[....] Starting enhanced syslogd: rsyslogd[    9.950528] audit: type=1400 audit(1514772124.752:5): avc:  denied  { syslog } for  pid=2992 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   12.288357] audit: type=1400 audit(1514772127.090:6): avc:  denied  { map } for  pid=3131 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.15.226' (ECDSA) to the list of known hosts.
executing program
[   38.524285] audit: type=1400 audit(1514772153.326:7): avc:  denied  { map } for  pid=3150 comm="syzkaller361979" path="/root/syzkaller361979936" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   38.527051] 
[   38.527056] =============================
[   38.527058] WARNING: suspicious RCU usage
[   38.527061] 4.15.0-rc4-mm1+ #49 Not tainted
[   38.527063] -----------------------------
[   38.527066] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section!
[   38.527068] 
[   38.527068] other info that might help us debug this:
[   38.527068] 
[   38.527070] 
[   38.527070] rcu_scheduler_active = 2, debug_locks = 1
[   38.527073] 2 locks held by syzkaller361979/3150:
[   38.527075]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000730e09cb>] xfrm_netlink_rcv+0x60/0x90
[   38.527089]  #1:  (rcu_read_lock){....}, at: [<00000000e041e823>] xfrm_state_get_afinfo+0x62/0x280
[   38.527101] 
[   38.527101] stack backtrace:
[   38.527106] CPU: 0 PID: 3150 Comm: syzkaller361979 Not tainted 4.15.0-rc4-mm1+ #49
[   38.527108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.527110] Call Trace:
[   38.527117]  dump_stack+0x194/0x257
[   38.527125]  ? arch_local_irq_restore+0x53/0x53
[   38.527142]  lockdep_rcu_suspicious+0x123/0x170
[   38.527151]  ___might_sleep+0x385/0x470
[   38.527156]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   38.527170]  __might_sleep+0x95/0x190
[   38.527181]  kmem_cache_alloc_trace+0x298/0x750
[   38.527198]  __request_module+0x2e1/0xc20
[   38.527202]  ? check_noncircular+0x20/0x20
[   38.527208]  ? __xfrm_init_state+0xa61/0xdd0
[   38.527215]  ? free_modprobe_argv+0xa0/0xa0
[   38.527221]  ? check_noncircular+0x20/0x20
[   38.527232]  ? check_noncircular+0x20/0x20
[   38.527235]  ? lock_acquire+0x1d5/0x580
[   38.527244]  ? find_held_lock+0x35/0x1d0
[   38.527249]  ? check_noncircular+0x20/0x20
[   38.527272]  ? lock_acquire+0x1d5/0x580
[   38.527276]  ? lock_acquire+0x1d5/0x580
[   38.527280]  ? xfrm_state_get_afinfo+0x62/0x280
[   38.527296]  ? __lock_is_held+0xb6/0x140
[   38.527314]  ? rcu_read_lock_held+0xa9/0xc0
[   38.527319]  ? xfrm_state_get_afinfo+0x138/0x280
[   38.527324]  ? xfrm_state_find+0x3210/0x3210
[   38.527339]  __xfrm_init_state+0xa61/0xdd0
[   38.527350]  ? xfrm_get_mode.part.29+0x260/0x260
[   38.527355]  ? xfrm_find_algo+0x1c4/0x270
[   38.527362]  ? xfrm_add_sa+0x11e1/0x33e0
[   38.527371]  xfrm_add_sa+0x1a09/0x33e0
[   38.527387]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   38.527394]  ? nla_parse+0x29a/0x3d0
[   38.527403]  ? nla_validate+0x1c0/0x1c0
[   38.527412]  ? __netlink_ns_capable+0xe1/0x120
[   38.527419]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   38.527423]  xfrm_user_rcv_msg+0x3c8/0x7c0
[   38.527427]  ? xfrm_user_rcv_msg+0x3c8/0x7c0
[   38.527436]  ? xfrm_dump_sa_done+0xe0/0xe0
[   38.527441]  ? lock_downgrade+0x980/0x980
[   38.527449]  ? lock_release+0xa40/0xa40
[   38.527480]  ? netlink_tap_init_net+0x350/0x350
[   38.527489]  netlink_rcv_skb+0x21e/0x460
[   38.527494]  ? xfrm_dump_sa_done+0xe0/0xe0
[   38.527500]  ? netlink_ack+0xa10/0xa10
[   38.527509]  ? netlink_skb_destructor+0x1d0/0x1d0
[   38.527521]  xfrm_netlink_rcv+0x6f/0x90
[   38.527526]  netlink_unicast+0x4be/0x6a0
[   38.527537]  ? netlink_attachskb+0x8a0/0x8a0
[   38.527549]  ? security_netlink_send+0x81/0xb0
[   38.527557]  netlink_sendmsg+0xa4a/0xe60
[   38.527569]  ? netlink_unicast+0x6a0/0x6a0
[   38.527578]  ? security_socket_sendmsg+0x89/0xb0
[   38.527584]  ? netlink_unicast+0x6a0/0x6a0
[   38.527594]  sock_sendmsg+0xca/0x110
[   38.527601]  ___sys_sendmsg+0x767/0x8b0
[   38.527611]  ? copy_msghdr_from_user+0x590/0x590
[   38.527625]  ? __do_page_fault+0x5f7/0xc90
[   38.527631]  ? lock_downgrade+0x980/0x980
[   38.527643]  ? __fget_light+0x297/0x380
[   38.527649]  ? fget_raw+0x20/0x20
[   38.527656]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   38.527659]  ? vmacache_find+0x5f/0x280
[   38.527663]  ? vmacache_update+0xfe/0x130
[   38.527673]  ? up_read+0x1a/0x40
[   38.527679]  ? __do_page_fault+0x3d6/0xc90
[   38.527682]  ? get_unused_fd_flags+0x190/0x190
[   38.527693]  ? __fdget+0x18/0x20
[   38.527703]  __sys_sendmsg+0xe5/0x210
[   38.527707]  ? __sys_sendmsg+0xe5/0x210
[   38.527714]  ? SyS_shutdown+0x290/0x290
[   38.527721]  ? __do_page_fault+0xc90/0xc90
[   38.527729]  ? fd_install+0x4d/0x60
[   38.527745]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   38.527755]  SyS_sendmsg+0x2d/0x50
[   38.527763]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   38.527767] RIP: 0033:0x440059
[   38.527770] RSP: 002b:00007ffe856a0388 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   38.527774] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   38.527777] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   38.527779] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   38.527782] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   38.527784] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   38.527803] BUG: sleeping function called from invalid context at mm/slab.h:420
[   38.527806] in_atomic(): 1, irqs_disabled(): 0, pid: 3150, name: syzkaller361979
[   38.527808] 2 locks held by syzkaller361979/3150:
[   38.527810]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000730e09cb>] xfrm_netlink_rcv+0x60/0x90
[   38.527819]  #1:  (rcu_read_lock){....}, at: [<00000000e041e823>] xfrm_state_get_afinfo+0x62/0x280
[   38.527831] CPU: 0 PID: 3150 Comm: syzkaller361979 Not tainted 4.15.0-rc4-mm1+ #49
[   38.527833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.527834] Call Trace:
[   38.527839]  dump_stack+0x194/0x257
[   38.527846]  ? arch_local_irq_restore+0x53/0x53
[   38.527851]  ? print_lock+0x9f/0xa2
[   38.527856]  ? lockdep_print_held_locks+0xc4/0x130
[   38.527866]  ___might_sleep+0x2b2/0x470
[   38.527872]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   38.527886]  __might_sleep+0x95/0x190
[   38.527894]  kmem_cache_alloc_trace+0x298/0x750
[   38.527910]  __request_module+0x2e1/0xc20
[   38.527914]  ? check_noncircular+0x20/0x20
[   38.527920]  ? __xfrm_init_state+0xa61/0xdd0
