executor279/2081: [ 41.570990] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 41.581614] [ 41.581614] stack backtrace: [ 41.586085] CPU: 1 PID: 2081 Comm: syz-executor279 Not tainted 4.4.162+ #7 [ 41.593075] 0000000000000000 054b879565ff3b1a ffff8801d3867538 ffffffff81a994bd [ 41.601072] ffffffff83a85b10 ffffffff83ac4de0 ffffffff83a85b10 ffff8801d47a20a8 [ 41.609081] ffff8801d47a17c0 ffff8801d3867580 ffffffff813a834a 0000000000000001 [ 41.617067] Call Trace: [ 41.619629] [] dump_stack+0xc1/0x124 [ 41.624968] [] print_circular_bug.cold.34+0x2f7/0x432 [ 41.631781] [] __lock_acquire+0x3e6c/0x5f10 [ 41.637733] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 41.644459] [] ? trace_hardirqs_on+0x10/0x10 [ 41.650490] [] lock_acquire+0x15e/0x450 [ 41.656091] [] ? rtnl_lock+0x17/0x20 [ 41.661427] [] ? rtnl_lock+0x17/0x20 [ 41.666767] [] mutex_lock_nested+0xbb/0x8d0 [ 41.672708] [] ? rtnl_lock+0x17/0x20 [ 41.678062] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 41.684791] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 41.691516] [] ? mutex_trylock+0x3e0/0x3e0 [ 41.697377] [] ? mark_held_locks+0xc7/0x130 [ 41.703327] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 41.709623] [] rtnl_lock+0x17/0x20 [ 41.714790] [] ipv6_sock_mc_close+0x10e/0x350 [ 41.720910] [] ? fl6_free_socklist+0xb7/0x240 [ 41.727032] [] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 41.733850] [] ? ip6_ra_control+0x430/0x430 [ 41.739796] [] ? trace_hardirqs_on+0x10/0x10 [ 41.745829] [] ? __lock_acquire+0xa85/0x5f10 [ 41.751865] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 41.758156] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 41.764884] [] ? avc_has_perm+0x15a/0x3a0 [ 41.770655] [] ? avc_has_perm+0x1cc/0x3a0 [ 41.776428] [] ? avc_has_perm+0x9e/0x3a0 [ 41.782108] [] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 41.788576] [] ? check_preemption_disabled+0x3b/0x170 [ 41.795397] [] ? sock_has_perm+0x1c1/0x3f0 [ 41.801255] [] ? sock_has_perm+0x2a1/0x3f0 [ 41.807113] [] ? sock_has_perm+0x9f/0x3f0 [ 41.812883] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 41.820393] [] ? __fget+0x12f/0x3d0 [ 41.825646] [] compat_ipv6_setsockopt+0xe9/0x1d0 [ 41.832023] [] compat_udpv6_setsockopt+0x4a/0x90 [ 41.838403] [] compat_sock_common_setsockopt+0xb4/0x150 [ 41.845388] [] ? udpv6_setsockopt+0x90/0x90 [ 41.851336] [] compat_SyS_setsockopt+0x169/0x700 [ 41.857722] [] ? sock_common_setsockopt+0xe0/0xe0 [ 41.864191] [] ? scm_detach_fds_compat+0x3b0/0x3b0 [ 41.870747] [] ? __do_page_fault+0x2b6/0x7e0 [ 41.876784] [] ? do_fast_syscall_32+0xdb/0xa