[....] Starting enhanced syslogd: rsyslogd[   13.395751] audit: type=1400 audit(1516402824.470:5): avc:  denied  { syslog } for  pid=3511 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   18.324262] audit: type=1400 audit(1516402829.398:6): avc:  denied  { map } for  pid=3651 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.36' (ECDSA) to the list of known hosts.
net.ipv6.conf.syz0.accept_dad = 0
net.ipv6.conf.syz0.router_solicitations = 0
[   24.566463] audit: type=1400 audit(1516402835.641:7): avc:  denied  { map } for  pid=3665 comm="syzkaller873571" path="/root/syzkaller873571204" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   24.845981] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
executing program
[   25.183517] 
[   25.185176] ============================================
[   25.190594] WARNING: possible recursive locking detected
[   25.196016] 4.15.0-rc8+ #179 Not tainted
[   25.200046] --------------------------------------------
[   25.205465] syzkaller873571/3665 is trying to acquire lock:
[   25.211143]  (&vq->mutex){+.+.}, at: [<00000000341088cb>] vhost_chr_write_iter+0x278/0x1580
[   25.219622] 
[   25.219622] but task is already holding lock:
[   25.225565]  (&vq->mutex){+.+.}, at: [<00000000341088cb>] vhost_chr_write_iter+0x278/0x1580
[   25.234040] 
[   25.234040] other info that might help us debug this:
[   25.240680]  Possible unsafe locking scenario:
[   25.240680] 
[   25.246713]        CPU0
[   25.249277]        ----
[   25.251829]   lock(&vq->mutex);
[   25.255079]   lock(&vq->mutex);
[   25.258331] 
[   25.258331]  *** DEADLOCK ***
[   25.258331] 
[   25.264357]  May be due to missing lock nesting notation
[   25.264357] 
[   25.271269] 1 lock held by syzkaller873571/3665:
[   25.275990]  #0:  (&vq->mutex){+.+.}, at: [<00000000341088cb>] vhost_chr_write_iter+0x278/0x1580
[   25.284898] 
[   25.284898] stack backtrace:
[   25.289367] CPU: 1 PID: 3665 Comm: syzkaller873571 Not tainted 4.15.0-rc8+ #179
[   25.297045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.306375] Call Trace:
[   25.308938]  dump_stack+0x194/0x257
[   25.312537]  ? arch_local_irq_restore+0x53/0x53
[   25.317192]  __lock_acquire+0xe8f/0x3e00
[   25.321237]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.326400]  ? __lock_acquire+0x664/0x3e00
[   25.330609]  ? is_bpf_text_address+0x7b/0x120
[   25.335082]  ? lock_pin_lock+0x360/0x360
[   25.339112]  ? print_irqtrace_events+0x270/0x270
[   25.343856]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.349015]  ? print_irqtrace_events+0x270/0x270
[   25.353750]  ? print_irqtrace_events+0x270/0x270
[   25.358475]  ? lock_release+0xa40/0xa40
[   25.362422]  ? __lock_acquire+0x664/0x3e00
[   25.366626]  ? __lock_acquire+0x664/0x3e00
[   25.370833]  ? __lock_acquire+0x664/0x3e00
[   25.375044]  ? check_noncircular+0x20/0x20
[   25.379260]  ? check_noncircular+0x20/0x20
[   25.383465]  ? find_held_lock+0x35/0x1d0
[   25.387497]  ? __lock_acquire+0x664/0x3e00
[   25.391702]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.396881]  lock_acquire+0x1d5/0x580