[   38.527926]  ? free_modprobe_argv+0xa0/0xa0
[   38.527932]  ? check_noncircular+0x20/0x20
[   38.527943]  ? check_noncircular+0x20/0x20
[   38.527946]  ? lock_acquire+0x1d5/0x580
[   38.527955]  ? find_held_lock+0x35/0x1d0
[   38.527960]  ? check_noncircular+0x20/0x20
[   38.527971]  ? lock_acquire+0x1d5/0x580
[   38.527975]  ? lock_acquire+0x1d5/0x580
[   38.527979]  ? xfrm_state_get_afinfo+0x62/0x280
[   38.527995]  ? __lock_is_held+0xb6/0x140
[   38.528013]  ? rcu_read_lock_held+0xa9/0xc0
[   38.528017]  ? xfrm_state_get_afinfo+0x138/0x280
[   38.528023]  ? xfrm_state_find+0x3210/0x3210
[   38.528037]  __xfrm_init_state+0xa61/0xdd0
[   38.528049]  ? xfrm_get_mode.part.29+0x260/0x260
[   38.528052]  ? xfrm_find_algo+0x1c4/0x270
[   38.528059]  ? xfrm_add_sa+0x11e1/0x33e0
[   38.528069]  xfrm_add_sa+0x1a09/0x33e0
[   38.528084]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   38.528089]  ? nla_parse+0x29a/0x3d0
[   38.528098]  ? nla_validate+0x1c0/0x1c0
[   38.528105]  ? __netlink_ns_capable+0xe1/0x120
[   38.528112]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   38.528117]  xfrm_user_rcv_msg+0x3c8/0x7c0
[   38.528121]  ? xfrm_user_rcv_msg+0x3c8/0x7c0
[   38.528129]  ? xfrm_dump_sa_done+0xe0/0xe0
[   38.528134]  ? lock_downgrade+0x980/0x980
[   38.528142]  ? lock_release+0xa40/0xa40
[   38.528173]  ? netlink_tap_init_net+0x350/0x350
[   38.528182]  netlink_rcv_skb+0x21e/0x460
[   38.528187]  ? xfrm_dump_sa_done+0xe0/0xe0
[   38.528193]  ? netlink_ack+0xa10/0xa10
[   38.528202]  ? netlink_skb_destructor+0x1d0/0x1d0
[   38.528214]  xfrm_netlink_rcv+0x6f/0x90
[   38.528219]  netlink_unicast+0x4be/0x6a0
[   38.528229]  ? netlink_attachskb+0x8a0/0x8a0
[   38.528240]  ? security_netlink_send+0x81/0xb0
[   38.528247]  netlink_sendmsg+0xa4a/0xe60
[   38.528263]  ? netlink_unicast+0x6a0/0x6a0
[   38.528272]  ? security_socket_sendmsg+0x89/0xb0
[   38.528277]  ? netlink_unicast+0x6a0/0x6a0
[   38.528284]  sock_sendmsg+0xca/0x110
[   38.528291]  ___sys_sendmsg+0x767/0x8b0
[   38.528301]  ? copy_msghdr_from_user+0x590/0x590
[   38.528313]  ? __do_page_fault+0x5f7/0xc90
[   38.528319]  ? lock_downgrade+0x980/0x980
[   38.528330]  ? __fget_light+0x297/0x380
[   38.528336]  ? fget_raw+0x20/0x20
[   38.528341]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   38.528344]  ? vmacache_find+0x5f/0x280
[   38.528348]  ? vmacache_update+0xfe/0x130
[   38.528358]  ? up_read+0x1a/0x40
[   38.528364]  ? __do_page_fault+0x3d6/0xc90
[   38.528367]  ? get_unused_fd_flags+0x190/0x190
[   38.528378]  ? __fdget+0x18/0x20
[   38.528388]  __sys_sendmsg+0xe5/0x210
[   38.528392]  ? __sys_sendmsg+0xe5/0x210
[   38.528399]  ? SyS_shutdown+0x290/0x290
[   38.528405]  ? __do_page_fault+0xc90/0xc90
[   38.528414]  ? fd_install+0x4d/0x60
[   38.528429]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   38.528440]  SyS_sendmsg+0x2d/0x50
[   38.528447]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   38.528450] RIP: 0033:0x440059
[   38.528452] RSP: 002b:00007ffe856a0388 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   38.528456] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   38.528459] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   38.528461] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   38.528463] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   38.528466] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   38.528668] BUG: scheduling while atomic: syzkaller361979/3150/0x00000002
