[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   17.859494] audit: type=1400 audit(1520664187.516:6): avc:  denied  { map } for  pid=4100 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   17.876314] sshd (4098) used greatest stack depth: 16712 bytes left

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.32' (ECDSA) to the list of known hosts.
syzkaller login: [   24.132618] audit: type=1400 audit(1520664193.789:7): avc:  denied  { map } for  pid=4114 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2018/03/10 06:43:14 parsed 1 programs
2018/03/10 06:43:14 executed programs: 0
[   24.385070] audit: type=1400 audit(1520664194.041:8): avc:  denied  { map } for  pid=4114 comm="syz-execprog" path="/root/syzkaller-shm387210047" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   24.398536] IPVS: ftp: loaded support on port[0] = 21
[   24.442157] audit: type=1400 audit(1520664194.098:9): avc:  denied  { map } for  pid=4122 comm="syz-executor0" path="/dev/ashmem" dev="devtmpfs" ino=1092 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=chr_file permissive=1
[   24.442414] 
[   24.468318] ======================================================
[   24.474603] WARNING: possible circular locking dependency detected
[   24.480888] 4.16.0-rc4+ #257 Not tainted
[   24.484915] ------------------------------------------------------
[   24.491197] syz-executor0/4122 is trying to acquire lock:
[   24.496702]  (&mm->mmap_sem){++++}, at: [<0000000094e418a6>] __might_fault+0xe0/0x1d0
[   24.504646] 
[   24.504646] but task is already holding lock:
[   24.510584]  (ashmem_mutex){+.+.}, at: [<000000001cab9c24>] ashmem_ioctl+0x3db/0x11b0
[   24.518526] 
[   24.518526] which lock already depends on the new lock.
[   24.518526] 
[   24.526806] 
[   24.526806] the existing dependency chain (in reverse order) is:
[   24.534398] 
[   24.534398] -> #1 (ashmem_mutex){+.+.}:
[   24.539827]        __mutex_lock+0x16f/0x1a80
[   24.544206]        mutex_lock_nested+0x16/0x20
[   24.548759]        ashmem_mmap+0x53/0x410
[   24.552876]        mmap_region+0xa99/0x15a0
[   24.557165]        do_mmap+0x6c0/0xe00
[   24.561024]        vm_mmap_pgoff+0x1de/0x280
[   24.565402]        SyS_mmap_pgoff+0x462/0x5f0
[   24.569871]        do_fast_syscall_32+0x3ec/0xf9f
[   24.574683]        entry_SYSENTER_compat+0x70/0x7f
[   24.579585] 
[   24.579585] -> #0 (&mm->mmap_sem){++++}:
[   24.585106]        lock_acquire+0x1d5/0x580
[   24.589402]        __might_fault+0x13a/0x1d0
[   24.593778]        _copy_from_user+0x2c/0x110
[   24.598243]        ashmem_ioctl+0x438/0x11b0
[   24.602620]        compat_ashmem_ioctl+0x3e/0x50
[   24.607343]        compat_SyS_ioctl+0x151/0x2a30
[   24.612067]        do_fast_syscall_32+0x3ec/0xf9f
[   24.616877]        entry_SYSENTER_compat+0x70/0x7f
[   24.621770] 
[   24.621770] other info that might help us debug this:
[   24.621770] 
[   24.629878]  Possible unsafe locking scenario:
[   24.629878] 
[   24.635901]        CPU0                    CPU1
[   24.640534]        ----                    ----
[   24.645167]   lock(ashmem_mutex);
[   24.648595]                                lock(&mm->mmap_sem);
