[....] Starting enhanced syslogd: rsyslogd[ 16.724429] audit: type=1400 audit(1518325279.698:5): avc: denied { syslog } for pid=3972 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.150718] audit: type=1400 audit(1518325286.124:6): avc: denied { map } for pid=4111 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts. executing program [ 29.470441] audit: type=1400 audit(1518325292.444:7): avc: denied { map } for pid=4125 comm="syzkaller389225" path="/root/syzkaller389225568" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 29.498091] [ 29.499803] ============================= [ 29.503975] WARNING: suspicious RCU usage [ 29.508139] 4.15.0+ #218 Not tainted [ 29.511882] ----------------------------- [ 29.516086] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 29.525378] [ 29.525378] other info that might help us debug this: [ 29.525378] [ 29.533549] [ 29.533549] rcu_scheduler_active = 2, debug_locks = 1 [ 29.540237] 1 lock held by syzkaller389225/4125: [ 29.545035] #0: (rcu_read_lock){....}, at: [<000000003e5f3d13>] __rds_conn_create+0xe46/0x1b50 [ 29.554026] [ 29.554026] stack backtrace: [ 29.558579] CPU: 1 PID: 4125 Comm: syzkaller389225 Not tainted 4.15.0+ #218 [ 29.565663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.574998] Call Trace: [ 29.577576] dump_stack+0x194/0x257 [ 29.581191] ? arch_local_irq_restore+0x53/0x53 [ 29.585851] lockdep_rcu_suspicious+0x123/0x170 [ 29.590506] ___might_sleep+0x385/0x470 [ 29.594466] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 29.600341] ? __debug_object_init+0x235/0x1040 [ 29.604994] ? debug_mutex_init+0x1c/0x60 [ 29.609139] __might_sleep+0x95/0x190 [ 29.612944] kmem_cache_alloc_trace+0x299/0x740 [ 29.617622] ? lock_acquire+0x1d5/0x580 [ 29.621577] ? lock_acquire+0x1d5/0x580 [ 29.625534] ? __rds_conn_create+0xe46/0x1b50 [ 29.630016] rds_loop_conn_alloc+0xc8/0x380 [ 29.634321] ? rds_loop_conn_free+0x290/0x290 [ 29.638814] ? __init_waitqueue_head+0x97/0x140 [ 29.643469] ? rcutorture_record_progress+0x10/0x10 [ 29.648471] ? __lockdep_init_map+0xe4/0x650 [ 29.652869] __rds_conn_create+0x112f/0x1b50 [ 29.657279] ? rds_conn_drop+0xb0/0xb0 [ 29.661164] ? __raw_spin_lock_init+0x1c/0x100 [ 29.665741] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.670749] ? __lockdep_init_map+0xe4/0x650 [ 29.675146] ? lockdep_init_map+0x9/0x10 [ 29.679189] ? __init_waitqueue_head+0x97/0x140 [ 29.683848] ? init_wait_entry+0x1b0/0x1b0 [ 29.688101] ? lockdep_init_map+0x9/0x10 [ 29.692160] ? rds_message_alloc+0x28c/0x330 [ 29.696551] ? rds_message_next_extension+0x210/0x210 [ 29.701816] ? trace_hardirqs_on+0xd/0x10 [ 29.705950] ? _raw_spin_unlock_bh+0x30/0x40 [ 29.710347] ? __release_sock+0x360/0x360 [ 29.714484] ? lock_sock_nested+0x91/0x110 [ 29.718737] rds_conn_create_outgoing+0x3f/0x50 [ 29.723414] rds_sendmsg+0xda3/0x2390 [ 29.727302] ? avc_has_perm+0x43e/0x680 [ 29.731284] ? rds_send_drop_to+0x19d0/0x19d0 [ 29.735779] ? __might_fault+0x110/0x1d0 [ 29.739842] ? lock_downgrade+0x980/0x980 [ 29.744132] ? compat_rw_copy_check_uvector+0x25f/0x2f0 [ 29.749479] ? sock_has_perm+0x2a4/0x420 [ 29.753522] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 29.758877] ? iov_iter_get_pages+0x1150/0x1150 [ 29.763542] ? selinux_socket_sendmsg+0x36/0x40 [ 29.768193] ? security_socket_sendmsg+0x89/0xb0 [ 29.772929] ? rds_send_drop_to+0x19d0/0x19d0 [ 29.777406] sock_sendmsg+0xca/0x110 [ 29.781104] ___sys_sendmsg+0x767/0x8b0 [ 29.785080] ? copy_msghdr_from_user+0x590/0x590 [ 29.789816] ? release_sock+0x1d4/0x2a0 [ 29.793786] ? __handle_mm_fault+0x80e/0x3ce0 [ 29.798277] ? __pmd_alloc+0x4e0/0x4e0 [ 29.802150] ? check_noncircular+0x20/0x20 [ 29.806376] ? __fget_light+0x2b2/0x3c0 [ 29.810336] ? fget_raw+0x20/0x20 [ 29.813785] ? handle_mm_fault+0x270/0x970 [ 29.818015] ? find_held_lock+0x35/0x1d0 [ 29.822074] __sys_sendmsg+0xe5/0x210 [ 29.825863] ? __sys_sendmsg+0xe5/0x210 [ 29.829818] ? SyS_shutdown+0x290/0x290 [ 29.833782] ? __handle_mm_fault+0x3ce0/0x3ce0 [ 29.838346] ? vmacache_find+0x5f/0x280 [ 29.842338] compat_SyS_sendmsg+0x2a/0x40 [ 29.846478] ? compat_SyS_getsockopt+0x420/0x420 [ 29.851229] do_fast_syscall_32+0x3ee/0xfa1 [ 29.855541] ? do_int80_syscall_32+0x9d0/0x9d0 [ 29.860112] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 29.864862] ? syscall_return_slowpath+0x550/0x550 [ 29.869774] ? syscall_return_slowpath+0x2ac/0x550 [ 29.874687] ? prepare_exit_to_usermode+0x350/0x350 [ 29.879696] ? retint_user+0x18/0x18 [ 29.883398] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.888234] entry_SYSENTER_compat+0x54/0x63 [ 29.892623] RIP: 0023:0xf7f38c79 [ 29.895961] RSP: 002b:00000000ffba365c EFLAGS: 00000217 ORIG_RAX: 0000000000000172 [ 29.903649] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020159fc8 [ 29.910919] RDX: 0000000000000000 RSI: 000000000000016a RDI: 0000000000000003 [ 29.918178] RBP: 0000000020adf000 R08: 0000000000000000 R09: 0000000000000000 [ 29.925514] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 29.932764] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 29.940095] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 29.947588] in_atomic(): 1, irqs_disabled(): 0, pid: 4125, name: syzkaller389225 [ 29.955156] 1 lock held by syzkaller389225/4125: [ 29.959942] #0: (rcu_read_lock){....}, at: [<000000003e5f3d13>] __rds_conn_create+0xe46/0x1b50 [ 29.968934] CPU: 1 PID: 4125 Comm: syzkaller389225 Not tainted 4.15.0+ #218 [ 29.976032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.985366] Call Trace: [ 29.987938] dump_stack+0x194/0x257 [ 29.991559] ? arch_local_irq_restore+0x53/0x53 [ 29.996214] ? print_lock+0x9f/0xa2 [ 29.999821] ? lockdep_print_held_locks+0xc4/0x130 [ 30.005898] ___might_sleep+0x2b2/0x470 [ 30.009882] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 30.015774] ? __debug_object_init+0x235/0x1040 [ 30.020435] ? debug_mutex_init+0x1c/0x60 [ 30.024571] __might_sleep+0x95/0x190 [ 30.028362] kmem_cache_alloc_trace+0x299/0x740 [ 30.033019] ? lock_acquire+0x1d5/0x580 [ 30.036983] ? lock_acquire+0x1d5/0x580 [ 30.040941] ? __rds_conn_create+0xe46/0x1b50 [ 30.045444] rds_loop_conn_alloc+0xc8/0x380 [ 30.049768] ? rds_loop_conn_free+0x290/0x290 [ 30.054260] ? __init_waitqueue_head+0x97/0x140 [ 30.058916] ? rcutorture_record_progress+0x10/0x10 [ 30.063916] ? __lockdep_init_map+0xe4/0x650 [ 30.068312] __rds_conn_create+0x112f/0x1b50 [ 30.072724] ? rds_conn_drop+0xb0/0xb0 [ 30.076606] ? __raw_spin_lock_init+0x1c/0x100 [ 30.081175] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.086190] ? __lockdep_init_map+0xe4/0x650 [ 30.090583] ? lockdep_init_map+0x9/0x10 [ 30.094641] ? __init_waitqueue_head+0x97/0x140 [ 30.099310] ? init_wait_entry+0x1b0/0x1b0 [ 30.103542] ? lockdep_init_map+0x9/0x10 [ 30.107595] ? rds_message_alloc+0x28c/0x330 [ 30.112001] ? rds_message_next_extension+0x210/0x210 [ 30.117178] ? trace_hardirqs_on+0xd/0x10 [ 30.121319] ? _raw_spin_unlock_bh+0x30/0x40 [ 30.125714] ? __release_sock+0x360/0x360 [ 30.129851] ? lock_sock_nested+0x91/0x110 [ 30.134081] rds_conn_create_outgoing+0x3f/0x50 [ 30.138739] rds_sendmsg+0xda3/0x2390 [ 30.142521] ? avc_has_perm+0x43e/0x680 [ 30.146498] ? rds_send_drop_to+0x19d0/0x19d0 [ 30.151036] ? __might_fault+0x110/0x1d0 [ 30.155099] ? lock_downgrade+0x980/0x980 [ 30.159252] ? compat_rw_copy_check_uvector+0x25f/0x2f0 [ 30.164610] ? sock_has_perm+0x2a4/0x420 [ 30.168663] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 30.174017] ? iov_iter_get_pages+0x1150/0x1150 [ 30.178691] ? selinux_socket_sendmsg+0x36/0x40 [ 30.183354] ? security_socket_sendmsg+0x89/0xb0 [ 30.188095] ? rds_send_drop_to+0x19d0/0x19d0 [ 30.192592] sock_sendmsg+0xca/0x110 [ 30.196292] ___sys_sendmsg+0x767/0x8b0 [ 30.200252] ? copy_msghdr_from_user+0x590/0x590 [ 30.204990] ? release_sock+0x1d4/0x2a0 [ 30.208981] ? __handle_mm_fault+0x80e/0x3ce0 [ 30.213482] ? __pmd_alloc+0x4e0/0x4e0 [ 30.217364] ? check_noncircular+0x20/0x20 [ 30.221589] ? __fget_light+0x2b2/0x3c0 [ 30.225551] ? fget_raw+0x20/0x20 [ 30.228994] ? handle_mm_fault+0x270/0x970 [ 30.233213] ? find_held_lock+0x35/0x1d0 [ 30.237279] __sys_sendmsg+0xe5/0x210 [ 30.241064] ? __sys_sendmsg+0xe5/0x210 [ 30.245023] ? SyS_shutdown+0x290/0x290 [ 30.248993] ? __handle_mm_fault+0x3ce0/0x3ce0 [ 30.253563] ? vmacache_find+0x5f/0x280 [ 30.257542] compat_SyS_sendmsg+0x2a/0x40 [ 30.261671] ? compat_SyS_getsockopt+0x420/0x420 [ 30.266413] do_fast_syscall_32+0x3ee/0xfa1 [ 30.270725] ? do_int80_syscall_32+0x9d0/0x9d0 [ 30.275286] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 30.280068] ? syscall_return_slowpath+0x550/0x550 [ 30.284986] ? syscall_return_slowpath+0x2ac/0x550 [ 30.289909] ? prepare_exit_to_usermode+0x350/0x350 [ 30.294916] ? retint_user+0x18/0x18 [ 30.298615] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.303449] entry_SYSENTER_compat+0x54/0x63 [ 30.307835] RIP: 0023:0xf7f38c79 [ 30.311176] RSP: 002b:00000000ffba365c EFLAGS: 00000217 ORIG_RAX: 0000000000000172 [ 30.318872] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: