kobject: 'kvm' (0000000098f779d6): kobject_uevent_env ====================================================== WARNING: possible circular locking dependency detected 4.19.37 #5 Not tainted ------------------------------------------------------ syz-executor.1/14171 is trying to acquire lock: 000000008abd1c8a (&acct->lock#2){+.+.}, at: acct_pin_kill+0x27/0x100 kernel/acct.c:173 kobject: 'kvm' (0000000098f779d6): fill_kobj_path: path = '/devices/virtual/misc/kvm' but task is already holding lock: 000000003ab8a5f3 (sb_writers#4){.+.+}, at: sb_start_write include/linux/fs.h:1569 [inline] 000000003ab8a5f3 (sb_writers#4){.+.+}, at: mnt_want_write+0x3f/0xc0 fs/namespace.c:360 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (sb_writers#4){.+.+}: percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] __sb_start_write+0x20b/0x360 fs/super.c:1387 sb_start_write include/linux/fs.h:1569 [inline] mnt_want_write+0x3f/0xc0 fs/namespace.c:360 ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:24 ovl_do_remove+0xf8/0xd90 fs/overlayfs/dir.c:843 ovl_unlink+0x18/0x20 fs/overlayfs/dir.c:888 vfs_unlink+0x2d8/0x500 fs/namei.c:3999 do_unlinkat+0x3f7/0x6d0 fs/namei.c:4062 __do_sys_unlink fs/namei.c:4109 [inline] __se_sys_unlink fs/namei.c:4107 [inline] __x64_sys_unlink+0x42/0x50 fs/namei.c:4107 kobject: 'kvm' (0000000098f779d6): kobject_uevent_env do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe kobject: 'kvm' (0000000098f779d6): fill_kobj_path: path = '/devices/virtual/misc/kvm' -> #1 (&ovl_i_mutex_key[depth]){+.+.}: down_write+0x38/0x90 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:738 [inline] ovl_write_iter+0x148/0xc20 fs/overlayfs/file.c:231 call_write_iter include/linux/fs.h:1811 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x58e/0x820 fs/read_write.c:487 __kernel_write+0x110/0x390 fs/read_write.c:506 do_acct_process+0xd37/0x1150 kernel/acct.c:520 slow_acct_process kernel/acct.c:579 [inline] acct_process+0x568/0x61e kernel/acct.c:605 do_exit+0x17c0/0x2fa0 kernel/exit.c:866 do_group_exit+0x135/0x370 kernel/exit.c:979 get_signal+0x399/0x1d50 kernel/signal.c:2572 do_signal+0x95/0x1950 arch/x86/kernel/signal.c:816 exit_to_usermode_loop+0x244/0x2c0 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x52d/0x610 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&acct->lock#2){+.+.}: lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3900 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 acct_pin_kill+0x27/0x100 kernel/acct.c:173 pin_kill+0x18f/0x860 fs/fs_pin.c:50 acct_on+0x574/0x790 kernel/acct.c:254 __do_sys_acct kernel/acct.c:286 [inline] __se_sys_acct kernel/acct.c:273 [inline] __x64_sys_acct+0xae/0x200 kernel/acct.c:273 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Chain exists of: &acct->lock#2 --> &ovl_i_mutex_key[depth] --> sb_writers#4 Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(sb_writers#4); lock(&ovl_i_mutex_key[depth]); lock(sb_writers#4); lock(&acct->lock#2); *** DEADLOCK *** 2 locks held by syz-executor.1/14171: #0: 00000000ff873e4b (acct_on_mutex){+.+.}, at: __do_sys_acct kernel/acct.c:285 [inline] #0: 00000000ff873e4b (acct_on_mutex){+.+.}, at: __se_sys_acct kernel/acct.c:273 [inline] #0: 00000000ff873e4b (acct_on_mutex){+.+.}, at: __x64_sys_acct+0xa6/0x200 kernel/acct.c:273 #1: 000000003ab8a5f3 (sb_writers#4){.+.+}, at: sb_start_write include/linux/fs.h:1569 [inline] #1: 000000003ab8a5f3 (sb_writers#4){.+.+}, at: mnt_want_write+0x3f/0xc0 fs/namespace.c:360 stack backtrace: CPU: 0 PID: 14171 Comm: syz-executor.1 Not tainted 4.19.37 #5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1221 check_prev_add kernel/locking/lockdep.c:1861 [inline] check_prevs_add kernel/locking/lockdep.c:1974 [inline] validate_chain kernel/locking/lockdep.c:2415 [inline] __lock_acquire+0x2e6d/0x48f0 kernel/locking/lockdep.c:3411 lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3900 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 acct_pin_kill+0x27/0x100 kernel/acct.c:173 pin_kill+0x18f/0x860 fs/fs_pin.c:50 acct_on+0x574/0x790 kernel/acct.c:254 __do_sys_acct kernel/acct.c:286 [inline] __se_sys_acct kernel/acct.c:273 [inline] __x64_sys_acct+0xae/0x200 kernel/acct.c:273 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458da9 Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ff619411c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000458da9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 RBP: 000000000073c0e0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6194126d4 R13: 00000000004becd2 R14: 00000000004cfa50 R15: 00000000ffffffff kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' Process accounting resumed Process accounting resumed overlayfs: filesystem on './file0' not supported as upperdir kobject: 'loop1' (00000000ca61e568): kobject_uevent_env kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' kauditd_printk_skb: 220 callbacks suppressed audit: type=1400 audit(1556448412.342:10075): avc: denied { map } for pid=14195 comm="blkid" path="/lib/x86_64-linux-gnu/libuuid.so.1.3.0" dev="sda1" ino=2819 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(1556448412.382:10076): avc: denied { map } for pid=14195 comm="blkid" path="/lib/x86_64-linux-gnu/libuuid.so.1.3.0" dev="sda1" ino=2819 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop3' (000000003654884c): kobject_uevent_env audit: type=1400 audit(1556448412.972:10077): avc: denied { prog_load } for pid=14199 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 kobject: 'loop3' (000000003654884c): fill_kobj_path: path = '/devices/virtual/block/loop3' audit: type=1400 audit(1556448413.012:10078): avc: denied { prog_run } for pid=14199 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env audit: type=1400 audit(1556448413.222:10079): avc: denied { map } for pid=14209 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' audit: type=1400 audit(1556448413.282:10080): avc: denied { map } for pid=14209 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' audit: type=1400 audit(1556448413.282:10081): avc: denied { map } for pid=14209 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop1' (00000000ca61e568): kobject_uevent_env kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' audit: type=1400 audit(1556448413.282:10082): avc: denied { map } for pid=14209 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' audit: type=1400 audit(1556448413.292:10083): avc: denied { map } for pid=14209 comm="blkid" path="/etc/ld.so.cache" dev="sda1" ino=2251 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(1556448413.332:10084): avc: denied { map } for pid=14209 comm="blkid" path="/lib/x86_64-linux-gnu/libblkid.so.1.1.0" dev="sda1" ino=2825 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop1' (00000000ca61e568): kobject_uevent_env kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop3' (000000003654884c): kobject_uevent_env kobject: 'loop3' (000000003654884c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'input18' (000000005d15bedf): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'input18' (000000005d15bedf): kobject_uevent_env kobject: 'input18' (000000005d15bedf): fill_kobj_path: path = '/devices/virtual/input/input18' 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'input18' (000000005d15bedf): fill_kobj_path: path = '/devices/virtual/input/input18' kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env input: syz1 as /devices/virtual/input/input18 kobject: 'event4' (000000005e9459dc): kobject_add_internal: parent: 'input18', set: 'devices' kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'event4' (000000005e9459dc): kobject_uevent_env kobject: 'event4' (000000005e9459dc): fill_kobj_path: path = '/devices/virtual/input/input18/event4' kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'event4' (000000005e9459dc): kobject_uevent_env kobject: 'event4' (000000005e9459dc): fill_kobj_path: path = '/devices/virtual/input/input18/event4' 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: '(null)' (00000000d2486a41): kobject_cleanup, parent 000000005e9459dc kobject: '(null)' (00000000d2486a41): calling ktype release kobject: 'loop1' (00000000ca61e568): kobject_uevent_env kobject: 'event4' (000000005e9459dc): kobject_cleanup, parent (null) kobject: 'event4' (000000005e9459dc): calling ktype release kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'event4': free name kobject: 'input18' (000000005d15bedf): kobject_uevent_env kobject: 'input18' (000000005d15bedf): fill_kobj_path: path = '/devices/virtual/input/input18' kobject: 'input18' (000000005d15bedf): kobject_cleanup, parent (null) kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'input18' (000000005d15bedf): calling ktype release kobject: 'input18': free name kobject: 'input19' (0000000010323b6d): kobject_add_internal: parent: 'input', set: 'devices' kobject: 'loop3' (000000003654884c): kobject_uevent_env 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop3' (000000003654884c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'input19' (0000000010323b6d): kobject_uevent_env kobject: 'input19' (0000000010323b6d): fill_kobj_path: path = '/devices/virtual/input/input19' kobject: 'input19' (0000000010323b6d): fill_kobj_path: path = '/devices/virtual/input/input19' input: syz1 as /devices/virtual/input/input19 kobject: 'event4' (00000000ef8bc2de): kobject_add_internal: parent: 'input19', set: 'devices' kobject: 'event4' (00000000ef8bc2de): kobject_uevent_env kobject: 'event4' (00000000ef8bc2de): fill_kobj_path: path = '/devices/virtual/input/input19/event4' kobject: 'event4' (00000000ef8bc2de): kobject_uevent_env kobject: 'event4' (00000000ef8bc2de): fill_kobj_path: path = '/devices/virtual/input/input19/event4' kobject: '(null)' (000000009e896ded): kobject_cleanup, parent 00000000ef8bc2de kobject: '(null)' (000000009e896ded): calling ktype release kobject: 'event4' (00000000ef8bc2de): kobject_cleanup, parent (null) kobject: 'event4' (00000000ef8bc2de): calling ktype release kobject: 'event4': free name kobject: 'input19' (0000000010323b6d): kobject_uevent_env kobject: 'input19' (0000000010323b6d): fill_kobj_path: path = '/devices/virtual/input/input19' kobject: 'input19' (0000000010323b6d): kobject_cleanup, parent (null) kobject: 'input19' (0000000010323b6d): calling ktype release kobject: 'input19': free name 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop1' (00000000ca61e568): kobject_uevent_env 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (000000003654884c): kobject_uevent_env kauditd_printk_skb: 206 callbacks suppressed audit: type=1400 audit(1556448417.392:10291): avc: denied { map } for pid=14299 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop3' (000000003654884c): fill_kobj_path: path = '/devices/virtual/block/loop3' audit: type=1400 audit(1556448417.452:10293): avc: denied { map } for pid=14299 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(1556448417.422:10292): avc: denied { create } for pid=14297 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 9pnet_virtio: no channels available for device éq‰Y’3aK audit: type=1400 audit(1556448417.452:10294): avc: denied { map } for pid=14299 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop1' (00000000ca61e568): kobject_uevent_env 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' audit: type=1400 audit(1556448417.452:10295): avc: denied { map } for pid=14299 comm="blkid" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' audit: type=1400 audit(1556448417.492:10296): avc: denied { map } for pid=14299 comm="blkid" path="/etc/ld.so.cache" dev="sda1" ino=2251 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env audit: type=1400 audit(1556448417.492:10297): avc: denied { map } for pid=14299 comm="blkid" path="/lib/x86_64-linux-gnu/libblkid.so.1.1.0" dev="sda1" ino=2825 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 CPU: 1 PID: 14324 Comm: syz-executor.1 Not tainted 4.19.37 #5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] kmem_cache_alloc+0x47/0x700 mm/slab.c:3557 kmem_cache_zalloc include/linux/slab.h:699 [inline] ebitmap_cpy+0xcd/0x270 security/selinux/ss/ebitmap.c:60 mls_context_cpy_low security/selinux/ss/context.h:71 [inline] mls_compute_sid+0x5d0/0xf60 security/selinux/ss/mls.c:566 security_compute_sid.part.0+0xad9/0x15d0 security/selinux/ss/services.c:1785 security_compute_sid security/selinux/ss/services.c:1825 [inline] security_transition_sid+0x126/0x190 