[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 18.252536] audit: type=1400 audit(1519040808.718:6): avc: denied { map } for pid=4171 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.218' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.431592] audit: type=1400 audit(1519040816.897:7): avc: denied { map } for pid=4186 comm="syzkaller908289" path="/root/syzkaller908289817" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 26.458371] [ 26.460093] ============================= [ 26.464263] WARNING: suspicious RCU usage [ 26.468425] 4.16.0-rc2+ #320 Not tainted [ 26.472497] ----------------------------- [ 26.476648] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 26.485922] [ 26.485922] other info that might help us debug this: [ 26.485922] [ 26.494077] [ 26.494077] rcu_scheduler_active = 2, debug_locks = 1 [ 26.500754] 1 lock held by syzkaller908289/4186: [ 26.505516] #0: (rcu_read_lock){....}, at: [<00000000a16f96b6>] __rds_conn_create+0xe46/0x1b50 [ 26.514476] [ 26.514476] stack backtrace: [ 26.518994] CPU: 1 PID: 4186 Comm: syzkaller908289 Not tainted 4.16.0-rc2+ #320 [ 26.526418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.535741] Call Trace: [ 26.538306] dump_stack+0x194/0x257 [ 26.541909] ? arch_local_irq_restore+0x53/0x53 [ 26.546560] lockdep_rcu_suspicious+0x123/0x170 [ 26.551208] ___might_sleep+0x385/0x470 [ 26.555155] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 26.561011] ? __debug_object_init+0x235/0x1040 [ 26.565650] ? lock_acquire+0x1d5/0x580 [ 26.569597] ? debug_mutex_init+0x1c/0x60 [ 26.573723] __might_sleep+0x95/0x190 [ 26.577503] kmem_cache_alloc_trace+0x299/0x740 [ 26.582146] ? lock_acquire+0x1d5/0x580 [ 26.586093] ? lock_acquire+0x1d5/0x580 [ 26.590038] ? __rds_conn_create+0xe46/0x1b50 [ 26.594510] rds_loop_conn_alloc+0xc8/0x380 [ 26.598806] ? rds_loop_conn_free+0x290/0x290 [ 26.603287] ? __init_waitqueue_head+0x97/0x140 [ 26.607933] ? rcutorture_record_progress+0x10/0x10 [ 26.612924] ? __lockdep_init_map+0xe4/0x650 [ 26.617308] __rds_conn_create+0x112f/0x1b50 [ 26.621709] ? rds_conn_drop+0xb0/0xb0 [ 26.625579] ? __raw_spin_lock_init+0x1c/0x100 [ 26.630136] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 26.635132] ? __lockdep_init_map+0xe4/0x650 [ 26.639524] ? lockdep_init_map+0x9/0x10 [ 26.643566] ? __init_waitqueue_head+0x97/0x140 [ 26.648229] ? init_wait_entry+0x1b0/0x1b0 [ 26.652451] ? lockdep_init_map+0x9/0x10 [ 26.656499] ? rds_message_alloc+0x28c/0x330 [ 26.660879] ? rds_message_next_extension+0x210/0x210 [ 26.666043] ? rds_rdma_extra_size+0x205/0x2b0 [ 26.670602] ? rds_atomic_free_op+0x330/0x330 [ 26.675073] ? lock_sock_nested+0x91/0x110 [ 26.679283] rds_conn_create_outgoing+0x3f/0x50 [ 26.683928] rds_sendmsg+0xda3/0x2390 [ 26.687726] ? rds_send_drop_to+0x19d0/0x19d0 [ 26.692212] ? find_held_lock+0x35/0x1d0 [ 26.696253] ? sock_has_perm+0x2a4/0x420 [ 26.700288] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 26.705622] ? lock_downgrade+0x980/0x980 [ 