[....] Starting enhanced syslogd: rsyslogd[   11.752141] audit: type=1400 audit(1514793009.441:5): avc:  denied  { syslog } for  pid=3339 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   17.346536] audit: type=1400 audit(1514793015.036:6): avc:  denied  { map } for  pid=3479 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.8' (ECDSA) to the list of known hosts.
executing program
[   28.959060] audit: type=1400 audit(1514793026.648:7): avc:  denied  { map } for  pid=3496 comm="syzkaller466182" path="/root/syzkaller466182713" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   28.963355] 
[   28.963365] =============================
[   28.963367] WARNING: suspicious RCU usage
[   28.963373] 4.15.0-rc6+ #245 Not tainted
[   28.963375] -----------------------------
[   28.963380] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section!
[   28.963383] 
[   28.963383] other info that might help us debug this:
[   28.963383] 
[   28.963387] 
[   28.963387] rcu_scheduler_active = 2, debug_locks = 1
[   28.963391] 2 locks held by syzkaller466182/3496:
[   28.963393]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000c0aba7b0>] xfrm_netlink_rcv+0x60/0x90
[   28.963424]  #1:  (rcu_read_lock){....}, at: [<00000000c5557572>] xfrm_state_get_afinfo+0x62/0x280
[   28.963440] 
[   28.963440] stack backtrace:
[   28.963446] CPU: 0 PID: 3496 Comm: syzkaller466182 Not tainted 4.15.0-rc6+ #245
[   28.963450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   28.963454] Call Trace:
[   28.963466]  dump_stack+0x194/0x257
[   28.963478]  ? arch_local_irq_restore+0x53/0x53
[   28.963505]  lockdep_rcu_suspicious+0x123/0x170
[   28.963519]  ___might_sleep+0x385/0x470
[   28.963528]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   28.963550]  __might_sleep+0x95/0x190
[   28.963567]  kmem_cache_alloc_trace+0x298/0x750
[   28.963594]  __request_module+0x2e1/0xc20
[   28.963600]  ? check_noncircular+0x20/0x20
[   28.963609]  ? __xfrm_init_state+0xa61/0xdd0
[   28.963619]  ? free_modprobe_argv+0xa0/0xa0
[   28.963628]  ? check_noncircular+0x20/0x20
[   28.963634]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.963651]  ? check_noncircular+0x20/0x20
[   28.963657]  ? lock_acquire+0x1d5/0x580
[   28.963671]  ? find_held_lock+0x35/0x1d0
[   28.963679]  ? check_noncircular+0x20/0x20
[   28.963697]  ? lock_acquire+0x1d5/0x580
[   28.963703]  ? lock_acquire+0x1d5/0x580
[   28.963709]  ? xfrm_state_get_afinfo+0x62/0x280
[   28.963735]  ? __lock_is_held+0xb6/0x140
[   28.963761]  ? rcu_read_lock_held+0xa9/0xc0
[   28.963767]  ? xfrm_state_get_afinfo+0x138/0x280
[   28.963775]  ? xfrm_state_find+0x3210/0x3210
[   28.963797]  __xfrm_init_state+0xa61/0xdd0
[   28.963815]  ? xfrm_get_mode.part.29+0x260/0x260
[   28.963820]  ? xfrm_find_algo+0x1c4/0x270
[   28.963832]  ? xfrm_add_sa+0x11e1/0x33e0
[   28.963848]  xfrm_add_sa+0x1a09/0x33e0
[   28.963873]  ? xfrm_send_state_notify+0x1c50/0x1c50
[   28.963882]  ? nla_parse+0x29a/0x3d0
[   28.963896]  ? nla_validate+0x1c0/0x1c0
[   28.963909]  ? __netlink_ns_capable+0xe1/0x120
[   28.963920]  ? xfrm_send_state_notify+0x1c50/0x1c50
[   28.963928]  xfrm_user_rcv_msg+0x422/0x860
[   28.963935]  ? xfrm_user_rcv_msg+0x422/0x860
[   28.963950]  ? xfrm_dump_sa_done+0xe0/0xe0
[   28.963964]  ? netlink_deliver_tap+0x148/0xcf0
[   28.963973]  ? lock_downgrade+0x980/0x980
[   28.964020]  ? netlink_deliver_tap+0x171/0xcf0
[   28.964039]  netlink_rcv_skb+0x224/0x470
[   28.964047]  ? xfrm_dump_sa_done+0xe0/0xe0
[   28.964057]  ? netlink_ack+0xa10/0xa10
[   28.964072]  ? netlink_skb_destructor+0x1d0/0x1d0
[   28.964091]  xfrm_netlink_rcv+0x6f/0x90
[   28.964100]  netlink_unicast+0x4ee/0x700
[   28.964117]  ? netlink_attachskb+0x8a0/0x8a0
[   28.964134]  ? security_netlink_send+0x81/0xb0
[   28.964147]  netlink_sendmsg+0xa4a/0xe60
[   28.964166]  ? netlink_unicast+0x700/0x700
[   28.964180]  ? security_socket_sendmsg+0x89/0xb0
[   28.964188]  ? netlink_unicast+0x700/0x700
[   28.964201]  sock_sendmsg+0xca/0x110
[   28.964213]  ___sys_sendmsg+0x767/0x8b0
[   28.964229]  ? copy_msghdr_from_user+0x590/0x590
[   28.964252]  ? __do_page_fault+0x5f7/0xc90
[   28.964261]  ? lock_downgrade+0x980/0x980
[   28.964279]  ? __fget_light+0x297/0x380
[   28.964290]  ? fget_raw+0x20/0x20
[   28.964299]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   28.964306]  ? vmacache_find+0x5f/0x280
[   28.964313]  ? vmacache_update+0xfe/0x130
[   28.964330]  ? up_read+0x1a/0x40
[   28.964338]  ? __do_page_fault+0x3d6/0xc90
[   28.964344]  ? get_unused_fd_flags+0x190/0x190
[   28.964362]  ? __fdget+0x18/0x20
[   28.964378]  __sys_sendmsg+0xe5/0x210
[   28.964384]  ? __sys_sendmsg+0xe5/0x210
[   28.964395]  ? SyS_shutdown+0x290/0x290
[   28.964406]  ? __do_page_fault+0xc90/0xc90
[   28.964424]  ? fd_install+0x4d/0x60
[   28.964449]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.964467]  SyS_sendmsg+0x2d/0x50
[   28.964479]  entry_SYSCALL_64_fastpath+0x23/0x9a
[   28.964486] RIP: 0033:0x440059
[   28.964489] RSP: 002b:00007ffdaa1844a8 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   28.964497] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   28.964501] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   28.964505] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   28.964508] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   28.964512] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   28.964560] BUG: sleeping function called from invalid context at mm/slab.h:419
[   28.964565] in_atomic(): 1, irqs_disabled(): 0, pid: 3496, name: syzkaller466182
[   28.964569] 2 locks held by syzkaller466182/3496:
[   28.964571]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000c0aba7b0>] xfrm_netlink_rcv+0x60/0x90
[   28.964586]  #1:  (rcu_read_lock){....}, at: [<00000000c5557572>] xfrm_state_get_afinfo+0x62/0x280
[   28.964603] CPU: 0 PID: 3496 Comm: syzkaller466182 Not tainted 4.15.0-rc6+ #245
[   28.964607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   28.964609] Call Trace:
[   28.964616]  dump_stack+0x194/0x257
[   28.964629]  ? arch_local_irq_restore+0x53/0x53
[   28.964637]  ? print_lock+0x9f/0xa2
[   28.964645]  ? lockdep_print_held_locks+0xc4/0x130
[   28.964661]  ___might_sleep+0x2b2/0x470
[   28.964670]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   28.964692]  __might_sleep+0x95/0x190
[   28.964707]  kmem_cache_alloc_trace+0x298/0x750