security/selinux/ss/services.c:1825 socket_sockcreate_sid security/selinux/hooks.c:4534 [inline] socket_sockcreate_sid security/selinux/hooks.c:4526 [inline] selinux_socket_create+0x452/0x610 security/selinux/hooks.c:4568 security_socket_create+0x81/0xc0 security/security.c:1379 __sock_create+0x8e/0x750 net/socket.c:1231 sock_create net/socket.c:1316 [inline] __sys_socket+0x103/0x220 net/socket.c:1346 __do_sys_socket net/socket.c:1355 [inline] __se_sys_socket net/socket.c:1353 [inline] __x64_sys_socket+0x73/0xb0 net/socket.c:1353 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458da9 Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ff619474c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 00007ff619474c90 RCX: 0000000000458da9 RDX: 0000000000000088 RSI: 0000000000000002 RDI: 0000000000000002 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6194756d4 R13: 00000000004c74da R14: 00000000004dd238 R15: 0000000000000003 audit: type=1400 audit(1556448417.492:10298): avc: denied { map } for pid=14299 comm="blkid" path="/lib/x86_64-linux-gnu/libblkid.so.1.1.0" dev="sda1" ino=2825 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 9pnet_virtio: no channels available for device éq‰Y’3aK audit: type=1400 audit(1556448417.572:10299): avc: denied { map } for pid=14299 comm="blkid" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 audit: type=1400 audit(1556448417.572:10300): avc: denied { map } for pid=14299 comm="blkid" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop3' (000000003654884c): kobject_uevent_env kobject: 'loop3' (000000003654884c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop1' (00000000ca61e568): kobject_uevent_env kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5' 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop2' (00000000b1e6b7e2): kobject_uevent_env kobject: 'loop2' (00000000b1e6b7e2): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop3' (000000003654884c): kobject_uevent_env kobject: 'loop3' (000000003654884c): fill_kobj_path: path = '/devices/virtual/block/loop3' FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 14344 Comm: syz-executor.1 Not tainted 4.19.37 #5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] kmem_cache_alloc+0x47/0x700 mm/slab.c:3557 kmem_cache_zalloc include/linux/slab.h:699 [inline] ebitmap_cpy+0xcd/0x270 security/selinux/ss/ebitmap.c:60 mls_context_cpy_low security/selinux/ss/context.h:71 [inline] mls_compute_sid+0x5d0/0xf60 security/selinux/ss/mls.c:566 security_compute_sid.part.0+0xad9/0x15d0 security/selinux/ss/services.c:1785 security_compute_sid security/selinux/ss/services.c:1825 [inline] security_transition_sid+0x126/0x190 security/selinux/ss/services.c:1825 socket_sockcreate_sid security/selinux/hooks.c:4534 [inline] socket_sockcreate_sid security/selinux/hooks.c:4526 [inline] selinux_socket_create+0x452/0x610 security/selinux/hooks.c:4568 security_socket_create+0x81/0xc0 security/security.c:1379 __sock_create+0x8e/0x750 net/socket.c:1231 sock_create net/socket.c:1316 [inline] __sys_socket+0x103/0x220 net/socket.c:1346 __do_sys_socket net/socket.c:1355 [inline] __se_sys_socket net/socket.c:1353 [inline] __x64_sys_socket+0x73/0xb0 net/socket.c:1353 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458da9 Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ff619474c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 00007ff619474c90 RCX: 0000000000458da9 RDX: 0000000000000088 RSI: 0000000000000002 RDI: 0000000000000002 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6194756d4 R13: 00000000004c74da R14: 00000000004dd238 R15: 0000000000000003 kobject: 'loop4' (00000000d64d7b4d): kobject_uevent_env kobject: 'loop4' (00000000d64d7b4d): fill_kobj_path: path = '/devices/virtual/block/loop4' 9pnet_virtio: no channels available for device éq‰Y’3aK 9pnet_virtio: no channels available for device éq‰Y’3aK kobject: 'loop1' (00000000ca61e568): kobject_uevent_env kobject: 'loop1' (00000000ca61e568): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000f208e514): kobject_uevent_env kobject: 'loop5' (00000000f208e514): fill_kobj_path: path = '/devices/virtual/block/loop5'