[....] Starting enhanced syslogd: rsyslogd[ 14.558826] audit: type=1400 audit(1518420385.167:5): avc: denied { syslog } for pid=3982 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.367231] audit: type=1400 audit(1518420388.975:6): avc: denied { map } for pid=4131 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.48' (ECDSA) to the list of known hosts. executing program [ 36.106839] audit: type=1400 audit(1518420406.715:7): avc: denied { map } for pid=4149 comm="syzkaller991122" path="/root/syzkaller991122585" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 36.133549] [ 36.135238] ============================= [ 36.139387] WARNING: suspicious RCU usage [ 36.143531] 4.15.0+ #222 Not tainted [ 36.147244] ----------------------------- [ 36.151378] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 36.160642] [ 36.160642] other info that might help us debug this: [ 36.160642] [ 36.168775] [ 36.168775] rcu_scheduler_active = 2, debug_locks = 1 [ 36.175435] 1 lock held by syzkaller991122/4149: [ 36.180182] #0: (rcu_read_lock){....}, at: [<000000003061f5b8>] __rds_conn_create+0xe46/0x1b50 [ 36.189131] [ 36.189131] stack backtrace: [ 36.193628] CPU: 1 PID: 4149 Comm: syzkaller991122 Not tainted 4.15.0+ #222 [ 36.200697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.210026] Call Trace: [ 36.212587] dump_stack+0x194/0x257 [ 36.216188] ? arch_local_irq_restore+0x53/0x53 [ 36.220842] lockdep_rcu_suspicious+0x123/0x170 [ 36.225487] ___might_sleep+0x385/0x470 [ 36.229438] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 36.235291] ? __debug_object_init+0x235/0x1040 [ 36.239932] ? debug_mutex_init+0x1c/0x60 [ 36.244055] __might_sleep+0x95/0x190 [ 36.247831] kmem_cache_alloc_trace+0x299/0x740 [ 36.252474] ? lock_acquire+0x1d5/0x580 [ 36.256419] ? lock_acquire+0x1d5/0x580 [ 36.260366] ? __rds_conn_create+0xe46/0x1b50 [ 36.264845] rds_loop_conn_alloc+0xc8/0x380 [ 36.269140] ? rds_loop_conn_free+0x290/0x290 [ 36.273612] ? __init_waitqueue_head+0x97/0x140 [ 36.278259] ? rcutorture_record_progress+0x10/0x10 [ 36.283251] ? __lockdep_init_map+0xe4/0x650 [ 36.287634] __rds_conn_create+0x112f/0x1b50 [ 36.292032] ? rds_conn_drop+0xb0/0xb0 [ 36.295901] ? __raw_spin_lock_init+0x1c/0x100 [ 36.300455] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.305447] ? __lockdep_init_map+0xe4/0x650 [ 36.309827] ? lockdep_init_map+0x9/0x10 [ 36.313858] ? __init_waitqueue_head+0x97/0x140 [ 36.318508] ? init_wait_entry+0x1b0/0x1b0 [ 36.322718] ? lockdep_init_map+0x9/0x10 [ 36.326753] ? rds_message_alloc+0x28c/0x330 [ 36.331131] ? rds_message_next_extension+0x210/0x210 [ 36.336291] ? trace_hardirqs_on+0xd/0x10 [ 36.340416] ? _raw_spin_unlock_bh+0x30/0x40 [ 36.344806] ? __release_sock+0x360/0x360 [ 36.348932] ? lock_sock_nested+0x91/0x110 [ 36.353144] rds_conn_create_outgoing+0x3f/0x50 [ 36.357786] rds_sendmsg+0xda3/0x2390 [ 36.361557] ? avc_has_perm+0x43e/0x680 [ 36.365519] ? rds_send_drop_to+0x19d0/0x19d0 [ 36.369983] ? _raw_spin_unlock_irq+0x27/0x70 [ 36.374453] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.379444] ? find_held_lock+0x35/0x1d0 [ 36.383483] ? sock_has_perm+0x2a4/0x420 [ 36.387517] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 36.392847] ? lock_release+0xa02/0xa40 [ 36.396791] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 36.402646] ? __check_object_size+0x8b/0x530 [ 36.407111] ? __handle_mm_fault+0x80e/0x3ce0 [ 36.411583] ? __might_sleep+0x95/0x190 [ 36.415532] ? selinux_socket_sendmsg+0x36/0x40 [ 36.420173] ? security_socket_sendmsg+0x89/0xb0 [ 36.424900] ? rds_send_drop_to+0x19d0/0x19d0 [ 36.429377] sock_sendmsg+0xca/0x110 [ 36.433069] SYSC_sendto+0x361/0x5c0 [ 36.436759] ? SYSC_connect+0x4a0/0x4a0 [ 36.440711] ? __do_page_fault+0x5f7/0xc90 [ 36.444918] ? lock_downgrade+0x980/0x980 [ 36.449047] ? handle_mm_fault+0x43b/0x970 [ 36.453264] ? up_read+0x1a/0x40 [ 36.456601] ? __do_page_fault+0x3d6/0xc90 [ 36.460816] ? mm_fault_error+0x2c0/0x2c0 [ 36.464935] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 36.470447] SyS_sendto+0x40/0x50 [ 36.473873] ? SyS_getpeername+0x30/0x30 [ 36.477908] do_syscall_64+0x282/0x940 [ 36.481764] ? __do_page_fault+0xc90/0xc90 [ 36.485968] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 36.491477] ? syscall_return_slowpath+0x550/0x550 [ 36.496379] ? syscall_return_slowpath+0x2ac/0x550 [ 36.501286] ? retint_user+0x18/0x18 [ 36.504974] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.509795] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 36.514952] RIP: 0033:0x43fd99 [ 36.518117] RSP: 002b:00007ffecc940d68 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 36.525801] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 36.533042] RDX: 0000000000000000 RSI: 0000000020218000 RDI: 0000000000000003 [ 36.540283] RBP: 00000000006ca018 R08: 0000000020062000 R09: 0000000000000010 [ 36.547522] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 36.554760] R13: 0000000000401750 R14: 0000000000000000 R15: 0000000000000000 [ 36.562191] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 36.569638] in_atomic(): 1, irqs_disabled(): 0, pid: 4149, name: syzkaller991122 [ 36.577165] 1 lock held by syzkaller991122/4149: [ 36.581908] #0: (rcu_read_lock){....}, at: [<000000003061f5b8>] __rds_conn_create+0xe46/0x1b50 [ 36.590841] CPU: 1 PID: 4149 Comm: syzkaller991122 Not tainted 4.15.0+ #222 [ 36.597907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.607227] Call Trace: [ 36.609783] dump_stack+0x194/0x257 [ 36.613383] ? arch_local_irq_restore+0x53/0x53 [ 36.618024] ? print_lock+0x9f/0xa2 [ 36.621624] ? lockdep_print_held_locks+0xc4/0x130 [ 36.626529] ___might_sleep+0x2b2/0x470 [ 36.630476] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 36.636332] ? __debug_object_init+0x235/0x1040 [ 36.640987] ? debug_mutex_init+0x1c/0x60 [ 36.645114] __might_sleep+0x95/0x190 [ 36.648889] kmem_cache_alloc_trace+0x299/0x740 [ 36.653538] ? lock_acquire+0x1d5/0x580 [ 36.657483] ? lock_acquire+0x1d5/0x580 [ 36.661428] ? __rds_conn_create+0xe46/0x1b50 [ 36.665898] rds_loop_conn_alloc+0xc8/0x380 [ 36.670189] ? rds_loop_conn_free+0x290/0x290 [ 36.674655] ? __init_waitqueue_head+0x97/0x140 [ 36.679295] ? rcutorture_record_progress+0x10/0x10 [ 36.684284] ? __lockdep_init_map+0xe4/0x650 [ 36.688666] __rds_conn_create+0x112f/0x1b50 [ 36.693063] ? rds_conn_drop+0xb0/0xb0 [ 36.696932] ? __raw_spin_lock_init+0x1c/0x100 [ 36.701487] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.706479] ? __lockdep_init_map+0xe4/0x650 [ 36.710860] ? lockdep_init_map+0x9/0x10 [ 36.714892] ? __init_waitqueue_head+0x97/0x140 [ 36.719530] ? init_wait_entry+0x1b0/0x1b0 [ 36.723738] ? lockdep_init_map+0x9/0x10 [ 36.727772] ? rds_message_alloc+0x28c/0x330 [ 36.732152] ? rds_message_next_extension+0x210/0x210 [ 36.737309] ? trace_hardirqs_on+0xd/0x10 [ 36.741431] ? _raw_spin_unlock_bh+0x30/0x40 [ 36.745813] ? __release_sock+0x360/0x360 [ 36.749928] ? lock_sock_nested+0x91/0x110 [ 36.754138] rds_conn_create_outgoing+0x3f/0x50 [ 36.758782] rds_sendmsg+0xda3/0x2390 [ 36.762554] ? avc_has_perm+0x43e/0x680 [ 36.766510] ? rds_send_drop_to+0x19d0/0x19d0 [ 36.770977] ? _raw_spin_unlock_irq+0x27/0x70 [ 36.775445] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.780437] ? find_held_lock+0x35/0x1d0 [ 36.784480] ? sock_has_perm+0x2a4/0x420 [ 36.788514] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 36.793848] ? lock_release+0xa02/0xa40 [ 36.797795] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 36.803652] ? __check_object_size+0x8b/0x530 [ 36.808117] ? __handle_mm_fault+0x80e/0x3ce0 [ 36.812586] ? __might_sleep+0x95/0x190 [ 36.816535] ? selinux_socket_sendmsg+0x36/0x40 [ 36.821175] ? security_socket_sendmsg+0x89/0xb0 [ 36.825901] ? rds_send_drop_to+0x19d0/0x19d0 [ 36.830368] sock_sendmsg+0xca/0x110 [ 36.834054] SYSC_sendto+0x361/0x5c0 [ 36.837745] ? SYSC_connect+0x4a0/0x4a0 [ 36.841698] ? __do_page_fault+0x5f7/0xc90 [ 36.845901] ? lock_downgrade+0x980/0x980 [ 36.850026] ? handle_mm_fault+0x43b/0x970 [ 36.854242] ? up_read+0x1a/0x40 [ 36.857577] ? __do_page_fault+0x3d6/0xc90 [ 36.861790] ? mm_fault_error+0x2c0/0x2c0 [ 36.865913] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 36.871422] SyS_sendto+0x40/0x50 [ 36.874851] ? SyS_getpeername+0x30/0x30 [ 36.878890] do_syscall_64+0x282/0x940 [ 36.882752] ? __do_page_fault+0xc90/0xc90 [ 36.886957] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 36.892463] ? syscall_return_slowpath+0x550/0x550 [ 36.897362] ? syscall_return_slowpath+0x2ac/0x550 [ 36.902267] ? retint_user+0x18/0x18 [ 36.905959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.910778] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 36.915937] RIP: 0033:0x43fd99 [ 36.919095] RSP: 002b:00007ffecc940d68 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 36.926774] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 36.934014] RDX: 0000000000000000 RSI: 0000000020218000 RDI: 0000000000000003 [ 36.941254] RBP: 00000000006ca018 R08: 0000000020062000 R09: 0000000000000010 [ 36.948496] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 36.955733] R13: 0000000000401750 R14: 00000000000000