[....] Starting enhanced syslogd: rsyslogd[ 13.526214] audit: type=1400 audit(1539195423.587:4): avc: denied { syslog } for pid=1923 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.101' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 31.868311] [ 31.869951] ====================================================== [ 31.876242] [ INFO: possible circular locking dependency detected ] [ 31.882619] 4.4.159+ #108 Not tainted [ 31.886390] ------------------------------------------------------- [ 31.892770] syz-executor480/2075 is trying to acquire lock: [ 31.898449] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 31.906363] [ 31.906363] but task is already holding lock: [ 31.912304] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 31.922506] [ 31.922506] which lock already depends on the new lock. [ 31.922506] [ 31.930798] [ 31.930798] the existing dependency chain (in reverse order) is: [ 31.938555] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 31.943687] [] lock_acquire+0x15e/0x450 [ 31.949933] [] lock_sock_nested+0xc6/0x120 [ 31.956438] [] do_ipv6_setsockopt.isra.4+0x1d2/0x2d50 [ 31.963894] [] ipv6_setsockopt+0x97/0x130 [ 31.970310] [] udpv6_setsockopt+0x4a/0x90 [ 31.976721] [] sock_common_setsockopt+0x9a/0xe0 [ 31.983660] [] SyS_setsockopt+0x166/0x260 [ 31.990076] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 31.997376] -> #0 (rtnl_mutex){+.+.+.}: [ 32.002000] [] __lock_acquire+0x3e6c/0x5f10 [ 32.008591] [] lock_acquire+0x15e/0x450 [ 32.014838] [] mutex_lock_nested+0xbb/0x8d0 [ 32.021429] [] rtnl_lock+0x17/0x20 [ 32.027236] [] ipv6_sock_mc_close+0x10e/0x350 [ 32.034098] [] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 32.041564] [] ipv6_setsockopt+0x97/0x130 [ 32.048046] [] udpv6_setsockopt+0x4a/0x90 [ 32.054472] [] sock_common_setsockopt+0x9a/0xe0 [ 32.061411] [] SyS_setsockopt+0x166/0x260 [ 32.067832] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 32.075112] [ 32.075112] other info that might help us debug this: [ 32.075112] [ 32.083239] Possible unsafe locking scenario: [ 32.083239] [ 32.089289] CPU0 CPU1 [ 32.093927] ---- ---- [ 32.098566] lock(sk_lock-AF_INET6); [ 32.102585] lock(rtnl_mutex); [ 32.108606] lock(sk_lock-AF_INET6); [ 32.115144] lock(rtnl_mutex); [ 32.118646] [ 32.118646] *** DEADLOCK *** [ 32.118646] [ 32.124763] 1 lock held by syz-executor480/2075: [ 32.129498] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 32.140162] [ 32.140162] stack backtrace: [ 32.144646] CPU: 0 PID: 2075 Comm: syz-executor480 Not tainted 4.4.159+ #108 [ 32.151807] 0000000000000000 42f9d82c7d32ba2e ffff8800b6a875a8 ffffffff81a994bd [ 32.159805] ffffffff83a85cc0 ffffffff83ac59b0 ffffffff83a85cc0 ffff8801d5dda0a8 [ 32.167796] ffff8801d5dd97c0 ffff8800b6a875f0 ffffffff813a84ea 0000000000000001 [ 32.175790] Call Trace: [ 32.178356] [] dump_stack+0xc1/0x124 [ 32.183693] [] print_circular_bug.cold.34+0x2f7/0x432 [ 32.190508] [] __lock_acquire+0x3e6c/0x5f10 [ 32.196454] [] ? trace_hardirqs_on+0x10/0x10 [ 32.202486] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 32.209213] [] lock_acquire+0x15e/0x450 [ 32.214813] [] ? rtnl_lock+0x17/0x20 [ 32.220150] [] ? rtnl_lock+0x17/0x20 [ 32.225493] [] mutex_lock_nested+0xbb/0x8d0 [ 32.231435] [] ? rtnl_lock+0x17/0x20 [ 32.236770] [] ? mutex_unlock+0x9/0x10 [ 32.242283] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 32.249008] [] ? mutex_trylock+0x3e0/0x3e0 [ 32.254864] [] ? mark_held_locks+0xc7/0x130 [ 32.260808] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 32.267102] [] rtnl_lock+0x17/0x20 [ 32.272269] [] ipv6_sock_mc_close+0x10e/0x350 [ 32.278390] [] ? fl6_free_socklist+0xb7/0x240 [ 32.284508] [] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 32.291320] [] ? ip6_ra_control+0x430/0x430 [ 32.297267] [] ? trace_hardirqs_on+0x10/0x10 [ 32.303297] [] ? __lock_acquire+0xa85/0x5f10 [ 32.309336] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 32.315692] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 32.322430] [] ? avc_has_perm+0x15a/0x3a0 [ 32.328204] [] ? avc_has_perm+0x1cc/0x3a0 [ 32.333978] [] ? avc_has_perm+0x9e/0x3a0 [ 32.339668] [] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 32.346139] [] ? check_preemption_disabled+0x3b/0x170 [ 32.353120] [] ? sock_has_perm+0x1c1/0x3f0 [ 32.358984] [] ? sock_has_perm+0x2a1/0x3f0 [ 32.364845] [] ? sock_has_perm+0x9f/0x3f0 [ 32.370630] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 32.378146] [] ? ip6_datagram_connect+0x3a/0x50 [ 32.384450] [] ipv6_setsockopt+0x97/0x130 [ 32.390224] [] udpv6_setsockopt+0x4a/0x90 [ 32.396005] [] sock_common_setsockopt+0x9a/0xe0 [ 32.402303] [] SyS_setsockopt+0x166/0x260 [ 32.408081] [] ? SyS_recv+0x40/0x40 [ 32.413335] [] ? retint_user+0x18/0x3c [ 32.418854] [