[....] Starting enhanced syslogd: rsyslogd[ 15.338585] audit: type=1400 audit(1519041665.911:5): avc: denied { syslog } for pid=3993 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.131056] audit: type=1400 audit(1519041669.703:6): avc: denied { map } for pid=4134 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts. executing program [ 25.414827] audit: type=1400 audit(1519041675.987:7): avc: denied { map } for pid=4148 comm="syzkaller493679" path="/root/syzkaller493679103" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 25.441708] [ 25.443415] ============================= [ 25.447565] WARNING: suspicious RCU usage [ 25.451715] 4.16.0-rc1+ #231 Not tainted [ 25.455778] ----------------------------- [ 25.459935] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 25.469717] [ 25.469717] other info that might help us debug this: [ 25.469717] [ 25.477870] [ 25.477870] rcu_scheduler_active = 2, debug_locks = 1 [ 25.484541] 1 lock held by syzkaller493679/4148: [ 25.489390] #0: (rcu_read_lock){....}, at: [<00000000766793dd>] __rds_conn_create+0xe46/0x1b50 [ 25.498340] [ 25.498340] stack backtrace: [ 25.502853] CPU: 0 PID: 4148 Comm: syzkaller493679 Not tainted 4.16.0-rc1+ #231 [ 25.510272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.519594] Call Trace: [ 25.522156] dump_stack+0x194/0x257 [ 25.525757] ? arch_local_irq_restore+0x53/0x53 [ 25.530410] lockdep_rcu_suspicious+0x123/0x170 [ 25.535053] ___might_sleep+0x385/0x470 [ 25.538998] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 25.544860] ? __debug_object_init+0x235/0x1040 [ 25.549499] ? lock_acquire+0x1d5/0x580 [ 25.553444] ? debug_mutex_init+0x1c/0x60 [ 25.557568] __might_sleep+0x95/0x190 [ 25.561356] kmem_cache_alloc_trace+0x299/0x740 [ 25.565998] ? lock_acquire+0x1d5/0x580 [ 25.569948] ? lock_acquire+0x1d5/0x580 [ 25.573893] ? __rds_conn_create+0xe46/0x1b50 [ 25.578362] rds_loop_conn_alloc+0xc8/0x380 [ 25.582656] ? rds_loop_conn_free+0x290/0x290 [ 25.587126] ? __init_waitqueue_head+0x97/0x140 [ 25.591768] ? rcutorture_record_progress+0x10/0x10 [ 25.596759] ? __lockdep_init_map+0xe4/0x650 [ 25.601142] __rds_conn_create+0x112f/0x1b50 [ 25.605541] ? rds_conn_drop+0xb0/0xb0 [ 25.609410] ? __raw_spin_lock_init+0x1c/0x100 [ 25.613963] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 25.618954] ? __lockdep_init_map+0xe4/0x650 [ 25.623335] ? lockdep_init_map+0x9/0x10 [ 25.627365] ? __init_waitqueue_head+0x97/0x140 [ 25.632027] ? init_wait_entry+0x1b0/0x1b0 [ 25.636238] ? lockdep_init_map+0x9/0x10 [ 25.640273] ? rds_message_alloc+0x28c/0x330 [ 25.644661] ? rds_message_next_extension+0x210/0x210 [ 25.649824] ? rds_rdma_extra_size+0x205/0x2b0 [ 25.654381] ? rds_atomic_free_op+0x330/0x330 [ 25.658846] ? lock_sock_nested+0x91/0x110 [ 25.663054] rds_conn_create_outgoing+0x3f/0x50 [ 25.667698] rds_sendmsg+0xe63/0x2550 [ 25.671489] ? rds_send_drop_to+0x1930/0x1930 [ 25.675968] ? find_held_lock+0x35/0x1d0 [ 25.680011] ? sock_has_perm+0x2a4/0x420 [ 25.684051] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 25.689384] ? lock_downgrade+0x980/0x980 [ 25.693506] ? lock_release+0xa40/0xa40 [ 25.697463] ? selinux_socket_sendmsg+0x36/0x40 [ 25.702106] ? security_socket_sendmsg+0x89/0xb0 [ 25.706832] ? rds_send_drop_to+0x1930/0x1930 [ 25.711299] sock_sendmsg+0xca/0x110 [ 25.714989] ___sys_sendmsg+0x767/0x8b0 [ 25.718940] ? copy_msghdr_from_user+0x590/0x590 [ 25.723676] ? __pmd_alloc+0x4e0/0x4e0 [ 25.727533] ? check_noncircular+0x20/0x20 [ 25.731741] ? check_noncircular+0x20/0x20 [ 25.735946] ? find_held_lock+0x35/0x1d0 [ 25.739982] ? __fget_light+0x2b2/0x3c0 [ 25.743930] ? fget_raw+0x20/0x20 [ 25.747352] ? handle_mm_fault+0x270/0x970 [ 25.751572] ? __do_page_fault+0x5f7/0xc90 [ 25.755779] ? lock_downgrade+0x980/0x980 [ 25.759909] __sys_sendmsg+0xe5/0x210 [ 25.763681] ? __sys_sendmsg+0xe5/0x210 [ 25.767627] ? SyS_shutdown+0x290/0x290 [ 25.771583] ? __do_page_fault+0x3d6/0xc90 [ 25.775803] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 25.781320] SyS_sendmsg+0x2d/0x50 [ 25.784831] ? __sys_sendmsg+0x210/0x210 [ 25.788870] do_syscall_64+0x282/0x940 [ 25.792729] ? __do_page_fault+0xc90/0xc90 [ 25.796937] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 25.801667] ? syscall_return_slowpath+0x550/0x550 [ 25.806570] ? syscall_return_slowpath+0x2ac/0x550 [ 25.811473] ? prepare_exit_to_usermode+0x350/0x350 [ 25.816463] ? retint_user+0x18/0x18 [ 25.820152] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 25.824971] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 25.830132] RIP: 0033:0x43fe79 [ 25.833303] RSP: 002b:00007ffc4d1ca8c8 EFLAGS: 00000217 ORIG_RAX: 000000000000002e [ 25.840993] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fe79 [ 25.848237] RDX: 0000000000000000 RSI: 000000002000dfc8 RDI: 0000000000000003 [ 25.855477] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 [ 25.862717] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004017a0 [ 25.869957] R13: 0000000000401830 R14: 0000000000000000 R15: 0000000000000000 [ 25.877332] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 25.884795] in_atomic(): 1, irqs_disabled(): 0, pid: 4148, name: syzkaller493679 [ 25.892340] 1 lock held by syzkaller493679/4148: [ 25.897110] #0: (rcu_read_lock){....}, at: [<00000000766793dd>] __rds_conn_create+0xe46/0x1b50 [ 25.906077] CPU: 0 PID: 4148 Comm: syzkaller493679 Not tainted 4.16.0-rc1+ #231 [ 25.913505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.922836] Call Trace: [ 25.925402] dump_stack+0x194/0x257 [ 25.929004] ? arch_local_irq_restore+0x53/0x53 [ 25.933657] ? print_lock+0x9f/0xa2 [ 25.937258] ? lockdep_print_held_locks+0xc4/0x130 [ 25.942163] ___might_sleep+0x2b2/0x470 [ 25.946110] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 25.951967] ? __debug_object_init+0x235/0x1040 [ 25.956607] ? lock_acquire+0x1d5/0x580 [ 25.960557] ? debug_mutex_init+0x1c/0x60 [ 25.964681] __might_sleep+0x95/0x190 [ 25.968458] kmem_cache_alloc_trace+0x299/0x740 [ 25.973098] ? lock_acquire+0x1d5/0x580 [ 25.977045] ? lock_acquire+0x1d5/0x580 [ 25.980992] ? __rds_conn_create+0xe46/0x1b50 [ 25.985468] rds_loop_conn_alloc+0xc8/0x380 [ 25.989761] ? rds_loop_conn_free+0x290/0x290 [ 25.994233] ? __init_waitqueue_head+0x97/0x140 [ 25.998879] ? rcutorture_record_progress+0x10/0x10 [ 26.003866] ? __lockdep_init_map+0xe4/0x650 [ 26.008249] __rds_conn_create+0x112f/0x1b50 [ 26.012651] ? rds_conn_drop+0xb0/0xb0 [ 26.016521] ? __raw_spin_lock_init+0x1c/0x100 [ 26.021075] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 26.026068] ? __lockdep_init_map+0xe4/0x650 [ 26.030453] ? lockdep_init_map+0x9/0x10 [ 26.034494] ? __init_waitqueue_head+0x97/0x140 [ 26.039137] ? init_wait_entry+0x1b0/0x1b0 [ 26.043347] ? lockdep_init_map+0x9/0x10 [ 26.047384] ? rds_message_alloc+0x28c/0x330 [ 26.051764] ? rds_message_next_extension+0x210/0x210 [ 26.056926] ? rds_rdma_extra_size+0x205/0x2b0 [ 26.061485] ? rds_atomic_free_op+0x330/0x330 [ 26.065953] ? lock_sock_nested+0x91/0x110 [ 26.070163] rds_conn_create_outgoing+0x3f/0x50 [ 26.074808] rds_sendmsg+0xe63/0x2550 [ 26.078597] ? rds_send_drop_to+0x1930/0x1930 [ 26.083078] ? find_held_lock+0x35/0x1d0 [ 26.087119] ? sock_has_perm+0x2a4/0x420 [ 26.091152] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 26.096488] ? lock_downgrade+0x980/0x980 [ 26.100609] ? lock_release+0xa40/0xa40 [ 26.104572] ? selinux_socket_sendmsg+0x36/0x40 [ 26.109214] ? security_socket_sendmsg+0x89/0xb0 [ 26.113939] ? rds_send_drop_to+0x1930/0x1930 [ 26.118410] sock_sendmsg+0xca/0x110 [ 26.122096] ___sys_sendmsg+0x767/0x8b0 [ 26.126046] ? copy_msghdr_from_user+0x590/0x590 [ 26.130781] ? __pmd_alloc+0x4e0/0x4e0 [ 26.134639] ? check_noncircular+0x20/0x20 [ 26.138849] ? check_noncircular+0x20/0x20 [ 26.143056] ? find_held_lock+0x35/0x1d0 [ 26.147090] ? __fget_light+0x2b2/0x3c0 [ 26.151039] ? fget_raw+0x20/0x20 [ 26.154461] ? handle_mm_fault+0x270/0x970 [ 26.158683] ? __do_page_fault+0x5f7/0xc90 [ 26.162888] ? lock_downgrade+0x980/0x980 [ 26.167035] __sys_sendmsg+0xe5/0x210 [ 26.170814] ? __sys_sendmsg+0xe5/0x210 [ 26.174764] ? SyS_shutdown+0x290/0x290 [ 26.178715] ? __do_page_fault+0x3d6/0xc90 [ 26.182934] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 26.188448] SyS_sendmsg+0x2d/0x50 [ 26.191963] ? __sys_sendmsg+0x210/0x210 [ 26.195995] do_syscall_64+0x282/0x940 [ 26.199860] ? __do_page_fault+0xc90/0xc90 [ 26.204066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.208795] ? syscall_return_slowpath+0x550/0x550 [ 26.213696] ? syscall_return_slowpath+0x2ac/0x550 [ 26.218600] ? prepare_exit_to_usermode+0x350/0x350 [ 26.223598] ? retint_user+0x18/0x18 [ 26.227307] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.232132] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 26.237298] RIP: 0033:0x43fe79 [ 26.240461] RSP: 002b:00007ffc4d1ca8c8 EFLAGS: 00000217 ORIG_RAX: 000000000000002e [ 26.248141] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fe79 [ 26.255383] RDX: 0000000000000000 RSI: 000000002000dfc8 RDI: 0000000000000003 [ 26.262626] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000