possible deadlock in mnt_want_write

11 views

Skip to first unread message

syzbot

unread,

Apr 19, 2019, 12:54:05 PM4/19/19

to syzkaller...@googlegroups.com

Hello,

syzbot found the following crash on:

HEAD commit: 4b0e041c Linux 4.19.35
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=179ec78f200000
kernel config: https://syzkaller.appspot.com/x/.config?x=bb1bcac868b1655e
dashboard link: https://syzkaller.appspot.com/bug?extid=68b10d4d99f77e1dba4f
compiler: gcc (GCC) 9.0.0 20181231 (experimental)

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+68b10d...@syzkaller.appspotmail.com

======================================================
WARNING: possible circular locking dependency detected
4.19.35 #3 Not tainted
------------------------------------------------------
syz-executor.3/16086 is trying to acquire lock:
000000003a44dae4 (sb_writers#6){.+.+}, at: sb_start_write
include/linux/fs.h:1569 [inline]
000000003a44dae4 (sb_writers#6){.+.+}, at: mnt_want_write+0x3f/0xc0
fs/namespace.c:360

but task is already holding lock:
0000000022c4a26d (&ovl_i_mutex_key[depth]){+.+.}, at: inode_lock
include/linux/fs.h:738 [inline]
0000000022c4a26d (&ovl_i_mutex_key[depth]){+.+.}, at:
do_truncate+0x147/0x220 fs/open.c:61

which lock already depends on the new lock.

overlayfs: './file0' not a directory

the existing dependency chain (in reverse order) is:

-> #2 (&ovl_i_mutex_key[depth]){+.+.}:
down_write+0x38/0x90 kernel/locking/rwsem.c:70
inode_lock include/linux/fs.h:738 [inline]
ovl_write_iter+0x148/0xc20 fs/overlayfs/file.c:231
call_write_iter include/linux/fs.h:1811 [inline]
new_sync_write fs/read_write.c:474 [inline]
__vfs_write+0x58e/0x820 fs/read_write.c:487
__kernel_write+0x110/0x390 fs/read_write.c:506
do_acct_process+0xd37/0x1150 kernel/acct.c:520
slow_acct_process kernel/acct.c:579 [inline]
acct_process+0x568/0x61e kernel/acct.c:605
do_exit+0x17c0/0x2fa0 kernel/exit.c:866
do_group_exit+0x135/0x370 kernel/exit.c:979
__do_sys_exit_group kernel/exit.c:990 [inline]
__se_sys_exit_group kernel/exit.c:988 [inline]
__x64_sys_exit_group+0x44/0x50 kernel/exit.c:988
do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #1 (&acct->lock#2){+.+.}:
__mutex_lock_common kernel/locking/mutex.c:925 [inline]
__mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087
acct_pin_kill+0x27/0x100 kernel/acct.c:173
pin_kill+0x18f/0x860 fs/fs_pin.c:50
acct_on+0x574/0x790 kernel/acct.c:254
__do_sys_acct kernel/acct.c:286 [inline]
__se_sys_acct kernel/acct.c:273 [inline]
__x64_sys_acct+0xae/0x200 kernel/acct.c:273
do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #0 (sb_writers#6){.+.+}:
lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3903
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36
[inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
__sb_start_write+0x20b/0x360 fs/super.c:1387
sb_start_write include/linux/fs.h:1569 [inline]
mnt_want_write+0x3f/0xc0 fs/namespace.c:360
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:24
ovl_setattr+0xdd/0x950 fs/overlayfs/inode.c:30
notify_change+0xad9/0xfb0 fs/attr.c:334
do_truncate+0x158/0x220 fs/open.c:63
handle_truncate fs/namei.c:3008 [inline]
do_last fs/namei.c:3424 [inline]
path_openat+0x2cc6/0x4690 fs/namei.c:3534
do_filp_open+0x1a1/0x280 fs/namei.c:3564
do_sys_open+0x3fe/0x550 fs/open.c:1069
__do_sys_openat fs/open.c:1096 [inline]
__se_sys_openat fs/open.c:1090 [inline]
__x64_sys_openat+0x9d/0x100 fs/open.c:1090
do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe

other info that might help us debug this:

Chain exists of:
sb_writers#6 --> &acct->lock#2 --> &ovl_i_mutex_key[depth]

Possible unsafe locking scenario:

CPU0 CPU1
---- ----
lock(&ovl_i_mutex_key[depth]);
lock(&acct->lock#2);
lock(&ovl_i_mutex_key[depth]);
lock(sb_writers#6);