[   24.654618]                                lock(ashmem_mutex);
[   24.660555]   lock(&mm->mmap_sem);
[   24.664061] 
[   24.664061]  *** DEADLOCK ***
[   24.664061] 
[   24.670088] 1 lock held by syz-executor0/4122:
[   24.674634]  #0:  (ashmem_mutex){+.+.}, at: [<000000001cab9c24>] ashmem_ioctl+0x3db/0x11b0
[   24.683014] 
[   24.683014] stack backtrace:
[   24.687485] CPU: 1 PID: 4122 Comm: syz-executor0 Not tainted 4.16.0-rc4+ #257
[   24.694726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   24.704048] Call Trace:
[   24.706612]  dump_stack+0x194/0x24d
[   24.710218]  ? arch_local_irq_restore+0x53/0x53
[   24.714860]  print_circular_bug.isra.38+0x2cd/0x2dc
[   24.720191]  ? save_trace+0xe0/0x2b0
[   24.723884]  __lock_acquire+0x30a8/0x3e00
[   24.728002]  ? ashmem_ioctl+0x3db/0x11b0
[   24.732041]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   24.737199]  ? __might_sleep+0x95/0x190
[   24.741144]  ? ashmem_ioctl+0x3db/0x11b0
[   24.745175]  ? __mutex_lock+0x16f/0x1a80
[   24.749208]  ? ashmem_ioctl+0x3db/0x11b0
[   24.753237]  ? ashmem_ioctl+0x3db/0x11b0
[   24.757271]  ? lock_downgrade+0x980/0x980
[   24.761392]  ? mutex_lock_io_nested+0x1900/0x1900
[   24.766202]  ? lock_release+0xa40/0xa40
[   24.770150]  ? do_futex+0x86f/0x22a0
[   24.773835]  ? vma_set_page_prot+0x16b/0x230
[   24.778218]  ? avc_ss_reset+0x110/0x110
[   24.782164]  lock_acquire+0x1d5/0x580
[   24.785935]  ? lock_acquire+0x1d5/0x580
[   24.789877]  ? __might_fault+0xe0/0x1d0
[   24.793825]  ? userfaultfd_unmap_complete+0x327/0x510
[   24.798982]  ? lock_release+0xa40/0xa40
[   24.802924]  ? check_same_owner+0x320/0x320
[   24.807216]  ? __might_sleep+0x95/0x190
[   24.811160]  __might_fault+0x13a/0x1d0
[   24.815023]  ? __might_fault+0xe0/0x1d0
[   24.818971]  _copy_from_user+0x2c/0x110
[   24.822917]  ashmem_ioctl+0x438/0x11b0
[   24.826774]  ? selinux_file_ioctl+0x444/0x690
[   24.831240]  ? __fget_light+0x2b2/0x3c0
[   24.835191]  ? ashmem_release+0x190/0x190
[   24.839312]  ? perf_trace_sched_switch+0x6e9/0xf60
[   24.844214]  ? compat_SyS_futex+0x288/0x380
[   24.848504]  compat_ashmem_ioctl+0x3e/0x50
[   24.852710]  compat_SyS_ioctl+0x151/0x2a30
[   24.856913]  ? do_fast_syscall_32+0x156/0xf9f
[   24.861377]  ? ashmem_ioctl+0x11b0/0x11b0
[   24.865494]  ? do_ioctl+0x60/0x60
[   24.868918]  do_fast_syscall_32+0x3ec/0xf9f
[   24.873210]  ? do_int80_syscall_32+0x9c0/0x9c0
[   24.877760]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   24.882493]  ? syscall_return_slowpath+0x2ac/0x550
[   24.887392]  ? prepare_exit_to_usermode+0x350/0x350
[   24.892377]  ? sysret32_from_system_call+0x5/0x3c
[   24.897187]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   24.902007]  entry_SYSENTER_compat+0x70/0x7f
[   24.906407] RIP: 0023:0xf7f5dc99
[   24.909740] RSP: 002b:00000000ffb115ac EFLAGS: 00000282 ORIG_RAX: 0000000000000036
[   24.917421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000007709
[   24.924661] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   24.931909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   24.939146] R10: 0000000000000000 R11: 0000000000000000 R12: