0 pages HighMem/MovableOnly 313294 pages reserved SELinux: policydb magic number 0x7fff8c does not match expected magic number 0xf97cff8c SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket ====================================================== [ INFO: possible circular locking dependency detected ] 4.4.174+ #4 Not tainted ------------------------------------------------------- syz-executor.0/25630 is trying to acquire lock: (sel_mutex){+.+.+.}, at: [] sel_commit_bools_write+0x89/0x260 security/selinux/selinuxfs.c:1142 but task is already holding lock: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock_nested fs/pipe.c:65 [inline] (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x63/0x80 fs/pipe.c:73 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621 [] __pipe_lock fs/pipe.c:86 [inline] [] fifo_open+0x15d/0xa00 fs/pipe.c:896 [] do_dentry_open+0x38f/0xbd0 fs/open.c:749 [] vfs_open+0x10b/0x210 fs/open.c:862 [] do_last fs/namei.c:3269 [inline] [] path_openat+0x136f/0x4470 fs/namei.c:3406 [] do_filp_open+0x1a1/0x270 fs/namei.c:3440 [] do_open_execat+0x10c/0x6e0 fs/exec.c:805 [] do_execveat_common.isra.0+0x6f6/0x1e90 fs/exec.c:1577 [] do_execve fs/exec.c:1683 [inline] [] SYSC_execve fs/exec.c:1764 [inline] [] SyS_execve+0x42/0x50 fs/exec.c:1759 vmalloc: allocation failure: 0 bytes syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 1 PID: 25643 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 1e64eb79f81c0677 ffff8800928af9f0 ffffffff81aad1a1 1ffff10012515f41 ffff8800a5d92f80 00000000024000c2 0000000000000000 ffffffff82895080 ffff8800928afb00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a Mem-Info: active_anon:286253 inactive_anon:16869 isolated_anon:0 active_file:6803 inactive_file:28079 isolated_file:0 unevictable:3 dirty:184 writeback:0 unstable:0 slab_reclaimable:7057 slab_unreclaimable:67364 mapped:67468 shmem:21231 pagetables:11089 bounce:0 free:1146697 free_pcp:378 free_cma:0 DMA32 free:2095360kB min:4696kB low:5868kB high:7044kB active_anon:524416kB inactive_anon:31188kB active_file:12472kB inactive_file:53248kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:368kB writeback:0kB mapped:123888kB shmem:39200kB slab_reclaimable:13128kB slab_unreclaimable:120648kB kernel_stack:8224kB pagetables:20292kB unstable:0kB bounce:0kB free_pcp:704kB local_pcp:428kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2491428kB min:5580kB low:6972kB high:8368kB active_anon:620596kB inactive_anon:36288kB active_file:14740kB inactive_file:59068kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:368kB writeback:0kB mapped:145984kB shmem:45724kB slab_reclaimable:15100kB slab_unreclaimable:148808kB kernel_stack:11008kB pagetables:24064kB unstable:0kB bounce:0kB free_pcp:808kB local_pcp:384kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA32: 132*4kB (UME) 542*8kB (UME) 270*16kB (UME) 93*32kB (UME) 36*64kB (UM) 27*128kB (M) 11*256kB (ME) 22*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2095360kB Normal: 131*4kB (UME) 350*8kB (UME) 298*16kB (UME) 113*32kB (UME) 50*64kB (UME) 23*128kB (UME) 14*256kB (UME) 6*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2491324kB 56112 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved SELinux: policydb version 318738 does not match my version range 15-30 vmalloc: allocation failure: 0 bytes syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 1 PID: 25655 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 63f6a21594e931e0 ffff88009e47f9f0 ffffffff81aad1a1 1ffff10013c8ff41 ffff8801d404df00 00000000024000c2 0000000000000000 ffffffff82895080 ffff88009e47fb00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a Mem-Info: active_anon:286203 inactive_anon:16869 isolated_anon:0 active_file:6803 inactive_file:27779 isolated_file:0 unevictable:3 dirty:184 writeback:0 unstable:0 slab_reclaimable:7057 slab_unreclaimable:67447 mapped:67431 shmem:21231 pagetables:11052 bounce:0 free:1146696 free_pcp:507 free_cma:0 