[....] Starting enhanced syslogd: rsyslogd[ 16.225490] audit: type=1400 audit(1518405658.400:5): avc: denied { syslog } for pid=4007 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.507148] audit: type=1400 audit(1518405660.681:6): avc: denied { map } for pid=4145 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.48' (ECDSA) to the list of known hosts. executing program [ 24.836496] audit: type=1400 audit(1518405667.011:7): avc: denied { map } for pid=4159 comm="syzkaller234194" path="/root/syzkaller234194614" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 24.863856] [ 24.865611] ============================= [ 24.869761] WARNING: suspicious RCU usage [ 24.873917] 4.16.0-rc1+ #309 Not tainted [ 24.877985] ----------------------------- [ 24.882157] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! [ 24.891420] [ 24.891420] other info that might help us debug this: [ 24.891420] [ 24.899563] [ 24.899563] rcu_scheduler_active = 2, debug_locks = 1 [ 24.906236] 1 lock held by syzkaller234194/4159: [ 24.910989] #0: (rcu_read_lock){....}, at: [<00000000859d2dd7>] __rds_conn_create+0xe46/0x1b50 [ 24.919980] [ 24.919980] stack backtrace: [ 24.924489] CPU: 0 PID: 4159 Comm: syzkaller234194 Not tainted 4.16.0-rc1+ #309 [ 24.931912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 24.941237] Call Trace: [ 24.943798] dump_stack+0x194/0x257 [ 24.947403] ? arch_local_irq_restore+0x53/0x53 [ 24.952062] lockdep_rcu_suspicious+0x123/0x170 [ 24.956708] ___might_sleep+0x385/0x470 [ 24.960654] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 24.966512] ? __debug_object_init+0x235/0x1040 [ 24.971166] ? debug_mutex_init+0x1c/0x60 [ 24.975293] __might_sleep+0x95/0x190 [ 24.979081] kmem_cache_alloc_trace+0x299/0x740 [ 24.983815] ? lock_acquire+0x1d5/0x580 [ 24.987760] ? lock_acquire+0x1d5/0x580 [ 24.991707] ? __rds_conn_create+0xe46/0x1b50 [ 24.996181] rds_loop_conn_alloc+0xc8/0x380 [ 25.000474] ? rds_loop_conn_free+0x290/0x290 [ 25.004945] ? __init_waitqueue_head+0x97/0x140 [ 25.009587] ? rcutorture_record_progress+0x10/0x10 [ 25.014576] ? __lockdep_init_map+0xe4/0x650 [ 25.018962] __rds_conn_create+0x112f/0x1b50 [ 25.023364] ? rds_conn_drop+0xb0/0xb0 [ 25.027227] ? lock_release+0xa40/0xa40 [ 25.031180] ? __raw_spin_lock_init+0x1c/0x100 [ 25.035736] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 25.040729] ? __lockdep_init_map+0xe4/0x650 [ 25.045115] ? lockdep_init_map+0x9/0x10 [ 25.049160] ? __init_waitqueue_head+0x97/0x140 [ 25.053803] ? init_wait_entry+0x1b0/0x1b0 [ 25.058017] ? lockdep_init_map+0x9/0x10 [ 25.062059] ? rds_message_alloc+0x28c/0x330 [ 25.066450] ? rds_message_next_extension+0x210/0x210 [ 25.071611] ? trace_hardirqs_on+0xd/0x10 [ 25.075736] ? _raw_spin_unlock_bh+0x30/0x40 [ 25.080122] ? __release_sock+0x360/0x360 [ 25.084243] ? lock_sock_nested+0x91/0x110 [ 25.088457] rds_conn_create_outgoing+0x3f/0x50 [ 25.093103] rds_sendmsg+0xda3/0x2390 [ 25.096877] ? avc_has_perm+0x43e/0x680 [ 25.100840] ? rds_send_drop_to+0x19d0/0x19d0 [ 25.105310] ? _raw_spin_unlock_irq+0x27/0x70 [ 25.109779] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 25.114781] ? find_held_lock+0x35/0x1d0 [ 25.118826] ? sock_has_perm+0x2a4/0x420 [ 25.122865] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 25.129157] ? lock_release+0xa22/0xa40 [ 25.133106] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 25.138967] ? __check_object_size+0x8b/0x530 [ 25.143433] ? __handle_mm_fault+0x80e/0x3ce0 [ 25.147905] ? __might_sleep+0x95/0x190 [ 25.151857] ? selinux_socket_sendmsg+0x36/0x40 [ 25.156501] ? security_socket_sendmsg+0x89/0xb0 [ 25.161235] ? rds_send_drop_to+0x19d0/0x19d0 [ 25.165713] sock_sendmsg+0xca/0x110 [ 25.169405] SYSC_sendto+0x361/0x5c0 [ 25.173098] ? SYSC_connect+0x4a0/0x4a0 [ 25.177049] ? __do_page_fault+0x5f7/0xc90 [ 25.181256] ? lock_downgrade+0x980/0x980 [ 25.185405] ? handle_mm_fault+0x43b/0x970 [ 25.189659] ? up_read+0x1a/0x40 [ 25.193027] ? __do_page_fault+0x3d6/0xc90 [ 25.197261] ? mm_fault_error+0x2c0/0x2c0 [ 25.201385] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 25.206899] SyS_sendto+0x40/0x50 [ 25.210327] ? SyS_getpeername+0x30/0x30 [ 25.214360] do_syscall_64+0x282/0x940 [ 25.218218] ? __do_page_fault+0xc90/0xc90 [ 25.222426] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 25.227155] ? syscall_return_slowpath+0x550/0x550 [ 25.232056] ? syscall_return_slowpath+0x2ac/0x550 [ 25.236974] ? prepare_exit_to_usermode+0x350/0x350 [ 25.241962] ? retint_user+0x18/0x18 [ 25.245655] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 25.250474] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 25.255633] RIP: 0033:0x43fd99 [ 25.258795] RSP: 002b:00007ffd5c760f18 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 25.266475] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 25.273717] RDX: 0000000000000000 RSI: 0000000020fc2000 RDI: 0000000000000003 [ 25.280958] RBP: 00000000006ca018 R08: 000000002069affb R09: 0000000000000010 [ 25.288199] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004016c0 [ 25.295439] R13: 0000000000401750 R14: 0000000000000000 R15: 0000000000000000 [ 25.302749] BUG: sleeping function called from invalid context at mm/slab.h:420 [ 25.310203] in_atomic(): 1, irqs_disabled(): 0, pid: 4159, name: syzkaller234194 [ 25.317744] 1 lock held by syzkaller234194/4159: [ 25.322502] #0: (rcu_read_lock){....}, at: [<00000000859d2dd7>] __rds_conn_create+0xe46/0x1b50 [ 25.331464] CPU: 0 PID: 4159 Comm: syzkaller234194 Not tainted 4.16.0-rc1+ #309 [ 25.338893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.348219] Call Trace: [ 25.350782] dump_stack+0x194/0x257 [ 25.354385] ? arch_local_irq_restore+0x53/0x53 [ 25.359035] ? print_lock+0x9f/0xa2 [ 25.362635] ? lockdep_print_held_locks+0xc4/0x130 [ 25.367541] ___might_sleep+0x2b2/0x470 [ 25.371487] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 25.377341] ? __debug_object_init+0x235/0x1040 [ 25.381984] ? debug_mutex_init+0x1c/0x60 [ 25.386107] __might_sleep+0x95/0x190 [ 25.389882] kmem_cache_alloc_trace+0x299/0x740 [ 25.394527] ? lock_acquire+0x1d5/0x580 [ 