[....] Starting enhanced syslogd: rsyslogd[   13.537229] audit: type=1400 audit(1519647824.987:4): avc:  denied  { syslog } for  pid=3652 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.42' (ECDSA) to the list of known hosts.
syzkaller login: [   25.077755] 
[   25.079402] ======================================================
[   25.085690] [ INFO: possible circular locking dependency detected ]
[   25.092064] 4.9.84-ga9d0273 #52 Not tainted
[   25.096352] -------------------------------------------------------
[   25.102725] syzkaller487967/3808 is trying to acquire lock:
[   25.108401]  (&mm->mmap_sem){++++++}, at: [<ffffffff814c2714>] __might_fault+0xe4/0x1d0

[   25.116958] but task is already holding lock:
[   25.121598]  (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4aef1>] ashmem_ioctl+0x371/0xfe0

[   25.129983] which lock already depends on the new lock.
[   25.129983] 
[   25.136978] 
[   25.136978] the existing dependency chain (in reverse order) is:
[   25.144569] 
-> #1 (ashmem_mutex){+.+.+.}:
[   25.149347]        lock_acquire+0x12e/0x410
[   25.153643]        mutex_lock_nested+0xbb/0x870
[   25.158281]        ashmem_mmap+0x53/0x400
[   25.162398]        mmap_region+0x7dd/0xfd0
[   25.166599]        do_mmap+0x57b/0xbe0
[   25.170454]        vm_mmap_pgoff+0x16b/0x1b0
[   25.174834]        SyS_mmap_pgoff+0x33f/0x560
[   25.179303]        do_fast_syscall_32+0x2f5/0x870
[   25.184117]        entry_SYSENTER_compat+0x90/0xa2
[   25.189014] 
-> #0 (&mm->mmap_sem){++++++}:
[   25.193879]        __lock_acquire+0x2bf9/0x3640
[   25.198517]        lock_acquire+0x12e/0x410
[   25.202811]        __might_fault+0x14a/0x1d0
[   25.207192]        ashmem_ioctl+0x3c0/0xfe0
[   25.211481]        compat_ashmem_ioctl+0x3e/0x50
[   25.216206]        compat_SyS_ioctl+0x15f/0x2050
[   25.220928]        do_fast_syscall_32+0x2f5/0x870
[   25.225741]        entry_SYSENTER_compat+0x90/0xa2
[   25.230638] 
[   25.230638] other info that might help us debug this:
[   25.230638] 
[   25.238750]  Possible unsafe locking scenario:
[   25.238750] 
[   25.244781]        CPU0                    CPU1
[   25.249419]        ----                    ----
[   25.254061]   lock(ashmem_mutex);
[   25.257732]                                lock(&mm->mmap_sem);
[   25.264009]                                lock(ashmem_mutex);
[   25.270202]   lock(&mm->mmap_sem);
[   25.273959] 
[   25.273959]  *** DEADLOCK ***
[   25.273959] 
[   25.279995] 1 lock held by syzkaller487967/3808:
[   25.284729]  #0:  (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4aef1>] ashmem_ioctl+0x371/0xfe0
[   25.293684] 
[   25.293684] stack backtrace:
[   25.298156] CPU: 1 PID: 3808 Comm: syzkaller487967 Not tainted 4.9.84-ga9d0273 #52
[   25.305845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.315174]  ffff8801d98d7a38 ffffffff81d956b9 ffffffff853a2cd0 ffffffff853a2cd0
[   25.323146]  ffffffff853c2f80 ffff8801d84d88d8 ffff8801d84d8000 ffff8801d98d7a80
[   25.331129]  ffffffff812387f1 ffff8801d84d88d8 00000000d84d88b0 ffff8801d84d88d8
[   25.339112] Call Trace:
[   25.341673]  [<ffffffff81d956b9>] dump_stack+0xc1/0x128
[   25.347021]  [<ffffffff812387f1>] print_circular_bug+0x271/0x310
[   25.353136]  [<ffffffff8123ec29>] __lock_acquire+0x2bf9/0x3640
[   25.359079]  [<ffffffff81bdaccc>] ? avc_has_extended_perms+0x3fc/0xf10
[   25.365714]  [<ffffffff81bda9b2>] ? avc_has_extended_perms+0xe2/0xf10
[   25.372264]  [<ffffffff8123c030>] ? debug_check_no_locks_freed+0x2c0/0x2c0
[   25.379248]  [<ffffffff8123b41f>] ? mark_held_locks+0xaf/0x100
[   25.385196]  [<ffffffff838abb93>] ? mutex_lock_nested+0x5e3/0x870
[   25.391399]  [<ffffffff81234d01>] ? __lock_is_held+0xa1/0xf0
[   25.397168]  [<ffffffff812400ae>] lock_acquire+0x12e/0x410
[   25.402767]  [<ffffffff814c2714>] ? __might_fault+0xe4/0x1d0
[   25.408537]  [<ffffffff814c277a>] __might_fault+0x14a/0x1d0
[   25.414219]  [<ffffffff814c2714>] ? __might_fault+0xe4/0x1d0
[   25.419987]  [<ffffffff82d4af40>] ashmem_ioctl+0x3c0/0xfe0
[   25.425583]  [<ffffffff81beb235>] ? selinux_file_ioctl+0x355/0x530
[   25.431876]  [<ffffffff81beaee0>] ? selinux_capable+0x40/0x40
[   25.438299]  [<ffffffff82d4ab80>] ? get_name+0x250/0x250
[   25.443734]  [<ffffffff82d4bb9e>] compat_ashmem_ioctl+0x3e/0x50
[   25.449769]  [<ffffffff8167d34f>] compat_SyS_ioctl+0x15f/0x2050
[   25.455815]  [<ffffffff82d4bb60>] ? ashmem_ioctl+0xfe0/0xfe0
[   25.461586]  [<ffffffff8167d1f0>] ? do_ioctl+0x60/0x60
[   25.466837]  [<ffffffff81006f95>] do_fast_syscall_32+0x2f5/0x870
[   25.472952]  [<ffffffff81003036>] ? trace_hardirqs_off_thunk+0x1a/0x1c
[