[   25.400654]  ? lock_acquire+0x1d5/0x580
[   25.404618]  ? vhost_chr_write_iter+0x278/0x1580
[   25.409348]  ? lock_release+0xa40/0xa40
[   25.413310]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   25.419167]  ? rcu_note_context_switch+0x710/0x710
[   25.424068]  ? __might_sleep+0x95/0x190
[   25.428119]  ? vhost_chr_write_iter+0x278/0x1580
[   25.432854]  __mutex_lock+0x16f/0x1a80
[   25.436713]  ? vhost_chr_write_iter+0x278/0x1580
[   25.441452]  ? vhost_chr_write_iter+0x278/0x1580
[   25.446176]  ? check_noncircular+0x20/0x20
[   25.450380]  ? mutex_lock_io_nested+0x1900/0x1900
[   25.455197]  ? get_mem_cgroup_from_mm+0x49b/0x710
[   25.460012]  ? __lru_cache_add+0x2a4/0x410
[   25.464219]  ? find_held_lock+0x35/0x1d0
[   25.468254]  ? __might_fault+0x110/0x1d0
[   25.472288]  ? lock_downgrade+0x980/0x980
[   25.476407]  ? lock_release+0xa40/0xa40
[   25.480375]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   25.486229]  ? check_noncircular+0x20/0x20
[   25.490434]  ? lru_cache_add+0x1c7/0x3a0
[   25.494477]  ? get_mem_cgroup_from_mm+0x710/0x710
[   25.499300]  ? lru_cache_add_file+0x20/0x20
[   25.503592]  ? __might_sleep+0x95/0x190
[   25.507538]  ? kasan_check_write+0x14/0x20
[   25.511937]  ? copyin+0x91/0xb0
[   25.515274]  ? _copy_from_iter+0x367/0xf30
[   25.519478]  ? find_held_lock+0x35/0x1d0
[   25.523512]  ? copy_page_to_iter+0xe10/0xe10
[   25.527889]  ? lock_downgrade+0x980/0x980
[   25.532011]  mutex_lock_nested+0x16/0x20
[   25.536042]  ? mutex_lock_nested+0x16/0x20
[   25.540249]  vhost_chr_write_iter+0x278/0x1580
[   25.544810]  ? do_raw_spin_trylock+0x190/0x190
[   25.549363]  ? vhost_new_umem_range+0x740/0x740
[   25.554089]  ? _raw_spin_unlock+0x22/0x30
[   25.558211]  ? __handle_mm_fault+0x80e/0x3ce0
[   25.562688]  ? find_held_lock+0x35/0x1d0
[   25.566720]  vhost_net_chr_write_iter+0x59/0x70
[   25.571371]  __vfs_write+0x684/0x970
[   25.575055]  ? kernel_read+0x120/0x120
[   25.578924]  ? _cond_resched+0x14/0x30
[   25.582783]  ? avc_policy_seqno+0x9/0x20
[   25.586814]  ? selinux_file_permission+0x82/0x460
[   25.591627]  ? rw_verify_area+0xe5/0x2b0
[   25.595659]  ? __fdget_raw+0x20/0x20
[   25.599354]  vfs_write+0x189/0x510
[   25.602865]  SyS_write+0xef/0x220
[   25.606289]  ? __do_page_fault+0x3d6/0xc90
[   25.610493]  ? SyS_read+0x220/0x220
[   25.614100]  ? do_fast_syscall_32+0x156/0xf9d
[   25.618569]  ? SyS_read+0x220/0x220
[   25.622169]  do_fast_syscall_32+0x3ee/0xf9d
[   25.626463]  ? do_int80_syscall_32+0x9d0/0x9d0
[   25.631020]  ? kasan_check_read+0x11/0x20
[   25.635142]  ? syscall_return_slowpath+0x550/0x550
[   25.640590]  ? SyS_rt_sigaction+0x94/0x1b0
[   25.644796]  ? SyS_sigprocmask+0x4b0/0x4b0
[   25.649001]  ? SyS_read+0x184/0x220
[   25.652599]  ? retint_user+0x18/0x18
[   25.656297]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   25.661116]  entry_SYSENTER_compat+0x54/0x63
[   25.665496] RIP: 0023:0xf7f35c79
[   25.668830] RSP: 002b:00000000ffcacf2c EFLAGS: 00000286 ORIG_RAX: 0000000000000004
[   25.676510] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020e42000
[   25.683752] RDX: 000000