[....] Starting enhanced syslogd: rsyslogd[   12.704138] audit: type=1400 audit(1516403803.716:5): avc:  denied  { syslog } for  pid=3509 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   18.942188] audit: type=1400 audit(1516403809.954:6): avc:  denied  { map } for  pid=3648 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts.
executing program
[   25.167698] audit: type=1400 audit(1516403816.179:7): avc:  denied  { map } for  pid=3662 comm="syzkaller059584" path="/root/syzkaller059584230" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   25.169867] 
[   25.195190] ============================================
[   25.200609] WARNING: possible recursive locking detected
[   25.206030] 4.15.0-rc8-mm1+ #58 Not tainted
[   25.210316] --------------------------------------------
[   25.215741] syzkaller059584/3662 is trying to acquire lock:
[   25.221421]  (&vq->mutex){+.+.}, at: [<0000000009e23966>] vhost_chr_write_iter+0x278/0x1580
[   25.229890] 
[   25.229890] but task is already holding lock:
[   25.235827]  (&vq->mutex){+.+.}, at: [<0000000009e23966>] vhost_chr_write_iter+0x278/0x1580
[   25.244308] 
[   25.244308] other info that might help us debug this:
[   25.250941]  Possible unsafe locking scenario:
[   25.250941] 
[   25.256977]        CPU0
[   25.259531]        ----
[   25.262083]   lock(&vq->mutex);
[   25.265337]   lock(&vq->mutex);
[   25.268585] 
[   25.268585]  *** DEADLOCK ***
[   25.268585] 
[   25.274610]  May be due to missing lock nesting notation
[   25.274610] 
[   25.281525] 1 lock held by syzkaller059584/3662:
[   25.286247]  #0:  (&vq->mutex){+.+.}, at: [<0000000009e23966>] vhost_chr_write_iter+0x278/0x1580
[   25.295155] 
[   25.295155] stack backtrace:
[   25.299634] CPU: 1 PID: 3662 Comm: syzkaller059584 Not tainted 4.15.0-rc8-mm1+ #58
[   25.307320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.316655] Call Trace:
[   25.319224]  dump_stack+0x194/0x257
[   25.322843]  ? arch_local_irq_restore+0x53/0x53
[   25.327491]  __lock_acquire+0xe8f/0x3e00
[   25.331534]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.336697]  ? __lock_acquire+0x664/0x3e00
[   25.340930]  ? is_bpf_text_address+0x7b/0x120
[   25.345410]  ? print_irqtrace_events+0x270/0x270
[   25.350145]  ? print_irqtrace_events+0x270/0x270
[   25.354884]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.360049]  ? print_irqtrace_events+0x270/0x270
[   25.364788]  ? print_irqtrace_events+0x270/0x270
[   25.369518]  ? print_irqtrace_events+0x270/0x270
[   25.374244]  ? check_noncircular+0x20/0x20
[   25.378455]  ? print_irqtrace_events+0x270/0x270
[   25.383185]  ? check_noncircular+0x20/0x20
[   25.387392]  ? __lock_acquire+0x664/0x3e00
[   25.391599]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.396763]  ? __lock_acquire+0x664/0x3e00
[   25.400972]  ? find_held_lock+0x35/0x1d0
[   25.405009]  lock_acquire+0x1d5/0x580
[   25.408793]  ? lock_acquire+0x1d5/0x580
[   25.412742]  ? vhost_chr_write_iter+0x278/0x1580
[   25.417475]  ? lock_release+0xa40/0xa40
[   25.421421]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   25.427289]  ? __lru_cache_add+0x2a6/0x410
[   25.431508]  ? rcu_note_context_switch+0x710/0x710
[   25.436414]  ? __might_sleep+0x95/0x190
[   25.440368]  ? vhost_chr_write_iter+0x278/0x1580
[   25.445110]  __mutex_lock+0x16f/0x1a80
[   25.448974]  ? vhost_chr_write_iter+0x278/0x1580
[   25.453708]  ? vhost_chr_write_iter+0x278/0x1580
[   25.458453]  ? mutex_lock_io_nested+0x1900/0x1900
[   25.463273]  ? mem_cgroup_css_online+0x2e0/0x2e0
[   25.468009]  ? lru_cache_add_file+0x20/0x20
[   25.472314]  ? __mem_cgroup_threshold+0x8f0/0x8f0
[   25.477138]  ? find_held_lock+0x35/0x1d0
[   25.481181]  ? __might_fault+0x110/0x1d0
[   25.485227]  ? lock_downgrade+0x980/0x980
[   25.489357]  ? lock_release+0xa40/0xa40
[   25.493308]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   25.499171]  ? lock_release+0xa40/0xa40
[   25.503128]  ? __might_sleep+0x95/0x190
[   25.507096]  ? kasan_check_write+0x14/0x20
[   25.511315]  ? copyin+0x91/0xb0
[   25.514581]  ? _copy_from_iter+0x367/0xf30
[   25.518794]  ? _raw_spin_unlock+0x22/0x30
[   25.522918]  ? __handle_mm_fault+0x80e/0x3ce0
[   25.527391]  ? check_noncircular+0x20/0x20
[   25.531601]  ? copy_page_to_iter+0xe00/0xe00
[   25.535999]  mutex_lock_nested+0x16/0x20
[   25.540043]  ? mutex_lock_nested+0x16/0x20
[   25.544257]  vhost_chr_write_iter+0x278/0x1580
[   25.548822]  ? handle_mm_fault+0x2a0/0x930
[   25.553037]  ? match_held_lock+0x953/0xa00
