[....] Starting enhanced syslogd: rsyslogd[   11.294245] audit: type=1400 audit(1514781536.623:5): avc:  denied  { syslog } for  pid=3002 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   17.101603] audit: type=1400 audit(1514781542.430:6): avc:  denied  { map } for  pid=3140 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.60' (ECDSA) to the list of known hosts.
executing program
[   23.324333] audit: type=1400 audit(1514781548.652:7): avc:  denied  { map } for  pid=3155 comm="syzkaller226931" path="/root/syzkaller226931607" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   23.328462] 
[   23.328471] =============================
[   23.328474] WARNING: suspicious RCU usage
[   23.328480] 4.15.0-rc4-next-20171221+ #78 Not tainted
[   23.328482] -----------------------------
[   23.328487] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section!
[   23.328489] 
[   23.328489] other info that might help us debug this:
[   23.328489] 
[   23.328494] 
[   23.328494] rcu_scheduler_active = 2, debug_locks = 1
[   23.328498] 2 locks held by syzkaller226931/3155:
[   23.328500]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<000000002a353eee>] xfrm_netlink_rcv+0x60/0x90
[   23.328526]  #1:  (rcu_read_lock){....}, at: [<0000000051f6adfd>] xfrm_state_get_afinfo+0x62/0x280
[   23.328543] 
[   23.328543] stack backtrace:
[   23.328550] CPU: 1 PID: 3155 Comm: syzkaller226931 Not tainted 4.15.0-rc4-next-20171221+ #78
[   23.328554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   23.328557] Call Trace:
[   23.328566]  dump_stack+0x194/0x257
[   23.328579]  ? arch_local_irq_restore+0x53/0x53
[   23.328606]  lockdep_rcu_suspicious+0x123/0x170
[   23.328620]  ___might_sleep+0x385/0x470
[   23.328629]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   23.328652]  __might_sleep+0x95/0x190
[   23.328669]  kmem_cache_alloc_trace+0x298/0x750
[   23.328695]  __request_module+0x2e1/0xc20
[   23.328702]  ? check_noncircular+0x20/0x20
[   23.328711]  ? __xfrm_init_state+0xa61/0xdd0
[   23.328721]  ? free_modprobe_argv+0xa0/0xa0
[   23.328731]  ? check_noncircular+0x20/0x20
[   23.328749]  ? check_noncircular+0x20/0x20
[   23.328755]  ? lock_acquire+0x1d5/0x580
[   23.328768]  ? find_held_lock+0x35/0x1d0
[   23.328777]  ? check_noncircular+0x20/0x20
[   23.328795]  ? lock_acquire+0x1d5/0x580
[   23.328801]  ? lock_acquire+0x1d5/0x580
[   23.328808]  ? xfrm_state_get_afinfo+0x62/0x280
[   23.328835]  ? __lock_is_held+0xb6/0x140
[   23.328859]  ? rcu_read_lock_held+0xa9/0xc0
[   23.328866]  ? xfrm_state_get_afinfo+0x138/0x280
[   23.328875]  ? xfrm_state_find+0x3210/0x3210
[   23.328899]  __xfrm_init_state+0xa61/0xdd0
[   23.328917]  ? xfrm_get_mode.part.29+0x260/0x260
[   23.328924]  ? xfrm_find_algo+0x1c4/0x270
[   23.328935]  ? xfrm_add_sa+0x11e1/0x33e0
[   23.328950]  xfrm_add_sa+0x1a09/0x33e0
[   23.328976]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   23.328985]  ? nla_parse+0x29a/0x3d0
[   23.328999]  ? nla_validate+0x1c0/0x1c0
[   23.329015]  ? __netlink_ns_capable+0xe1/0x120
[   23.329027]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   23.329035]  xfrm_user_rcv_msg+0x3c8/0x7c0
[   23.329041]  ? xfrm_user_rcv_msg+0x3c8/0x7c0
[   23.329056]  ? xfrm_dump_sa_done+0xe0/0xe0