[   28.964732]  __request_module+0x2e1/0xc20
[   28.964738]  ? check_noncircular+0x20/0x20
[   28.964747]  ? __xfrm_init_state+0xa61/0xdd0
[   28.964757]  ? free_modprobe_argv+0xa0/0xa0
[   28.964766]  ? check_noncircular+0x20/0x20
[   28.964773]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.964789]  ? check_noncircular+0x20/0x20
[   28.964795]  ? lock_acquire+0x1d5/0x580
[   28.964809]  ? find_held_lock+0x35/0x1d0
[   28.964817]  ? check_noncircular+0x20/0x20
[   28.964835]  ? lock_acquire+0x1d5/0x580
[   28.964840]  ? lock_acquire+0x1d5/0x580
[   28.964847]  ? xfrm_state_get_afinfo+0x62/0x280
[   28.964874]  ? __lock_is_held+0xb6/0x140
[   28.964897]  ? rcu_read_lock_held+0xa9/0xc0
[   28.964904]  ? xfrm_state_get_afinfo+0x138/0x280
[   28.964912]  ? xfrm_state_find+0x3210/0x3210
[   28.964934]  __xfrm_init_state+0xa61/0xdd0
[   28.964952]  ? xfrm_get_mode.part.29+0x260/0x260
[   28.964957]  ? xfrm_find_algo+0x1c4/0x270
[   28.964969]  ? xfrm_add_sa+0x11e1/0x33e0
[   28.964984]  xfrm_add_sa+0x1a09/0x33e0
[   28.965013]  ? xfrm_send_state_notify+0x1c50/0x1c50
[   28.965021]  ? nla_parse+0x29a/0x3d0
[   28.965035]  ? nla_validate+0x1c0/0x1c0
[   28.965046]  ? __netlink_ns_capable+0xe1/0x120
[   28.965058]  ? xfrm_send_state_notify+0x1c50/0x1c50
[   28.965066]  xfrm_user_rcv_msg+0x422/0x860
[   28.965073]  ? xfrm_user_rcv_msg+0x422/0x860
[   28.965087]  ? xfrm_dump_sa_done+0xe0/0xe0
[   28.965101]  ? netlink_deliver_tap+0x148/0xcf0
[   28.965111]  ? lock_downgrade+0x980/0x980
[   28.965155]  ? netlink_deliver_tap+0x171/0xcf0
[   28.965174]  netlink_rcv_skb+0x224/0x470
[   28.965182]  ? xfrm_dump_sa_done+0xe0/0xe0
[   28.965192]  ? netlink_ack+0xa10/0xa10
[   28.965207]  ? netlink_skb_destructor+0x1d0/0x1d0
[   28.965226]  xfrm_netlink_rcv+0x6f/0x90
[   28.965235]  netlink_unicast+0x4ee/0x700
[   28.965252]  ? netlink_attachskb+0x8a0/0x8a0
[   28.965267]  ? security_netlink_send+0x81/0xb0
[   28.965280]  netlink_sendmsg+0xa4a/0xe60
[   28.965299]  ? netlink_unicast+0x700/0x700
[   28.965314]  ? security_socket_sendmsg+0x89/0xb0
[   28.965321]  ? netlink_unicast+0x700/0x700
[   28.965332]  sock_sendmsg+0xca/0x110
[   28.965344]  ___sys_sendmsg+0x767/0x8b0
[   28.965359]  ? copy_msghdr_from_user+0x590/0x590
[   28.965379]  ? __do_page_fault+0x5f7/0xc90
[   28.965389]  ? lock_downgrade+0x980/0x980
[   28.965407]  ? __fget_light+0x297/0x380
[   28.965417]  ? fget_raw+0x20/0x20
[   28.965429]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   28.965435]  ? vmacache_find+0x5f/0x280
[   28.965442]  ? vmacache_update+0xfe/0x130
[   28.965459]  ? up_read+0x1a/0x40
[   28.965467]  ? __do_page_fault+0x3d6/0xc90
[   28.965473]  ? get_unused_fd_flags+0x190/0x190
[   28.965491]  ? __fdget+0x18/0x20
[   28.965507]  __sys_sendmsg+0xe5/0x210
[   28.965512]  ? __sys_sendmsg+0xe5/0x210
[   28.965523]  ? SyS_shutdown+0x290/0x290
[   28.965534]  ? __do_page_fault+0xc90/0xc90
[   28.965548]  ? fd_install+0x4d/0x60
[   28.965574]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.965591]  SyS_sendmsg+0x2d/0x50
[   28.965602]  entry_SYSCALL_64_fastpath+0x23/0x9a
[   28.965607] RIP: 0033:0x440059
