================================ WARNING: inconsistent lock state 4.15.0-rc9+ #283 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. syz-executor1/3731 [HC0[0]:SC1[1]:HE1:SE0] takes: (&(&est->lock)->rlock){+.?.}, at: [<00000000a3f438d6>] spin_lock include/linux/spinlock.h:310 [inline] (&(&est->lock)->rlock){+.?.}, at: [<00000000a3f438d6>] est_fetch_counters+0x4f/0x150 net/core/gen_estimator.c:70 {SOFTIRQ-ON-W} state was registered at: binder_alloc: binder_alloc_mmap_handler: 14719 20000000-20002000 already mapped failed -16 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] est_fetch_counters+0x4f/0x150 net/core/gen_estimator.c:70 gen_new_estimator+0x317/0x770 net/core/gen_estimator.c:162 xt_rateest_tg_checkentry+0x487/0xaa0 net/netfilter/xt_RATEEST.c:135 xt_check_target+0x22c/0x7d0 net/netfilter/x_tables.c:845 check_target net/ipv6/netfilter/ip6_tables.c:538 [inline] find_check_entry.isra.7+0x935/0xcf0 net/ipv6/netfilter/ip6_tables.c:580 translate_table+0xf52/0x1690 net/ipv6/netfilter/ip6_tables.c:749 do_replace net/ipv6/netfilter/ip6_tables.c:1167 [inline] do_ip6t_set_ctl+0x370/0x5f0 net/ipv6/netfilter/ip6_tables.c:1693 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:928 udpv6_setsockopt+0x45/0x80 net/ipv6/udp.c:1452 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1831 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1810 entry_SYSCALL_64_fastpath+0x29/0xa0 irq event stamp: 1292198 hardirqs last enabled at (1292198): [<00000000b4078b2f>] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (1292198): [<00000000b4078b2f>] _raw_spin_unlock_irq+0x27/0x70 kernel/locking/spinlock.c:192 hardirqs last disabled at (1292197): [<00000000c2c1d72f>] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:126 [inline] hardirqs last disabled at (1292197): [<00000000c2c1d72f>] _raw_spin_lock_irq+0x3c/0x80 kernel/locking/spinlock.c:160 softirqs last enabled at (1292098): [<00000000fb3247f2>] lock_sock_nested+0x91/0x110 net/core/sock.c:2765 softirqs last disabled at (1292119): [<00000000fcf596f6>] invoke_softirq kernel/softirq.c:365 [inline] softirqs last disabled at (1292119): [<00000000fcf596f6>] irq_exit+0x1cc/0x200 kernel/softirq.c:405 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&(&est->lock)->rlock); lock(&(&est->lock)->rlock); *** DEADLOCK *** 3 locks held by syz-executor1/3731: #0: (sk_lock-AF_INET){+.+.}, at: [<0000000078052866>] lock_sock include/net/sock.h:1461 [inline] #0: (sk_lock-AF_INET){+.+.}, at: [<0000000078052866>] ip_setsockopt+0x8c/0xb0 net/ipv4/ip_sockglue.c:1255 #1: (&xt[i].mutex){+.+.}, at: [<000000008c28665e>] xt_find_table_lock+0x40/0x3d0 net/netfilter/x_tables.c:1036 #2: ((&est->timer)){+.-.}, at: [<00000000726be8c3>] lockdep_copy_map include/linux/lockdep.h:178 [inline] #2: ((&est->timer)){+.-.}, at: [<00000000726be8c3>] call_timer_fn+0x1c6/0x820 kernel/time/timer.c:1308 stack backtrace: CPU: 1 PID: 3731 Comm: syz-executor1 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 print_usage_bug+0x377/0x38c kernel/locking/lockdep.c:2537 valid_state kernel/locking/lockdep.c:2550 [inline] mark_lock_irq kernel/locking/lockdep.c:2744 [inline] mark_lock+0xf61/0x1430 kernel/locking/lockdep.c:3142 mark_irqflags kernel/locking/lockdep.c:3020 [inline] __lock_acquire+0x173a/0x3e00 kernel/locking/lockdep.c:3383 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] est_fetch_counters+0x4f/0x150 net/core/gen_estimator.c:70 est_timer+0x97/0x7c0 net/core/gen_estimator.c:85 call_timer_fn+0x228/0x820 kernel/time/timer.c:1318 expire_timers kernel/time/timer.c:1355 [inline] __run_timers+0x7ee/0xb70 kernel/time/timer.c:1658 run_timer_softirq+0x4c/0x70 kernel/time/timer.c:1684 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:365 [inline] irq_exit+0x1cc/0x200 kernel/softirq.c:405 exiting_irq arch/x86/include/asm/apic.h:541 [inline] smp_apic_timer_interrupt+0x16b/0x700 arch/x86/kernel/apic/apic.c:1052 apic_timer_interrupt+0xa9/0xb0 arch/x86/entry/entry_64.S:937 RIP: 0010:__preempt_count_sub arch/x86/include/asm/preempt.h:81 [inline] RIP: 0010:rcu_is_watching+0xcf/0x110 kernel/rcu/tree.c:1161 RSP: 0018:ffff8801a7357578 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff11 RAX: 00000000000305fa RBX: 1ffff10034e6aeb0 RCX: 1ffff10034e6aeb4 RDX: dffffc0000000000 RSI: ffff8801a7357f58 RDI: ffff8801db32376c RBP: ffff8801a73575f8 R08: ffff8801a73576a0 R09: ffff8801c3f16200 R10: 000000000000000b R11: ffffed0034e6aed7 R12: 1ffff10034e6aeb4 R13: ffff8801a73575e0 R14: ffff8801c3f16200 R15: ffff8801dac001c0 kernel_text_address+0x75/0x140 kernel/extable.c:140 __kernel_text_address+0xd/0x40 kernel/extable.c:107 unwind_get_return_address+0x61/0xa0 arch/x86/kernel/unwind_frame.c:18 __save_stack_trace+0x7e/0xd0 arch/x86/kernel/stacktrace.c:45 save_stack_trace+0x1a/0x20 arch/x86/kernel/stacktrace.c:60 save_stack+0x43/0xd0 mm/kasan/kasan.c:447 set_track mm/kasan/kasan.c:459 [inline] kasan_kmalloc+0xad/0xe0 mm/kasan/kasan.c:551 kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:489 slab_post_alloc_hook mm/slab.h:442 [inline] slab_alloc mm/slab.c:3382 [inline] __do_kmalloc mm/slab.c:3706 [inline] __kmalloc+0x14b/0x760 mm/slab.c:3717 kmalloc include/linux/slab.h:504 [inline] kzalloc include/linux/slab.h:688 [inline] xt_jumpstack_alloc net/netfilter/x_tables.c:1115 [inline] xt_replace_table+0x641/0x9d0 net/netfilter/x_tables.c:1159 __do_replace+0x313/0xa90 net/ipv4/netfilter/ip_tables.c:1080 do_replace net/ipv4/netfilter/ip_tables.c:1152 [inline] do_ipt_set_ctl+0x40f/0x5f0 net/ipv4/netfilter/ip_tables.c:1682 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ip_setsockopt+0xa1/0xb0 net/ipv4/ip_sockglue.c:1256 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2875 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1831 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1810 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x455d8a RSP: 002b:0000000000a2f598 EFLAGS: 00000202 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00000000006f9cd0 RCX: 0000000000455d8a RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 00000000006f9cd0 R08: 0000000000000240 R09: 0000000000004000 R10: 00000000006faa80 R11: 0000000000000202 R12: 0000000000000013 R13: 00000000006fb968 R14: 0000000000017377 R15: 0000000000000010 IPVS: ftp: loaded support on port[0] = 21 binder_alloc: binder_alloc_mmap_handler: 14753 20000000-20002000 already mapped failed -16 kauditd_printk_skb: 92 callbacks suppressed audit: type=1400 audit(1517131638.234:1127): avc: denied { map } for pid=14821 comm="syz-executor2" path="/root/syz-executor2" dev="sda1" ino=16480 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 audit: type=1400 audit(1517131638.236:1128): avc: denied { map } for pid=14821 comm="syz-executor2" path="/sys/kernel/debug/kcov" dev="debugfs" ino=1042 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 IPVS: ftp: loaded support on port[0] = 21 audit: type=1400 audit(1517131638.588:1129): avc: denied { map } for pid=14846 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready binder: 15174:15177 BC_DEAD_BINDER_DONE 0000000000000000 not found binder: 15174:15184 BC_DEAD_BINDER_DONE 0000000000000000 not found FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15198 Comm: syz-executor5 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3289 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3632 alloc_task_struct_node kernel/fork.c:156 [inline] dup_task_struct