*** DEADLOCK ***

2 locks held by syz-executor.3/16086:
#0: 0000000034e4d7de (sb_writers#15){.+.+}, at: sb_start_write
include/linux/fs.h:1569 [inline]
#0: 0000000034e4d7de (sb_writers#15){.+.+}, at: mnt_want_write+0x3f/0xc0
fs/namespace.c:360
#1: 0000000022c4a26d (&ovl_i_mutex_key[depth]){+.+.}, at: inode_lock
include/linux/fs.h:738 [inline]
#1: 0000000022c4a26d (&ovl_i_mutex_key[depth]){+.+.}, at:
do_truncate+0x147/0x220 fs/open.c:61

stack backtrace:
CPU: 1 PID: 16086 Comm: syz-executor.3 Not tainted 4.19.35 #3
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1221
check_prev_add kernel/locking/lockdep.c:1861 [inline]
check_prevs_add kernel/locking/lockdep.c:1974 [inline]
validate_chain kernel/locking/lockdep.c:2415 [inline]
__lock_acquire+0x2e6d/0x48f0 kernel/locking/lockdep.c:3411
lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3903
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
__sb_start_write+0x20b/0x360 fs/super.c:1387
sb_start_write include/linux/fs.h:1569 [inline]
mnt_want_write+0x3f/0xc0 fs/namespace.c:360
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:24
ovl_setattr+0xdd/0x950 fs/overlayfs/inode.c:30
notify_change+0xad9/0xfb0 fs/attr.c:334
do_truncate+0x158/0x220 fs/open.c:63
handle_truncate fs/namei.c:3008 [inline]
do_last fs/namei.c:3424 [inline]
path_openat+0x2cc6/0x4690 fs/namei.c:3534
do_filp_open+0x1a1/0x280 fs/namei.c:3564
do_sys_open+0x3fe/0x550 fs/open.c:1069
__do_sys_openat fs/open.c:1096 [inline]
__se_sys_openat fs/open.c:1090 [inline]
__x64_sys_openat+0x9d/0x100 fs/open.c:1090
do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x458c29
Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7
48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb2c7e53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458c29
RDX: 0000000000000a00 RSI: 0000000020000480 RDI: ffffffffffffff9c
RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000080 R11: 0000000000000246 R12: 00007fb2c7e546d4
R13: 00000000004c4f05 R14: 00000000004d8df8 R15: 00000000ffffffff
audit: type=1326 audit(2000000016.280:359): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=16040
comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e
syscall=228 compat=0 ip=0x45ba8a code=0x0
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
audit: type=1326 audit(2000000016.490:360): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=16108
comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e
syscall=228 compat=0 ip=0x45ba8a code=0x0
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
overlayfs: failed to resolve './file1': -2
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
overlayfs: failed to resolve './file1': -2
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
overlayfs: failed to resolve './file1': -2
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
audit: type=1800 audit(2000000022.090:361): pid=16478 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16713 res=0
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
audit: type=1800 audit(2000000022.130:362): pid=16489 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16713 res=0
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
overlayfs: failed to resolve './file1': -2
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
overlayfs: failed to resolve './file1': -2
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
audit: type=1800 audit(2000000023.490:363): pid=16594 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16723 res=0
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
audit: type=1800 audit(2000000023.510:364): pid=16606 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16723 res=0
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
ubi0: attaching mtd0
ubi0 error: ubi_attach_mtd_dev: bad VID header (4) or data offsets (68)
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: '(null)' (00000000d27af851): kobject_cleanup, parent
(null)
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: '(null)' (00000000d27af851): calling ktype release
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
audit: type=1804 audit(2000000024.520:365): pid=16720 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=invalid_pcr cause=ToMToU comm="syz-executor.1"
name="/root/syzkaller-testdir211178611/syzkaller.gnNGJb/334/bus" dev="sda1"
ino=16651 res=1
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
audit: type=1800 audit(2000000025.050:366): pid=16753 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16718 res=0
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
audit: type=1800 audit(2000000025.080:367): pid=16764 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16718 res=0
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
audit: type=1800 audit(2000000025.410:368): pid=16800 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16740 res=0
audit: type=1800 audit(2000000025.430:369): pid=16813 uid=0 auid=4294967295
ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1"
ino=16740 res=0
kobject: 'loop5' (0000000004709e50): kobject_uevent_env
kobject: 'loop5' (0000000004709e50): fill_kobj_path: path
= '/devices/virtual/block/loop5'
kobject: 'loop3' (00000000e95ffe0d): kobject_uevent_env
kobject: 'loop3' (00000000e95ffe0d): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop1' (000000008d2aef2b): kobject_uevent_env
kobject: 'loop1' (000000008d2aef2b): fill_kobj_path: path
= '/devices/virtual/block/loop1'
kobject: 'kvm' (0000000057e5bf22): kobject_uevent_env
kobject: 'kvm' (0000000057e5bf22): fill_kobj_path: path
= '/devices/virtual/misc/kvm'
kobject: 'loop2' (00000000ed3b9b69): kobject_uevent_env
kobject: 'loop2' (00000000ed3b9b69): fill_kobj_path: path
= '/devices/virtual/block/loop2'
kobject: 'loop5' (0000000004709e50): kobject_uevent_env

---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

syzbot

unread,

Apr 20, 2019, 6:19:06 PM4/20/19

to syzkaller...@googlegroups.com

syzbot has found a reproducer for the following crash on:

HEAD commit: c98875d9 Linux 4.19.36
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=149a5730a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=5e40ac5fbcc6366d

dashboard link: https://syzkaller.appspot.com/bug?extid=68b10d4d99f77e1dba4f
compiler: gcc (GCC) 9.0.0 20181231 (experimental)

syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17d4ec90a00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+68b10d...@syzkaller.appspotmail.com

IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
audit: type=1400 audit(1555798501.248:38): avc: denied { associate } for
pid=8036 comm="syz-executor.0" name="syz0"
scontext=unconfined_u:object_r:unlabeled_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1

======================================================
WARNING: possible circular locking dependency detected

4.19.36 #4 Not tainted
------------------------------------------------------
syz-executor.0/8042 is trying to acquire lock:
00000000b3d4ab27 (sb_writers#4){.+.+}, at: sb_start_write
include/linux/fs.h:1569 [inline]
00000000b3d4ab27 (sb_writers#4){.+.+}, at: mnt_want_write+0x3f/0xc0

fs/namespace.c:360

but task is already holding lock:

000000005fd42091 (&iint->mutex){+.+.}, at: process_measurement+0x354/0x1570
security/integrity/ima/ima_main.c:224

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #1 (&iint->mutex){+.+.}:

__mutex_lock_common kernel/locking/mutex.c:925 [inline]
__mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087

process_measurement+0x354/0x1570
security/integrity/ima/ima_main.c:224
ima_file_check+0xc5/0x110 security/integrity/ima/ima_main.c:391
do_last fs/namei.c:3422 [inline]
path_openat+0x1130/0x4690 fs/namei.c:3534

do_filp_open+0x1a1/0x280 fs/namei.c:3564
do_sys_open+0x3fe/0x550 fs/open.c:1069

__do_sys_open fs/open.c:1087 [inline]
__se_sys_open fs/open.c:1082 [inline]
__x64_sys_open+0x7e/0xc0 fs/open.c:1082
do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #0 (sb_writers#4){.+.+}:

lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3903
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36
[inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
__sb_start_write+0x20b/0x360 fs/super.c:1387
sb_start_write include/linux/fs.h:1569 [inline]
mnt_want_write+0x3f/0xc0 fs/namespace.c:360
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:24

ovl_open_maybe_copy_up+0x122/0x180 fs/overlayfs/copy_up.c:886
ovl_open+0xb3/0x270 fs/overlayfs/file.c:123
do_dentry_open+0x4c6/0x1200 fs/open.c:777
vfs_open fs/open.c:886 [inline]
dentry_open+0x132/0x1d0 fs/open.c:902
ima_calc_file_hash+0x68a/0x980
security/integrity/ima/ima_crypto.c:427
ima_collect_measurement+0x50f/0x5c0
security/integrity/ima/ima_api.c:231
process_measurement+0xeca/0x1570
security/integrity/ima/ima_main.c:284
ima_file_check+0xc5/0x110 security/integrity/ima/ima_main.c:391
do_last fs/namei.c:3422 [inline]
path_openat+0x1130/0x4690 fs/namei.c:3534

do_filp_open+0x1a1/0x280 fs/namei.c:3564
do_sys_open+0x3fe/0x550 fs/open.c:1069

__do_sys_open fs/open.c:1087 [inline]
__se_sys_open fs/open.c:1082 [inline]
__x64_sys_open+0x7e/0xc0 fs/open.c:1082

do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe

other info that might help us debug this:

Possible unsafe locking scenario:

CPU0 CPU1
---- ----

lock(&iint->mutex);
lock(sb_writers#4);
lock(&iint->mutex);
lock(sb_writers#4);

*** DEADLOCK ***

1 lock held by syz-executor.0/8042:
#0: 000000005fd42091 (&iint->mutex){+.+.}, at:
process_measurement+0x354/0x1570 security/integrity/ima/ima_main.c:224

stack backtrace:
CPU: 0 PID: 8042 Comm: syz-executor.0 Not tainted 4.19.36 #4

Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1221
check_prev_add kernel/locking/lockdep.c:1861 [inline]
check_prevs_add kernel/locking/lockdep.c:1974 [inline]
validate_chain kernel/locking/lockdep.c:2415 [inline]
__lock_acquire+0x2e6d/0x48f0 kernel/locking/lockdep.c:3411
lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3903
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
__sb_start_write+0x20b/0x360 fs/super.c:1387
sb_start_write include/linux/fs.h:1569 [inline]
mnt_want_write+0x3f/0xc0 fs/namespace.c:360
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:24

ovl_open_maybe_copy_up+0x122/0x180 fs/overlayfs/copy_up.c:886
ovl_open+0xb3/0x270 fs/overlayfs/file.c:123
do_dentry_open+0x4c6/0x1200 fs/open.c:777
vfs_open fs/open.c:886 [inline]
dentry_open+0x132/0x1d0 fs/open.c:902
ima_calc_file_hash+0x68a/0x980 security/integrity/ima/ima_crypto.c:427
ima_collect_measurement+0x50f/0x5c0 security/integrity/ima/ima_api.c:231
process_measurement+0xeca/0x1570 security/integrity/ima/ima_main.c:284
ima_file_check+0xc5/0x110 security/integrity/ima/ima_main.c:391
do_last fs/namei.c:3422 [inline]
path_openat+0x1130/0x4690 fs/namei.c:3534

do_filp_open+0x1a1/0x280 fs/namei.c:3564
do_sys_open+0x3fe/0x550 fs/open.c:1069

__do_sys_open fs/open.c:1087 [inline]
__se_sys_open fs/open.c:1082 [inline]
__x64_sys_open+0x7e/0xc0 fs/open.c:1082

do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x458c29
Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7
48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00

RSP: 002b:00007ffc26fde8a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c29
RDX: 0000000000000000 RSI: 0000000000000927 RDI: 0000000020000040
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000015bf914
R13: 00000000004f6d7f R14: 00000000004d8be8 R15: 00000000ffffffff

syzbot

unread,

Apr 25, 2019, 1:09:05 AM4/25/19

to syzkaller...@googlegroups.com

Hello,

syzbot found the following crash on:

HEAD commit: 68d7a45e Linux 4.14.113
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1671c242a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=dbf1fde4d7489e1c
dashboard link: https://syzkaller.appspot.com/bug?extid=662c18f543a2543ad297

compiler: gcc (GCC) 9.0.0 20181231 (experimental)

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:

Reported-by: syzbot+662c18...@syzkaller.appspotmail.com

audit: type=1400 audit(1556165327.679:210): avc: denied { associate }
for pid=22145 comm="syz-executor.4" name="file1"
scontext=unconfined_u:object_r:unlabeled_t:s0
tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=1

overlayfs: './file0' not a directory

======================================================
WARNING: possible circular locking dependency detected

4.14.113 #3 Not tainted
------------------------------------------------------
syz-executor.4/22205 is trying to acquire lock:
(sb_writers#6){.+.+}, at: [<ffffffff8194bfcf>] sb_start_write
include/linux/fs.h:1545 [inline]
(sb_writers#6){.+.+}, at: [<ffffffff8194bfcf>] mnt_want_write+0x3f/0xb0
fs/namespace.c:386

but task is already holding lock:

(&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff8190ae9b>] inode_lock
include/linux/fs.h:715 [inline]
(&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff8190ae9b>] do_last
fs/namei.c:3328 [inline]
(&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff8190ae9b>]
path_openat+0xfab/0x3f70 fs/namei.c:3566

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #4 (&ovl_i_mutex_dir_key[depth]){++++}:
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
down_read+0x3b/0xb0 kernel/locking/rwsem.c:24
inode_lock_shared include/linux/fs.h:725 [inline]
do_last fs/namei.c:3330 [inline]
path_openat+0x191e/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_open_execat+0xe7/0x4a0 fs/exec.c:849
do_execveat_common.isra.0+0x6d2/0x1dd0 fs/exec.c:1740
do_execve fs/exec.c:1847 [inline]
SYSC_execve fs/exec.c:1928 [inline]
SyS_execve+0x39/0x50 fs/exec.c:1923
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7

-> #3 (&sig->cred_guard_mutex){+.+.}:
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893
mutex_lock_killable_nested+0x16/0x20 kernel/locking/mutex.c:923
lock_trace+0x44/0xc0 fs/proc/base.c:407
proc_pid_stack+0x113/0x250 fs/proc/base.c:457
proc_single_show+0xf6/0x160 fs/proc/base.c:761
traverse+0x325/0x890 fs/seq_file.c:111
seq_read+0xa00/0x12a0 fs/seq_file.c:192
do_loop_readv_writev fs/read_write.c:694 [inline]
do_loop_readv_writev fs/read_write.c:681 [inline]
do_iter_read+0x3e7/0x5b0 fs/read_write.c:918
vfs_readv+0xd3/0x130 fs/read_write.c:980
do_preadv+0x15d/0x200 fs/read_write.c:1064
SYSC_preadv fs/read_write.c:1114 [inline]
SyS_preadv+0x31/0x40 fs/read_write.c:1109
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7

-> #2 (&p->lock){+.+.}:
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
seq_read+0xc1/0x12a0 fs/seq_file.c:165
proc_reg_read+0xfd/0x180 fs/proc/inode.c:217
do_loop_readv_writev fs/read_write.c:694 [inline]
do_loop_readv_writev fs/read_write.c:681 [inline]
do_iter_read+0x3e7/0x5b0 fs/read_write.c:918
vfs_readv+0xd3/0x130 fs/read_write.c:980
kernel_readv fs/splice.c:361 [inline]
default_file_splice_read+0x421/0x7b0 fs/splice.c:416
do_splice_to+0x108/0x170 fs/splice.c:880
do_splice fs/splice.c:1173 [inline]
SYSC_splice fs/splice.c:1402 [inline]
SyS_splice+0xfcb/0x13e0 fs/splice.c:1382
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7