26.709746] ? lock_release+0xa40/0xa40 [ 26.713713] ? selinux_socket_sendmsg+0x36/0x40 [ 26.718373] ? security_socket_sendmsg+0x89/0xb0 [ 26.723104] ? rds_send_drop_to+0x19d0/0x19d0 [ 26.727583] sock_sendmsg+0xca/0x110 [ 26.731274] ___sys_sendmsg+0x767/0x8b0 [ 26.735227] ? copy_msghdr_from_user+0x590/0x590 [ 26.739966] ? __pmd_alloc+0x4e0/0x4e0 [ 26.743823] ? check_noncircular+0x20/0x20 [ 26.748042] ? check_noncircular+0x20/0x20 [ 26.752258] ? find_held_lock+0x35/0x1d0 [ 26.756297] ? __fget_light+0x2b2/0x3c0 [ 26.760254] ? fget_raw+0x20/0x20 [ 26.763681] ? handle_mm_fault+0x270/0x970 [ 26.767903] ? __do_page_fault+0x5f7/0xc90 [ 26.772114] ? lock_downgrade+0x980/0x980 [ 26.776244] __sys_sendmsg+0xe5/0x210 [ 26.780024] ? __sys_sendmsg+0xe5/0x210 [ 26.783982] ? SyS_shutdown+0x290/0x290 [ 26.787940] ? __do_page_fault+0x3d6/0xc90 [ 26.792159] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 26.797675] ? __sys_sendmsg+0x210/0x210 [ 26.801710] SyS_sendmsg+0x2d/0x50 [ 26.805226] do_syscall_64+0x280/0x940 [ 26.809097] ? __do_page_fault+0xc90/0xc90 [ 26.813316] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.818067] ? syscall_return_slowpath+0x550/0x550 [ 26.822977] ? syscall_return_slowpath+0x2ac/0x550 [ 26.827892] ? prepare_exit_to_usermode+0x350/0x350 [ 26.832884] ? retint_user+0x18/0x18 [ 26.836575] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.841396] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 26.846555] RIP: 0033:0x43fe79 [ 26.849718] RSP: 002b:00007ffeef355d98 EFLAGS: 00000217 ORIG_RAX: 000000000000002e [ 26.857401] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fe79 [ 26.864650] RDX: 0000000000000000 RSI: 000000002000dfc8 RDI: 0000000000000003 [ 26.871898] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 [ 26.879142] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004017a0 [ 26.886384] R13: 0000000000401830 R14: 0000000000000000 R15: 0000000000000000 [ 26.893872] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 26.901342] in_atomic(): 1, irqs_disabled(): 0, pid: 4186, name: syzkaller908289 [ 26.908886] 1 lock held by syzkaller908289/4186: [ 26.914214] #0: (rcu_read_lock){....}, at: [<00000000a16f96b6>] __rds_conn_create+0xe46/0x1b50 [ 26.923180] CPU: 1 PID: 4186 Comm: syzkaller908289 Not tainted 4.16.0-rc2+ #320 [ 26.930605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.939930] Call Trace: [ 26.942494] dump_stack+0x194/0x257 [ 26.946102] ? arch_local_irq_restore+0x53/0x53 [ 26.950748] ? print_lock+0x9f/0xa2 [ 26.954347] ? lockdep_print_held_locks+0xc4/0x130 [ 26.959252] ___might_sleep+0x2b2/0x470 [ 26.963198] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 26.969052] ? __debug_object_init+0x235/0x1040 [ 26.973702] ? lock_acquire+0x1d5/0x580 [ 26.977647] ? debug_mutex_init+0x1c/0x60 [ 26.981772] __might_sleep+0x95/0x190 [ 26.985550] kmem_cache_alloc_trace+0x299/0x740 [ 26.990196] ? lock_acquire+0x1d5/0x580 [ 26.994159] ? lock_acquire+0x1d5/0x580 [ 26.998106] ? __rds_conn_create+0xe46/0x1b50 [ 27.002578] rds_loop_conn_alloc+0xc8/0x380 [ 27.006872] ? rds_loop_conn_free+0x290/0x290 [ 27.011344] ? __init_waitqueue_head+0x97/0x140 [ 27.015988] ? rcutorture_record_progress+0x10/0x10 [ 27.020978] ? __lockdep_init_map+0xe4/0x650 [ 27.025364] __rds_conn_create+0x112f/0x1b50 [ 27.029766] ? rds_conn_drop+0xb0/0xb0 [ 27.033652] ? __raw_spin_lock_init+0x1c/0x100 [ 27.038218] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 27.043214] ? __lockdep_init_map+0xe4/0x650 [ 27.047599] ? lockdep_init_map+0x9/0x10 [ 27.051634] ? __init_waitqueue_head+0x97/0x140 [ 27.056277] ? init_wait_entry+0x1b0/0x1b0 [ 27.060489] ? lockdep_init_map+0x9/0x10 [ 27.064525] ? rds_message_alloc+0x28c/0x330 [ 27.068908] ? rds_message_next_extension+0x210/0x210 [ 27.074081] ? rds_rdma_extra_size+0x205/0x2b0 [ 27.078642] ? rds_atomic_free_op+0x330/0x330 [ 27.083108] ? lock_sock_nested+0x91/0x110 [ 27.087320] rds_conn_create_outgoing+0x3f/0x50 [ 27.091965] rds_sendmsg+0xda3/0x2390 [ 27.095753] ? rds_send_drop_to+0x19d0/0x19d0 [ 27.100236] ? find_held_lock+0x35/0x1d0 [ 27.104276] ? sock_has_perm+0x2a4/0x420 [ 27.108310] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 27.113646] ? lock_downgrade+0x980/0x980 [ 27.117773] ? lock_release+0xa40/0xa40 [ 27.121735] ? selinux_socket_sendmsg+0x36/0x40 [ 27.126378] ? security_socket_sendmsg+0x89/0xb0 [ 27.131106] ? rds_send_drop_to+0x19d0/0x19d0 [ 27.135574] sock_sendmsg+0xca/0x110 [ 27.139266] ___sys_sendmsg+0x767/0x8b0 [ 27.143217] ? copy_msghdr_from_user+0x590/0x590 [ 27.147952] ? __pmd_alloc+0x4e0/0x4e0 [ 27.151822] ? check_noncircular+0x20/0x20 [ 27.156049] ? check_noncircular+0x20/0x20 [ 27.160264] ? find_held_lock+0x35/0x1d0 [ 27.164302] ? __fget_light+0x2b2/0x3c0 [ 27.168259] ? fget_raw+0x20/0x20 [ 27.171691] ? handle_mm_fault+0x270/0x970 [ 27.175913] ? __do_page_fault+0x5f7/0xc90 [ 27.180120] ? lock_downgrade+0x980/0x980 [ 27.184255] __sys_sendmsg+0xe5/0x210 [ 27.188026] ? __sys_sendmsg+0xe5/0x210 [ 27.191991] ? SyS_shutdown+0x290/0x290 [ 27.195949] ? __do_page_fault+0x3d6/0xc90 [ 27.200166] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 27.205688] ? __sys_sendmsg+0x210/0x210 [ 27.209731] SyS_sendmsg+0x2d/0x50 [ 27.213259] do_syscall_64+0x280/0x940 [ 27.217123] ? __do_page_fault+0xc90/0xc90 [ 27.221334] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 27.226071] ? syscall_return_slowpath+0x550/0x550 [ 27.230984] ? syscall_return_slowpath+0x2ac/0x550 [ 27.235888] ? prepare_exit_to_usermode+0x350/0x350 [ 27.240877] ? retint_user+0x18/0x18 [ 27.244569] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 27.249389] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 27.254553] RIP: 0033:0x43fe79 [ 27.257715] RSP: 002b:00007ffeef355d98 EFLAGS: 00000217 ORIG_RAX: 000000000000002e [ 27.265393] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fe79 [ 27.272634] RDX: 0000000000000000 RSI: 000000002000dfc8 RDI: 0000000000000003 [ 27.279885] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0