[   28.965610] RSP: 002b:00007ffdaa1844a8 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   28.965617] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   28.965621] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   28.965625] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   28.965629] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   28.965633] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   28.965943] BUG: scheduling while atomic: syzkaller466182/3496/0x00000002
[   28.965947] 2 locks held by syzkaller466182/3496:
[   28.965949]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000c0aba7b0>] xfrm_netlink_rcv+0x60/0x90
[   28.965964]  #1:  (rcu_read_lock){....}, at: [<00000000c5557572>] xfrm_state_get_afinfo+0x62/0x280
[   28.965978] Modules linked in:
[   28.965985] Kernel panic - not syncing: scheduling while atomic
[   28.965985] 
[   28.965992] CPU: 0 PID: 3496 Comm: syzkaller466182 Tainted: G        W        4.15.0-rc6+ #245
[   28.965995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   28.965997] Call Trace:
[   28.966008]  dump_stack+0x194/0x257
[   28.966020]  ? arch_local_irq_restore+0x53/0x53
[   28.966031]  ? print_modules+0x194/0x30b
[   28.966038]  ? printk+0xaa/0xca
[   28.966048]  ? vsnprintf+0x1ed/0x1900
[   28.966064]  panic+0x1e4/0x41c
[   28.966072]  ? refcount_error_report+0x214/0x214
[   28.966088]  ? print_lock+0x9f/0xa2
[   28.966107]  __schedule_bug+0x11f/0x130
[   28.966117]  __schedule+0x131c/0x2060
[   28.966136]  ? __sched_text_start+0x8/0x8
[   28.966157]  ? __lock_is_held+0xb6/0x140
[   28.966182]  ? check_noncircular+0x20/0x20
[   28.966197]  ? check_noncircular+0x20/0x20
[   28.966211]  schedule+0xf5/0x430
[   28.966222]  ? __schedule+0x2060/0x2060
[   28.966239]  ? print_irqtrace_events+0x270/0x270
[   28.966258]  ? wait_for_completion_killable+0x3f1/0x820
[   28.966267]  ? lock_downgrade+0x980/0x980
[   28.966280]  schedule_timeout+0x1a3/0x230
[   28.966289]  ? usleep_range+0x190/0x190
[   28.966301]  ? mark_held_locks+0xaf/0x100
[   28.966311]  ? _raw_spin_unlock_irq+0x27/0x70
[   28.966321]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.966337]  wait_for_completion_killable+0x3f9/0x820
[   28.966352]  ? wait_for_completion_interruptible_timeout+0x820/0x820
[   28.966365]  ? __lockdep_init_map+0xe4/0x650
[   28.966378]  ? mark_held_locks+0xaf/0x100
[   28.966390]  ? wake_up_q+0xe0/0xe0
[   28.966399]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.966408]  ? trace_hardirqs_on+0xd/0x10
[   28.966416]  ? queue_work_on+0x106/0x1c0
[   28.966434]  call_usermodehelper_exec+0x2c1/0x480
[   28.966443]  ? usermodehelper_read_lock_wait+0x230/0x230
[   28.966449]  ? dec_ucount+0x1e0/0x1e0
[   28.966469]  ? memcpy+0x45/0x50
[   28.966486]  __request_module+0x41a/0xc20
[   28.966492]  ? check_noncircular+0x20/0x20
[   28.966501]  ? __xfrm_init_state+0xa61/0xdd0
[   28.966510]  ? free_modprobe_argv+0xa0/0xa0
[   28.966520]  ? check_noncircular+0x20/0x20
[   28.966526]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.966543]  ? check_noncircular+0x20/0x20
[   28.966548]  ? lock_acquire+0x1d5/0x580
[   28.966562]  ? find_held_lock+0x35/0x1d0
[   28.966570]  ? check_noncircular+0x20/0x20
[   28.966588]  ? lock_acquire+0x1d5/0x580
