[....] Starting enhanced syslogd: rsyslogd[ 12.686068] audit: type=1400 audit(1539195465.812:4): avc: denied { syslog } for pid=1924 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.111' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 45.909925] [ 45.911574] ====================================================== [ 45.917865] [ INFO: possible circular locking dependency detected ] [ 45.924246] 4.4.159+ #44 Not tainted [ 45.927981] ------------------------------------------------------- [ 45.934462] syz-executor376/2088 is trying to acquire lock: [ 45.940326] (rtnl_mutex){+.+.+.}, at: [<ffffffff82259d67>] rtnl_lock+0x17/0x20 [ 45.948246] [ 45.948246] but task is already holding lock: [ 45.954197] (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffff825ea752>] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 45.964281] [ 45.964281] which lock already depends on the new lock. [ 45.964281] [ 45.972575] [ 45.972575] the existing dependency chain (in reverse order) is: [ 45.980237] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 45.985369] [<ffffffff81202efe>] lock_acquire+0x15e/0x450 [ 45.991790] [<ffffffff821cfb56>] lock_sock_nested+0xc6/0x120 [ 45.998462] [<ffffffff825ea6d2>] do_ipv6_setsockopt.isra.4+0x1d2/0x2d50 [ 46.005929] [<ffffffff825ed2e7>] ipv6_setsockopt+0x97/0x130 [ 46.012357] [<ffffffff822960b8>] compat_mc_setsockopt+0x278/0x6e0 [ 46.019294] [<ffffffff825ed4a6>] compat_ipv6_setsockopt+0x126/0x1d0 [ 46.026407] [<ffffffff826021ea>] compat_udpv6_setsockopt+0x4a/0x90 [ 46.033430] [<ffffffff821c9e54>] compat_sock_common_setsockopt+0xb4/0x150 [ 46.041235] [<ffffffff822982d9>] compat_SyS_setsockopt+0x169/0x700 [ 46.048263] [<ffffffff8100629e>] do_fast_syscall_32+0x31e/0xa80 [ 46.055032] [<ffffffff82707410>] sysenter_flags_fixed+0xd/0x1a [ 46.061715] -> #0 (rtnl_mutex){+.+.+.}: [ 46.066314] [<ffffffff811ff31c>] __lock_acquire+0x3e6c/0x5f10 [ 46.072902] [<ffffffff81202efe>] lock_acquire+0x15e/0x450 [ 46.079146] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 [ 46.085751] [<ffffffff82259d67>] rtnl_lock+0x17/0x20 [ 46.091622] [<ffffffff8262489e>] ipv6_sock_mc_close+0x10e/0x350 [ 46.098392] [<ffffffff825eb207>] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 46.106005] [<ffffffff825ed469>] compat_ipv6_setsockopt+0xe9/0x1d0 [ 46.113048] [<ffffffff826021ea>] compat_udpv6_setsockopt+0x4a/0x90 [ 46.120251] [<ffffffff821c9e54>] compat_sock_common_setsockopt+0xb4/0x150 [ 46.127908] [<ffffffff822982d9>] compat_SyS_setsockopt+0x169/0x700 [ 46.134951] [<ffffffff8100629e>] do_fast_syscall_32+0x31e/0xa80 [ 46.141824] [<ffffffff82707410>] sysenter_flags_fixed+0xd/0x1a [ 46.148503] [ 46.148503] other info that might help us debug this: [ 46.148503] [ 46.156625] Possible unsafe locking scenario: [ 46.156625] [ 46.162666] CPU0 CPU1 [ 46.167321] ---- ---- [ 46.171963] lock(sk_lock-AF_INET6); [ 46.175979] lock(rtnl_mutex); [ 46.182448] lock(sk_lock-AF_INET6); [ 46.189088] lock(rtnl_mutex); [ 46.192580] [ 46.192580] *** DEADLOCK *** [ 46.192580] [ 46.198624] 1 lock held by syz-executor376/2088: [ 46.203356] #0: (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffff825ea752>] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 