[....] Starting enhanced syslogd: rsyslogd[ 12.810039] audit: type=1400 audit(1541747380.895:4): avc: denied { syslog } for pid=1912 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.80' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 45.256294] [ 45.257947] ====================================================== [ 45.264234] [ INFO: possible circular locking dependency detected ] [ 45.270613] 4.4.162+ #120 Not tainted [ 45.274388] ------------------------------------------------------- [ 45.280764] syz-executor237/2076 is trying to acquire lock: [ 45.286445] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 45.294359] [ 45.294359] but task is already holding lock: [ 45.300491] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 45.310598] [ 45.310598] which lock already depends on the new lock. [ 45.310598] [ 45.319009] [ 45.319009] the existing dependency chain (in reverse order) is: [ 45.326617] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 45.331736] [] lock_acquire+0x15e/0x450 [ 45.337971] [] lock_sock_nested+0xc6/0x120 [ 45.344556] [] do_ipv6_setsockopt.isra.4+0x1d2/0x2d50 [ 45.352021] [] ipv6_setsockopt+0x97/0x130 [ 45.358442] [] udpv6_setsockopt+0x4a/0x90 [ 45.364858] [] sock_common_setsockopt+0x9a/0xe0 [ 45.371964] [] SyS_setsockopt+0x166/0x260 [ 45.378379] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 45.385579] -> #0 (rtnl_mutex){+.+.+.}: [ 45.390180] [] __lock_acquire+0x3e6c/0x5f10 [ 45.396764] [] lock_acquire+0x15e/0x450 [ 45.403014] [] mutex_lock_nested+0xbb/0x8d0 [ 45.409619] [] rtnl_lock+0x17/0x20 [ 45.415497] [] ipv6_sock_mc_close+0x10e/0x350 [ 45.422273] [] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 45.429732] [] ipv6_setsockopt+0x97/0x130 [ 45.436157] [] udpv6_setsockopt+0x4a/0x90 [ 45.442571] [] sock_common_setsockopt+0x9a/0xe0 [ 45.449508] [] SyS_setsockopt+0x166/0x260 [ 45.455924] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 45.463125] [ 45.463125] other info that might help us debug this: [ 45.463125] [ 45.471559] Possible unsafe locking scenario: [ 45.471559] [ 45.477668] CPU0 CPU1 [ 45.482363] ---- ---- [ 45.487007] lock(sk_lock-AF_INET6); [ 45.491081] lock(rtnl_mutex); [ 45.497264] lock(sk_lock-AF_INET6); [ 45.503807] lock(rtnl_mutex); [ 45.507326] [ 45.507326] *** DEADLOCK *** [ 45.507326] [ 45.513421] 1 lock held by syz-executor237/2076: [ 45.518151] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.4+0x252/0x2d50 [ 45.528783] [ 45.528783] stack backtrace: [ 45.533262] CPU: 1 PID: 2076 Comm: syz-executor237 Not tainted 4.4.162+ #120 [ 45.540416] 0000000000000000 61d8053261f618e1 ffff8801d3fef5a8 ffffffff81aa526d [ 45.548428] ffffffff83a85b10 ffffffff83ac4210 ffffffff83a85b10 ffff8801d47f5028 [ 45.556556] ffff8801d47f4740 ffff8801d3fef5f0 ffffffff813a834a 0000000000000001 [ 45.564835] Call Trace: [ 45.567399] [] dump_stack+0xc1/0x124 [ 45.572738] [] print_circular_bug.cold.34+0x2f7/0x432 [ 45.579608] [] __lock_acquire+0x3e6c/0x5f10 [ 45.585559] [] ? trace_hardirqs_on+0x10/0x10 [ 45.591590] [] lock_acquire+0x15e/0x450 [ 45.597340] [] ? rtnl_lock+0x17/0x20 [ 45.602683] [] ? rtnl_lock+0x17/0x20 [ 45.608281] [] mutex_lock_nested+0xbb/0x8d0 [ 45.614361] [] ? rtnl_lock+0x17/0x20 [ 45.619845] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 45.626572] [] ? mutex_trylock+0x3e0/0x3e0 [ 45.632433] [] ? mark_held_locks+0xc7/0x130 [ 45.638483] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 45.644779] [] rtnl_lock+0x17/0x20 [ 45.649944] [] ipv6_sock_mc_close+0x10e/0x350 [ 45.656510] [] ? fl6_free_socklist+0xb7/0x240 [ 45.662640] [] do_ipv6_setsockopt.isra.4+0xd07/0x2d50 [ 45.669452] [] ? ip6_ra_control+0x430/0x430 [ 45.675404] [] ? trace_hardirqs_on+0x10/0x10 [ 45.681438] [] ? __lock_acquire+0xa85/0x5f10 [ 45.687476] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 45.693777] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 45.700508] [] ? avc_has_perm+0x15a/0x3a0 [ 45.706298] [] ? avc_has_perm+0x1cc/0x3a0 [ 45.712073] [] ? avc_has_perm+0x9e/0x3a0 [ 45.717774] [] ? avc_has_perm_noaudit+0x2f0/0x2f0 [ 45.724252] [] ? check_preemption_disabled+0x3b/0x170 [ 45.731349] [] ? sock_has_perm+0x1c1/0x3f0 [ 45.737207] [] ? sock_has_perm+0x2a1/0x3f0 [ 45.743063] [] ? sock_has_perm+0x9f/0x3f0 [ 45.748831] [] ? selinux_msg_queue_alloc_security+0x2e0/0x2e0 [ 45.756342] [] ? ip6_datagram_connect+0x3a/0x50 [ 45.762745] [] ipv6_setsockopt+0x97/0x130 [ 45.768536] [] udpv6_setsockopt+0x4a/0x90 [ 45.774490] [] sock_common_setsockopt+0x9a/0xe0 [ 45.780796] [] SyS_setsockopt+0x166/0x260 [ 45.786571] [] ? SyS_recv+0x40/0x40 [ 45.791845] [] ? retint_user+0x18/0x3c [ 45.797367] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 45.803838] [] entry_SYSCALL_64_f