kernel/fork.c:521 [inline] copy_process.part.38+0x198d/0x4b20 kernel/fork.c:1590 copy_process kernel/fork.c:1565 [inline] _do_fork+0x1f7/0xfe0 kernel/fork.c:2044 SYSC_clone kernel/fork.c:2154 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2148 do_syscall_64+0x273/0x920 arch/x86/entry/common.c:285 entry_SYSCALL64_slow_path+0x25/0x25 RIP: 0033:0x453299 RSP: 002b:00007f20638dcc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 RDX: 00000000203c6ffc RSI: 0000000020659ffe RDI: 0000000000022400 RBP: 0000000000000051 R08: 00000000207c4000 R09: 0000000000000000 R10: 0000000020a4a000 R11: 0000000000000212 R12: 00000000006ef838 R13: 0000000000000013 R14: 00007f20638dd6d4 R15: ffffffffffffffff IPVS: ftp: loaded support on port[0] = 21 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15316 Comm: syz-executor1 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3289 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3632 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:983 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1147 [inline] netlink_sendmsg+0xa86/0xe60 net/netlink/af_netlink.c:1839 sock_sendmsg_nosec net/socket.c:638 [inline] sock_sendmsg+0xca/0x110 net/socket.c:648 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2028 __sys_sendmsg+0xe5/0x210 net/socket.c:2062 SYSC_sendmsg net/socket.c:2073 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2069 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007fd7b94bbc58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007fd7b94bbaa0 RCX: 0000000000453299 RDX: 0000000000000000 RSI: 0000000020019fc8 RDI: 0000000000000013 RBP: 00007fd7b94bba90 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b8096 R13: 00007fd7b94bbbc8 R14: 00000000004b8096 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15500 Comm: syz-executor6 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3289 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3632 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:983 [inline] nlmsg_new include/net/netlink.h:511 [inline] mroute_netlink_event+0xd1/0x190 net/ipv4/ipmr.c:2493 ipmr_mfc_add+0x2e6/0x1440 net/ipv4/ipmr.c:1322 ip_mroute_setsockopt+0x968/0xf20 net/ipv4/ipmr.c:1546 do_ip_setsockopt.isra.12+0x2a7/0x32e0 net/ipv4/ip_sockglue.c:641 ip_setsockopt+0x3a/0xb0 net/ipv4/ip_sockglue.c:1248 raw_setsockopt+0xb7/0xd0 net/ipv4/raw.c:857 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1831 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1810 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007fd8ce4e8c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007fd8ce4e8aa0 RCX: 0000000000453299 RDX: 00000000000000cc RSI: 0000000000000000 RDI: 0000000000000013 RBP: 00007fd8ce4e8a90 R08: 000000000000003c R09: 0000000000000000 R10: 0000000020002000 R11: 0000000000000212 R12: 00000000004b8096 R13: 00007fd8ce4e8bc8 R14: 00000000004b8096 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15530 Comm: syz-executor6 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3289 [inline] kmem_cache_alloc_node_trace+0x5a/0x750 mm/slab.c:3651 __do_kmalloc_node mm/slab.c:3671 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3686 __kmalloc_reserve.isra.39+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:983 [inline] nlmsg_new include/net/netlink.h:511 [inline] mroute_netlink_event+0xd1/0x190 net/ipv4/ipmr.c:2493 ipmr_mfc_add+0x2e6/0x1440 net/ipv4/ipmr.c:1322 ip_mroute_setsockopt+0x968/0xf20 net/ipv4/ipmr.c:1546 do_ip_setsockopt.isra.12+0x2a7/0x32e0 net/ipv4/ip_sockglue.c:641 ip_setsockopt+0x3a/0xb0 net/ipv4/ip_sockglue.c:1248 raw_setsockopt+0xb7/0xd0 net/ipv4/raw.c:857 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1831 