[   28.966593]  ? lock_acquire+0x1d5/0x580
[   28.966600]  ? xfrm_state_get_afinfo+0x62/0x280
[   28.966626]  ? __lock_is_held+0xb6/0x140
[   28.966650]  ? rcu_read_lock_held+0xa9/0xc0
[   28.966656]  ? xfrm_state_get_afinfo+0x138/0x280
[   28.966664]  ? xfrm_state_find+0x3210/0x3210
[   28.966686]  __xfrm_init_state+0xa61/0xdd0
[   28.966704]  ? xfrm_get_mode.part.29+0x260/0x260
[   28.966709]  ? xfrm_find_algo+0x1c4/0x270
[   28.966721]  ? xfrm_add_sa+0x11e1/0x33e0
[   28.966736]  xfrm_add_sa+0x1a09/0x33e0
[   28.966762]  ? xfrm_send_state_notify+0x1c50/0x1c50
[   28.966770]  ? nla_parse+0x29a/0x3d0
[   28.966783]  ? nla_validate+0x1c0/0x1c0
[   28.966795]  ? __netlink_ns_capable+0xe1/0x120
[   28.966806]  ? xfrm_send_state_notify+0x1c50/0x1c50
[   28.966814]  xfrm_user_rcv_msg+0x422/0x860
[   28.966821]  ? xfrm_user_rcv_msg+0x422/0x860
[   28.966835]  ? xfrm_dump_sa_done+0xe0/0xe0
[   28.966849]  ? netlink_deliver_tap+0x148/0xcf0
[   28.966858]  ? lock_downgrade+0x980/0x980
[   28.966901]  ? netlink_deliver_tap+0x171/0xcf0
[   28.966920]  netlink_rcv_skb+0x224/0x470
[   28.966928]  ? xfrm_dump_sa_done+0xe0/0xe0
[   28.966938]  ? netlink_ack+0xa10/0xa10
[   28.966952]  ? netlink_skb_destructor+0x1d0/0x1d0
[   28.966971]  xfrm_netlink_rcv+0x6f/0x90
[   28.966980]  netlink_unicast+0x4ee/0x700
[   28.966997]  ? netlink_attachskb+0x8a0/0x8a0
[   28.967012]  ? security_netlink_send+0x81/0xb0
[   28.967024]  netlink_sendmsg+0xa4a/0xe60
[   28.967043]  ? netlink_unicast+0x700/0x700
[   28.967057]  ? security_socket_sendmsg+0x89/0xb0
[   28.967065]  ? netlink_unicast+0x700/0x700
[   28.967075]  sock_sendmsg+0xca/0x110
[   28.967087]  ___sys_sendmsg+0x767/0x8b0
[   28.967102]  ? copy_msghdr_from_user+0x590/0x590
[   28.967122]  ? __do_page_fault+0x5f7/0xc90
[   28.967131]  ? lock_downgrade+0x980/0x980
[   28.967148]  ? __fget_light+0x297/0x380
[   28.967158]  ? fget_raw+0x20/0x20
[   28.967167]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   28.967173]  ? vmacache_find+0x5f/0x280
[   28.967180]  ? vmacache_update+0xfe/0x130
[   28.967196]  ? up_read+0x1a/0x40
[   28.967205]  ? __do_page_fault+0x3d6/0xc90
[   28.967210]  ? get_unused_fd_flags+0x190/0x190
[   28.967229]  ? __fdget+0x18/0x20
[   28.967244]  __sys_sendmsg+0xe5/0x210
[   28.967250]  ? __sys_sendmsg+0xe5/0x210
[   28.967260]  ? SyS_shutdown+0x290/0x290
[   28.967271]  ? __do_page_fault+0xc90/0xc90
[   28.967285]  ? fd_install+0x4d/0x60
[   28.967310]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.967327]  SyS_sendmsg+0x2d/0x50
[   28.967338]  entry_SYSCALL_64_fastpath+0x23/0x9a
[   28.967343] RIP: 0033:0x440059
[   28.967346] RSP: 002b:00007ffdaa1844a8 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   28.967353] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   28.967357] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   28.967361] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   28.967364] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   28.967368] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   28.985404] Dumping ftrace buffer:
[   28.985486]    (ftrace buffer empty)
[   28.985489] Kernel Offset: disabled
[   30.406835] Rebooting in 86400 seconds..