[   23.329064]  ? lock_downgrade+0x980/0x980
[   23.329077]  ? lock_release+0xa40/0xa40
[   23.329129]  ? netlink_tap_init_net+0x350/0x350
[   23.329143]  netlink_rcv_skb+0x21e/0x460
[   23.329151]  ? xfrm_dump_sa_done+0xe0/0xe0
[   23.329162]  ? netlink_ack+0xa10/0xa10
[   23.329176]  ? netlink_skb_destructor+0x1d0/0x1d0
[   23.329196]  xfrm_netlink_rcv+0x6f/0x90
[   23.329206]  netlink_unicast+0x4be/0x6a0
[   23.329223]  ? netlink_attachskb+0x8a0/0x8a0
[   23.329240]  ? security_netlink_send+0x81/0xb0
[   23.329253]  netlink_sendmsg+0xa4a/0xe60
[   23.329276]  ? netlink_unicast+0x6a0/0x6a0
[   23.329291]  ? security_socket_sendmsg+0x89/0xb0
[   23.329300]  ? netlink_unicast+0x6a0/0x6a0
[   23.329313]  sock_sendmsg+0xca/0x110
[   23.329325]  ___sys_sendmsg+0x767/0x8b0
[   23.329342]  ? copy_msghdr_from_user+0x590/0x590
[   23.329364]  ? __do_page_fault+0x5f7/0xc90
[   23.329374]  ? lock_downgrade+0x980/0x980
[   23.329392]  ? __fget_light+0x297/0x380
[   23.329402]  ? fget_raw+0x20/0x20
[   23.329412]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   23.329417]  ? vmacache_find+0x5f/0x280
[   23.329424]  ? vmacache_update+0xfe/0x130
[   23.329440]  ? up_read+0x1a/0x40
[   23.329449]  ? __do_page_fault+0x3d6/0xc90
[   23.329455]  ? get_unused_fd_flags+0x190/0x190
[   23.329473]  ? __fdget+0x18/0x20
[   23.329489]  __sys_sendmsg+0xe5/0x210
[   23.329495]  ? __sys_sendmsg+0xe5/0x210
[   23.329507]  ? SyS_shutdown+0x290/0x290
[   23.329518]  ? __do_page_fault+0xc90/0xc90
[   23.329532]  ? fd_install+0x4d/0x60
[   23.329557]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   23.329575]  SyS_sendmsg+0x2d/0x50
[   23.329587]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   23.329593] RIP: 0033:0x440059
[   23.329597] RSP: 002b:00007ffdfdfa2308 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   23.329604] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   23.329609] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   23.329612] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   23.329616] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   23.329620] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   23.329676] BUG: sleeping function called from invalid context at mm/slab.h:420
[   23.329681] in_atomic(): 1, irqs_disabled(): 0, pid: 3155, name: syzkaller226931
[   23.329685] 2 locks held by syzkaller226931/3155:
[   23.329687]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<000000002a353eee>] xfrm_netlink_rcv+0x60/0x90
[   23.329703]  #1:  (rcu_read_lock){....}, at: [<0000000051f6adfd>] xfrm_state_get_afinfo+0x62/0x280
[   23.329722] CPU: 1 PID: 3155 Comm: syzkaller226931 Not tainted 4.15.0-rc4-next-20171221+ #78
[   23.329725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   23.329728] Call Trace:
[   23.329734]  dump_stack+0x194/0x257
[   23.329746]  ? arch_local_irq_restore+0x53/0x53
[   23.329754]  ? print_lock+0x9f/0xa2
[   23.329763]  ? lockdep_print_held_locks+0xc4/0x130
[   23.329780]  ___might_sleep+0x2b2/0x470
[   23.329789]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   23.329811]  __might_sleep+0x95/0x190
[   23.329825]  kmem_cache_alloc_trace+0x298/0x750
[   23.329851]  __request_module+0x2e1/0xc20