[   25.557257]  ? vhost_new_umem_range+0x740/0x740
[   25.561919]  ? __do_page_fault+0x5f7/0xc90
[   25.566155]  vhost_net_chr_write_iter+0x59/0x70
[   25.570808]  __vfs_write+0x684/0x970
[   25.574510]  ? kernel_read+0x120/0x120
[   25.578370]  ? _cond_resched+0x14/0x30
[   25.582235]  ? avc_policy_seqno+0x9/0x20
[   25.586273]  ? selinux_file_permission+0x82/0x460
[   25.591093]  ? rw_verify_area+0xe5/0x2b0
[   25.595126]  ? __fdget_raw+0x20/0x20
[   25.598815]  vfs_write+0x189/0x510
[   25.602328]  SyS_write+0xef/0x220
[   25.605752]  ? filp_open+0x70/0x70
[   25.609264]  ? SyS_read+0x220/0x220
[   25.612861]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.617853]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   25.622587]  entry_SYSCALL_64_fastpath+0x29/0xa0
[   25.627316] RIP: 0033:0x43fd79
[   25.630477] RSP: 002b:00007ffe70b567a8 EFLAGS: 00000203 ORIG_RAX: 0000000000000001
[   25.638156] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd79
[   25.645486] RDX: 0000000000000068 RSI: 0000000020004f98 RDI: 0000000000000003
[   25.652728] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   25.659973] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004016a0
[   25.667214] R13: 0000000000401730 R14: 0000000000000000 R15: 0000000000000000
[   25.674526] kasan: CONFIG_KASAN_INLINE enabled
[   25.679141] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   25.686513] general protection fault: 0000 [#1] SMP KASAN
[   25.692037] Dumping ftrace buffer:
[   25.695548]    (ftrace buffer empty)
[   25.699230] Modules linked in:
[   25.702398] CPU: 1 PID: 3662 Comm: syzkaller059584 Not tainted 4.15.0-rc8-mm1+ #58
[   25.710072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.719409] RIP: 0010:vhost_chr_write_iter+0x5f5/0x1580
[   25.724744] RSP: 0018:ffff8801d9bd7b28 EFLAGS: 00010246
[   25.730081] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000000
[   25.737326] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffff8801bb880200
[   25.744575] RBP: ffff8801d9bd7ca8 R08: ffffffff84189e38 R09: 0000000000000000
[   25.751831] R10: ffff8801d9bd7b18 R11: fffffbfff0fda9d5 R12: 0000000020005000
[   25.759081] R13: ffff8801bb880140 R14: ffff8801bb884900 R15: 1ffff1003b37af70
[   25.766335] FS:  0000000001954880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
[   25.774551] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   25.780406] CR2: 0000000020004f98 CR3: 00000001bbf35004 CR4: 00000000001606e0
[   25.787665] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   25.794917] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   25.802160] Call Trace:
[   25.804734]  ? handle_mm_fault+0x2a0/0x930
[   25.808946]  ? vhost_new_umem_range+0x740/0x740
[   25.813603]  ? __do_page_fault+0x5f7/0xc90
[   25.817828]  vhost_net_chr_write_iter+0x59/0x70
[   25.822473]  __vfs_write+0x684/0x970
[   25.826164]  ? kernel_read+0x120/0x120
[   25.830035]  ? _cond_resched+0x14/0x30
[   25.833899]  ? avc_policy_seqno+0x9/0x20
[   25.837938]  ? selinux_file_permission+0x82/0x460
[   25.842762]  ? rw_verify_area+0xe5/0x2b0
[   25.846798]  ? __fdget_raw+0x20/0x20
[   25.850489]  vfs_write+0x189/0x510
[   25.854017]  SyS_write+0xef/0x220
[   25.857447]  ? filp_open+0x70/0x70
[   25.860958]  ? SyS_read+0x220/0x220
[   25.864558]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.869551]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   25.874284]  entry_SYSCALL_64_fastpath+0x29/0xa0
[   25.879014] RIP: 0033:0x43fd79
[   25.882189] RSP: 002b:00007ffe70b567a8 EFLAGS: 00000203 ORIG_RAX: 0000000000000001
[   25.889876] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd79
[   25.897126] RDX: 0000000000000068 RSI: 0000000020004f98 RDI: 0000000000000003
[   25.904375] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   25.911618] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004016a0
[   25.918863] R13: 0000000000401730 R14: 0000000000000000 R15: 0000000000000000
[   25.926115] Code: e9 03 80 3c 11 00 0f 85 7d 0f 00 00 49 8b b5 c0 00 00 00 48 ba 00 00 00 00 00 fc ff df 48 89 f1 48 89 b5 c0 fe ff ff 48 c1 e9 03 <80> 3c 11 00 0f 85 74 0b 00 00 48 8b b5 c0 fe ff ff 4c 8b 36 4d 
[   25.945204] RIP: vhost_chr_write_iter+0x5f5/0x1580 RSP: ffff8801d9bd7b28
[   25.952065] ---[ end trace 57b5c8974811dbc6 ]---
[   25.956818] Kernel panic - not syncing: Fatal exception
[   25.962672] Dumping ftrace buffer:
[   25.966188]    (ftrace buffer empty)
[   25.969871] Kernel Offset: disabled
[   25.973469] Rebooting in 86400 seconds..