DMA32 free:2095528kB min:4696kB low:5868kB high:7044kB active_anon:524316kB inactive_anon:31188kB active_file:12472kB inactive_file:52348kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:368kB writeback:0kB mapped:123888kB shmem:39200kB slab_reclaimable:13128kB slab_unreclaimable:120752kB kernel_stack:8224kB pagetables:20292kB unstable:0kB bounce:0kB free_pcp:984kB local_pcp:708kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2491256kB min:5580kB low:6972kB high:8368kB active_anon:620496kB inactive_anon:36288kB active_file:14740kB inactive_file:58768kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:368kB writeback:0kB mapped:145836kB shmem:45724kB slab_reclaimable:15100kB slab_unreclaimable:149036kB kernel_stack:11008kB pagetables:23916kB unstable:0kB bounce:0kB free_pcp:1044kB local_pcp:620kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA32: 218*4kB (UME) 559*8kB (UME) 271*16kB (UME) 85*32kB (UME) 36*64kB (UM) 27*128kB (M) 11*256kB (ME) 22*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2095600kB Normal: 182*4kB (UME) 355*8kB (UME) 302*16kB (UME) 98*32kB (UME) 49*64kB (UME) 24*128kB (UME) 14*256kB (UME) 6*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2491216kB 55779 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved vmalloc: allocation failure: 0 bytes syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 1 PID: 25658 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 849ace31689dd830 ffff8800b6df79f0 ffffffff81aad1a1 1ffff10016dbef41 ffff8801d6fa4740 00000000024000c2 0000000000000000 ffffffff82895080 ffff8800b6df7b00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a Mem-Info: active_anon:286203 inactive_anon:16869 isolated_anon:0 active_file:6803 inactive_file:27354 isolated_file:0 unevictable:3 dirty:184 writeback:0 unstable:0 slab_reclaimable:7057 slab_unreclaimable:67447 mapped:67431 shmem:21231 pagetables:11052 bounce:0 free:1147145 free_pcp:473 free_cma:0 DMA32 free:2096124kB min:4696kB low:5868kB high:7044kB active_anon:524316kB inactive_anon:31188kB active_file:12472kB inactive_file:51948kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:368kB writeback:0kB mapped:123888kB shmem:39200kB slab_reclaimable:13128kB slab_unreclaimable:120752kB kernel_stack:8224kB pagetables:20292kB unstable:0kB bounce:0kB free_pcp:812kB local_pcp:536kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2492456kB min:5580kB low:6972kB high:8368kB active_anon:620496kB inactive_anon:36288kB active_file:14740kB inactive_file:57468kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:368kB writeback:0kB mapped:145836kB shmem:45724kB slab_reclaimable:15100kB slab_unreclaimable:149036kB kernel_stack:11008kB pagetables:23916kB unstable:0kB bounce:0kB free_pcp:1080kB local_pcp:656kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA32: 357*4kB (UME) 559*8kB (UME) 271*16kB (UME) 84*32kB (UME) 36*64kB (UM) 27*128kB (M) 11*256kB (ME) 22*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2096124kB Normal: 434*4kB (UME) 374*8kB (UME) 303*16kB (UME) 100*32kB (UME) 49*64kB (UME) 24*128kB (UME) 14*256kB (UME) 6*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2492456kB 55372 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved vmalloc: allocation failure: 0 bytes syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 1 PID: 25660 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 dc255681911f2f2f ffff8801d8b279f0 ffffffff81aad1a1 1ffff1003b164f41 ffff8800babb17c0 00000000024000c2 0000000000000000 ffffffff82895080 ffff8801d8b27b00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a Mem-Info: active_anon:286192 inactive_anon:16869 isolated_anon:0 active_file:6794 inactive_file:27331 isolated_file:0 unevictable:3 dirty:190 writeback:0 unstable:0 slab_reclaimable:7057 slab_unreclaimable:67460 mapped:67436 shmem:21231 pagetables:11063 bounce:0 free:1147147 free_pcp:470 free_cma:0 DMA32 free:2096248kB min:4696kB low:5868kB high:7044kB active_anon:524304kB