[   23.329857]  ? check_noncircular+0x20/0x20
[   23.329866]  ? __xfrm_init_state+0xa61/0xdd0
[   23.329876]  ? free_modprobe_argv+0xa0/0xa0
[   23.329886]  ? check_noncircular+0x20/0x20
[   23.329904]  ? check_noncircular+0x20/0x20
[   23.329910]  ? lock_acquire+0x1d5/0x580
[   23.329924]  ? find_held_lock+0x35/0x1d0
[   23.329932]  ? check_noncircular+0x20/0x20
[   23.329950]  ? lock_acquire+0x1d5/0x580
[   23.329956]  ? lock_acquire+0x1d5/0x580
[   23.329964]  ? xfrm_state_get_afinfo+0x62/0x280
[   23.329991]  ? __lock_is_held+0xb6/0x140
[   23.330017]  ? rcu_read_lock_held+0xa9/0xc0
[   23.330025]  ? xfrm_state_get_afinfo+0x138/0x280
[   23.330034]  ? xfrm_state_find+0x3210/0x3210
[   23.330057]  __xfrm_init_state+0xa61/0xdd0
[   23.330076]  ? xfrm_get_mode.part.29+0x260/0x260
[   23.330083]  ? xfrm_find_algo+0x1c4/0x270
[   23.330094]  ? xfrm_add_sa+0x11e1/0x33e0
[   23.330109]  xfrm_add_sa+0x1a09/0x33e0
[   23.330135]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   23.330144]  ? nla_parse+0x29a/0x3d0
[   23.330158]  ? nla_validate+0x1c0/0x1c0
[   23.330170]  ? __netlink_ns_capable+0xe1/0x120
[   23.330181]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   23.330189]  xfrm_user_rcv_msg+0x3c8/0x7c0
[   23.330195]  ? xfrm_user_rcv_msg+0x3c8/0x7c0
[   23.330209]  ? xfrm_dump_sa_done+0xe0/0xe0
[   23.330218]  ? lock_downgrade+0x980/0x980
[   23.330231]  ? lock_release+0xa40/0xa40
[   23.330287]  ? netlink_tap_init_net+0x350/0x350
[   23.330301]  netlink_rcv_skb+0x21e/0x460
[   23.330309]  ? xfrm_dump_sa_done+0xe0/0xe0
[   23.330320]  ? netlink_ack+0xa10/0xa10
[   23.330334]  ? netlink_skb_destructor+0x1d0/0x1d0
[   23.330354]  xfrm_netlink_rcv+0x6f/0x90
[   23.330364]  netlink_unicast+0x4be/0x6a0
[   23.330381]  ? netlink_attachskb+0x8a0/0x8a0
[   23.330397]  ? security_netlink_send+0x81/0xb0
[   23.330410]  netlink_sendmsg+0xa4a/0xe60
[   23.330430]  ? netlink_unicast+0x6a0/0x6a0
[   23.330445]  ? security_socket_sendmsg+0x89/0xb0
[   23.330453]  ? netlink_unicast+0x6a0/0x6a0
[   23.330464]  sock_sendmsg+0xca/0x110
[   23.330477]  ___sys_sendmsg+0x767/0x8b0
[   23.330493]  ? copy_msghdr_from_user+0x590/0x590
[   23.330513]  ? __do_page_fault+0x5f7/0xc90
[   23.330523]  ? lock_downgrade+0x980/0x980
[   23.330540]  ? __fget_light+0x297/0x380
[   23.330550]  ? fget_raw+0x20/0x20
[   23.330559]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   23.330565]  ? vmacache_find+0x5f/0x280
[   23.330571]  ? vmacache_update+0xfe/0x130
[   23.330588]  ? up_read+0x1a/0x40
[   23.330596]  ? __do_page_fault+0x3d6/0xc90
[   23.330602]  ? get_unused_fd_flags+0x190/0x190
[   23.330621]  ? __fdget+0x18/0x20
[   23.330637]  __sys_sendmsg+0xe5/0x210
[   23.330643]  ? __sys_sendmsg+0xe5/0x210
[   23.330654]  ? SyS_shutdown+0x290/0x290
[   23.330665]  ? __do_page_fault+0xc90/0xc90
[   23.330679]  ? fd_install+0x4d/0x60
[   23.330705]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   23.330723]  SyS_sendmsg+0x2d/0x50
[   23.330734]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   23.330739] RIP: 0033:0x440059