[   38.528671] 2 locks held by syzkaller361979/3150:
[   38.528672]  #0:  (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000730e09cb>] xfrm_netlink_rcv+0x60/0x90
[   38.528682]  #1:  (rcu_read_lock){....}, at: [<00000000e041e823>] xfrm_state_get_afinfo+0x62/0x280
[   38.528692] Modules linked in:
[   38.528696] Kernel panic - not syncing: scheduling while atomic
[   38.528696] 
[   38.528700] CPU: 0 PID: 3150 Comm: syzkaller361979 Tainted: G        W        4.15.0-rc4-mm1+ #49
[   38.528702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.528703] Call Trace:
[   38.528708]  dump_stack+0x194/0x257
[   38.528715]  ? arch_local_irq_restore+0x53/0x53
[   38.528723]  ? print_modules+0x194/0x30b
[   38.528728]  ? printk+0xaa/0xca
[   38.528735]  ? vsnprintf+0x1ed/0x1900
[   38.528744]  panic+0x1e4/0x41c
[   38.528750]  ? refcount_error_report+0x214/0x214
[   38.528759]  ? print_lock+0x9f/0xa2
[   38.528771]  __schedule_bug+0x11f/0x130
[   38.528777]  __schedule+0x131c/0x2060
[   38.528789]  ? __sched_text_start+0x8/0x8
[   38.528794]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   38.528801]  ? migrate_swap_stop+0x970/0x970
[   38.528814]  ? check_noncircular+0x20/0x20
[   38.528818]  ? find_held_lock+0x35/0x1d0
[   38.528831]  ? __lock_is_held+0xb6/0x140
[   38.528842]  schedule+0xf5/0x430
[   38.528849]  ? __schedule+0x2060/0x2060
[   38.528859]  ? check_noncircular+0x20/0x20
[   38.528865]  ? __queue_work+0x5b4/0x1230
[   38.528876]  ? lock_release+0xa40/0xa40
[   38.528885]  schedule_timeout+0x59b/0x6f0
[   38.528889]  ? print_irqtrace_events+0x270/0x270
[   38.528899]  ? usleep_range+0x190/0x190
[   38.528903]  ? wait_for_completion_killable+0x3f1/0x820
[   38.528910]  ? lock_downgrade+0x980/0x980
[   38.528917]  ? lock_release+0xa40/0xa40
[   38.528922]  ? ___might_sleep+0x3d8/0x470
[   38.528930]  ? mark_held_locks+0xaf/0x100
[   38.528936]  ? _raw_spin_unlock_irq+0x27/0x70
[   38.528943]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   38.528953]  wait_for_completion_killable+0x3f9/0x820
[   38.528962]  ? wait_for_completion_interruptible_timeout+0x820/0x820
[   38.528971]  ? __lockdep_init_map+0xe4/0x650
[   38.528979]  ? mark_held_locks+0xaf/0x100
[   38.528985]  ? wake_up_q+0xe0/0xe0
[   38.528991]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   38.528996]  ? trace_hardirqs_on+0xd/0x10
[   38.529004]  ? queue_work_on+0x106/0x1c0
[   38.529012]  call_usermodehelper_exec+0x2c1/0x480
[   38.529017]  ? usermodehelper_read_lock_wait+0x230/0x230
[   38.529021]  ? dec_ucount+0x1e0/0x1e0
[   38.529034]  ? memcpy+0x45/0x50
[   38.529044]  __request_module+0x41a/0xc20
[   38.529048]  ? check_noncircular+0x20/0x20
[   38.529054]  ? __xfrm_init_state+0xa61/0xdd0
[   38.529060]  ? free_modprobe_argv+0xa0/0xa0
[   38.529066]  ? check_noncircular+0x20/0x20
[   38.529077]  ? check_noncircular+0x20/0x20
[   38.529080]  ? lock_acquire+0x1d5/0x580
[   38.529089]  ? find_held_lock+0x35/0x1d0
[   38.529094]  ? check_noncircular+0x20/0x20
[   38.529104]  ? lock_acquire+0x1d5/0x580
