[....] Starting enhanced syslogd: rsyslogd[ 14.032556] audit: type=1400 audit(1552162348.130:4): avc: denied { syslog } for pid=1921 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.38' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 46.826761] [ 46.828418] ====================================================== [ 46.834702] [ INFO: possible circular locking dependency detected ] [ 46.841076] 4.4.174+ #4 Not tainted [ 46.844688] ------------------------------------------------------- [ 46.851076] syz-executor236/2085 is trying to acquire lock: [ 46.856764] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 46.864706] [ 46.864706] but task is already holding lock: [ 46.870646] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.0+0x28a/0x30c0 [ 46.880716] [ 46.880716] which lock already depends on the new lock. [ 46.880716] [ 46.889003] [ 46.889003] the existing dependency chain (in reverse order) is: [ 46.896595] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 46.901913] [] lock_acquire+0x15e/0x450 [ 46.908148] [] lock_sock_nested+0xc6/0x120 [ 46.914674] [] do_ipv6_setsockopt.isra.0+0x2eba/0x30c0 [ 46.922213] [] ipv6_setsockopt+0xda/0x140 [ 46.928620] [] tcp_setsockopt+0x8a/0xe0 [ 46.934853] [] sock_common_setsockopt+0x9a/0xe0 [ 46.941788] [] SyS_setsockopt+0x159/0x240 [ 46.948198] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 46.955387] -> #0 (rtnl_mutex){+.+.+.}: [ 46.959982] [] __lock_acquire+0x37d6/0x4f50 [ 46.966567] [] lock_acquire+0x15e/0x450 [ 46.972815] [] mutex_lock_nested+0xc1/0xb80 [ 46.979412] [] rtnl_lock+0x17/0x20 [ 46.985215] [] ipv6_sock_mc_close+0x10e/0x350 [ 46.991973] [] do_ipv6_setsockopt.isra.0+0x1bd1/0x30c0 [ 46.999509] [] ipv6_setsockopt+0xda/0x140 [ 47.005925] [] tcp_setsockopt+0x8a/0xe0 [ 47.012167] [] sock_common_setsockopt+0x9a/0xe0 [ 47.019110] [] SyS_setsockopt+0x159/0x240 [ 47.025515] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 47.032709] [ 47.032709] other info that might help us debug this: [ 47.032709] [ 47.040822] Possible unsafe locking scenario: [ 47.040822] [ 47.046869] CPU0 CPU1 [ 47.051506] ---- ---- [ 47.056166] lock(sk_lock-AF_INET6); [ 47.060189] lock(rtnl_mutex); [ 47.066201] lock(sk_lock-AF_INET6); [ 47.072738] lock(rtnl_mutex); [ 47.076230] [ 47.076230] *** DEADLOCK *** [ 47.076230] [ 47.082274] 1 lock held by syz-executor236/2085: [ 47.087001] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.0+0x28a/0x30c0 [ 47.097633] [ 47.097633] stack backtrace: [ 47.102101] CPU: 0 PID: 2085 Comm: syz-executor236 Not tainted 4.4.174+ #4 [ 47.109082] 0000000000000000 2a785134db0a52a7 ffff8800b649f5b0 ffffffff81aad1a1 [ 47.117068] ffffffff84057a80 ffff8801d5665f00 ffffffff83a8db50 ffffffff83acc760 [ 47.125061] ffffffff83a8db50 ffff8800b649f600 ffffffff813abcda ffff8800b649f6e0 [ 47.133086] Call Trace: [ 47.135645] [] dump_stack+0xc1/0x120 [ 47.140984] [] print_circular_bug.cold+0x2f7/0x44e [ 47.147537] [] __lock_acquire+0x37d6/0x4f50 [ 47.153480] [] ? __lock_acquire+0x22e3/0x4f50 [ 47.159596] [] ? trace_hardirqs_on+0x10/0x10 [ 47.165639] [] ? trace_hardirqs_on+0x10/0x10 [ 47.171667] [] ? mark_held_locks+0xb1/0x100 [ 47.177611] [] lock_acquire+0x15e/0x450 [ 47.183206] [] ? rtnl_lock+0x17/0x20 [ 47.188543] [] ? rtnl_lock+0x17/0x20 [ 47.193880] [] mutex_lock_nested+0xc1/0xb80 [ 47.199840] [] ? rtnl_lock+0x17/0x20 [ 47.205190] [] ? kvm_clock_get_cycles+0x9/0x10 [ 47.211410] [] ? ktime_get_with_offset+0x176/0x240 [ 47.217963] [] ? bictcp_init+0x33a/0x590 [ 47.223643] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 47.230366] [] ? mutex_trylock+0x500/0x500 [ 47.236241] [] ? mark_held_locks+0xb1/0x100 [ 47.242197] [] ? __local_bh_enable_ip+0x6a/0xe0 [ 47.248491] [] rtnl_lock+0x17/0x20 [ 47.253655] [] ipv6_sock_mc_close+0x10e/0x350 [ 47.259775] [] ? fl6_free_socklist+0xb7/0x240 [ 47.265894] [] do_ipv6_setsockopt.isra.0+0x1bd1/0x30c0 [ 47.272792] [] ? ip6_ra_control+0x3c0/0x3c0 [ 47.278737] [] ? trace_hardirqs_on+0x10/0x10 [ 47.284774] [] ? tcp_v4_connect+0x1070/0x1930 [ 47.290891] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 47.297616] [] ? avc_has_perm+0x164/0x3a0 [ 47.303385] [] ? avc_has_perm+0x1d2/0x3a0 [ 47.309153] [] ? avc_has_perm+0xac/0x3a0 [ 47.314836] [] ? avc_has_perm_noaudit+0x300/0x300 [ 47.321299] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 47.328027] [] ? check_preemption_disabled+0x3c/0x200 [ 47.334836] [] ? check_preemption_disabled+0x3c/0x200 [ 47.341648] [] ? sock_has_perm+0x1c8/0x400 [ 47.347506] [] ? sock_has_perm+0x2a8/0x400 [ 47.353362] [] ? sock_has_perm+0xa6/0x400 [ 47.359135] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 47.366640] [] ? _raw_spin_unlock_bh+0x31/0x40 [ 47.372845] [] ? release_sock+0x3a8/0x500 [ 47.378621] [] ? trace_hardirqs_on+0xd/0x10 [ 47.384562] [] ipv6_setsockopt+0xda/0x140 [ 47.390334] [] tcp_setsockopt+0x8a/0xe0 [ 47.395929] [] sock_common_setsockopt+0x9a/0xe0 [ 47.402221] [] SyS_setsockopt+0x159/0x240 [ 47.407993] [] ? SyS_recv+0x40/0x40 [ 47.413239] [] ? retint_user+0x18/0x3c [ 47.418762] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 47.425227] [] entry_SYSCALL_6