[   23.330742] RSP: 002b:00007ffdfdfa2308 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   23.330749] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   23.330753] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   23.330757] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   23.330761] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   23.330765] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   23.331090] BUG: scheduling while atomic: syzkaller226931/3155/0x00000002
[   23.331094] 2 locks held by syzkaller226931/3155:
[   23.331096]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<000000002a353eee>] xfrm_netlink_rcv+0x60/0x90
[   23.331113]  #1:  (rcu_read_lock){....}, at: [<0000000051f6adfd>] xfrm_state_get_afinfo+0x62/0x280
[   23.331129] Modules linked in:
[   23.331136] Kernel panic - not syncing: scheduling while atomic
[   23.331136] 
[   23.331142] CPU: 1 PID: 3155 Comm: syzkaller226931 Tainted: G        W        4.15.0-rc4-next-20171221+ #78
[   23.331146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   23.331148] Call Trace:
[   23.331156]  dump_stack+0x194/0x257
[   23.331167]  ? arch_local_irq_restore+0x53/0x53
[   23.331178]  ? print_modules+0x194/0x30b
[   23.331184]  ? printk+0xaa/0xca
[   23.331195]  ? vsnprintf+0x1ed/0x1900
[   23.331209]  panic+0x1e4/0x41c
[   23.331217]  ? refcount_error_report+0x214/0x214
[   23.331232]  ? print_lock+0x9f/0xa2
[   23.331252]  __schedule_bug+0x11f/0x130
[   23.331262]  __schedule+0x131c/0x2060
[   23.331286]  ? __sched_text_start+0x8/0x8
[   23.331294]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   23.331304]  ? migrate_swap_stop+0x970/0x970
[   23.331326]  ? check_noncircular+0x20/0x20
[   23.331333]  ? find_held_lock+0x35/0x1d0
[   23.331354]  ? __lock_is_held+0xb6/0x140
[   23.331372]  schedule+0xf5/0x430
[   23.331384]  ? __schedule+0x2060/0x2060
[   23.331399]  ? check_noncircular+0x20/0x20
[   23.331407]  ? __queue_work+0x5b4/0x1230
[   23.331424]  ? lock_release+0xa40/0xa40
[   23.331441]  schedule_timeout+0x59b/0x6f0
[   23.331447]  ? print_irqtrace_events+0x270/0x270
[   23.331463]  ? usleep_range+0x190/0x190
[   23.331470]  ? wait_for_completion_killable+0x3f1/0x820
[   23.331479]  ? lock_downgrade+0x980/0x980
[   23.331493]  ? lock_release+0xa40/0xa40
[   23.331500]  ? ___might_sleep+0x3d8/0x470
[   23.331513]  ? mark_held_locks+0xaf/0x100
[   23.331523]  ? _raw_spin_unlock_irq+0x27/0x70
[   23.331534]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   23.331550]  wait_for_completion_killable+0x3f9/0x820
[   23.331566]  ? wait_for_completion_interruptible_timeout+0x820/0x820
[   23.331579]  ? retint_kernel+0x10/0x10
[   23.331599]  ? wake_up_q+0xe0/0xe0
[   23.331608]  ? queue_work_on+0xfc/0x1c0
[   23.331619]  ? queue_work_on+0x106/0x1c0
[   23.331632]  call_usermodehelper_exec+0x2c1/0x480
[   23.331641]  ? usermodehelper_read_lock_wait+0x230/0x230
[   23.331647]  ? dec_ucount+0x1e0/0x1e0
[   23.331667]  ? memcpy+0x45/0x50
[   23.331684]  __request_module+0x41a/0xc20
[   23.331690]  ? check_noncircular+0x20/0x20
[   23.331699]  ? __xfrm_init_state+0xa61/0xdd0
[   23.331709]  ? free_modprobe_argv+0xa0/0xa0
[   23.331719]  ? check_noncircular+0x20/0x20
[   23.331737]  ? check_noncircular+0x20/0x20
[   23.331743]  ? lock_acquire+0x1d5/0x580
[   23.331757]  ? find_held_lock+0x35/0x1d0
[   23.331765]  ? check_noncircular+0x20/0x20
[   23.331782]  ? lock_acquire+0x1d5/0x580
[   23.331788]  ? lock_acquire+0x1d5/0x580
[   23.331795]  ? xfrm_state_get_afinfo+0x62/0x280
[   23.331821]  ? __lock_is_held+0xb6/0x140
[   23.331845]  ? rcu_read_lock_held+0xa9/0xc0
[   23.331852]  ? xfrm_state_get_afinfo+0x138/0x280
[   23.331861]  ? xfrm_state_find+0x3210/0x3210
[   23.331883]  __xfrm_init_state+0xa61/0xdd0
[   23.331902]  ? xfrm_get_mode.part.29+0x260/0x260
[   23.331908]  ? xfrm_find_algo+0x1c4/0x270
[   23.331919]  ? xfrm_add_sa+0x11e1/0x33e0
[   23.331934]  xfrm_add_sa+0x1a09/0x33e0
[   23.331959]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   23.331967]  ? nla_parse+0x29a/0x3d0
[   23.331981]  ? nla_validate+0x1c0/0x1c0
[   23.331993]  ? __netlink_ns_capable+0xe1/0x120
[   23.332006]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   23.332014]  xfrm_user_rcv_msg+0x3c8/0x7c0
[   23.332021]  ? xfrm_user_rcv_msg+0x3c8/0x7c0
[   23.332035]  ? xfrm_dump_sa_done+0xe0/0xe0
[   23.332043]  ? lock_downgrade+0x980/0x980
[   23.332056]  ? lock_release+0xa40/0xa40
[   23.332107]  ? netlink_tap_init_net+0x350/0x350
[   23.332121]  netlink_rcv_skb+0x21e/0x460
[   23.332129]  ? xfrm_dump_sa_done+0xe0/0xe0
[   23.332139]  ? netlink_ack+0xa10/0xa10
[   23.332153]  ? netlink_skb_destructor+0x1d0/0x1d0
[   23.332173]  xfrm_netlink_rcv+0x6f/0x90
[   23.332183]  netlink_unicast+0x4be/0x6a0
[   23.332199]  ? netlink_attachskb+0x8a0/0x8a0
[   23.332215]  ? security_netlink_send+0x81/0xb0
[   23.332228]  netlink_sendmsg+0xa4a/0xe60
[   23.332247]  ? netlink_unicast+0x6a0/0x6a0
[   23.332263]  ? security_socket_sendmsg+0x89/0xb0
[   23.332275]  ? netlink_unicast+0x6a0/0x6a0
[   23.332285]  sock_sendmsg+0xca/0x110
[   23.332297]  ___sys_sendmsg+0x767/0x8b0
[   23.332314]  ? copy_msghdr_from_user+0x590/0x590
[   23.332333]  ? __do_page_fault+0x5f7/0xc90
[   23.332343]  ? lock_downgrade+0x980/0x980
[   23.332360]  ? __fget_light+0x297/0x380
[   23.332370]  ? fget_raw+0x20/0x20
[   23.332379]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   23.332384]  ? vmacache_find+0x5f/0x280
[   23.332391]  ? vmacache_update+0xfe/0x130
[   23.332407]  ? up_read+0x1a/0x40
[   23.332416]  ? __do_page_fault+0x3d6/0xc90
[   23.332421]  ? get_unused_fd_flags+0x190/0x190
[   23.332439]  ? __fdget+0x18/0x20
[   23.332455]  __sys_sendmsg+0xe5/0x210
[   23.332462]  ? __sys_sendmsg+0xe5/0x210
[   23.332473]  ? SyS_shutdown+0x290/0x290
[   23.332484]  ? __do_page_fault+0xc90/0xc90
[   23.332498]  ? fd_install+0x4d/0x60
[   23.332523]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   23.332540]  SyS_sendmsg+0x2d/0x50
[   23.332551]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   23.332556] RIP: 0033:0x440059
[   23.332560] RSP: 002b:00007ffdfdfa2308 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   23.332567] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   23.332571] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   23.332574] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   23.332578] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   23.332582] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   23.350689] Dumping ftrace buffer:
[   23.350781]    (ftrace buffer empty)
[   23.350783] Kernel Offset: disabled
[   24.780755] Rebooting in 86400 seconds..