-> #1 (&pipe->mutex/1){+.+.}:
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
pipe_lock_nested fs/pipe.c:67 [inline]
pipe_lock+0x63/0x80 fs/pipe.c:75
iter_file_splice_write+0x15e/0xae0 fs/splice.c:699
do_splice_from fs/splice.c:851 [inline]
do_splice fs/splice.c:1147 [inline]
SYSC_splice fs/splice.c:1402 [inline]
SyS_splice+0xd81/0x13e0 fs/splice.c:1382
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7

-> #0 (sb_writers#6){.+.+}:
check_prev_add kernel/locking/lockdep.c:1901 [inline]
check_prevs_add kernel/locking/lockdep.c:2018 [inline]
validate_chain kernel/locking/lockdep.c:2460 [inline]
__lock_acquire+0x2c89/0x45e0 kernel/locking/lockdep.c:3487
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36
[inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]

other info that might help us debug this:

Chain exists of:
sb_writers#6 --> &sig->cred_guard_mutex --> &ovl_i_mutex_dir_key[depth]

Possible unsafe locking scenario:

CPU0 CPU1
---- ----

lock(&ovl_i_mutex_dir_key[depth]);
lock(&sig->cred_guard_mutex);
lock(&ovl_i_mutex_dir_key[depth]);
lock(sb_writers#6);

*** DEADLOCK ***

2 locks held by syz-executor.4/22205:
#0: (sb_writers#18){.+.+}, at: [<ffffffff8194bfcf>] sb_start_write
include/linux/fs.h:1545 [inline]
#0: (sb_writers#18){.+.+}, at: [<ffffffff8194bfcf>]
mnt_want_write+0x3f/0xb0 fs/namespace.c:386
#1: (&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff8190ae9b>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff8190ae9b>] do_last
fs/namei.c:3328 [inline]
#1: (&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff8190ae9b>]
path_openat+0xfab/0x3f70 fs/namei.c:3566

stack backtrace:
CPU: 0 PID: 22205 Comm: syz-executor.4 Not tainted 4.14.113 #3

Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:

__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1258
check_prev_add kernel/locking/lockdep.c:1901 [inline]
check_prevs_add kernel/locking/lockdep.c:2018 [inline]
validate_chain kernel/locking/lockdep.c:2460 [inline]
__lock_acquire+0x2c89/0x45e0 kernel/locking/lockdep.c:3487
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]

__sb_start_write+0x1ae/0x2f0 fs/super.c:1363
sb_start_write include/linux/fs.h:1545 [inline]
mnt_want_write+0x3f/0xb0 fs/namespace.c:386
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:25
ovl_create_object+0x79/0x1e0 fs/overlayfs/dir.c:538
ovl_create+0x28/0x30 fs/overlayfs/dir.c:563
lookup_open+0x11b1/0x1870 fs/namei.c:3240
do_last fs/namei.c:3331 [inline]
path_openat+0xfca/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open fs/open.c:1078 [inline]
SYSC_creat fs/open.c:1123 [inline]
SyS_creat+0x27/0x30 fs/open.c:1121
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458d99
RSP: 002b:00007f3263433c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000458d99
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f32634346d4
R13: 00000000004bf2e4 R14: 00000000004d0468 R15: 00000000ffffffff
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
net_ratelimit: 22 callbacks suppressed
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=46317
sclass=netlink_route_socket pig=22425 comm=syz-executor.5
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
net_ratelimit: 22 callbacks suppressed
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a49d2160): kobject_uevent_env
kobject: 'loop3' (ffff8880a49d2160): fill_kobj_path: path
= '/devices/virtual/block/loop3'
kobject: 'loop4' (ffff8880a4a30a60): kobject_uevent_env
kobject: 'loop4' (ffff8880a4a30a60): fill_kobj_path: path
= '/devices/virtual/block/loop4'

syzbot

unread,

Jun 20, 2019, 5:20:07 PM6/20/19

to syzkaller...@googlegroups.com

syzbot has found a reproducer for the following crash on:

HEAD commit: bb263a2a Linux 4.14.128
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=13b6b68aa00000
kernel config: https://syzkaller.appspot.com/x/.config?x=3aa328d51a4a3719

dashboard link: https://syzkaller.appspot.com/bug?extid=662c18f543a2543ad297
compiler: gcc (GCC) 9.0.0 20181231 (experimental)

syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1758d45ea00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+662c18...@syzkaller.appspotmail.com

IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready

8021q: adding VLAN 0 to HW filter on device batadv0

IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
audit: type=1804 audit(1561065156.704:39): pid=7163 uid=0 auid=4294967295

ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023

op="invalid_pcr" cause="open_writers" comm="syz-executor.0"
name="/root/syzkaller-testdir296250821/syzkaller.0scJmJ/0/file0/file0"
dev="sda1" ino=16497 res=1

======================================================
WARNING: possible circular locking dependency detected

4.14.128 #22 Not tainted
------------------------------------------------------
syz-executor.0/7163 is trying to acquire lock:
(sb_writers#4){.+.+}, at: [<ffffffff81947c2f>] sb_start_write
include/linux/fs.h:1548 [inline]
(sb_writers#4){.+.+}, at: [<ffffffff81947c2f>] mnt_want_write+0x3f/0xb0

fs/namespace.c:386

but task is already holding lock:

