[....] Starting enhanced syslogd: rsyslogd[   12.723795] audit: type=1400 audit(1520340213.740:4): avc:  denied  { syslog } for  pid=3495 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.55' (ECDSA) to the list of known hosts.
2018/03/06 12:43:46 parsed 1 programs
2018/03/06 12:43:46 executed programs: 0
syzkaller login: [   25.055840] IPVS: Creating netns size=2536 id=1
[   25.073784] 
[   25.075427] ======================================================
[   25.081712] [ INFO: possible circular locking dependency detected ]
[   25.088086] 4.9.86-gb324a70 #58 Not tainted
[   25.092374] -------------------------------------------------------
[   25.098746] syz-executor0/3664 is trying to acquire lock:
[   25.104247]  (&mm->mmap_sem){++++++}, at: [<ffffffff814c26d4>] __might_fault+0xe4/0x1d0

[   25.112726] but task is already holding lock:
[   25.117360]  (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4b121>] ashmem_ioctl+0x371/0xfe0

[   25.125744] which lock already depends on the new lock.
[   25.125744] 
[   25.132724] 
[   25.132724] the existing dependency chain (in reverse order) is:
[   25.140310] 
-> #1 (ashmem_mutex){+.+.+.}:
[   25.145070]        lock_acquire+0x12e/0x410
[   25.149363]        mutex_lock_nested+0xbb/0x870
[   25.153999]        ashmem_mmap+0x53/0x400
[   25.158116]        mmap_region+0x7dd/0xfd0
[   25.162320]        do_mmap+0x57b/0xbe0
[   25.166175]        vm_mmap_pgoff+0x16b/0x1b0
[   25.170550]        SyS_mmap_pgoff+0x33f/0x560
[   25.175013]        do_fast_syscall_32+0x2f5/0x870
[   25.179826]        entry_SYSENTER_compat+0x90/0xa2
[   25.184719] 
-> #0 (&mm->mmap_sem){++++++}:
[   25.189567]        __lock_acquire+0x2bf9/0x3640
[   25.194205]        lock_acquire+0x12e/0x410
[   25.198494]        __might_fault+0x14a/0x1d0
[   25.202878]        ashmem_ioctl+0x3c0/0xfe0
[   25.207181]        compat_ashmem_ioctl+0x3e/0x50
[   25.211913]        compat_SyS_ioctl+0x15f/0x2050
[   25.216644]        do_fast_syscall_32+0x2f5/0x870
[   25.221456]        entry_SYSENTER_compat+0x90/0xa2
[   25.226348] 
[   25.226348] other info that might help us debug this:
[   25.226348] 
[   25.234457]  Possible unsafe locking scenario:
[   25.234457] 
[   25.240481]        CPU0                    CPU1
[   25.245120]        ----                    ----
[   25.249756]   lock(ashmem_mutex);
[   25.253409]                                lock(&mm->mmap_sem);
[   25.259672]                                lock(ashmem_mutex);
[   25.265839]   lock(&mm->mmap_sem);
[   25.269587] 
[   25.269587]  *** DEADLOCK ***
[   25.269587] 
[   25.275612] 1 lock held by syz-executor0/3664:
[   25.280158]  #0:  (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4b121>] ashmem_ioctl+0x371/0xfe0
[   25.289098] 
[   25.289098] stack backtrace:
[   25.293565] CPU: 1 PID: 3664 Comm: syz-executor0 Not tainted 4.9.86-gb324a70 #58
[   25.301067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.310392]  ffff8801bfe77a38 ffffffff81d956f9 ffffffff853a4cd0 ffffffff853a4cd0
[   25.318359]  ffffffff853c57f0 ffff8801c2a8e8d8 ffff8801c2a8e000 ffff8801bfe77a80
[   25.326331]  ffffffff812387f1 ffff8801c2a8e8d8 00000000c2a8e8b0 ffff8801c2a8e8d8
[   25.334302] Call Trace:
[   25.336860]  [<ffffffff81d956f9>] dump_stack+0xc1/0x128
[   25.342193]  [<ffffffff812387f1>] print_circular_bug+0x271/0x310
[   25.348308]  [<ffffffff8123ec29>] __lock_acquire+0x2bf9/0x3640
[   25.354250]  [<ffffffff81bdad0c>] ? avc_has_extended_perms+0x3fc/0xf10
[   25.360883]  [<ffffffff81bda9f2>] ? avc_has_extended_perms+0xe2/0xf10
[   25.367431]  [<ffffffff8123c030>] ? debug_check_no_locks_freed+0x2c0/0x2c0
[   25.374413]  [<ffffffff8123b41f>] ? mark_held_locks+0xaf/0x100
[   25.380352]  [<ffffffff838abd83>] ? mutex_lock_nested+0x5e3/0x870
[   25.386560]  [<ffffffff81234d01>] ? __lock_is_held+0xa1/0xf0
[   25.392327]  [<ffffffff812400ae>] lock_acquire+0x12e/0x410
[   25.397919]  [<ffffffff814c26d4>] ? __might_fault+0xe4/0x1d0
[   25.403686]  [<ffffffff814c273a>] __might_fault+0x14a/0x1d0
[   25.409366]  [<ffffffff814c26d4>] ? __might_fault+0xe4/0x1d0
[   25.415137]  [<ffffffff82d4b170>] ashmem_ioctl+0x3c0/0xfe0
[   25.420730]  [<ffffffff81beb275>] ? selinux_file_ioctl+0x355/0x530
[   25.427018]  [<ffffffff81beaf20>] ? selinux_capable+0x40/0x40
[   25.432870]  [<ffffffff82d4adb0>] ? get_name+0x250/0x250
[   25.438291]  [<ffffffff812e5fd9>] ? compat_SyS_futex+0x1f9/0x2a0
[   25.444405]  [<ffffffff82d4bdce>] compat_ashmem_ioctl+0x3e/0x50
[   25.450444]  [<ffffffff8167d38f>] compat_SyS_ioctl+0x15f/0x2050
[   25.456474