[....] Starting enhanced syslogd: rsyslogd[ 13.340266] audit: type=1400 audit(1517158567.655:5): avc: denied { syslog } for pid=3533 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.340100] audit: type=1400 audit(1517158572.655:6): avc: denied { map } for pid=3674 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.28' (ECDSA) to the list of known hosts. net.ipv6.conf.syz0.accept_dad = 0 net.ipv6.conf.syz0.router_solicitations = 0 [ 26.400130] audit: type=1400 audit(1517158580.715:7): avc: denied { map } for pid=3688 comm="syzkaller273849" path="/root/syzkaller273849857" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 26.655497] ip (3754) used greatest stack depth: 16448 bytes left [ 26.690116] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument executing program [ 27.062846] [ 27.064495] ====================================================== [ 27.070783] WARNING: possible circular locking dependency detected [ 27.077070] 4.15.0-rc9+ #213 Not tainted [ 27.081104] ------------------------------------------------------ [ 27.087389] syzkaller273849/3688 is trying to acquire lock: [ 27.093150] (rtnl_mutex){+.+.}, at: [<000000002e427455>] rtnl_lock+0x17/0x20 [ 27.100404] [ 27.100404] but task is already holding lock: [ 27.106351] (sk_lock-AF_INET){+.+.}, at: [<00000000a9632231>] ip_setsockopt+0x8c/0xb0 [ 27.114380] [ 27.114380] which lock already depends on the new lock. [ 27.114380] [ 27.122671] [ 27.122671] the existing dependency chain (in reverse order) is: [ 27.130260] [ 27.130260] -> #1 (sk_lock-AF_INET){+.+.}: [ 27.135950] lock_sock_nested+0xc2/0x110 [ 27.141459] do_ip_getsockopt+0x1b3/0x2170 [ 27.146194] ip_getsockopt+0x90/0x220 [ 27.150487] udp_getsockopt+0x45/0x80 [ 27.154786] sock_common_getsockopt+0x95/0xd0 [ 27.159772] SyS_getsockopt+0x178/0x340 [ 27.164237] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 27.169483] [ 27.169483] -> #0 (rtnl_mutex){+.+.}: [ 27.174748] lock_acquire+0x1d5/0x580 [ 27.179046] __mutex_lock+0x16f/0x1a80 [ 27.183424] mutex_lock_nested+0x16/0x20 [ 27.187982] rtnl_lock+0x17/0x20 [ 27.191931] register_netdevice_notifier+0xad/0x860 [ 27.197442] clusterip_tg_check+0xeb9/0x1570 [ 27.202341] xt_check_target+0x22c/0x7d0 [ 27.207121] find_check_entry.isra.8+0x8c8/0xcb0 [ 27.212365] translate_table+0xed1/0x1610 [ 27.217004] do_ipt_set_ctl+0x370/0x5f0 [ 27.221469] nf_setsockopt+0x67/0xc0 [ 27.225684] ip_setsockopt+0xa1/0xb0 [ 27.229890] raw_setsockopt+0xb7/0xd0 [ 27.234190] sock_common_setsockopt+0x95/0xd0 [ 27.239180] SyS_setsockopt+0x189/0x360 [ 27.243667] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 27.248912] [ 27.248912] other info that might help us debug this: [ 27.248912] [ 27.257028] Possible unsafe locking scenario: [ 27.257028] [ 27.263188] CPU0 CPU1 [ 27.267824] ---- ---- [ 27.272465] lock(sk_lock-AF_INET); [ 27.276147] lock(rtnl_mutex); [ 27.281916] lock(sk_lock-AF_INET); [ 27.288122] lock(rtnl_mutex); [ 27.291385] [ 27.291385] *** DEADLOCK *** [ 27.291385] [ 27.297414] 1 lock held by syzkaller273849/3688: [ 27.302145] #0: (sk_lock-AF_INET){+.+.}, at: [<00000000a9632231>] ip_setsockopt+0x8c/0xb0 [ 27.310616] [ 27.310616] stack backtrace: [ 27.315083] CPU: 1 PID: 3688 Comm: syzkaller273849 Not tainted 4.15.0-rc9+ #213 [ 27.322503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.331825] Call Trace: [ 27.334385] dump_stack+0x194/0x257 [ 27.337989] ? arch_local_irq_restore+0x53/0x53 [ 27.342646] print_circular_bug.isra.37+0x2cd/0x2dc [ 27.347638] ? save_trace+0xe0/0x2b0 [ 27.351323] __lock_acquire+0x30a8/0x3e00 [ 27.355443] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 27.360617] ? trace_hardirqs_off+0x10/0x10 [ 27.364907] ? noop_count+0x40/0x40 [ 27.368502] ? trace_hardirqs_off+0x10/0x10 [ 27.372799] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 27.377960] ? check_noncircular+0x20/0x20 [ 27.382165] ? check_usage+0x22f/0xb60 [ 27.386025] ? trace_raw_output_xdp_redirect_map_err+0x440/0x440 [ 27.392148] ? check_usage+0x22f/0xb60 [ 27.396003] ? check_noncircular+0x20/0x20 [ 27.400207] ? check_noncircular+0x20/0x20 [ 27.404411] ? find_held_lock+0x35/0x1d0 [ 27.408442] ? __bfs+0x2e0/0x750 [ 27.411781] ? __is_insn_slot_addr+0x1fc/0x330 [ 27.416375] lock_acquire+0x1d5/0x580 [ 27.420146] ? lock_acquire+0x1d5/0x580 [ 27.424098] ? rtnl_lock+0x17/0x20 [ 27.427609] ? lock_release+0xa40/0xa40 [ 27.431555] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 27.437410] ? print_irqtrace_events+0x270/0x270 [ 27.442137] ? idr_get_free_cmn+0x64e/0xfd0 [ 27.446437] ? rcu_note_context_switch+0x710/0x710 [ 27.451337] ? __might_sleep+0x95/0x190 [ 27.455282] ? rtnl_lock+0x17/0x20 [ 27.458793] __mutex_lock+0x16f/0x1a80 [ 27.462651] ? rtnl_lock+0x17/0x20 [ 27.466163] ? rtnl_lock+0x17/0x20 [ 27.469674] ? __lock_acquire+0x664/0x3e00 [ 27.473877] ? _raw_spin_unlock_irqrestore+0x31/0xba [ 27.478951] ? mutex_lock_io_nested+0x1900/0x1900 [ 27.483772] ? trace_hardirqs_on+0xd/0x10 [ 27.487894] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 27.493062] ? save_stack+0xa3/0xd0 [ 27.496667] ? kasan_kmalloc+0xad/0xe0 [ 27.500531] ? __proc_create+0x21a/0x880 [ 27.504562] ? proc_create_data+0x76/0x180 [ 27.508778] ? clusterip_tg_check+0xe4d/0x1570 [ 27.513331] ? rb_insert_color+0x1580/0x1580 [ 27.517883] ? do_ipt_set_ctl+0x370/0x5f0 [ 27.522003] ? ip_setsockopt+0xa1/0xb0 [ 27.525861] ? raw_setsockopt+0xb7/0xd0 [ 27.529817] ? sock_common_setsockopt+0x95/0xd0 [ 27.534457] ? SyS_setsockopt+0x189/0x360 [ 27.538573] ? entry_SYSCALL_64_fastpath+0x29/0xa0 [ 27.543472] ? _find_next_bit+0xee/0x120 [ 27.547511] ? check_noncircular+0x20/0x20 [ 27.551714] ? find_first_zero_bit+0x93/0xe0 [ 27.556101] ? ida_get_new_above+0x421/0x9d0 [ 27.560489] ? print_irqtrace_events+0x270/0x270 [ 27.565217] ? check_noncircular+0x20/0x20 [ 27.569520] ? print_irqtrace_events+0x270/0x270 [ 27.574247] ? ida_simple_get+0x15c/0x220 [ 27.578385] ? lock_downgrade+0x980/0x980 [ 27.582505] ? find_held_lock+0x35/0x1d0 [ 27.586543] mutex_lock_nested+0x16/0x20 [ 27.590573] ? mutex_lock_nested+0x16/0x20 [ 27.594775] rtnl_lock+0x17/0x20 [ 27.598110] register_netdevice_notifier+0xad/0x860 [ 27.603095] ? lock_downgrade+0x980/0x980 [ 27.607213] ? __dev_close_many+0x350/0x350 [ 27.611504] ? ida_simple_get+0x176/0x220 [ 27.615640] ? do_raw_write_trylock+0x190/0x190 [ 27.620280] ? ida_remove+0x3f0/0x3f0 [ 27.624052] ? _raw_write_unlock+0x22/0x30 [ 27.628258] ? proc_register+0x261/0x370 [ 27.632293] ? proc_create_data+0x101/0x180 [ 27.636586] clusterip_tg_check+0xeb9/0x1570 [ 27.641056] ? arp_mangle+0x550/0x550 [ 27.644828] ? xt_find_target+0x150/0x1e0 [ 27.648946] ? lock_downgrade+0x980/0x980 [ 27.653064] ? mutex_unlock+0xd/0x10 [ 27.656754] ? ipv4_hooks_register+0x1fb/0x3e0 [ 27.661326] ? ipv4_conntrack_in+0x90/0x90 [ 27.665560] ? ipv4_conntrack_in+0x90/0x90 [ 27.669795] ? nf_ct_netns_do_get+0x20f/0x340 [ 27.674280] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 27.679125] ? __kernel_text_address+0xd/0x40 [ 27.683629] ? wait_for_completion+0x770/0x770 [ 27.688188] ? nf_ct_netns_get+0x35/0x90 [ 27.692218] ? arp_mangle+0x550/0x550 [ 27.695991] xt_check_target+0x22c/0x7d0 [ 27.700293] ? xt_target_seq_next+0x30/0x30 [ 27.704585] ? mutex_unlock+0xd/0x10 [ 27.708268] ? mutex_unlock+0xd/0x10 [ 27.711960] ? xt_find_target+0x17b/0x1e0 [ 27.716080] find_check_entry.isra.8+0x8c8/0xcb0 [ 27.720810] ? ipt_do_table+0x1860/0x1860 [ 27.724932] ? mark_held_locks+0xaf/0x100 [ 27.729055] ? kfree+0xf0/0x260 [ 27.732305] ? trace_hardirqs_on+0xd/0x10 [ 27.736438] translate_table+0xed1/0x1610 [ 27.740556] ? alloc_counters.isra.11+0x7d0/0x7d0 [ 27.745367] ? kasan_check_write+0x14/0x20 [ 27.749581] ? _copy_from_user+0x99/0x110 [ 27.753707] do_ipt_set_ctl+0x370/0x5f0 [ 27.757650] ? translate_compat_table+0x1b90/0x1b90 [ 27.762644] ? mutex_unlock+0xd/0x10 [ 27.766332] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 27.771587] nf_setsockopt+0x67/0xc0 [ 27.775274] ip_setsockopt+0xa1/0xb0 [ 27.778962] raw_setsockopt+0xb7/0xd0 [ 27.782737] sock_common_setsockopt+0x95/0xd0 [ 27.787205] SyS_setsockopt+0x189/0x360 [ 27.791163] ? SyS_recv+0x40/0x40 [ 27.794599] ? entry_SYSCALL_64_fastpath+0x5/0xa0 [ 27.799415] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 27.804403] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 27.809143] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 27.813869] RIP: 0033:0x445cc9 [ 27.817029] RSP: 002b:00007ffe3cdea418 EFLAGS: 00000203 ORIG_RAX: 0000000000000036 [ 27.824706] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000445cc9 [ 27.831945] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 27.839188] RBP: 00007ffe3cdea518 R08: 0000000000000328 R09: 000000002000b000 [ 27.846441] R10: 0000000020397cd8 R11: 0000000000000203 R12: 00007ffe3cdea518 [ 27.853693] R13: 0000000000403190 R14: 0000000000000000 R15: 0000000000000000 [ 27.861261] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated a