[....] Starting enhanced syslogd: rsyslogd[ 14.783561] audit: type=1400 audit(1518309144.002:5): avc: denied { syslog } for pid=3957 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.174695] audit: type=1400 audit(1518309147.393:6): avc: denied { map } for pid=4095 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.223' (ECDSA) to the list of known hosts. executing program [ 27.706496] audit: type=1400 audit(1518309156.925:7): avc: denied { map } for pid=4110 comm="syzkaller240243" path="/root/syzkaller240243550" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 27.733370] [ 27.735074] ============================= [ 27.739221] WARNING: suspicious RCU usage [ 27.743375] 4.15.0+ #308 Not tainted [ 27.747087] ----------------------------- [ 27.751231] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 27.760503] [ 27.760503] other info that might help us debug this: [ 27.760503] [ 27.768648] [ 27.768648] rcu_scheduler_active = 2, debug_locks = 1 [ 27.775317] 1 lock held by syzkaller240243/4110: [ 27.780082] #0: (rcu_read_lock){....}, at: [<00000000220921b3>] __rds_conn_create+0xe46/0x1b50 [ 27.789040] [ 27.789040] stack backtrace: [ 27.793538] CPU: 1 PID: 4110 Comm: syzkaller240243 Not tainted 4.15.0+ #308 [ 27.800610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.809935] Call Trace: [ 27.812498] dump_stack+0x194/0x257 [ 27.816101] ? arch_local_irq_restore+0x53/0x53 [ 27.820754] lockdep_rcu_suspicious+0x123/0x170 [ 27.825402] ___might_sleep+0x385/0x470 [ 27.829355] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 27.835219] ? __debug_object_init+0x235/0x1040 [ 27.839865] ? debug_mutex_init+0x1c/0x60 [ 27.843990] __might_sleep+0x95/0x190 [ 27.847772] kmem_cache_alloc_trace+0x299/0x740 [ 27.852414] ? lock_acquire+0x1d5/0x580 [ 27.856361] ? lock_acquire+0x1d5/0x580 [ 27.860309] ? __rds_conn_create+0xe46/0x1b50 [ 27.864780] rds_loop_conn_alloc+0xc8/0x380 [ 27.869076] ? rds_loop_conn_free+0x290/0x290 [ 27.873547] ? __init_waitqueue_head+0x97/0x140 [ 27.878190] ? rcutorture_record_progress+0x10/0x10 [ 27.883180] ? __lockdep_init_map+0xe4/0x650 [ 27.887567] __rds_conn_create+0x112f/0x1b50 [ 27.891966] ? rds_conn_drop+0xb0/0xb0 [ 27.895841] ? __raw_spin_lock_init+0x1c/0x100 [ 27.900398] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 27.905391] ? __lockdep_init_map+0xe4/0x650 [ 27.909775] ? lockdep_init_map+0x9/0x10 [ 27.913809] ? __init_waitqueue_head+0x97/0x140 [ 27.918451] ? init_wait_entry+0x1b0/0x1b0 [ 27.922662] ? lockdep_init_map+0x9/0x10 [ 27.926699] ? rds_message_alloc+0x28c/0x330 [ 27.931083] ? rds_message_next_extension+0x210/0x210 [ 27.936245] ? trace_hardirqs_on+0xd/0x10 [ 27.940372] ? _raw_spin_unlock_bh+0x30/0x40 [ 27.944756] ? __release_sock+0x360/0x360 [ 27.948873] ? lock_sock_nested+0x91/0x110 [ 27.953100] rds_conn_create_outgoing+0x3f/0x50 [ 27.957750] rds_sendmsg+0xda3/0x2390 [ 27.961524] ? avc_has_perm+0x43e/0x680 [ 27.965483] ? rds_send_drop_to+0x19d0/0x19d0 [ 27.969951] ? _raw_spin_unlock_irq+0x27/0x70 [ 27.974423] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 