audit: type=1400 audit(1561614117.214:5): avc: denied { associate } for pid=2227 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 INFO: task syz-executor.0:2466 blocked for more than 140 seconds. Not tainted 4.9.183+ #4 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28744 2466 2227 0x80000000 0000000000000083 ffff8801c6e14740 ffff8801c7d22c00 ffff8801db621000 ffff8801c6e117c0 ffff8801db621018 ffff8801c4c0fba0 ffffffff8280a5be 0000000041b58ab3 ffff8801c6e14740 00ff8801c4c0faf0 ffff8801db6218f0 Call Trace: [<00000000a317bb49>] schedule+0x92/0x1c0 kernel/sched/core.c:3546 [<00000000f6debfd7>] rwsem_down_read_failed+0x258/0x3e0 kernel/locking/rwsem-xadd.c:283 [<0000000090d675bc>] call_rwsem_down_read_failed+0x18/0x30 arch/x86/lib/rwsem.S:94 [<00000000b8f92902>] __down_read arch/x86/include/asm/rwsem.h:65 [inline] [<00000000b8f92902>] down_read+0x52/0xb0 kernel/locking/rwsem.c:24 [<00000000b14244fa>] exit_mm kernel/exit.c:480 [inline] [<00000000b14244fa>] do_exit+0x3b7/0x2aa0 kernel/exit.c:828 [<000000003023b5cd>] do_group_exit+0x111/0x300 kernel/exit.c:945 [<00000000b837e78c>] SYSC_exit_group kernel/exit.c:956 [inline] [<00000000b837e78c>] SyS_exit_group+0x1d/0x20 kernel/exit.c:954 [<00000000186de64e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<000000002ad89e81>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [<00000000f03f97f2>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline] #0: (rcu_read_lock){......}, at: [<00000000f03f97f2>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263 #1: (tasklist_lock){.+.+..}, at: [<00000000823a20fb>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4336 2 locks held by getty/2023: #0: (&tty->ldisc_sem){++++++}, at: [<0000000031750ffb>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+...}, at: [<00000000df1688fb>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156 1 lock held by syz-executor.0/2466: #0: (&mm->mmap_sem){++++++}, at: [<00000000b14244fa>] exit_mm kernel/exit.c:480 [inline] #0: (&mm->mmap_sem){++++++}, at: [<00000000b14244fa>] do_exit+0x3b7/0x2aa0 kernel/exit.c:828 1 lock held by syz-executor.0/2468: #0: (&mm->mmap_sem){++++++}, at: [<00000000b14244fa>] exit_mm kernel/exit.c:480 [inline] #0: (&mm->mmap_sem){++++++}, at: [<00000000b14244fa>] do_exit+0x3b7/0x2aa0 kernel/exit.c:828 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.183+ #4 ffff8801d98efcc8 ffffffff81b580a1 0000000000000000 0000000000000000 0000000000000000 ffffffff81099a01 dffffc0000000000 ffff8801d98efd00 ffffffff81b6333c 0000000000000000 0000000000000000 0000000000000000 Call Trace: [<00000000e6b27b9a>] __dump_stack lib/dump_stack.c:15 [inline] [<00000000e6b27b9a>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000e324ab66>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99 [<000000000bead664>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60 [<000000001ec887e1>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [<000000004a49b0a5>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [<000000004a49b0a5>] check_hung_task kernel/hung_task.c:126 [inline] [<000000004a49b0a5>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline] [<000000004a49b0a5>] watchdog+0x670/0xaf0 kernel/hung_task.c:263 [<00000000f71833ed>] kthread+0x278/0x310 kernel/kthread.c:211 [<00000000361be5c0>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 2467 Comm: syz-executor.0 Not tainted 4.9.183+ #4 task: 00000000591f92b5 task.stack: 000000004018f7b3 RIP: 0010:[] c [<00000000f2af3703>] __mutex_unlock_slowpath+0x4b/0x3e0 kernel/locking/mutex.c:762 RSP: 0018:ffff8801c4c27b80 EFLAGS: 00000282 RAX: dffffc0000000000 RBX: ffffffff841f5ac0 RCX: dffffc0000000000 RDX: ffffed0038984f72 RSI: ffffffff813e0178 RDI: ffff8801c6f03e60 RBP: ffff8801c4c27c18 R08: 0000000000000000 R09: ffff8801c6e13878 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c6f03e60 R13: ffff8801c4c27bb0 R14: 1ffff10038984f72 R15: ffff8801c6f03e60 FS: 00007f4801837700(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f64f4a70000 CR3: 00000001c72d7000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: 0000000041b58ab3c ffffffff82e33f79c 0000000041b58ab3c ffffffff82e33f8fc ffffffff82813460c ffff8801c6e13850c 0000000000000001c ffff8801c4c27bb0c 1ffff10038dc270ac 0000000000000000c 0000000000000000c ffff8801c6f03e60c Call Trace: [<000000008a2c84a8>] mutex_unlock+0x9/0x10 kernel/locking/mutex.c:437 [<00000000206fee92>] perf_mmap+0x620/0x1580 kernel/events/core.c:5291 [<000000004f4ab058>] mmap_region+0x7e7/0xfa0 mm/mmap.c:1726 [<000000002f2876a8>] do_mmap+0x539/0xbc0 mm/mmap.c:1505 [<0000000002e75b8d>] do_mmap_pgoff include/linux/mm.h:2047 [inline] [<0000000002e75b8d>] vm_mmap_pgoff+0x179/0x1c0 mm/util.c:329 [<000000006bbcafaf>] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [<000000006bbcafaf>] SyS_mmap_pgoff+0xfa/0x1b0 mm/mmap.c:1513 [<0000000015767b03>] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [<0000000015767b03>] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [<00000000186de64e>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<000000002ad89e81>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c8d c14 c06 c41 c54 c49 c89 cfc c53 c4c c8d c6d c98 c48 cc7 cc3 cc0 c5a c1f c84 c48 c83 cec c70 c48 cc7 c45 c80 c8f c3f ce3 c82 c48 cc7 c85 c78 cff cff cff cb3 c8a cb5 c41 c<48> cc7 c45 c88 c60 c34 c81 c82 cc7 c02 cf1 cf1 cf1 cf1 cc7 c42 c04 c00 c00 cf3 cf3 c