inactive_anon:31188kB active_file:12472kB inactive_file:51872kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:380kB writeback:0kB mapped:123888kB shmem:39200kB slab_reclaimable:13128kB slab_unreclaimable:120748kB kernel_stack:8576kB pagetables:20220kB unstable:0kB bounce:0kB free_pcp:916kB local_pcp:640kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2492340kB min:5580kB low:6972kB high:8368kB active_anon:620464kB inactive_anon:36288kB active_file:14704kB inactive_file:57452kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:380kB writeback:0kB mapped:145856kB shmem:45724kB slab_reclaimable:15100kB slab_unreclaimable:149092kB kernel_stack:11392kB pagetables:24032kB unstable:0kB bounce:0kB free_pcp:964kB local_pcp:540kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA32: 388*4kB (UME) 559*8kB (UME) 271*16kB (UME) 84*32kB (UME) 36*64kB (UM) 27*128kB (M) 11*256kB (ME) 22*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2096248kB Normal: 403*4kB (UME) 374*8kB (UME) 303*16kB (UME) 97*32kB (UME) 49*64kB (UME) 24*128kB (UME) 14*256kB (UME) 6*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2492236kB 55355 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved SELinux: policydb version 318738 does not match my version range 15-30 [] return_from_execve+0x0/0x23 [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_killable_nested+0xd2/0xd00 kernel/locking/mutex.c:641 [] do_io_accounting+0x1f2/0x7f0 fs/proc/base.c:2666 [] proc_tid_io_accounting+0x20/0x30 fs/proc/base.c:2709 [] proc_single_show+0xf6/0x160 fs/proc/base.c:805 [] seq_read+0x4cd/0x1240 fs/seq_file.c:240 [] do_loop_readv_writev+0x148/0x1e0 fs/read_write.c:682 [] do_readv_writev+0x573/0x6e0 fs/read_write.c:812 [] vfs_readv+0x7a/0xb0 fs/read_write.c:836 [] SYSC_preadv fs/read_write.c:914 [inline] [] SyS_preadv+0x18e/0x230 fs/read_write.c:900 [] entry_SYSCALL_64_fastpath+0x1e/0x9a [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621 [] seq_read+0xd6/0x1240 fs/seq_file.c:178 [] do_loop_readv_writev+0x148/0x1e0 fs/read_write.c:682 [] do_readv_writev+0x573/0x6e0 fs/read_write.c:812 [] vfs_readv+0x7a/0xb0 fs/read_write.c:836 [] kernel_readv fs/splice.c:586 [inline] [] default_file_splice_read+0x3ac/0x8b0 fs/splice.c:662 [] do_splice_to+0xff/0x160 fs/splice.c:1154 [] splice_direct_to_actor+0x249/0x850 fs/splice.c:1226 [] do_splice_direct+0x1a5/0x260 fs/splice.c:1337 [] do_sendfile+0x4ed/0xba0 fs/read_write.c:1229 [] SYSC_sendfile64 fs/read_write.c:1290 [inline] [] SyS_sendfile64+0x137/0x150 fs/read_write.c:1276 [] entry_SYSCALL_64_fastpath+0x1e/0x9a [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] percpu_down_read include/linux/percpu-rwsem.h:26 [inline] [] __sb_start_write+0x1af/0x310 fs/super.c:1239 [] sb_start_write include/linux/fs.h:1517 [inline] [] ext4_run_li_request fs/ext4/super.c:2685 [inline] [] ext4_lazyinit_thread fs/ext4/super.c:2784 [inline] [] ext4_lazyinit_thread+0x1e4/0x7b0 fs/ext4/super.c:2760 [] kthread+0x273/0x310 kernel/kthread.c:211 [] ret_from_fork+0x55/0x80 arch/x86/entry/entry_64.S:537 [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621 [] ext4_register_li_request+0x2fd/0x7d0 fs/ext4/super.c:2972 [] ext4_remount+0x1366/0x1b90 fs/ext4/super.c:4922 [] do_remount_sb2+0x41b/0x7a0 fs/super.c:781 [] do_remount fs/namespace.c:2347 [inline] [] do_mount+0xfdb/0x2a40 fs/namespace.c:2860 [] SYSC_mount fs/namespace.c:3063 [inline] [] SyS_mount+0x130/0x1d0 fs/namespace.c:3041 [] entry_SYSCALL_64_fastpath+0x1e/0x9a [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621 [] ext4_register_li_request+0x89/0x7d0 fs/ext4/super.c:2945 [] ext4_remount+0x1366/0x1b90 fs/ext4/super.c:4922 [] do_remount_sb2+0x41b/0x7a0 fs/super.c:781 [] do_remount fs/namespace.c:2347 [inline] [] do_mount+0xfdb/0x2a40 fs/namespace.c:2860 [] SYSC_mount fs/namespace.c:3063 [inline] [] SyS_mount+0x130/0x1d0 fs/namespace.c:3041 [] entry_SYSCALL_64_fastpath+0x1e/0x9a [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] down_read+0x42/0x60 kernel/locking/rwsem.c:22 [] iterate_supers+0xe1/0x250 fs/super.c:547 [] selinux_complete_init+0x2f/0x31 security/selinux/hooks.c:6154 [] security_load_policy+0x69d/0x9c0 security/selinux/ss/services.c:2060 [] sel_write_load+0x175/0xf90 security/selinux/selinuxfs.c:535 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a [] check_prev_add kernel/locking/lockdep.c:1853 [inline] [] check_prevs_add kernel/locking/lockdep.c:1958 [inline] [] validate_chain kernel/locking/lockdep.c:2144 [inline] [] __lock_acquire+0x37d6/0x4f50 kernel/locking/lockdep.c:3213 [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621 [] sel_commit_bools_write+0x89/0x260 security/selinux/selinuxfs.c:1142 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] __kernel_write+0x112/0x370 fs/read_write.c:513 [] write_pipe_buf+0x15d/0x1f0 fs/splice.c:1074 [] splice_from_pipe_feed fs/splice.c:776 [inline] [] __splice_from_pipe+0x37e/0x7a0 fs/splice.c:901 [] splice_from_pipe+0x108/0x170 fs/splice.c:936 [] default_file_splice_write+0x3c/0x80 fs/splice.c:1086 [] do_splice_from fs/splice.c:1128 [inline] [] do_splice fs/splice.c:1404 [inline] [] SYSC_splice fs/splice.c:1707 [inline] [] SyS_splice+0xd71/0x13a0 fs/splice.c:1690 [] entry_SYSCALL_64_fastpath+0x1e/0x9a other info that might help us debug this: Chain exists of: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&pipe->mutex/1); lock(&sig->cred_guard_mutex); lock(&pipe->mutex/1); lock(sel_mutex); *** DEADLOCK *** 2 locks held by syz-executor.0/25630: #0: (sb_writers#3){.+.+.+}, at: [] file_start_write include/linux/fs.h:2543 [inline] #0: (sb_writers#3){.+.+.+}, at: [] do_splice fs/splice.c:1403 [inline] #0: (sb_writers#3){.+.+.+}, at: [] SYSC_splice fs/splice.c:1707 [inline] #0: (sb_writers#3){.+.+.+}, at: [] SyS_splice+0xf2d/0x13a0 fs/splice.c:1690 #1: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock_nested fs/pipe.c:65 [inline] #1: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x63/0x80 fs/pipe.c:73 stack backtrace: CPU: 0 PID: 25630 Comm: syz-executor.0 Not tainted 4.4.174+ #4 0000000000000000 1dcdc37726a1e76c ffff8800b5a0f5c0 ffffffff81aad1a1 ffffffff84057a80 ffff8800b2c12f80 ffffffff83ab8870 ffffffff83abd460 ffffffff83ab66b0 ffff8800b5a0f610 ffffffff813abcda ffffffff83e79b80 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] print_circular_bug.cold+0x2f7/0x44e kernel/locking/lockdep.c:1226 [] check_prev_add kernel/locking/lockdep.c:1853 [inline] [] check_prevs_add kernel/locking/lockdep.c:1958 [inline] [] validate_chain kernel/locking/lockdep.c:2144 [inline] [] __lock_acquire+0x37d6/0x4f50 kernel/locking/lockdep.c:3213 [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621 [] sel_commit_bools_write+0x89/0x260 security/selinux/selinuxfs.c:1142 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] __kernel_write+0x112/0x370 fs/read_write.c:513 [] write_pipe_buf+0x15d/0x1f0 fs/splice.c:1074 [] splice_from_pipe_feed fs/splice.c:776 [inline] [] __splice_from_pipe+0x37e/0x7a0 fs/splice.c:901 [] splice_from_pipe+0x108/0x170 fs/splice.c:936 [] default_file_splice_write+0x3c/0x80 fs/splice.c:1086 [] do_splice_from fs/splice.c:1128 [inline] [] do_splice fs/splice.c:1404 [inline] [] SYSC_splice fs/splice.c:1707 [inline] [] SyS_splice+0xd71/0x13a0 fs/splice.c:1690 [] entry_SYSCALL_64_fastpath+0x1e/0x9a vmalloc: allocation failure: 0 bytes syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 0 PID: 25674 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 b5a736c058b590c6 ffff8800b7ebf9f0 ffffffff81aad1a1 1ffff10016fd7f41 ffff8800b344af80 00000000024000c2 0000000000000000 ffffffff82895080 ffff8800b7ebfb00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a audit: type=1400 audit(1574072535.426:1299): avc: denied { create } for pid=25679 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 audit: type=1400 audit(1574072535.906:1300): avc: denied { create } for pid=25679 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 Mem-Info: active_anon:286148 inactive_anon:16871 isolated_anon:0 active_file:6825 inactive_file:27581 isolated_file:0 unevictable:3 dirty:197 writeback:5 unstable:0 slab_reclaimable:7007 slab_unreclaimable:67366 mapped:67436 shmem:21231 pagetables:11003 bounce:0 free:1147475 free_pcp:467 free_cma:0 DMA32 free:2090840kB min:4696kB low:5868kB high:7044kB active_anon:530316kB inactive_anon:31196kB active_file:12604kB inactive_file:52564kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:512kB writeback:0kB mapped:123888kB shmem:39208kB slab_reclaimable:12992kB slab_unreclaimable:120512kB kernel_stack:8064kB pagetables:19888kB unstable:0kB bounce:0kB free_pcp:524kB local_pcp:244kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2484884kB min:5580kB low:6972kB high:8368kB active_anon:629364kB inactive_anon:36284kB active_file:14704kB inactive_file:57848kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:372kB writeback:0kB mapped:146084kB shmem:45716kB slab_reclaimable:14916kB slab_unreclaimable:148920kB kernel_stack:11040kB pagetables:24148kB unstable:0kB bounce:0kB free_pcp:628kB local_pcp:288kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no audit: type=1400 audit(1574072536.606:1301): avc: denied { create } for pid=25733 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 lowmem_reserve[]: 0 0 0 DMA32: 29*4kB (UE) 302*8kB (UME) 86*16kB (UE) 68*32kB (UME) 26*64kB (UM) 27*128kB (M) 11*256kB (ME) 23*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2089156kB Normal: 2*4kB (UM) 125*8kB (UE) 86*16kB (UME) 52*32kB (UME) 9*64kB (UME) 25*128kB (UME) 14*256kB (UME) 8*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2482320kB 55771 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved audit: type=1400 audit(1574072537.136:1302): avc: denied { create } for pid=25733 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 vmalloc: allocation failure: 0 bytes syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 0 PID: 25756 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 ca21bbb991633f5c ffff8801a978f9f0 ffffffff81aad1a1 1ffff100352f1f41 ffff8801b7a60000 00000000024000c2 0000000000000000 ffffffff82895080 ffff8801a978fb00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a Mem-Info: active_anon:294362 inactive_anon:16870 isolated_anon:0 active_file:6829 inactive_file:27597 isolated_file:0 unevictable:3 dirty:226 writeback:0 unstable:0 slab_reclaimable:6981 slab_unreclaimable:67524 mapped:67436 shmem:21231 pagetables:11028 bounce:0 free:1139064 free_pcp:490 free_cma:0 input: syz1 as /devices/virtual/input/input88 audit: type=1400 audit(1574072537.846:1303): avc: denied { create } for pid=25761 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 DMA32 free:2079972kB min:4696kB low:5868kB high:7044kB active_anon:539608kB inactive_anon:31188kB active_file:12604kB inactive_file:52536kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:516kB writeback:0kB mapped:123888kB shmem:39192kB slab_reclaimable:13000kB slab_unreclaimable:121240kB kernel_stack:8064kB pagetables:20136kB unstable:0kB bounce:0kB free_pcp:876kB local_pcp:700kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2475584kB min:5580kB low:6972kB high:8368kB active_anon:638040kB inactive_anon:36292kB active_file:14712kB inactive_file:57852kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:388kB writeback:0kB mapped:145856kB shmem:45732kB slab_reclaimable:14924kB slab_unreclaimable:149192kB kernel_stack:11136kB pagetables:24272kB unstable:0kB bounce:0kB free_pcp:876kB local_pcp:640kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA32: 23*4kB (UM) 331*8kB (UME) 81*16kB (UME) 39*32kB (UME) 8*64kB (U) 2*128kB (UM) 1*256kB (E) 20*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2079908kB Normal: 24*4kB (UME) 136*8kB (UME) 94*16kB (UME) 39*32kB (UME) 7*64kB (UME) 3*128kB (UME) 5*256kB (UE) 5*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2475424kB 55656 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved audit: type=1400 audit(1574072538.136:1304): avc: denied { create } for pid=25775 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 vmalloc: allocation failure: 0 bytes input: syz1 as /devices/virtual/input/input90 audit: type=1400 audit(1574072538.356:1305): avc: denied { create } for pid=25761 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 audit: type=1400 audit(1574072538.396:1306): avc: denied { create } for pid=25775 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 syz-executor.1: page allocation failure: order:0, mode:0x24000c2 CPU: 1 PID: 25782 Comm: syz-executor.1 Not tainted 4.4.174+ #4 0000000000000000 67a3b9da7068115e ffff8801b7e979f0 ffffffff81aad1a1 1ffff10036fd2f41 ffff8801d083df00 00000000024000c2 0000000000000000 ffffffff82895080 ffff8801b7e97b00 ffffffff8148c0cb ffffffff00000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] warn_alloc_failed.cold+0x78/0x99 mm/page_alloc.c:2757 [] __vmalloc_node_range mm/vmalloc.c:1693 [inline] [] __vmalloc_node_range+0x365/0x650 mm/vmalloc.c:1654 [] __vmalloc_node mm/vmalloc.c:1716 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1730 [inline] [] vmalloc+0x5c/0x70 mm/vmalloc.c:1745 [] sel_write_load+0x119/0xf90 security/selinux/selinuxfs.c:527 [] __vfs_write+0x116/0x3d0 fs/read_write.c:491 [] vfs_write+0x182/0x4e0 fs/read_write.c:540 [] SYSC_write fs/read_write.c:587 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:579 [] entry_SYSCALL_64_fastpath+0x1e/0x9a input: syz1 as /devices/virtual/input/input91 Mem-Info: audit: type=1400 audit(1574072538.906:1307): avc: denied { create } for pid=25795 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 active_anon:294380 inactive_anon:16870 isolated_anon:0 active_file:6832 inactive_file:27596 isolated_file:0 unevictable:3 dirty:233 writeback:0 unstable:0 slab_reclaimable:6977 slab_unreclaimable:67842 mapped:67472 shmem:21231 pagetables:11059 bounce:0 free:1138731 free_pcp:516 free_cma:0 DMA32 free:2079796kB min:4696kB low:5868kB high:7044kB active_anon:539684kB inactive_anon:31196kB active_file:12604kB inactive_file:52536kB unevictable:4kB isolated(anon):0kB isolated(file):0kB present:3145324kB managed:3021976kB mlocked:4kB dirty:516kB writeback:0kB mapped:123888kB shmem:39200kB slab_reclaimable:12984kB slab_unreclaimable:121432kB kernel_stack:8160kB pagetables:19988kB unstable:0kB bounce:0kB free_pcp:1064kB local_pcp:452kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 3504 3504 Normal free:2475260kB min:5580kB low:6972kB high:8368kB active_anon:637836kB inactive_anon:36284kB active_file:14724kB inactive_file:57848kB unevictable:8kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3588764kB mlocked:8kB dirty:416kB writeback:0kB mapped:146000kB shmem:45724kB slab_reclaimable:14924kB slab_unreclaimable:149608kB kernel_stack:11168kB pagetables:24248kB unstable:0kB bounce:0kB free_pcp:928kB local_pcp:408kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 DMA32: 61*4kB (UM) 314*8kB (UME) 74*16kB (UE) 41*32kB (UE) 11*64kB (UM) 1*128kB (U) 1*256kB (E) 20*512kB (UM) 21*1024kB (UM) 5*2048kB (UME) 496*4096kB (UM) = 2079940kB Normal: 3*4kB (UME) 98*8kB (UME) 88*16kB (UME) 53*32kB (UE) 7*64kB (UME) 4*128kB (UME) 5*256kB (UE) 5*512kB (UM) 15*1024kB (UM) 9*2048kB (UM) 594*4096kB (UM) = 2475516kB 55666 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313294 pages reserved input: syz1 as /devices/virtual/input/input92 audit: type=1400 audit(1574072540.066:1308): avc: denied { create } for pid=25805 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket input: syz1 as /devices/virtual/input/input94 binder: 25842:25851 transaction failed 29189/-22, size 112-24 line 3014 input: syz1 as /devices/virtual/input/input95 audit_printk_skb: 3 callbacks suppressed binder: undelivered TRANSACTION_ERROR: 29189 audit: type=1400 audit(1574072541.726:1310): avc: denied { create } for pid=25843 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0