27.979417] ? find_held_lock+0x35/0x1d0 [ 27.983460] ? sock_has_perm+0x2a4/0x420 [ 27.987494] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 27.992829] ? lock_release+0xa22/0xa40 [ 27.996773] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 28.002630] ? __check_object_size+0x8b/0x530 [ 28.007098] ? __handle_mm_fault+0x80e/0x3ce0 [ 28.011572] ? __might_sleep+0x95/0x190 [ 28.015522] ? selinux_socket_sendmsg+0x36/0x40 [ 28.020168] ? security_socket_sendmsg+0x89/0xb0 [ 28.024897] ? rds_send_drop_to+0x19d0/0x19d0 [ 28.029369] sock_sendmsg+0xca/0x110 [ 28.033059] SYSC_sendto+0x361/0x5c0 [ 28.036750] ? SYSC_connect+0x4a0/0x4a0 [ 28.040704] ? __do_page_fault+0x5f7/0xc90 [ 28.044911] ? lock_downgrade+0x980/0x980 [ 28.049048] ? handle_mm_fault+0x43b/0x970 [ 28.053270] ? up_read+0x1a/0x40 [ 28.056613] ? __do_page_fault+0x3d6/0xc90 [ 28.060828] ? mm_fault_error+0x2c0/0x2c0 [ 28.064951] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 28.070466] SyS_sendto+0x40/0x50 [ 28.073893] ? SyS_getpeername+0x30/0x30 [ 28.077929] do_syscall_64+0x282/0x940 [ 28.081789] ? __do_page_fault+0xc90/0xc90 [ 28.086002] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.090739] ? syscall_return_slowpath+0x550/0x550 [ 28.095639] ? syscall_return_slowpath+0x2ac/0x550 [ 28.100541] ? prepare_exit_to_usermode+0x350/0x350 [ 28.105529] ? retint_user+0x18/0x18 [ 28.109222] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.114054] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 28.119216] RIP: 0033:0x43fd99 [ 28.122378] RSP: 002b:00007ffcef9c1418 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 28.130069] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 28.137311] RDX: 0000000000000000 RSI: 0000000020218000 RDI: 0000000000000003 [ 28.144560] RBP: 00000000006ca018 R08: 0000000020af3ff0 R09: 0000000000000010 [ 28.151800] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 28.159041] R13: 0000000000401750 R14: 0000000000000000 R15: 0000000000000000 [ 28.166367] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 28.173820] in_atomic(): 1, irqs_disabled(): 0, pid: 4110, name: syzkaller240243 [ 28.181357] 1 lock held by syzkaller240243/4110: [ 28.186106] #0: (rcu_read_lock){....}, at: [<00000000220921b3>] __rds_conn_create+0xe46/0x1b50 [ 28.195056] CPU: 1 PID: 4110 Comm: syzkaller240243 Not tainted 4.15.0+ #308 [ 28.202134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.211459] Call Trace: [ 28.214024] dump_stack+0x194/0x257 [ 28.217630] ? arch_local_irq_restore+0x53/0x53 [ 28.222274] ? print_lock+0x9f/0xa2 [ 28.225875] ? lockdep_print_held_locks+0xc4/0x130 [ 28.230782] ___might_sleep+0x2b2/0x470 [ 28.234730] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 28.240586] ? __debug_object_init+0x235/0x1040 [ 28.245236] ? debug_mutex_init+0x1c/0x60 [ 28.249361] __might_sleep+0x95/0x190 [ 28.253139] kmem_cache_alloc_trace+0x299/0x740 [ 28.257793] ? lock_acquire+0x1d5/0x580 [ 28.261761] ? lock_acquire+0x1d5/0x580 [ 28.265725] ? __rds_conn_create+0xe46/0x1b50 [ 28.270212] rds_loop_conn_alloc+0xc8/0x380 [ 28.274508] ? rds_loop_conn_free+0x290/0x290 [ 28.278976] ? __init_waitqueue_head+0x97/0x140 [ 28.283620] ? rcutorture_record_progress+0x10/0x10 [ 28.288608] ? __lockdep_init_map+0xe4/0x650 [ 28.292993] __rds_conn_create+0x112f/0x1b50 [ 28.297398] ? rds_conn_drop+0xb0/0xb0 [ 28.301266] ? __raw_spin_lock_init+0x1c/0x100 [ 28.305821] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.310815] ? __lockdep_init_map+0xe4/0x650 [ 28.315199] ? lockdep_init_map+0x9/0x10 [ 28.319231] ? __init_waitqueue_head+0x97/0x140 [ 28.323874] ? init_wait_entry+0x1b0/0x1b0 [ 28.328085] ? lockdep_init_map+0x9/0x10 [ 28.332121] ? rds_message_alloc+0x28c/0x330 [ 28.336503] ? rds_message_next_extension+0x210/0x210 [ 28.341662] ? trace_hardirqs_on+0xd/0x10 [ 28.345787] ? _raw_spin_unlock_bh+0x30/0x40 [ 28.350173] ? __release_sock+0x360/0x360 [ 28.354289] ? lock_sock_nested+0x91/0x110 [ 28.358499] rds_conn_create_outgoing+0x3f/0x50 [ 28.363143] rds_sendmsg+0xda3/0x2390 [ 28.366914] ? avc_has_perm+0x43e/0x680 [ 28.370873] ? rds_send_drop_to+0x19d0/0x19d0 [ 28.375342] ? _raw_spin_unlock_irq+0x27/0x70 [ 28.379812] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.384808] ? find_held_lock+0x35/0x1d0 [ 28.388851] ? sock_has_perm+0x2a4/0x420 [ 28.392888] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 28.398220] ? lock_release+0xa22/0xa40 [ 28.402167] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 28.408033] ? __check_object_size+0x8b/0x530 [ 28.412502] ? __handle_mm_fault+0x80e/0x3ce0 [ 28.416974] ? __might_sleep+0x95/0x190 [ 28.420922] ? selinux_socket_sendmsg+0x36/0x40 [ 28.425563] ? security_socket_sendmsg+0x89/0xb0 [ 28.430289] ? rds_send_drop_to+0x19d0/0x19d0 [ 28.434764] sock_sendmsg+0xca/0x110 [ 28.438451] SYSC_sendto+0x361/0x5c0 [ 28.442140] ? SYSC_connect+0x4a0/0x4a0 [ 28.446097] ? __do_page_fault+0x5f7/0xc90 [ 28.450306] ? lock_downgrade+0x980/0x980 [ 28.454435] ? handle_mm_fault+0x43b/0x970 [ 28.458655] ? up_read+0x1a/0x40 [ 28.461997] ? __do_page_fault+0x3d6/0xc90 [ 28.466216] ? mm_fault_error+0x2c0/0x2c0 [ 28.470336] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 28.475856] SyS_sendto+0x40/0x50 [ 28.479283] ? SyS_getpeername+0x30/0x30 [ 28.483320] do_syscall_64+0x282/0x940 [ 28.487180] ? __do_page_fault+0xc90/0xc90 [ 28.491387] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.496124] ? syscall_return_slowpath+0x550/0x550 [ 28.501033] ? syscall_return_slowpath+0x2ac/0x550 [ 28.505952] ? prepare_exit_to_usermode+0x350/0x350 [ 28.510941] ? retint_user+0x18/0x18 [ 28.514632] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.519451] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 28.524613] RIP: 0033:0x43fd99 [ 28.527775] RSP: 002b:00007ffcef9c1418 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 28.535452] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 28.542692] RDX: 0000000000000000 RSI: 0000000020218000 RDI: 0000000000000003 [ 28.549933] RBP: 00000000006ca018 R08: 0000000020af3ff0 R09: 0000000000000010 [ 28.557175] R10: 0000000000000000