(&iint->mutex){+.+.}, at: [<ffffffff82ad1a4e>]
process_measurement+0x2ae/0xb80 security/integrity/ima/ima_main.c:225

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #1 (&iint->mutex){+.+.}:
lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991

__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908

process_measurement+0x2ae/0xb80 security/integrity/ima/ima_main.c:225
ima_file_check+0x30/0x40 security/integrity/ima/ima_main.c:353
do_last fs/namei.c:3432 [inline]
path_openat+0x1626/0x3f70 fs/namei.c:3566

do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]

SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x42/0xb7

-> #0 (sb_writers#4){.+.+}:

check_prev_add kernel/locking/lockdep.c:1901 [inline]
check_prevs_add kernel/locking/lockdep.c:2018 [inline]
validate_chain kernel/locking/lockdep.c:2460 [inline]
__lock_acquire+0x2c89/0x45e0 kernel/locking/lockdep.c:3487

lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36
[inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
__sb_start_write+0x1ae/0x2f0 fs/super.c:1363

sb_start_write include/linux/fs.h:1548 [inline]

mnt_want_write+0x3f/0xb0 fs/namespace.c:386
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:25

ovl_open_maybe_copy_up+0xd5/0x130 fs/overlayfs/inode.c:341
ovl_d_real+0xce/0x360 fs/overlayfs/super.c:88
d_real include/linux/dcache.h:587 [inline]
d_real include/linux/dcache.h:582 [inline]
vfs_open+0x19e/0x220 fs/open.c:866
dentry_open+0xac/0x220 fs/open.c:889
ima_calc_file_hash+0x563/0x820
security/integrity/ima/ima_crypto.c:449
ima_collect_measurement+0x3c1/0x450
security/integrity/ima/ima_api.c:227
process_measurement+0x7dd/0xb80 security/integrity/ima/ima_main.c:264
ima_file_check+0x30/0x40 security/integrity/ima/ima_main.c:353
do_last fs/namei.c:3432 [inline]
path_openat+0x1626/0x3f70 fs/namei.c:3566

do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]

SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292

entry_SYSCALL_64_after_hwframe+0x42/0xb7

other info that might help us debug this:

Possible unsafe locking scenario:

CPU0 CPU1
---- ----

lock(&iint->mutex);
lock(sb_writers#4);
lock(&iint->mutex);
lock(sb_writers#4);

*** DEADLOCK ***

1 lock held by syz-executor.0/7163:
#0: (&iint->mutex){+.+.}, at: [<ffffffff82ad1a4e>]
process_measurement+0x2ae/0xb80 security/integrity/ima/ima_main.c:225

stack backtrace:
CPU: 0 PID: 7163 Comm: syz-executor.0 Not tainted 4.14.128 #22

Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1258
check_prev_add kernel/locking/lockdep.c:1901 [inline]
check_prevs_add kernel/locking/lockdep.c:2018 [inline]
validate_chain kernel/locking/lockdep.c:2460 [inline]
__lock_acquire+0x2c89/0x45e0 kernel/locking/lockdep.c:3487

lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
__sb_start_write+0x1ae/0x2f0 fs/super.c:1363

sb_start_write include/linux/fs.h:1548 [inline]

mnt_want_write+0x3f/0xb0 fs/namespace.c:386
ovl_want_write+0x76/0xa0 fs/overlayfs/util.c:25

ovl_open_maybe_copy_up+0xd5/0x130 fs/overlayfs/inode.c:341
ovl_d_real+0xce/0x360 fs/overlayfs/super.c:88
d_real include/linux/dcache.h:587 [inline]
d_real include/linux/dcache.h:582 [inline]
vfs_open+0x19e/0x220 fs/open.c:866
dentry_open+0xac/0x220 fs/open.c:889
ima_calc_file_hash+0x563/0x820 security/integrity/ima/ima_crypto.c:449
ima_collect_measurement+0x3c1/0x450 security/integrity/ima/ima_api.c:227
process_measurement+0x7dd/0xb80 security/integrity/ima/ima_main.c:264
ima_file_check+0x30/0x40 security/integrity/ima/ima_main.c:353
do_last fs/namei.c:3432 [inline]
path_openat+0x1626/0x3f70 fs/namei.c:3566

do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]

SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x4592c9
RSP: 002b:00007ffe7131f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004592c9
RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000020000200
RBP: 000000000075bf20 R08: 0000000000000000 R0

syzbot

unread,

May 22, 2020, 7:26:14 AM5/22/20

to syzkaller...@googlegroups.com

syzbot has found a reproducer for the following crash on:

HEAD commit: a41ba30d Linux 4.14.181
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=10f16272100000
kernel config: https://syzkaller.appspot.com/x/.config?x=c5458e9cda81cf95

dashboard link: https://syzkaller.appspot.com/bug?extid=662c18f543a2543ad297
compiler: gcc (GCC) 9.0.0 20181231 (experimental)

syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1033db4e100000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12359b81100000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+662c18...@syzkaller.appspotmail.com

audit: type=1400 audit(1590146617.328:8): avc: denied { execmem } for pid=6346 comm="syz-executor851" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1