[   38.529108]  ? lock_acquire+0x1d5/0x580
[   38.529113]  ? xfrm_state_get_afinfo+0x62/0x280
[   38.529128]  ? __lock_is_held+0xb6/0x140
[   38.529143]  ? rcu_read_lock_held+0xa9/0xc0
[   38.529147]  ? xfrm_state_get_afinfo+0x138/0x280
[   38.529153]  ? xfrm_state_find+0x3210/0x3210
[   38.529167]  __xfrm_init_state+0xa61/0xdd0
[   38.529178]  ? xfrm_get_mode.part.29+0x260/0x260
[   38.529182]  ? xfrm_find_algo+0x1c4/0x270
[   38.529189]  ? xfrm_add_sa+0x11e1/0x33e0
[   38.529198]  xfrm_add_sa+0x1a09/0x33e0
[   38.529213]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   38.529218]  ? nla_parse+0x29a/0x3d0
[   38.529226]  ? nla_validate+0x1c0/0x1c0
[   38.529234]  ? __netlink_ns_capable+0xe1/0x120
[   38.529240]  ? xfrm_send_policy_notify+0x13f0/0x13f0
[   38.529245]  xfrm_user_rcv_msg+0x3c8/0x7c0
[   38.529249]  ? xfrm_user_rcv_msg+0x3c8/0x7c0
[   38.529260]  ? xfrm_dump_sa_done+0xe0/0xe0
[   38.529265]  ? lock_downgrade+0x980/0x980
[   38.529273]  ? lock_release+0xa40/0xa40
[   38.529304]  ? netlink_tap_init_net+0x350/0x350
[   38.529312]  netlink_rcv_skb+0x21e/0x460
[   38.529317]  ? xfrm_dump_sa_done+0xe0/0xe0
[   38.529324]  ? netlink_ack+0xa10/0xa10
[   38.529332]  ? netlink_skb_destructor+0x1d0/0x1d0
[   38.529343]  xfrm_netlink_rcv+0x6f/0x90
[   38.529349]  netlink_unicast+0x4be/0x6a0
[   38.529359]  ? netlink_attachskb+0x8a0/0x8a0
[   38.529369]  ? security_netlink_send+0x81/0xb0
[   38.529377]  netlink_sendmsg+0xa4a/0xe60
[   38.529389]  ? netlink_unicast+0x6a0/0x6a0
[   38.529399]  ? security_socket_sendmsg+0x89/0xb0
[   38.529403]  ? netlink_unicast+0x6a0/0x6a0
[   38.529410]  sock_sendmsg+0xca/0x110
[   38.529417]  ___sys_sendmsg+0x767/0x8b0
[   38.529427]  ? copy_msghdr_from_user+0x590/0x590
[   38.529439]  ? __do_page_fault+0x5f7/0xc90
[   38.529445]  ? lock_downgrade+0x980/0x980
[   38.529455]  ? __fget_light+0x297/0x380
[   38.529461]  ? fget_raw+0x20/0x20
[   38.529467]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   38.529470]  ? vmacache_find+0x5f/0x280
[   38.529474]  ? vmacache_update+0xfe/0x130
[   38.529483]  ? up_read+0x1a/0x40
[   38.529489]  ? __do_page_fault+0x3d6/0xc90
[   38.529492]  ? get_unused_fd_flags+0x190/0x190
[   38.529503]  ? __fdget+0x18/0x20
[   38.529513]  __sys_sendmsg+0xe5/0x210
[   38.529517]  ? __sys_sendmsg+0xe5/0x210
[   38.529523]  ? SyS_shutdown+0x290/0x290
[   38.529530]  ? __do_page_fault+0xc90/0xc90
[   38.529538]  ? fd_install+0x4d/0x60
[   38.529554]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   38.529564]  SyS_sendmsg+0x2d/0x50
[   38.529571]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   38.529574] RIP: 0033:0x440059
[   38.529576] RSP: 002b:00007ffe856a0388 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   38.529580] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000440059
[   38.529583] RDX: 0000000000000000 RSI: 0000000020004000 RDI: 0000000000000003
[   38.529585] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   38.529587] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004019c0
[   38.529590] R13: 0000000000401a50 R14: 0000000000000000 R15: 0000000000000000
[   38.550169] Dumping ftrace buffer:
[   38.550231]    (ftrace buffer empty)
[   38.550233] Kernel Offset: disabled
[   39.984479] Rebooting in 86400 seconds..