[....] Starting enhanced syslogd: rsyslogd[ 12.598171] audit: type=1400 audit(1517105244.453:5): avc: denied { syslog } for pid=3523 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.114153] audit: type=1400 audit(1517105250.969:6): avc: denied { map } for pid=3663 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.209' (ECDSA) to the list of known hosts. net.ipv6.conf.syz0.accept_dad = 0 net.ipv6.conf.syz0.router_solicitations = 0 [ 25.416712] audit: type=1400 audit(1517105257.272:7): avc: denied { map } for pid=3677 comm="syzkaller427137" path="/root/syzkaller427137613" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 25.797352] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument executing program [ 26.183094] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables [ 26.196374] xt_CT: No such helper "snmp" [ 26.274321] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead [ 26.287642] [ 26.289281] ====================================================== [ 26.295565] WARNING: possible circular locking dependency detected [ 26.301849] 4.15.0-rc9+ #283 Not tainted [ 26.305874] ------------------------------------------------------ [ 26.312161] syzkaller427137/3677 is trying to acquire lock: [ 26.317838] (rtnl_mutex){+.+.}, at: [<00000000f440753e>] rtnl_lock+0x17/0x20 [ 26.325086] [ 26.325086] but task is already holding lock: [ 26.331029] (&xt[i].mutex){+.+.}, at: [<00000000d159d132>] xt_find_table_lock+0x40/0x3d0 [ 26.339329] [ 26.339329] which lock already depends on the new lock. [ 26.339329] [ 26.347622] [ 26.347622] the existing dependency chain (in reverse order) is: [ 26.355209] [ 26.355209] -> #2 (&xt[i].mutex){+.+.}: [ 26.360637] __mutex_lock+0x16f/0x1a80 [ 26.365019] mutex_lock_nested+0x16/0x20 [ 26.369574] xt_find_target+0x44/0x1e0 [ 26.373949] xt_request_find_target+0x2c/0xb0 [ 26.378933] find_check_entry.isra.7+0x669/0xcf0 [ 26.384178] translate_table+0xf52/0x1690 [ 26.388815] do_ip6t_set_ctl+0x370/0x5f0 [ 26.393367] nf_setsockopt+0x67/0xc0 [ 26.397572] ipv6_setsockopt+0x115/0x150 [ 26.402124] tcp_setsockopt+0x82/0xd0 [ 26.406415] sock_common_setsockopt+0x95/0xd0 [ 26.411399] SyS_setsockopt+0x189/0x360 [ 26.415863] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 26.421114] [ 26.421114] -> #1 (sk_lock-AF_INET6){+.+.}: [ 26.426895] lock_sock_nested+0xc2/0x110 [ 26.431446] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 [ 26.436952] ipv6_setsockopt+0xd7/0x150 [ 26.441415] tcp_setsockopt+0x82/0xd0 [ 26.445704] sock_common_setsockopt+0x95/0xd0 [ 26.450686] SyS_setsockopt+0x189/0x360 [ 26.455152] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 26.460403] [ 26.460403] -> #0 (rtnl_mutex){+.+.}: [ 26.465654] lock_acquire+0x1d5/0x580 [ 26.469942] __mutex_lock+0x16f/0x1a80 [ 26.474318] mutex_lock_nested+0x16/0x20 [ 26.478871] rtnl_lock+0x17/0x20 [ 26.482728] unregister_netdevice_notifier+0x91/0x4e0 [ 26.488415] clusterip_tg_destroy+0x389/0x6e0 [ 26.493400] cleanup_entry+0x218/0x350 [ 26.497782] __do_replace+0x7d7/0xa90 [ 26.502073] do_ipt_set_ctl+0x40f/0x5f0 [ 26.506549] nf_setsockopt+0x67/0xc0 [ 26.510753] ip_setsockopt+0xa1/0xb0 [ 26.514956] tcp_setsockopt+0x82/0xd0 [ 26.519245] sock_common_setsockopt+0x95/0xd0 [ 26.524229] SyS_setsockopt+0x189/0x360 [ 26.528693] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 26.533936] [ 26.533936] other info that might help us debug this: [ 26.533936] [ 26.542050] Chain exists of: [ 26.542050] rtnl_mutex --> sk_lock-AF_INET6 --> &xt[i].mutex [ 26.542050] [ 26.552338] Possible unsafe locking scenario: [ 26.552338] [ 26.558362] CPU0 CPU1 [ 26.562997] ---- ---- [ 26.567634] lock(&xt[i].mutex); [ 26.571055] lock(sk_lock-AF_INET6); [ 26.577340] lock(&xt[i].mutex); [ 26.583277] lock(rtnl_mutex); [ 26.586523] [ 26.586523] *** DEADLOCK *** [ 26.586523] [ 26.592548] 2 locks held by syzkaller427137/3677: [ 26.597355] #0: (sk_lock-AF_INET){+.+.}, at: [<00000000eb77191e>] ip_setsockopt+0x8c/0xb0 [ 26.605818] #1: (&xt[i].mutex){+.+.}, at: [<00000000d159d132>] xt_find_table_lock+0x40/0x3d0 [ 26.614538] [ 26.614538] stack backtrace: [ 26.619004] CPU: 0 PID: 3677 Comm: syzkaller427137 Not tainted 4.15.0-rc9+ #283 [ 26.626422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.635742] Call Trace: [ 26.638301] dump_stack+0x194/0x257 [ 26.641896] ? arch_local_irq_restore+0x53/0x53 [ 26.646537] print_circular_bug.isra.37+0x2cd/0x2dc [ 26.651523] ? save_trace+0xe0/0x2b0 [ 26.655208] __lock_acquire+0x30a8/0x3e00 [ 26.659328] ? save_trace+0xe0/0x2b0 [ 26.663031] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 26.668203] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 26.673363] ? print_irqtrace_events+0x270/0x270 [ 26.678087] ? __lock_acquire+0x664/0x3e00 [ 26.682294] ? __lock_acquire+0x664/0x3e00 [ 26.686499] ? __is_insn_slot_addr+0x1fc/0x330 [ 26.691052] ? lock_downgrade+0x980/0x980 [ 26.695170] ? lock_release+0xa40/0xa40 [ 26.699139] ? bpf_prog_kallsyms_find+0xbd/0x440 [ 26.703865] ? check_noncircular+0x20/0x20 [ 26.708067] ? trace_raw_output_xdp_redirect_map_err+0x440/0x440 [ 26.714182] ? is_bpf_text_address+0x7b/0x120 [ 26.718645] ? lock_downgrade+0x980/0x980 [ 26.722767] ? __free_insn_slot+0x5c0/0x5c0 [ 26.727059] lock_acquire+0x1d5/0x580 [ 26.730829] ? lock_acquire+0x1d5/0x580 [ 26.734776] ? rtnl_lock+0x17/0x20 [ 26.738287] ? lock_release+0xa40/0xa40 [ 26.742229] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 26.748084] ? unwind_get_return_address+0x61/0xa0 [ 26.752985] ? rcu_note_context_switch+0x710/0x710 [ 26.757885] ? __might_sleep+0x95/0x190 [ 26.761826] ? rtnl_lock+0x17/0x20 [ 26.765346] __mutex_lock+0x16f/0x1a80 [ 26.769217] ? rtnl_lock+0x17/0x20 [ 26.772727] ? save_trace+0xe0/0x2b0 [ 26.776408] ? rtnl_lock+0x17/0x20 [ 26.779916] ? __lock_acquire+0x36c0/0x3e00 [ 26.784211] ? mutex_lock_io_nested+0x1900/0x1900 [ 26.789031] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 26.794194] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 26.799365] ? ipv4_hooks_unregister+0x203/0x340 [ 26.804092] ? lock_downgrade+0x980/0x980 [ 26.808213] ? check_noncircular+0x20/0x20 [ 26.812418] ? is_bpf_text_address+0xa4/0x120 [ 26.816883] ? kernel_text_address+0x102/0x140 [ 26.821432] ? __kernel_text_address+0xd/0x40 [ 26.825896] ? check_noncircular+0x20/0x20 [ 26.830101] ? check_noncircular+0x20/0x20 [ 26.834306] ? check_noncircular+0x20/0x20 [ 26.838511] ? nf_ct_l3proto_module_put+0x191/0x2c0 [ 26.843497] ? lock_downgrade+0x980/0x980 [ 26.847614] ? lock_release+0xa40/0xa40 [ 26.851560] mutex_lock_nested+0x16/0x20 [ 26.855586] ? mutex_lock_nested+0x16/0x20 [ 26.859789] rtnl_lock+0x17/0x20 [ 26.863124] unregister_netdevice_notifier+0x91/0x4e0 [ 26.868285] ? clusterip_tg_destroy+0x36a/0x6e0 [ 26.872923] ? lock_downgrade+0x980/0x980 [ 26.877042] ? register_netdevice_notifier+0x860/0x860 [ 26.882288] ? nf_ct_l4proto_unregister_sysctl.isra.9+0x120/0x120 [ 26.888488] ? mark_held_locks+0xaf/0x100 [ 26.892605] ? do_raw_spin_trylock+0x190/0x190 [ 26.897157] ? __local_bh_enable_ip+0x121/0x230 [ 26.901806] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 26.906791] ? clusterip_tg_destroy+0x350/0x6e0 [ 26.911428] ? trace_hardirqs_on+0xd/0x10 [ 26.915546] clusterip_tg_destroy+0x389/0x6e0 [ 26.920015] ? free_modinfo_version+0x70/0x70 [ 26.924485] ? clusterip_tg+0xa40/0xa40 [ 26.928428] ? connmark_tg_destroy+0x80/0x80 [ 26.932804] ? cleanup_match+0x198/0x220 [ 26.936843] ? icmp_checkentry+0x80/0x80 [ 26.940873] ? clusterip_tg+0xa40/0xa40 [ 26.944816] cleanup_entry+0x218/0x350 [ 26.948673] ? cleanup_match+0x220/0x220 [ 26.952707] ? find_next_bit+0x27/0x30 [ 26.956565] __do_replace+0x7d7/0xa90 [ 26.960338] ? compat_table_info+0x470/0x470 [ 26.965157] ? kasan_check_write+0x14/0x20 [ 26.969363] ? _copy_from_user+0x99/0x110 [ 26.973480] do_ipt_set_ctl+0x40f/0x5f0 [ 26.977425] ? translate_compat_table+0x1b90/0x1b90 [ 26.982415] ? mutex_unlock+0xd/0x10 [ 26.986103] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 26.991352] nf_setsockopt+0x67/0xc0 [ 26.995041] ip_setsockopt+0xa1/0xb0 [ 26.998725] tcp_setsockopt+0x82/0xd0 [ 27.002498] sock_common_setsockopt+0x95/0xd0 [ 27.006962] SyS_setsockopt+0x189/0x360 [ 27.010904] ? SyS_recv+0x40/0x40 [ 27.014328] ? entry_SYSCALL_64_fastpath+0x5/0xa0 [ 27.019155] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 27.024142] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 27.028868] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 27.033594] RIP: 0033:0x44a42a [ 27.036753] RSP: 002b:00007fff6eabdff8 EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 27.044430] RAX: ffffffffffffffda RBX: 00000000006d30fc RCX: 000000000044a42a [ 27.051669] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 [ 27.058907] RBP: 00000000006d30fc R08: 00000000000002d8 R09: 0000000001973880 [ 27.066147] R10: 00000000006d3528 R11: 0000000000000206 R12: 0000000000000004 executing program [ 27.073387] R13: 00000000006d60a4 R14: 00000000006d6050 R15: 00000000004a978c [ 27.143082] xt_CT: No such helper "snmp" executing program [ 27.258695] xt_CT: No such helper "snmp" executing program [ 27.375663] xt_CT: No such helper "snmp" executing program [ 27.493137] xt_CT: No such helper "snmp" executing program [ 27.614619] xt_CT: No such helper "snmp" executing program [ 27.725698] xt_CT: No such helper "snmp" executing program [ 27.851712] xt_CT: No such helper "snmp" executing program [ 27.979748] xt_CT: No such helper "snmp" executing program [ 28.096735] xt_CT: No such helper "snmp" executing program [ 28.214661] xt_CT: No such helper "snmp" executing program [ 28.332059] xt_CT: No such helper "snmp" executing program [ 28.450642] xt_CT: No such helper "snmp" executing program [ 28.581636] xt_CT: No such helper "snmp" executing program [ 28.703069] xt_CT: No such helper "snmp" executing program [ 28.820681] xt_CT: No such helper "snmp" executing program [ 28.940161] xt_CT: No such helper "snmp" executing program [ 29.060709] xt_CT: No such helper "snmp" executing program [ 29.179730] xt_CT: No such helper "snmp" executing program [ 29.301740] xt_CT: No such helper "snmp" executing program [ 29.417666] xt_CT: No such helper "snmp" executing program [ 29.537365] xt_CT: No such helper "snmp" executing program [ 29.656651] xt_CT: No such helper "snmp" executing program [ 29.784703] xt_CT: No such helper "snmp" executing program [ 29.890654] xt_CT: No such helper "snmp" executing program [ 30.010912] xt_CT: No such helper "snmp" executing program [ 30.129705] xt_CT: No such helper "snmp" executing program [ 30.244669] xt_CT: No such helper "snmp" executing program [ 30.356643] xt_CT: No such helper "snmp" executing program [ 30.483902] xt_CT: No such helper "snmp" executing program [ 30.587681] xt_CT: No such helper "snmp" executing program [ 30.714663] xt_CT: No such helper "snmp" executing program [ 30.838005] xt_CT: No such helper "snmp" executing program [ 30.964385] xt_CT: No such helper "snmp" executing program [ 31.088681] xt_CT: No such helper "snmp" executing program [ 31.210752] xt_CT: No such helper "snmp" executing program [ 31.329189] xt_CT: No such helper "snmp" executing program [ 31.452872] xt_CT: No such helper "snmp" executing program [ 31.572667] xt_CT: No such helper "snmp" executing program [ 31.693686] xt_CT: No such helper "snmp" executing program [ 31.815845] xt_CT: No such helper "snmp" executing program [ 31.930760] xt_CT: No such helper "snmp" executing program [ 32.044689] xt_CT: No such helper "snmp" executing program [ 32.163661] xt_CT: No such helper "snmp" executing program [ 32.288715] xt_CT: No such helper "snmp" executing program [ 32.407690] xt_CT: No such helper "snmp" executing program [ 32.531770] xt_CT: No such helper "snmp" executing program [ 32.647754] xt_CT: No such helper "snmp" executing program [ 32.770662] xt_CT: No such helper "snmp" executing program [ 32.889691] xt_CT: No such helper "snmp" executing program [ 33.013742] xt_CT: No such helper "snmp" executing program [ 33.133630] xt_CT: No such helper "snmp" executing program [ 33.254193] xt_CT: No such helper "snmp" executing program [ 33.375819] xt_CT: No such helper "snmp" executing program [ 33.494666] xt_CT: No such helper "snmp" executing program [ 33.615884] xt_CT: No such helper "snmp" executing program [ 33.736625] xt_CT: No such helper "snmp" executing program [ 33.868687] xt_CT: No such helper "snmp" executing program [ 33.987696] xt_CT: No such helper "snmp" executing program [ 34.104650] xt_CT: No such helper "snmp" executing program [ 34.218681] xt_CT: No such helper "snmp" executing program [ 34.339801] xt_CT: No such helper "snmp" executing program [ 34.457676] xt_CT: No such helper "snmp" executing program [ 34.580667] xt_CT: No such helper "snmp" executing program [ 34.699892] xt_CT: No such helper "snmp" executing program [ 34.824665] xt_CT: No such helper "snmp" executing program [ 34.943690] xt_CT: No such helper "snmp" executing program [ 35.062691] xt_CT: No such helper "snmp" executing program [ 35.181899] xt_CT: No such helper "snmp" executing program [ 35.298720] xt_CT: No such helper "snmp" executing program [ 35.422701] xt_CT: No such helper "snmp" executing program [ 35.541727] xt_CT: No such helper "snmp" executing program [ 35.661661] xt_CT: No such helper "snmp" executing program [ 35.800659] xt_CT: No such helper "snmp" executing program [ 35.920657] xt_CT: No such helper "snmp" executing program [ 36.040688] xt_CT: No such helper "snmp" executing program [ 36.157685] xt_CT: No such helper "snmp" executing program [ 36.271685] xt_CT: No such helper "snmp"