======================================================
WARNING: possible circular locking dependency detected

4.14.181-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor851/6348 is trying to acquire lock:
(sb_writers#3){.+.+}, at: [<ffffffff81926e5a>] sb_start_write include/linux/fs.h:1549 [inline]
(sb_writers#3){.+.+}, at: [<ffffffff81926e5a>] mnt_want_write+0x3a/0xb0 fs/namespace.c:386

but task is already holding lock:

(&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff81937869>] inode_lock include/linux/fs.h:719 [inline]
(&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff81937869>] vfs_setxattr+0x89/0xe0 fs/xattr.c:219

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #3 (&ovl_i_mutex_dir_key[depth]){++++}:
down_read+0x37/0xa0 kernel/locking/rwsem.c:24
inode_lock_shared include/linux/fs.h:729 [inline]
lookup_slow+0x129/0x400 fs/namei.c:1674
walk_component+0x6a1/0xbc0 fs/namei.c:1825
link_path_walk+0x80a/0x1080 fs/namei.c:2154
path_openat+0x167/0x2aa0 fs/namei.c:3568
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_open_execat+0xda/0x440 fs/exec.c:849
do_execveat_common.isra.0+0x680/0x1c50 fs/exec.c:1742
do_execveat fs/exec.c:1858 [inline]
SYSC_execveat fs/exec.c:1939 [inline]
SyS_execveat+0x49/0x60 fs/exec.c:1931
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb

-> #2 (&sig->cred_guard_mutex){+.+.}:
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xe8/0x1430 kernel/locking/mutex.c:893
do_io_accounting+0x1c7/0x760 fs/proc/base.c:2726
proc_single_show+0xe7/0x150 fs/proc/base.c:761
seq_read+0x4d2/0x1130 fs/seq_file.c:237
do_loop_readv_writev fs/read_write.c:695 [inline]
do_loop_readv_writev fs/read_write.c:682 [inline]
do_iter_read+0x3e3/0x5a0 fs/read_write.c:919
vfs_readv+0xd3/0x130 fs/read_write.c:981
do_preadv+0x161/0x200 fs/read_write.c:1065
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb

-> #1 (&p->lock){+.+.}:
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0xe8/0x1430 kernel/locking/mutex.c:893
seq_read+0xba/0x1130 fs/seq_file.c:165
proc_reg_read+0xf2/0x160 fs/proc/inode.c:217
do_loop_readv_writev fs/read_write.c:695 [inline]
do_loop_readv_writev fs/read_write.c:682 [inline]
do_iter_read+0x3e3/0x5a0 fs/read_write.c:919
vfs_readv+0xd3/0x130 fs/read_write.c:981
kernel_readv fs/splice.c:361 [inline]
default_file_splice_read+0x41d/0x870 fs/splice.c:416
do_splice_to+0xfb/0x150 fs/splice.c:880
splice_direct_to_actor+0x20a/0x730 fs/splice.c:952
do_splice_direct+0x164/0x210 fs/splice.c:1061
do_sendfile+0x469/0xaf0 fs/read_write.c:1441
SYSC_sendfile64 fs/read_write.c:1502 [inline]
SyS_sendfile64+0xff/0x110 fs/read_write.c:1488
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb

-> #0 (sb_writers#3){.+.+}:
lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]

other info that might help us debug this:

Chain exists of:

sb_writers#3 --> &sig->cred_guard_mutex --> &ovl_i_mutex_dir_key[depth]

Possible unsafe locking scenario:

CPU0 CPU1
---- ----
lock(&ovl_i_mutex_dir_key[depth]);
lock(&sig->cred_guard_mutex);
lock(&ovl_i_mutex_dir_key[depth]);

lock(sb_writers#3);

*** DEADLOCK ***

2 locks held by syz-executor851/6348:
#0: (sb_writers#13){.+.+}, at: [<ffffffff81926e5a>] sb_start_write include/linux/fs.h:1549 [inline]
#0: (sb_writers#13){.+.+}, at: [<ffffffff81926e5a>] mnt_want_write+0x3a/0xb0 fs/namespace.c:386
#1: (&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff81937869>] inode_lock include/linux/fs.h:719 [inline]
#1: (&ovl_i_mutex_dir_key[depth]){++++}, at: [<ffffffff81937869>] vfs_setxattr+0x89/0xe0 fs/xattr.c:219

stack backtrace:
CPU: 1 PID: 6348 Comm: syz-executor851 Not tainted 4.14.181-syzkaller #0

Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]

dump_stack+0x1b2/0x283 lib/dump_stack.c:58
print_circular_bug.isra.0.cold+0x2dc/0x425 kernel/locking/lockdep.c:1258
check_prev_add kernel/locking/lockdep.c:1905 [inline]
check_prevs_add kernel/locking/lockdep.c:2022 [inline]
validate_chain kernel/locking/lockdep.c:2464 [inline]
__lock_acquire+0x3057/0x42a0 kernel/locking/lockdep.c:3491
lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]

