[....] Starting enhanced syslogd: rsyslogd[   10.642469] audit: type=1400 audit(1514199361.216:5): avc:  denied  { syslog } for  pid=2991 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   16.765755] audit: type=1400 audit(1514199367.339:6): avc:  denied  { map } for  pid=3130 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added 'ci-upstream-mmots-kasan-gce-5,10.128.0.23' (ECDSA) to the list of known hosts.
executing program
[   22.989679] audit: type=1400 audit(1514199373.563:7): avc:  denied  { map } for  pid=3144 comm="syzkaller258281" path="/root/syzkaller258281527" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   23.063715] 
[   23.065350] ======================================================
[   23.071634] WARNING: possible circular locking dependency detected
[   23.078895] 4.15.0-rc4-mm1+ #49 Not tainted
[   23.083176] ------------------------------------------------------
[   23.089458] syzkaller258281/3148 is trying to acquire lock:
[   23.095139]  (&p->lock){+.+.}, at: [<00000000fca8daf9>] seq_read+0xd5/0x13d0
[   23.102318] 
[   23.102318] but task is already holding lock:
[   23.108256]  (&pipe->mutex/1){+.+.}, at: [<0000000005f970d6>] pipe_lock+0x56/0x70
[   23.115854] 
[   23.115854] which lock already depends on the new lock.
[   23.115854] 
[   23.124747] 
[   23.124747] the existing dependency chain (in reverse order) is:
[   23.132337] 
[   23.132337] -> #2 (&pipe->mutex/1){+.+.}:
[   23.137945]        __mutex_lock+0x16f/0x1a80
[   23.142324]        mutex_lock_nested+0x16/0x20
[   23.146883]        fifo_open+0x15c/0xa30
[   23.150915]        do_dentry_open+0x667/0xd40
[   23.155376]        vfs_open+0x107/0x220
[   23.159323]        path_openat+0x1151/0x3530
[   23.163700]        do_filp_open+0x25b/0x3b0
[   23.168859]        do_open_execat+0x1b9/0x5c0
[   23.173324]        do_execveat_common.isra.30+0x90c/0x22a0
[   23.178916]        SyS_execve+0x39/0x50
[   23.182862]        do_syscall_64+0x26c/0x920
[   23.187236]        return_from_SYSCALL_64+0x0/0x75
[   23.192128] 
[   23.192128] -> #1 (&sig->cred_guard_mutex){+.+.}:
[   23.198419]        __mutex_lock+0x16f/0x1a80
[   23.202799]        mutex_lock_killable_nested+0x16/0x20
[   23.208130]        lock_trace+0x44/0xc0
[   23.212069]        proc_pid_syscall+0xa3/0x550
[   23.216617]        proc_single_show+0xf8/0x170
[   23.221162]        seq_read+0x385/0x13d0
[   23.225190]        do_iter_read+0x3d2/0x5a0
[   23.229476]        vfs_readv+0x121/0x1c0
[   23.233505]        do_readv+0xfc/0x2a0
[   23.237362]        SyS_readv+0x27/0x30
[   23.241214]        entry_SYSCALL_64_fastpath+0x1f/0x96
[   23.246459] 
[   23.246459] -> #0 (&p->lock){+.+.}:
[   23.251533]        lock_acquire+0x1d5/0x580
[   23.255827]        __mutex_lock+0x16f/0x1a80
[   23.260199]        mutex_lock_nested+0x16/0x20
[   23.264744]        seq_read+0xd5/0x13d0
[   23.268688]        proc_reg_read+0xe8/0x160
[   23.272975]        do_iter_read+0x3d2/0x5a0
[   23.277261]        vfs_readv+0x121/0x1c0
[   23.281288]        default_file_splice_read+0x508/0xae0
[   23.286617]        do_splice_to+0x10a/0x160
[   23.290904]        SyS_splice+0x1187/0x1610
[   23.295191]        entry_SYSCALL_64_fastpath+0x1f/0x96
[   23.300428] 
[   23.300428] other info that might help us debug this:
[   23.300428] 
[   23.308543] Chain exists of:
[   23.308543]   &p->lock --> &sig->cred_guard_mutex --> &pipe->mutex/1
[   23.308543] 
[   23.319347]  Possible unsafe locking scenario:
[   23.319347] 
[   23.325367]        CPU0                    CPU1
[   23.329997]        ----                    ----
[   23.334632]   lock(&pipe->mutex/1);
[   23.338226]                                lock(&sig->cred_guard_mutex);
[   23.345029]                                lock(&pipe->mutex/1);
[   23.351138]   lock(&p->lock);
[   23.354206] 
[   23.354206]  *** DEADLOCK ***
[   23.354206] 
[   23.360228] 1 lock held by syzkaller258281/3148:
[   23.364944]  #0:  (&pipe->mutex/1){+.+.}, at: [<0000000005f970d6>] pipe_lock+0x56/0x70
[   23.372971] 
[   23.372971] stack backtrace:
[   23.377435] CPU: 1 PID: 3148 Comm: syzkaller258281 Not tainted 4.15.0-rc4-mm1+ #49
[   23.385106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   23.394427] Call Trace:
[   23.396986]  dump_stack+0x194/0x257
[   23.400581]  ? arch_local_irq_restore+0x53/0x53
[   23.406868]  print_circular_bug.isra.37+0x2cd/0x2dc
[   23.411847]  ? save_trace+0xe0/0x2b0
[   23.415524]  __lock_acquire+0x30a8/0x3e00
