[ 17.895631] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 21.474858] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 21.762400] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 22.740889] random: sshd: uninitialized urandom read (32 bytes read, 113 bits of entropy available) [ 33.837829] random: sshd: uninitialized urandom read (32 bytes read, 124 bits of entropy available) Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. [ 39.249379] random: sshd: uninitialized urandom read (32 bytes read, 128 bits of entropy available) executing program [ 39.354811] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 39.366254] [ 39.367862] ====================================================== [ 39.374145] [ INFO: possible circular locking dependency detected ] [ 39.380515] 4.4.118-g239a415 #25 Not tainted [ 39.384887] ------------------------------------------------------- [ 39.391256] syzkaller915933/3675 is trying to acquire lock: [ 39.396930] (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 [ 39.404819] [ 39.404819] but task is already holding lock: [ 39.410757] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.8+0x1e2/0x3030 [ 39.420818] [ 39.420818] which lock already depends on the new lock. [ 39.420818] [ 39.429098] [ 39.429098] the existing dependency chain (in reverse order) is: [ 39.436683] -> #1 (sk_lock-AF_INET6){+.+.+.}: [ 39.441787] [] lock_acquire+0x15e/0x460 [ 39.448020] [] lock_sock_nested+0xc6/0x120 [ 39.454513] [] do_ipv6_setsockopt.isra.8+0x331/0x3030 [ 39.461952] [] ipv6_setsockopt+0xd7/0x130 [ 39.468352] [] tcp_setsockopt+0x82/0xd0 [ 39.474593] [] sock_common_setsockopt+0x95/0xd0 [ 39.481514] [] SyS_setsockopt+0x160/0x250 [ 39.487917] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 39.495104] -> #0 (rtnl_mutex){+.+.+.}: [ 39.499684] [] __lock_acquire+0x371f/0x4b50 [ 39.506259] [] lock_acquire+0x15e/0x460 [ 39.512489] [] mutex_lock_nested+0xbb/0x850 [ 39.519065] [] rtnl_lock+0x17/0x20 [ 39.524858] [] ipv6_sock_mc_close+0x10e/0x350 [ 39.531612] [] do_ipv6_setsockopt.isra.8+0x13c1/0x3030 [ 39.539140] [] ipv6_setsockopt+0xd7/0x130 [ 39.545543] [] tcp_setsockopt+0x82/0xd0 [ 39.551772] [] sock_common_setsockopt+0x95/0xd0 [ 39.558692] [] SyS_setsockopt+0x160/0x250 [ 39.565091] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 39.572273] [ 39.572273] other info that might help us debug this: [ 39.572273] [ 39.580382] Possible unsafe locking scenario: [ 39.580382] [ 39.586406] CPU0 CPU1 [ 39.591040] ---- ---- [ 39.595672] lock(sk_lock-AF_INET6); [ 39.599669] lock(rtnl_mutex); [ 39.605663] lock(sk_lock-AF_INET6); [ 39.612176] lock(rtnl_mutex); [ 39.615651] [ 39.615651] *** DEADLOCK *** [ 39.615651] [ 39.621679] 1 lock held by syzkaller915933/3675: [ 39.626398] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.8+0x1e2/0x3030 [ 39.637002] [ 39.637002] stack backtrace: [ 39.641466] CPU: 0 PID: 3675 Comm: syzkaller915933 Not tainted 4.4.118-g239a415 #25 [ 39.649225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.658545] 0000000000000000 d6efcd04ca2e32c1 ffff8800b5ec75a8 ffffffff81d0402d [ 39.666513] ffffffff8516edb0 ffffffff8516edb0 ffffffff851b85e0 ffff8800afa120f8 [ 39.674478] ffff8800afa11800 ffff8800b5ec75f0 ffffffff81233ba1 ffff8800afa120f8 [ 39.682447] Call Trace: [ 39.685006] [] dump_stack+0xc1/0x124 [ 39.690338] [] print_circular_bug+0x271/0x310 [ 39.696451] [] __lock_acquire+0x371f/0x4b50 [ 39.702390] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 39.709370] [] ? __lock_is_held+0xa1/0xf0 [ 39.715134] [] lock_acquire+0x15e/0x460 [ 39.720723] [] ? rtnl_lock+0x17/0x20 [ 39.726053] [] ? rtnl_lock+0x17/0x20 [ 39.731388] [] mutex_lock_nested+0xbb/0x850 [ 39.737328] [] ? rtnl_lock+0x17/0x20 [ 39.742659] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 39.748858] [] ? mark_held_locks+0xaf/0x100 [ 39.754799] [] ? __local_bh_enable_ip+0x6a/0xd0 [ 39.761088] [] rtnl_lock+0x17/0x20 [ 39.766245] [] ipv6_sock_mc_close+0x10e/0x350 [ 39.772359] [] ? fl6_free_socklist+0xb7/0x240 [ 39.778469] [] do_ipv6_setsockopt.isra.8+0x13c1/0x3030 [ 39.785360] [] ? ip6_ra_control+0x420/0x420 [ 39.791300] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 39.798277] [] ? __lock_acquire+0xb5f/0x4b50 [ 39.804303] [] ? avc_has_perm+0x296/0x500 [ 39.810069] [] ? avc_has_perm+0x309/0x500 [ 39.815832] [] ? avc_has_perm+0xb6/0x500 [ 39.821510] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 39.828315] [] ? avc_has_perm_noaudit+0x460/0x460 [ 39.834775] [] ? sock_has_perm+0x1c1/0x400 [ 39.840626] [] ? sock_has_perm+0x29f/0x400 [ 39.846488] [] ? sock_has_perm+0x9f/0x400 [ 39.852253] [] ? selinux_file_send_sigiotask+0x310/0x310 [ 39.859323] [] ? selinux_netlbl_socket_setsockopt+0x117/0x320 [ 39.866823] [] ? selinux_netlbl_sock_rcv_skb+0x400/0x400 [ 39.873888] [] ipv6_setsockopt+0xd7/0x130 [ 39.879653] [] tcp_setsockopt+0x82/0xd0 [ 39.885246] [] sock_common_setsockopt+0x95/0xd0 [ 39.891531] [] SyS_setsockopt+0x160/0x250 [ 39.897303] [] ? SyS_recv+0x40/0x40 [ 39.902548] [] ? move_addr_to_ke