[....] Starting enhanced syslogd: rsyslogd[ 15.269908] audit: type=1400 audit(1518280387.965:5): avc: denied { syslog } for pid=4004 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.795846] audit: type=1400 audit(1518280392.491:6): avc: denied { map } for pid=4146 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.213' (ECDSA) to the list of known hosts. executing program [ 35.219007] audit: type=1400 audit(1518280407.914:7): avc: denied { map } for pid=4163 comm="syzkaller449891" path="/root/syzkaller449891826" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 35.245805] [ 35.247532] ============================= [ 35.251681] WARNING: suspicious RCU usage [ 35.255822] 4.15.0+ #307 Not tainted [ 35.259537] ----------------------------- [ 35.263687] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 35.273378] [ 35.273378] other info that might help us debug this: [ 35.273378] [ 35.281527] [ 35.281527] rcu_scheduler_active = 2, debug_locks = 1 [ 35.288189] 1 lock held by syzkaller449891/4163: [ 35.292935] #0: (rcu_read_lock){....}, at: [<000000008ca3fef6>] __rds_conn_create+0xe46/0x1b50 [ 35.301875] [ 35.301875] stack backtrace: [ 35.306365] CPU: 0 PID: 4163 Comm: syzkaller449891 Not tainted 4.15.0+ #307 [ 35.313436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.322763] Call Trace: [ 35.325325] dump_stack+0x194/0x257 [ 35.328926] ? arch_local_irq_restore+0x53/0x53 [ 35.333579] lockdep_rcu_suspicious+0x123/0x170 [ 35.338224] ___might_sleep+0x385/0x470 [ 35.342172] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 35.348028] ? __debug_object_init+0x235/0x1040 [ 35.352671] ? debug_mutex_init+0x1c/0x60 [ 35.356794] __might_sleep+0x95/0x190 [ 35.360571] kmem_cache_alloc_trace+0x299/0x740 [ 35.365215] ? lock_acquire+0x1d5/0x580 [ 35.369161] ? lock_acquire+0x1d5/0x580 [ 35.373109] ? __rds_conn_create+0xe46/0x1b50 [ 35.377581] rds_loop_conn_alloc+0xc8/0x380 [ 35.381875] ? rds_loop_conn_free+0x290/0x290 [ 35.386353] ? __init_waitqueue_head+0x97/0x140 [ 35.390999] ? rcutorture_record_progress+0x10/0x10 [ 35.395990] ? __lockdep_init_map+0xe4/0x650 [ 35.400374] __rds_conn_create+0x112f/0x1b50 [ 35.404782] ? rds_conn_drop+0xb0/0xb0 [ 35.408654] ? __raw_spin_lock_init+0x1c/0x100 [ 35.413216] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 35.418213] ? __lockdep_init_map+0xe4/0x650 [ 35.422596] ? lockdep_init_map+0x9/0x10 [ 35.426630] ? __init_waitqueue_head+0x97/0x140 [ 35.431272] ? init_wait_entry+0x1b0/0x1b0 [ 35.435483] ? lockdep_init_map+0x9/0x10 [ 35.439523] ? rds_message_alloc+0x28c/0x330 [ 35.443905] ? rds_message_next_extension+0x210/0x210 [ 35.449069] ? trace_hardirqs_on+0xd/0x10 [ 35.453200] ? _raw_spin_unlock_bh+0x30/0x40 [ 35.457597] ? __release_sock+0x360/0x360 [ 35.461717] ? lock_sock_nested+0x91/0x110 [ 35.465927] rds_conn_create_outgoing+0x3f/0x50 [ 35.470571] rds_sendmsg+0xda3/0x2390 [ 35.474343] ? avc_has_perm+0x43e/0x680 [ 35.478305] ? rds_send_drop_to+0x19d0/0x19d0 [ 35.482771] ? _raw_spin_unlock_irq+0x27/0x70 [ 35.487239] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 35.492230] ? find_held_lock+0x35/0x1d0 [ 35.496273] ? sock_has_perm+0x2a4/0x420 [ 35.500308] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 35.505652] ? lock_release+0xa02/0xa40 [ 35.509611] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 35.515475] ? __check_object_size+0x8b/0x530 [ 35.519943] ? __handle_mm_fault+0x80e/0x3ce0 [ 35.524419] ? __might_sleep+0x95/0x190 [ 35.528372] ? selinux_socket_sendmsg+0x36/0x40 [ 35.533014] ? security_socket_sendmsg+0x89/0xb0 [ 35.537749] ? rds_send_drop_to+0x19d0/0x19d0 [ 35.542221] sock_sendmsg+0xca/0x110 [ 35.545912] SYSC_sendto+0x361/0x5c0 [ 35.549606] ? SYSC_connect+0x4a0/0x4a0 [ 35.553562] ? __do_page_fault+0x5f7/0xc90 [ 35.557771] ? lock_downgrade+0x980/0x980 [ 35.561903] ? handle_mm_fault+0x43b/0x970 [ 35.566122] ? up_read+0x1a/0x40 [ 35.569479] ? __do_page_fault+0x3d6/0xc90 [ 35.573694] ? mm_fault_error+0x2c0/0x2c0 [ 35.577826] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 35.583338] SyS_sendto+0x40/0x50 [ 35.586766] ? SyS_getpeername+0x30/0x30 [ 35.590801] do_syscall_64+0x282/0x940 [ 35.594658] ? __do_page_fault+0xc90/0xc90 [ 35.598863] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 35.603679] ? syscall_return_slowpath+0x550/0x550 [ 35.608589] ? syscall_return_slowpath+0x2ac/0x550 [ 35.613500] ? prepare_exit_to_usermode+0x350/0x350 [ 35.618506] ? retint_user+0x18/0x18 [ 35.622200] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.627020] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 35.632181] RIP: 0033:0x43fd99 [ 35.635350] RSP: 002b:00007fff0d238b88 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 35.643030] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 35.650273] RDX: 0000000000000000 RSI: 0000000020dbf000 RDI: 0000000000000003 [ 35.657512] RBP: 00000000006ca018 R08: 0000000020b2d000 R09: 0000000000000010 [ 35.664754] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 35.671994] R13: 0000000000401750 R14: 0000000000000000 R15: 0000000000000000 [ 35.679308] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 35.686750] in_atomic(): 1, irqs_disabled(): 0, pid: 4163, name: syzkaller449891 [ 35.694278] 1 lock held by syzkaller449891/4163: [ 35.699023] #0: (rcu_read_lock){....}, at: [<000000008ca3fef6>] __rds_conn_create+0xe46/0x1b50 [ 35.707960] CPU: 0 PID: 4163 Comm: syzkaller449891 Not tainted 4.15.0+ #307 [ 35.715030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.724356] Call Trace: [ 35.726918] dump_stack+0x194/0x257 [ 35.730531] ? arch_local_irq_restore+0x53/0x53 [ 35.735173] ? print_lock+0x9f/0xa2 [ 35.738774] ? lockdep_print_held_locks+0xc4/0x130 [ 35.743680] ___might_sleep+0x2b2/0x470 [ 35.747629] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 35.753483] ? __debug_object_init+0x235/0x1040 [ 35.758127] ? debug_mutex_init+0x1c/0x60 [ 35.762255] __might_sleep+0x95/0x190 [ 35.766034] kmem_cache_alloc_trace+0x299/0x740 [ 35.770678] ? lock_acquire+0x1d5/0x580 [ 35.774623] ? lock_acquire+0x1d5/0x580 [ 35.778573] ? __rds_conn_create+0xe46/0x1b50 [ 