25.398470] ? lock_acquire+0x1d5/0x580 [ 25.402417] ? __rds_conn_create+0xe46/0x1b50 [ 25.406887] rds_loop_conn_alloc+0xc8/0x380 [ 25.411180] ? rds_loop_conn_free+0x290/0x290 [ 25.415650] ? __init_waitqueue_head+0x97/0x140 [ 25.420300] ? rcutorture_record_progress+0x10/0x10 [ 25.425288] ? __lockdep_init_map+0xe4/0x650 [ 25.429675] __rds_conn_create+0x112f/0x1b50 [ 25.434077] ? rds_conn_drop+0xb0/0xb0 [ 25.437937] ? lock_release+0xa40/0xa40 [ 25.441886] ? __raw_spin_lock_init+0x1c/0x100 [ 25.446441] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 25.451435] ? __lockdep_init_map+0xe4/0x650 [ 25.455817] ? lockdep_init_map+0x9/0x10 [ 25.459849] ? __init_waitqueue_head+0x97/0x140 [ 25.464490] ? init_wait_entry+0x1b0/0x1b0 [ 25.468702] ? lockdep_init_map+0x9/0x10 [ 25.472740] ? rds_message_alloc+0x28c/0x330 [ 25.477122] ? rds_message_next_extension+0x210/0x210 [ 25.482281] ? trace_hardirqs_on+0xd/0x10 [ 25.486406] ? _raw_spin_unlock_bh+0x30/0x40 [ 25.490791] ? __release_sock+0x360/0x360 [ 25.494908] ? lock_sock_nested+0x91/0x110 [ 25.499131] rds_conn_create_outgoing+0x3f/0x50 [ 25.503776] rds_sendmsg+0xda3/0x2390 [ 25.507548] ? avc_has_perm+0x43e/0x680 [ 25.511508] ? rds_send_drop_to+0x19d0/0x19d0 [ 25.515974] ? _raw_spin_unlock_irq+0x27/0x70 [ 25.520444] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 25.525438] ? find_held_lock+0x35/0x1d0 [ 25.529492] ? sock_has_perm+0x2a4/0x420 [ 25.533533] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 25.538867] ? lock_release+0xa22/0xa40 [ 25.542812] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 25.548670] ? __check_object_size+0x8b/0x530 [ 25.553137] ? __handle_mm_fault+0x80e/0x3ce0 [ 25.557611] ? __might_sleep+0x95/0x190 [ 25.561562] ? selinux_socket_sendmsg+0x36/0x40 [ 25.566201] ? security_socket_sendmsg+0x89/0xb0 [ 25.570927] ? rds_send_drop_to+0x19d0/0x19d0 [ 25.575396] sock_sendmsg+0xca/0x110 [ 25.579084] SYSC_sendto+0x361/0x5c0 [ 25.583207] ? SYSC_connect+0x4a0/0x4a0 [ 25.587160] ? __do_page_fault+0x5f7/0xc90 [ 25.591367] ? lock_downgrade+0x980/0x980 [ 25.595496] ? handle_mm_fault+0x43b/0x970 [ 25.599714] ? up_read+0x1a/0x40 [ 25.603058] ? __do_page_fault+0x3d6/0xc90 [ 25.607271] ? mm_fault_error+0x2c0/0x2c0 [ 25.611394] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 25.616905] SyS_sendto+0x40/0x50 [ 25.620332] ? SyS_getpeername+0x30/0x30 [ 25.624365] do_syscall_64+0x282/0x940 [ 25.628229] ? __do_page_fault+0xc90/0xc90 [ 25.632438] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 25.637171] ? syscall_return_slowpath+0x550/0x550 [ 25.642076] ? syscall_return_slowpath+0x2ac/0x550 [ 25.646977] ? prepare_exit_to_usermode+0x350/0x350 [ 25.651967] ? retint_user+0x18/0x18 [ 25.655656] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 25.660476] entry_SYSCALL_64_after_hwframe+0x26/0x9b [ 25.665634] RIP: 0033:0x43fd99 [ 25.668798] RSP: 002b:00007ffd5c760f18 EFLAGS: 00000217 ORIG_RAX: 000000000000002c [ 25.676478] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd99 [ 25.683720] RDX: 0000000000000000 RSI: 0000000020fc2000 RDI: 000000000