[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.335867] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.482759] random: sshd: uninitialized urandom read (32 bytes read) [ 19.769608] random: sshd: uninitialized urandom read (32 bytes read) [ 20.550907] random: sshd: uninitialized urandom read (32 bytes read) [ 20.685098] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. [ 26.102259] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 26.181191] [ 26.182839] ====================================================== [ 26.189125] [ INFO: possible circular locking dependency detected ] [ 26.195498] 4.9.103-g7fd4075 #36 Not tainted [ 26.199872] ------------------------------------------------------- [ 26.206244] syz-executor670/3804 is trying to acquire lock: [ 26.211921] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 26.219700] but task is already holding lock: [ 26.224336] (sk_lock-AF_INET){+.+.+.}, at: [] do_ip_setsockopt.isra.13+0x269/0x2b10 [ 26.234113] which lock already depends on the new lock. [ 26.234113] [ 26.241101] [ 26.241101] the existing dependency chain (in reverse order) is: [ 26.248691] -> #1 (sk_lock-AF_INET){+.+.+.}: [ 26.253731] lock_acquire+0x130/0x3e0 [ 26.258028] lock_sock_nested+0xc6/0x120 [ 26.262584] do_ip_getsockopt+0x167/0x1600 [ 26.267307] ip_getsockopt+0x91/0x180 [ 26.271599] udp_getsockopt+0x4a/0x80 [ 26.275889] sock_common_getsockopt+0x9a/0xe0 [ 26.280876] SyS_getsockopt+0x150/0x240 [ 26.285343] do_syscall_64+0x1a6/0x490 [ 26.289722] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.295321] -> #0 (rtnl_mutex){+.+.+.}: [ 26.299912] __lock_acquire+0x3019/0x4070 [ 26.304557] lock_acquire+0x130/0x3e0 [ 26.308853] mutex_lock_nested+0xc0/0x870 [ 26.313500] rtnl_lock+0x17/0x20 [ 26.317359] mrtsock_destruct+0x3b/0x1e0 [ 26.321911] ip_ra_control+0x2c2/0x420 [ 26.326306] do_ip_setsockopt.isra.13+0x15ff/0x2b10 [ 26.331819] ip_setsockopt+0x3a/0xb0 [ 26.336023] raw_setsockopt+0xb7/0xd0 [ 26.340324] sock_common_setsockopt+0x9a/0xe0 [ 26.345333] SyS_setsockopt+0x166/0x260 [ 26.349802] do_syscall_64+0x1a6/0x490 [ 26.354187] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.359779] [ 26.359779] other info that might help us debug this: [ 26.359779] [ 26.367895] Possible unsafe locking scenario: [ 26.367895] [ 26.373929] CPU0 CPU1 [ 26.378564] ---- ---- [ 26.383203] lock(sk_lock-AF_INET); [ 26.387140] lock(rtnl_mutex); [ 26.393153] lock(sk_lock-AF_INET); [ 26.399592] lock(rtnl_mutex); [ 26.403076] [ 26.403076] *** DEADLOCK *** [ 26.403076] [ 26.409108] 1 lock held by syz-executor670/3804: [ 26.413831] #0: (sk_lock-AF_INET){+.+.+.}, at: [] do_ip_setsockopt.isra.13+0x269/0x2b10 [ 26.424172] [ 26.424172] stack backtrace: [ 26.428652] CPU: 0 PID: 3804 Comm: syz-executor670 Not tainted 4.9.103-g7fd4075 #36 [ 26.436414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.445743] ffff8801b5ebf5f8 ffffffff81eb34a9 ffffffff8559cf30 ffffffff855e79f0 [ 26.453724] ffffffff8559cf30 ffff8801b7b288e8 ffff8801b7b28000 ffff8801b5ebf640 [ 26.461710] ffffffff8142642d 0000000000000001 00000000b7b28000 0000000000000001 [ 26.469686] Call Trace: [ 26.472247] [] dump_stack+0xc1/0x128 [ 26.477591] [] print_circular_bug.cold.51+0x1bd/0x27d [ 26.484410] [] __lock_acquire+0x3019/0x4070 [ 26.490375] [] ? debug_check_no_locks_freed+0x210/0x210 [ 26.497370] [] ? add_lock_to_list.isra.27.constprop.41+0x140/0x1c0 [ 26.505310] [] ? __lock_is_held+0xa2/0xf0 [ 26.511087] [] lock_acquire+0x130/0x3e0 [ 26.516694] [] ? rtnl_lock+0x17/0x20 [ 26.522030] [] ? rtnl_lock+0x17/0x20 [ 26.527370] [] mutex_lock_nested+0xc0/0x870 [ 26.533311] [] ? rtnl_lock+0x17/0x20 [ 26.538646] [] ? mutex_trylock+0x3e0/0x3e0 [ 26.544500] [] ? mark_held_locks+0xc7/0x130 [ 26.550444] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 26.556740] [] rtnl_lock+0x17/0x20 [ 26.561905] [] mrtsock_destruct+0x3b/0x1e0 [ 26.567761] [] ? mroute_clean_tables+0x500/0x500 [ 26.574144] [] ip_ra_control+0x2c2/0x420 [ 26.579827] [] do_ip_setsockopt.isra.13+0x15ff/0x2b10 [ 26.586655] [] ? ip_ra_control+0x420/0x420 [ 26.592515] [] ? get_empty_filp+0x8f/0x380 [ 26.598370] [] ? alloc_file+0x20/0x350 [ 26.603880] [] ? sock_alloc_file+0x151/0x330 [ 26.609919] [] ? sock_map_fd+0x34/0x70 [ 26.615437] [] ? SyS_socket+0x10f/0x1b0 [ 26.621036] [] ? do_syscall_64+0x1a6/0x490 [ 26.626894] [] ? entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.633967] [] ? debug_check_no_locks_freed+0x210/0x210 [ 26.640952] [] ? debug_check_no_locks_freed+0x210/0x210 [ 26.647943] [] ? check_preemption_disabled+0x3b/0x170 [ 26.654762] [] ? sock_has_perm+0x1c2/0x3e0 [ 26.660623] [] ? sock_has_perm+0x292/0x3e0 [ 26.666479] [] ? sock_has_perm+0x9f/0x3e0 [ 26.672251] [] ? selinux_file_send_sigiotask+0x310/0x310 [ 26.679329] [] ? selinux_netlbl_socket_setsockopt+0x8c/0x340 [ 26.686748] [] ? selinux_netlbl_sock_rcv_skb+0x480/0x480 [ 26.693822] [] ip_setsockopt+0x3a/0xb0 [ 26.699337] [] raw_setsockopt+0xb7/0xd0 [ 26.704932] [] sock_common_setsockopt+0x9a/0xe0 [ 26.711223] [] SyS_setsockopt+0x166/0x260 [ 26.716992] [] ? SyS_recv+0x40/0x40 [ 26.722241] [] ? __do_page_fault+0x183/0xd50 [ 26.728269] [] ? move_addr_to_kernel+0x5