46.214128] [ 46.214128] stack backtrace: [ 46.218609] CPU: 0 PID: 2088 Comm: syz-executor376 Not tainted 4.4.159+ #44 [ 46.225696] 0000000000000000 71bda4cb28f1b408 ffff8801cf507538 ffffffff81a994bd [ 46.233716] ffffffff83a85b10 ffffffff83ac5140 ffffffff83a85b10 ffff8801d52b08e8 [ 46.241723] ffff8801d52b0000 ffff8801cf507580 ffffffff813a84ea 0000000000000001 [ 46.249714] Call Trace: [ 46.252284] [<ffffffff81a994bd>] dump_stack+0xc1/0x124 [ 46.257629] [<ffffffff813a84ea>] print_circular_bug.cold.34+0x2f7/0x432 [ 46.264451] [<ffffffff811ff31c>] __lock_acquire+0x3e6c/0x5f10 [ 46.270401] [<ffffffff81237987>] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 46.277135] [<ffffffff811fb4b0>] ? trace_hardirqs_on+0x10/0x10 [ 46.283292] [<ffffffff8261943b>] ? ip6_mc_add_src+0x79b/0xbb0 [ 46.289315] [<ffffffff81202efe>] lock_acquire+0x15e/0x450 [ 46.294925] [<ffffffff82259d67>] ? rtnl_lock+0x17/0x20 [ 46.300268] [<ffffffff82259d67>] ? rtnl_lock+0x17/0x20 [ 46.305685] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 [ 46.311663] [<ffffffff82259d67>] ? rtnl_lock+0x17/0x20 [ 46.317013] [<ffffffff82705100>] ? _raw_spin_unlock_bh+0x30/0x40 [ 46.323227] [<ffffffff81237987>] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 46.329959] [<ffffffff826fa690>] ? mutex_trylock+0x3e0/0x3e0 [ 46.335824] [<ffffffff811faea7>] ? mark_held_locks+0xc7/0x130 [ 46.341924] [<ffffffff810e1d1a>] ? __local_bh_enable_ip+0x6a/0xd0 [ 46.348231] [<ffffffff82259d67>] rtnl_lock+0x17/0x20 [ 46.353408] [<ffffffff8262489e>] ipv6_sock_mc_close+0x10e/0x350 [ 46.359535] [<ffffffff8264ff37>] ? fl6_free_socklist+0xb7/0x240 [ 46.365671] [<ffffffff825eb207>] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 46.372495] [<ffffffff825ea500>] ? ip6_ra_control+0x430/0x430 [ 46.378445] [<ffffffff811fb4b0>] ? trace_hardirqs_on+0x10/0x10 [ 46.384487] [<ffffffff811fbf35>] ? __lock_acquire+0xa85/0x5f10 [ 46.390588] [<ffffffff81237987>] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 46.397351] [<ffffffff819423aa>] ? avc_has_perm+0x15a/0x3a0 [ 46.403235] [<ffffffff8194241c>] ? avc_has_perm+0x1cc/0x3a0 [ 46.409125] [<ffffffff819422ee>] ? avc_has_perm+0x9e/0x3a0 [ 46.414819] [<ffffffff81942250>] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 46.421293] [<ffffffff81af752b>] ? check_preemption_disabled+0x3b/0x170 [ 46.428117] [<ffffffff8194aac1>] ? sock_has_perm+0x1c1/0x3f0 [ 46.433997] [<ffffffff8194aba1>] ? sock_has_perm+0x2a1/0x3f0 [ 46.439867] [<ffffffff8194a99f>] ? sock_has_perm+0x9f/0x3f0 [ 46.445650] [<ffffffff8194a900>] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 46.453170] [<ffffffff814eaa8f>] ? __fget+0x12f/0x3d0 [ 46.458435] [<ffffffff825ed469>] compat_ipv6_setsockopt+0xe9/0x1d0 [ 46.464932] [<ffffffff826021ea>] compat_udpv6_setsockopt+0x4a/0x90 [ 46.471324] [<ffffffff821c9e54>] compat_sock_common_setsockopt+0xb4/0x150 [ 46.478320] [<ffffffff826021a0>] ? udpv6_setsockopt+0x90/0x90 [ 46.484281] [<ffffffff822982d9>] compat_SyS_setsockopt+0x169/0x700 [ 46.490683] [<ffffffff821c9da0>] ? sock_common_setsockopt+0xe0/0xe0 [ 46.497169] [<ffffffff82298170>] ? scm_detach_fds_compat+0x3b0/0x3b0 [ 46.503737] [<ffffffff810ab716>] ? __do_page_fault+0x2b6/0x7e0 [ 46.509776] [<ffffffff8100605