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1810 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007fd8ce4e8c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007fd8ce4e8aa0 RCX: 0000000000453299 RDX: 00000000000000cc RSI: 0000000000000000 RDI: 0000000000000013 RBP: 00007fd8ce4e8a90 R08: 000000000000003c R09: 0000000000000000 R10: 0000000020002000 R11: 0000000000000212 R12: 00000000004b8096 R13: 00007fd8ce4e8bc8 R14: 00000000004b8096 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15930 Comm: syz-executor7 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3542 getname_flags+0xcb/0x580 fs/namei.c:138 getname+0x19/0x20 fs/namei.c:209 do_sys_open+0x2e7/0x6d0 fs/open.c:1053 SYSC_open fs/open.c:1077 [inline] SyS_open+0x2d/0x40 fs/open.c:1072 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007f46f7f78c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00007f46f7f78aa0 RCX: 0000000000453299 RDX: 0000000000000000 RSI: 0000000000006c02 RDI: 0000000020013ff8 RBP: 00007f46f7f78a90 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b8096 R13: 00007f46f7f78bc8 R14: 00000000004b8096 R15: 0000000000000000 raw_sendmsg: syz-executor6 forgot to set AF_INET. Fix it! FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 16147 Comm: syz-executor2 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3542 create_nsproxy kernel/nsproxy.c:53 [inline] create_new_namespaces+0x88/0x880 kernel/nsproxy.c:71 SYSC_setns kernel/nsproxy.c:254 [inline] SyS_setns+0x1b3/0x2d0 kernel/nsproxy.c:237 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007f80a8eb0c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000134 RAX: ffffffffffffffda RBX: 00007f80a8eb0950 RCX: 0000000000453299 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 00007f80a8eb0940 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b7d6f R13: 00007f80a8eb0ac8 R14: 00000000004b7d7a R15: 0000000000000000 audit: type=1400 audit(1517131643.810:1130): avc: denied { shutdown } for pid=16152 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 16480 Comm: syz-executor0 Not tainted 4.15.0-rc9+ #283 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3542 create_nsproxy kernel/nsproxy.c:53 [inline] create_new_namespaces+0x88/0x880 kernel/nsproxy.c:71 SYSC_setns kernel/nsproxy.c:254 [inline] SyS_setns+0x1b3/0x2d0 kernel/nsproxy.c:237 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007f30458ffc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000134 RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 0000000000000631 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f8538 R13: 00000000ffffffff R14: 00007f30459006d4 R15: 0000000000000000 audit: type=1400 audit(1517131645.110:1131): avc: denied { ioctl } for pid=16593 comm="syz-executor1" path="socket:[43327]" dev="sockfs" ino=43327 ioctlcmd=0x8941 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1517131645.646:1132): avc: denied { getattr } for pid=16819 comm="syz-executor1" name="NETLINK" dev="sockfs" ino=43478 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1517131645.809:1133): avc: denied { accept } for pid=16881 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1517131646.162:1134): avc: denied { map } for pid=17037 comm="syz-executor1" path="socket:[43614]" dev="sockfs" ino=43614 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1517131646.162:1135): avc: denied { read } for pid=17037 comm="syz-executor1" path="socket:[43614]" dev="sockfs" ino=43614 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 netlink: 132 bytes leftover after parsing attributes in process `syz-executor1'. audit: type=1400 audit(1517131646.294:1136): avc: denied { connect } for pid=17072 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1