35.783045] rds_loop_conn_alloc+0xc8/0x380 [ 35.787342] ? rds_loop_conn_free+0x290/0x290 [ 35.791811] ? __init_waitqueue_head+0x97/0x140 [ 35.796455] ? rcutorture_record_progress+0x10/0x10 [ 35.801443] ? __lockdep_init_map+0xe4/0x650 [ 35.805835] __rds_conn_create+0x112f/0x1b50 [ 35.810235] ? rds_conn_drop+0xb0/0xb0 [ 35.814102] ? __raw_spin_lock_init+0x1c/0x100 [ 35.818668] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 35.823663] ? __lockdep_init_map+0xe4/0x650 [ 35.828051] ? lockdep_init_map+0x9/0x10 [ 35.832085] ? __init_waitqueue_head+0x97/0x140 [ 35.836726] ? init_wait_entry+0x1b0/0x1b0 [ 35.840936] ? lockdep_init_map+0x9/0x10 [ 35.844975] ? rds_message_alloc+0x28c/0x330 [ 35.849356] ? rds_message_next_extension+0x210/0x210 [ 35.854529] ? trace_hardirqs_on+0xd/0x10 [ 35.858664] ? _raw_spin_unlock_bh+0x30/0x40 [ 35.863055] ? __release_sock+0x360/0x360 [ 35.867173] ? lock_sock_nested+0x91/0x110 [ 35.871385] rds_conn_create_outgoing+0x3f/0x50 [ 35.876031] rds_sendmsg+0xda3/0x2390 [ 35.879805] ? avc_has_perm+0x43e/0x680 [ 35.883764] ? rds_send_drop_to+0x19d0/0x19d0 [ 35.888232] ? _raw_spin_unlock_irq+0x27/0x70 [ 35.892702] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 35.897691] ? find_held_lock+0x35/0x1d0 [ 35.901735] ? sock_has_perm+0x2a4/0x420 [ 35.905771] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 35.911105] ? lock_release+0xa02/0xa40 [ 35.915054] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 35.920909] ? __check_object_size+0x8b/0x530 [ 35.925376] ? __handle_mm_fault+0x80e/0x3ce0 [ 35.929851] ? __might_sleep+0x95/0x190 [ 35.933804] ? selinux_socket_sendmsg+0x36/0x40 [ 35.938448] ? security_socket_sendmsg+0x89/0xb0 [ 35.943177] ? rds_send_drop_to+0x19d0/0x19d0 [ 35.947645] sock_sendmsg+0xca/0x110 [ 35.951330] SYSC_sendto+0x361/0x5c0 [ 35.955019] ? SYSC_connect+0x4a0/0x4a0 [ 35.958977] ? __do_page_fault+0x5f7/0xc90 [ 35.963187] ? lock_downgrade+0x980/0x980 [ 35.967315] ? handle_mm_fault+0x43b/0x970 [ 35.971536] ? up_read+0x1a/0x40 [ 35.974875] ? __do_page_fault+0x3d6/0xc90 [ 35.979088] ? mm_fault_error+0x2c0/0x2c0 [ 35.983209] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 35.988720] SyS_sendto+0x40/0x50 [ 35.992146] ? SyS_getpeername+0x30/0x30 [ 35.996181] do_syscall_64+0x282/0x940 [ 36.000038] ? __do_page_fault+0xc90/0xc90 [ 36.004243] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 36.008986] ? syscall_return_slowpath+0x550/0x550 [ 36.013888] ? syscall_return_slowpath+0x2ac/0x550 [ 36.018797] ? prepare_exit_to_usermode+0x350/0x350 [ 36.023792] ? retint_user+0x18/0x18 [ 36.027485] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.032311] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 36.037473] RIP: 0033:0x43fd99 [ 36.040633] RSP: 002b:00007fff0d238b88 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 36.048315] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 36.055555] RDX: 0000000000000000 RSI: 0000000020dbf000 RDI: 0000000000000003 [ 36.062798] RBP: 00000000006ca018 R08: 0000000020b2d000 R09: 0000000000000010 [ 36.070038] R10: 000000000000