[   23.419640]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   23.424798]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   23.429954]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   23.435107]  ? update_cfs_rq_load_avg.part.68+0x2d0/0x2d0
[   23.440610]  ? print_irqtrace_events+0x270/0x270
[   23.445328]  ? __lock_acquire+0x664/0x3e00
[   23.449529]  ? __lock_acquire+0x664/0x3e00
[   23.453731]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   23.458889]  ? __lock_acquire+0x664/0x3e00
[   23.463094]  ? print_irqtrace_events+0x270/0x270
[   23.467813]  ? check_noncircular+0x20/0x20
[   23.472015]  ? check_noncircular+0x20/0x20
[   23.476224]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   23.481379]  ? check_noncircular+0x20/0x20
[   23.485577]  ? __update_idle_core+0x305/0x600
[   23.490042]  ? __lock_acquire+0x664/0x3e00
[   23.494659]  lock_acquire+0x1d5/0x580
[   23.498427]  ? lock_acquire+0x1d5/0x580
[   23.502368]  ? seq_read+0xd5/0x13d0
[   23.505963]  ? lock_release+0xa40/0xa40
[   23.509905]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   23.515765]  ? rcu_note_context_switch+0x710/0x710
[   23.520668]  ? __might_sleep+0x95/0x190
[   23.524607]  ? seq_read+0xd5/0x13d0
[   23.528198]  __mutex_lock+0x16f/0x1a80
[   23.532051]  ? seq_read+0xd5/0x13d0
[   23.535645]  ? __is_insn_slot_addr+0x1fc/0x330
[   23.540200]  ? seq_read+0xd5/0x13d0
[   23.543803]  ? check_noncircular+0x20/0x20
[   23.548006]  ? mutex_lock_io_nested+0x1900/0x1900
[   23.552817]  ? find_held_lock+0x35/0x1d0
[   23.556842]  ? check_noncircular+0x20/0x20
[   23.561043]  ? is_bpf_text_address+0x7b/0x120
[   23.565502]  ? check_noncircular+0x20/0x20
[   23.569701]  ? print_irqtrace_events+0x270/0x270
[   23.574423]  ? check_noncircular+0x20/0x20
[   23.578621]  ? find_held_lock+0x35/0x1d0
[   23.582648]  ? __lock_is_held+0xb6/0x140
[   23.586674]  ? check_noncircular+0x20/0x20
[   23.590877]  ? __lock_is_held+0xb6/0x140
[   23.594908]  ? rcu_read_lock_sched_held+0x108/0x120
[   23.599888]  ? __lock_is_held+0xb6/0x140
[   23.603914]  ? seq_lseek+0x3c0/0x3c0
[   23.607592]  mutex_lock_nested+0x16/0x20
[   23.611640]  ? mutex_lock_nested+0x16/0x20
[   23.616109]  seq_read+0xd5/0x13d0
[   23.619533]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   23.625382]  ? __check_object_size+0x25d/0x4f0
[   23.629942]  ? fsnotify+0x7b3/0x1140
[   23.633625]  ? seq_lseek+0x3c0/0x3c0
[   23.637303]  ? fsnotify_first_mark+0x2b0/0x2b0
[   23.641854]  ? avc_policy_seqno+0x9/0x20
[   23.645886]  ? selinux_file_permission+0x82/0x460
[   23.651128]  ? seq_lseek+0x3c0/0x3c0
[   23.654813]  proc_reg_read+0xe8/0x160
[   23.658583]  ? rw_verify_area+0xe5/0x2b0
[   23.662618]  do_iter_read+0x3d2/0x5a0
[   23.666386]  ? dup_iter+0x260/0x260
[   23.669978]  vfs_readv+0x121/0x1c0
[   23.673484]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   23.678990]  ? lock_acquire+0x1d5/0x580
[   23.682934]  ? lock_acquire+0x1d5/0x580
[   23.686872]  ? pipe_lock+0x56/0x70
[   23.690377]  ? lock_release+0xa40/0xa40
[   23.694316]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   23.700175]  ? rcu_note_context_switch+0x710/0x710
[   23.705078]  ? __might_sleep+0x95/0x190
[   23.709029]  ? pipe_lock+0x56/0x70
[   23.712557]  ? __mutex_lock+0x16f/0x1a80
[   23.716585]  ? pipe_lock+0x56/0x70
[   23.720102]  default_file_splice_read+0x508/0xae0
[   23.724910]  ? default_file_splice_read+0x508/0xae0
[   23.729900]  ? do_splice_direct+0x3c0/0x3c0
[   23.734189]  ? __lock_is_held+0xb6/0x140
[   23.738310]  ? __lock_is_held+0xb6/0x140
[   23.742338]  ? fsnotify+0x7b3/0x1140
[   23.746027]  ? fsnotify_first_mark+0x2b0/0x2b0
[   23.750581]  ? avc_policy_seqno+0x9/0x20
[   23.754610]  ? selinux_file_permission+0x82/0x460
[   23.759417]  ? security_file_permission+0x89/0x1e0
[   23.764317]  ? do_splice_direct+0x3c0/0x3c0
[   23.768605]  do_splice_to+0x10a/0x160
[   23.772370]  ? do_splice_to+0x10a/0x160
[   23.776310]  SyS_splice+0x1187/0x1610
[   23.780075]  ? SyS_futex+0x269/0x390
[   23.783756]  ? compat_SyS_vmsplice+0x250/0x250
[   23.788303]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   23.793290]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   23.798017]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   23.802746] RIP: 0033:0x445679
[   23.805902] RSP: 002b:00007fa003d58d08 EFLAGS: 00000216 ORIG_RAX: 0000000000000113
[   23.813574] RAX: ffffffffffffffda RBX: 0