__sb_start_write+0x1a1/0x2e0 fs/super.c:1363
sb_start_write include/linux/fs.h:1549 [inline]
mnt_want_write+0x3a/0xb0 fs/namespace.c:386
ovl_xattr_set+0x4d/0x270 fs/overlayfs/inode.c:214
ovl_posix_acl_xattr_set+0x2b7/0x830 fs/overlayfs/super.c:762
__vfs_setxattr+0xdc/0x130 fs/xattr.c:150
__vfs_setxattr_noperm+0xfd/0x3d0 fs/xattr.c:181
vfs_setxattr+0xba/0xe0 fs/xattr.c:224
setxattr+0x1a9/0x300 fs/xattr.c:453
path_setxattr+0x118/0x130 fs/xattr.c:472
SYSC_lsetxattr fs/xattr.c:494 [inline]
SyS_lsetxattr+0x33/0x40 fs/xattr.c:490
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x441519
RSP: 002b:00007ffc238132b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
RAX: ffffffffffffffda RBX: 00007ffc238132d0 RCX: 0000000000441519
RDX: 00000000200003c0 RSI: 00000000200001c0 RDI: 0000000020000080
RBP: 000000000000b03b R08: 0000000000000000 R09: 00000000000000c2
R10: 000000000000002c R11: 0000000000000246 R12: 0000000000402340
R13: 00000000004023d0 R14: 0000000000000000 R15: 0000000000000000
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir
overlayfs: filesystem on './file0' not supported as upperdir

syzbot

unread,

Jun 28, 2020, 2:56:19 AM6/28/20

to syzkaller...@googlegroups.com

syzbot has found a reproducer for the following crash on:

HEAD commit: a39e7545 Linux 4.19.130
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=123c07c5100000
kernel config: https://syzkaller.appspot.com/x/.config?x=a2d38d044510d773
dashboard link: https://syzkaller.appspot.com/bug?extid=68b10d4d99f77e1dba4f
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=122c6ee5100000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1214309d100000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+68b10d...@syzkaller.appspotmail.com

audit: type=1400 audit(1593327244.921:8): avc: denied { execmem } for pid=6456 comm="syz-executor152" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1

======================================================
WARNING: possible circular locking dependency detected

4.19.130-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor152/6456 is trying to acquire lock:
00000000aff70836 (sb_writers#3){.+.+}, at: sb_start_write include/linux/fs.h:1579 [inline]
00000000aff70836 (sb_writers#3){.+.+}, at: mnt_want_write+0x3a/0xb0 fs/namespace.c:360

but task is already holding lock:

00000000c96c2814 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #1 (&iint->mutex){+.+.}:
process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224
ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
do_last fs/namei.c:3425 [inline]
path_openat+0x7e4/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #0 (sb_writers#3){.+.+}:

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]

__sb_start_write+0x1f3/0x350 fs/super.c:1387
sb_start_write include/linux/fs.h:1579 [inline]
mnt_want_write+0x3a/0xb0 fs/namespace.c:360
ovl_maybe_copy_up+0x11f/0x190 fs/overlayfs/copy_up.c:886
ovl_open+0xb4/0x350 fs/overlayfs/file.c:124
do_dentry_open+0x4aa/0x1160 fs/open.c:796
vfs_open fs/open.c:902 [inline]
dentry_open+0x132/0x1d0 fs/open.c:918
ima_calc_file_hash+0x687/0x990 security/integrity/ima/ima_crypto.c:435
ima_collect_measurement+0x4c4/0x570 security/integrity/ima/ima_api.c:231
process_measurement+0xddd/0x1440 security/integrity/ima/ima_main.c:284
ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
do_last fs/namei.c:3425 [inline]
path_openat+0x7e4/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293

entry_SYSCALL_64_after_hwframe+0x49/0xbe

other info that might help us debug this:

Possible unsafe locking scenario:

CPU0 CPU1
---- ----

lock(&iint->mutex);
lock(sb_writers#3);
lock(&iint->mutex);
lock(sb_writers#3);

*** DEADLOCK ***

1 lock held by syz-executor152/6456:
#0: 00000000c96c2814 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 security/integrity/ima/ima_main.c:224

stack backtrace:
CPU: 0 PID: 6456 Comm: syz-executor152 Not tainted 4.19.130-syzkaller #0

Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]

dump_stack+0x1fc/0x2fe lib/dump_stack.c:118
print_circular_bug.constprop.0.cold+0x2d7/0x41e kernel/locking/lockdep.c:1221
check_prev_add kernel/locking/lockdep.c:1865 [inline]
check_prevs_add kernel/locking/lockdep.c:1978 [inline]
validate_chain kernel/locking/lockdep.c:2419 [inline]
__lock_acquire+0x30c9/0x3ff0 kernel/locking/lockdep.c:3415
lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3907

percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]

Reply all

Reply to author

Forward

0 new messages