[   11.446283] audit: type=1400 audit(1512993404.533:5): avc:  denied  { syslog } for  pid=2989 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   26.966863] audit: type=1400 audit(1512993420.054:6): avc:  denied  { map } for  pid=3133 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added 'ci-upstream-mmots-kasan-gce-3,10.128.15.219' (ECDSA) to the list of known hosts.
executing program
[   33.057721] audit: type=1400 audit(1512993426.145:7): avc:  denied  { map } for  pid=3147 comm="syzkaller091662" path="/root/syzkaller091662383" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   33.084392] 
[   33.086004] ============================================
[   33.091413] WARNING: possible recursive locking detected
[   33.096835] 4.15.0-rc2-mm1+ #39 Not tainted
[   33.101119] --------------------------------------------
[   33.106532] syzkaller091662/3147 is trying to acquire lock:
[   33.112226]  (rtnl_mutex){+.+.}, at: [<00000000f7b36745>] rtnl_lock+0x17/0x20
[   33.119480] 
[   33.119480] but task is already holding lock:
[   33.125413]  (rtnl_mutex){+.+.}, at: [<00000000f7b36745>] rtnl_lock+0x17/0x20
[   33.132656] 
[   33.132656] other info that might help us debug this:
[   33.139282]  Possible unsafe locking scenario:
[   33.139282] 
[   33.145304]        CPU0
[   33.147848]        ----
[   33.150394]   lock(rtnl_mutex);
[   33.153642]   lock(rtnl_mutex);
[   33.156888] 
[   33.156888]  *** DEADLOCK ***
[   33.156888] 
[   33.163081]  May be due to missing lock nesting notation
[   33.163081] 
[   33.169971] 1 lock held by syzkaller091662/3147:
[   33.174686]  #0:  (rtnl_mutex){+.+.}, at: [<00000000f7b36745>] rtnl_lock+0x17/0x20
[   33.182361] 
[   33.182361] stack backtrace:
[   33.186822] CPU: 1 PID: 3147 Comm: syzkaller091662 Not tainted 4.15.0-rc2-mm1+ #39
[   33.194492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   33.203811] Call Trace:
[   33.206366]  dump_stack+0x194/0x257
[   33.209957]  ? arch_local_irq_restore+0x53/0x53
[   33.214615]  __lock_acquire+0x11cf/0x47f0
[   33.218730]  ? __unwind_start+0x169/0x330
[   33.222845]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   33.227999]  ? save_stack_trace+0x1a/0x20
[   33.232112]  ? __lock_acquire+0x324e/0x47f0
[   33.236415]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   33.241571]  ? __read_once_size_nocheck.constprop.8+0x10/0x10
[   33.247420]  ? __kernel_text_address+0xd/0x40
[   33.251880]  ? do_vfs_ioctl+0x1b1/0x1530
[   33.255994]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   33.261150]  ? unwind_next_frame.part.6+0x1a6/0xb40
[   33.266130]  ? unwind_dump+0x4d0/0x4d0
[   33.269982]  ? save_trace+0xe0/0x2b0
[   33.273662]  ? check_noncircular+0x20/0x20
[   33.277860]  ? check_noncircular+0x20/0x20
[   33.282062]  ? check_noncircular+0x20/0x20
[   33.286259]  ? __free_insn_slot+0x5c0/0x5c0
[   33.290549]  lock_acquire+0x1d5/0x580
[   33.294315]  ? rtnl_lock+0x17/0x20
[   33.297824]  ? lock_release+0xda0/0xda0
[   33.301763]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   33.307614]  ? rcu_note_context_switch+0x710/0x710
[   33.312507]  ? __might_sleep+0x95/0x190
[   33.316446]  ? rtnl_lock+0x17/0x20
[   33.319952]  __mutex_lock+0x16f/0x1a80
[   33.323800]  ? rtnl_lock+0x17/0x20
[   33.327302]  ? lock_release+0xda0/0xda0
[   33.331239]  ? rtnl_lock+0x17/0x20
[   33.334744]  ? is_bpf_text_address+0xa4/0x120
[   33.339203]  ? mutex_lock_io_nested+0x1900/0x1900
[   33.344010]  ? unwind_get_return_address+0x61/0xa0
[   33.348903]  ? trace_hardirqs_off+0xd/0x10
[   33.353104]  ? _raw_spin_unlock_irqrestore+0xa6/0xba
[   33.358172]  ? depot_save_stack+0x2ca/0x460
[   33.362459]  ? selinux_tun_dev_free_security+0x15/0x20
[   33.367702]  ? save_stack+0xa3/0xd0
[   33.371294]  ? save_stack+0x43/0xd0
[   33.374886]  ? kasan_slab_free+0x71/0xc0
[   33.378912]  ? kfree+0xca/0x250
[   33.382156]  ? selinux_tun_dev_free_security+0x15/0x20
[   33.387400]  ? security_tun_dev_free_security+0x48/0x80
[   33.392728]  ? tun_free_netdev+0x153/0x1f0
[   33.396926]  ? register_netdevice+0x97b/0x1010
[   33.401473]  ? __tun_chr_ioctl+0x1ca3/0x3f10
[   33.405846]  ? tun_chr_ioctl+0x2a/0x40
[   33.409700]  ? do_vfs_ioctl+0x1b1/0x1530
[   33.413724]  ? SyS_ioctl+0x8f/0xc0
[   33.417228]  ? entry_SYSCALL_64_fastpath+0x1f/0x96
[   33.422130]  ? find_held_lock+0x39/0x1d0
[   33.426156]  ? check_noncircular+0x20/0x20
[   33.430357]  ? print_usage_bug+0x3f0/0x3f0
[   33.434574]  ? lock_downgrade+0x980/0x980
[   33.438689]  ? tun_flow_flush+0x41/0xe0
[   33.442628]  ? mark_held_locks+0xb2/0x100
[   33.446742]  ? mark_held_locks+0xb2/0x100
[   33.450856]  ? kfree+0xe4/0x250
[   33.454101]  ? selinux_tun_dev_free_security+0x15/0x20
[   33.459340]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   33.464317]  ? trace_hardirqs_on+0xd/0x10
[   33.468432]  mutex_lock_nested+0x16/0x20
[   33.472457]  ? security_tun_dev_free_security+0x67/0x80
[   33.477790]  ? mutex_lock_nested+0x16/0x20
[   33.481999]  rtnl_lock+0x17/0x20
[   33.485329]  tun_free_netdev+0x158/0x1f0
[   33.489355]  ? tun_xdp+0x410/0x410
[   33.492857]  ? __lockdep_init_map+0xe4/0x650
[   33.497239]  ? tun_detach_all+0xb50/0xb50
[   33.501352]  ? tun_xdp+0x410/0x410
[   33.504857]  register_netdevice+0x97b/0x1010
[   33.509230]  ? netdev_change_features+0x100/0x100
[   33.514037]  ? round_jiffies_up+0xce/0x100
[   33.518243]  ? __round_jiffies_up_relative+0x150/0x150
[   33.523485]  ? debug_lockdep_rcu_enabled+0x77/0x90
[   33.528384]  ? selinux_tun_dev_alloc_security+0x124/0x170
[   33.533895]  __tun_chr_ioctl+0x1ca3/0x3f10
[   33.538096]  ? __pmd_alloc+0x4e0/0x4e0
[   33.541950]  ? tun_chr_read_iter+0x1e0/0x1e0
[   33.546416]  ? avc_ss_reset+0x110/0x110
[   33.550355]  ? lock_downgrade+0x980/0x980
[   33.554470]  ? down_read_trylock+0xdb/0x170
[   33.558757]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   33.564604]  ? up_read+0x1a/0x40
[   33.567936]  ? tun_chr_compat_ioctl+0x30/0x30
[   33.572397]  tun_chr_ioctl+0x2a/0x40
[   33.576074]  ? tun_chr_ioctl+0x2a/0x40
[   33.579927]  do_vfs_ioctl+0x1b1/0x1530
[   33.583778]  ? _cond_resched+0x14/0x30
[   33.587629]  ? ioctl_preallocate+0x2b0/0x2b0
[   33.592000]  ? selinux_capable+0x40/0x40
[   33.596025]  ? putname+0xf3/0x130
[   33.599448]  ? do_sys_open+0x320/0x6d0
[   33.603301]  ? security_file_ioctl+0x89/0xb0
[   33.607673]  SyS_ioctl+0x8f/0xc0
[   33.611006]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   33.615724] RIP: 0033:0x443d99
[   33.618878] RSP: 002b:00007ffe81550868 EFLAGS: 00000217 ORIG_RAX: 0000000000000010
[   33.626546] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000443d99
[   33.633780] RDX: 0000000020533000 RSI: 00000000400454ca RDI: 0000000000000003
[   33.641012] RBP: 00000000006ce018 R08: 0000000000000000 R09: 0000000000000000
[   33.648245] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401a80
[   33.655480] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000