[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 17.886822] audit: type=1400 audit(1518370489.577:6): avc: denied { map } for pid=4150 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.211' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 30.881874] audit: type=1400 audit(1518370502.572:7): avc: denied { map } for pid=4166 comm="syzkaller308606" path="/root/syzkaller308606670" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 30.910136] [ 30.911823] ============================= [ 30.915970] WARNING: suspicious RCU usage [ 30.920108] 4.15.0+ #308 Not tainted [ 30.923815] ----------------------------- [ 30.927971] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 30.937233] [ 30.937233] other info that might help us debug this: [ 30.937233] [ 30.945363] [ 30.945363] rcu_scheduler_active = 2, debug_locks = 1 [ 30.952027] 1 lock held by syzkaller308606/4166: [ 30.956772] #0: (rcu_read_lock){....}, at: [<0000000063fc954a>] __rds_conn_create+0xe46/0x1b50 [ 30.965712] [ 30.965712] stack backtrace: [ 30.970199] CPU: 0 PID: 4166 Comm: syzkaller308606 Not tainted 4.15.0+ #308 [ 30.977268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.986591] Call Trace: [ 30.989151] dump_stack+0x194/0x257 [ 30.992755] ? arch_local_irq_restore+0x53/0x53 [ 30.997420] lockdep_rcu_suspicious+0x123/0x170 [ 31.002065] ___might_sleep+0x385/0x470 [ 31.006023] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 31.011896] ? __debug_object_init+0x235/0x1040 [ 31.016533] ? lock_acquire+0x1d5/0x580 [ 31.020478] ? debug_mutex_init+0x1c/0x60 [ 31.024602] __might_sleep+0x95/0x190 [ 31.028380] kmem_cache_alloc_trace+0x299/0x740 [ 31.033052] ? lock_acquire+0x1d5/0x580 [ 31.037000] ? lock_acquire+0x1d5/0x580 [ 31.040945] ? __rds_conn_create+0xe46/0x1b50 [ 31.045415] rds_loop_conn_alloc+0xc8/0x380 [ 31.049713] ? rds_loop_conn_free+0x290/0x290 [ 31.054186] ? __init_waitqueue_head+0x97/0x140 [ 31.058829] ? rcutorture_record_progress+0x10/0x10 [ 31.063818] ? __lockdep_init_map+0xe4/0x650 [ 31.068202] __rds_conn_create+0x112f/0x1b50 [ 31.072600] ? rds_conn_drop+0xb0/0xb0 [ 31.076457] ? find_held_lock+0x35/0x1d0 [ 31.080495] ? __might_fault+0x110/0x1d0 [ 31.084537] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 31.090392] ? free_unref_page+0x9e0/0x9e0 [ 31.094598] ? rcu_note_context_switch+0x710/0x710 [ 31.099503] ? kasan_check_write+0x14/0x20 [ 31.103713] ? copyin+0x91/0xb0 [ 31.106967] ? copy_page_from_iter+0x50e/0x7c0 [ 31.111530] ? _copy_from_iter+0xf30/0xf30 [ 31.115740] ? _raw_spin_unlock_bh+0x30/0x40 [ 31.120126] ? rds_message_copy_from_user+0x29e/0x370 [ 31.125291] rds_conn_create_outgoing+0x3f/0x50 [ 31.129937] rds_sendmsg+0xda3/0x2390 [ 31.133712] ? avc_has_perm+0x43e/0x680 [ 31.137672] ? rds_send_drop_to+0x19d0/0x19d0 [ 31.142139] ? _raw_spin_unlock_irq+0x27/0x70 [ 31.146607] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 31.151598] ? find_held_lock+0x35/0x1d0 [ 31.155638] ? sock_has_perm+0x2a4/0x420 [ 31.159670] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 31.165006] ? lock_release+0xa22/0xa40 [ 31.168951] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 31.174806] ? __check_object_size+0x8b/0x530 [ 31.179270] ? __handle_mm_fault+0x80e/0x3ce0 [ 31.183744] ? __might_sleep+0x95/0x190 [ 31.187698] ? selinux_socket_sendmsg+0x36/0x40 [ 31.192340] ? security_socket_sendmsg+0x89/0xb0 [ 31.197070] ? rds_send_drop_to+0x19d0/0x19d0 [ 31.201538] sock_sendmsg+0xca/0x110 [ 31.205227] SYSC_sendto+0x361/0x5c0 [ 31.209349] ? SYSC_connect+0x4a0/0x4a0 [ 31.213300] ? __do_page_fault+0x5f7/0xc90 [ 31.217510] ? lock_downgrade+0x980/0x980 [ 31.221635] ? handle_mm_fault+0x43b/0x970 [ 31.225853] ? up_read+0x1a/0x40 [ 31.229188] ? __do_page_fault+0x3d6/0xc90 [ 31.233401] ? mm_fault_error+0x2c0/0x2c0 [ 31.237529] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 31.243128] SyS_sendto+0x40/0x50 [ 31.246553] ? SyS_getpeername+0x30/0x30 [ 31.250587] do_syscall_64+0x282/0x940 [ 31.254444] ? __do_page_fault+0xc90/0xc90 [ 31.258650] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 31.263379] ? syscall_return_slowpath+0x550/0x550 [ 31.268280] ? syscall_return_slowpath+0x2ac/0x550 [ 31.273179] ? prepare_exit_to_usermode+0x350/0x350 [ 31.278169] ? retint_user+0x18/0x18 [ 31.281858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.286676] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 31.291838] RIP: 0033:0x43fd99 [ 31.294998] RSP: 002b:00007ffc69e946d8 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 31.302677] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 31.309922] RDX: 000000000000fffa RSI: 00000000204b3fff RDI: 0000000000000003 [ 31.317163] RBP: 00000000006ca018 R08: 00000000202b4000 R09: 0000000000000010 [ 31.324405] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 31.331648] R13: 0000000000401750 R14: 0000000000000000 R15: 0000000000000000 [ 31.338959] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 31.346395] in_atomic(): 1, irqs_disabled(): 0, pid: 4166, name: syzkaller308606 [ 31.353925] 1 lock held by syzkaller308606/4166: [ 31.358671] #0: (rcu_read_lock){....}, at: [<0000000063fc954a>] __rds_conn_create+0xe46/0x1b50 [ 31.367612] CPU: 0 PID: 4166 Comm: syzkaller308606 Not tainted 4.15.0+ #308 [ 31.374688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.384014] Call Trace: [ 31.386574] dump_stack+0x194/0x257 [ 31.390174] ? arch_local_irq_restore+0x53/0x53 [ 31.394822] ? print_lock+0x9f/0xa2 [ 31.398431] ? lockdep_print_held_locks+0xc4/0x130 [ 31.403339] ___might_sleep+0x2b2/0x470 [ 31.407283] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 31.413137] ? __debug_object_init+0x235/0x1040 [ 31.417776] ? lock_acquire+0x1d5/0x580 [ 31.421722] ? debug_mutex_init+0x1c/0x60 [ 31.425843] __might_sleep+0x95/0x190 [ 31.429620] kmem_cache_alloc_trace+0x299/0x740 [ 31.434259] ? lock_acquire+0x1d5/0x580 [ 31.438202] ? lock_acquire+0x1d5/0x580 [ 31.442149] ? __rds_conn_create+0xe46/0x1b50 [ 31.446620] rds_loop_conn_alloc+0xc8/0x380 [ 31.450914] ? rds_loop_conn_free+0x290/0x290 [ 31.455384] ? __init_waitqueue_head+0x97/0x140 [ 31.460028] ? rcutorture_record_progress+0x10/0x10 [ 31.465015] ? __lockdep_init_map+0xe4/0x650 [ 31.469402] __rds_conn_create+0x112f/0x1b50 [ 31.473801] ? rds_conn_drop+0xb0/0xb0 [ 31.477657] ? find_held_lock+0x35/0x1d0 [ 31.481699] ? __might_fault+0x110/0x1d0 [ 31.485743] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 31.491596] ? free_unref_page+0x9e0/0x9e0 [ 31.495802] ? rcu_note_context_switch+0x710/0x710 [ 31.500714] ? kasan_check_write+0x14/0x20 [ 31.504919] ? copyin+0x91/0xb0 [ 31.508172] ? copy_page_from_iter+0x50e/0x7c0 [ 31.512731] ? _copy_from_iter+0xf30/0xf30 [ 31.516941] ? _raw_spin_unlock_bh+0x30/0x40 [ 31.521325] ? rds_message_copy_from_user+0x29e/0x370 [ 31.526488] rds_conn_create_outgoing+0x3f/0x50 [ 31.531130] rds_sendmsg+0xda3/0x2390 [ 31.534898] ? avc_has_perm+0x43e/0x680 [ 31.538857] ? rds_send_drop_to+0x19d0/0x19d0 [ 31.543324] ? _raw_spin_unlock_irq+0x27/0x70 [ 31.547793] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 31.552781] ? find_held_lock+0x35/0x1d0 [ 31.556820] ? sock_has_perm+0x2a4/0x420 [ 31.560853] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 31.566186] ? lock_release+0xa22/0xa40 [ 31.570130] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 31.575984] ? __check_object_size+0x8b/0x530 [ 31.580447] ? __handle_mm_fault+0x80e/0x3ce0 [ 31.584916] ? __might_sleep+0x95/0x190 [ 31.588867] ? selinux_socket_sendmsg+0x36/0x40 [ 31.593506] ? security_socket_sendmsg+0x89/0xb0 [ 31.598234] ? rds_send_drop_to+0x19d0/0x19d0 [ 31.603069] sock_sendmsg+0xca/0x110 [ 31.606760] SYSC_sendto+0x361/0x5c0 [ 31.610449] ? SYSC_connect+0x4a0/0x4a0 [ 31.614400] ? __do_page_fault+0x5f7/0xc90 [ 31.618608] ? lock_downgrade+0x980/0x980 [ 31.622738] ? handle_mm_fault+0x43b/0x970 [ 31.626957] ? up_read+0x1a/0x40 [ 31.630292] ? __do_page_fault+0x3d6/0xc90 [ 31.634506] ? mm_fault_error+0x2c0/0x2c0 [ 31.638629] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 31.644141] SyS_sendto+0x40/0x50 [ 31.647563] ? SyS_getpeername+0x30/0x30 [ 31.651595] do_syscall_64+0x282/0x940 [ 31.655453] ? __do_page_fault+0xc90/0xc90 [ 31.659660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 31.664391] ? syscall_return_slowpath+0x550/0x550 [ 31.669293] ? syscall_return_slowpath+0x2ac/0x550 [ 31.674193] ? prepare_exit_to_usermode+0x350/0x350 [ 31.679180] ? retint_user+0x18/0x18 [ 31.682867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.687694] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 31.692860] RIP: 0033:0x43fd99 [ 31.696022] RSP: 002b:00007ffc69e946d8 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 31.703701] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 31.710942] RDX: 000000000000fffa RSI: 00000000204b3fff RDI: 0000000000000003 [ 31.718183] RBP: 00000000006ca018 R08: 00000000202b4000 R09: 0000000000000010 [ 31.725424] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 31.732663] R13: 000000000040175