Bug 697789

Summary: kernel panic in mls_compute_context_len
Product: Red Hat Enterprise Linux 5 Reporter: Jan Tluka <jtluka>
Component: kernelAssignee: Red Hat Kernel Manager <kernel-mgr>
Status: CLOSED DUPLICATE QA Contact: Red Hat Kernel QE team <kernel-qe>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 5.6CC: jpirko
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-20 08:53:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Jan Tluka 2011-04-19 09:35:28 UTC 
Description of problem:

I've hit following kernel panic in kvm virt guest. Unfortunately I don't have any further details neither reproduction steps. 

Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: 
 [<ffffffff8013d9e7>] mls_compute_context_len+0x78/0x169
PGD 0 
Oops: 0000 [1] SMP 
last sysfs file: /class/net/eth0/address
CPU 0 
Modules linked in: bonding autofs4 hidp rfcomm l2cap bluetooth lockd sunrpc ip6t_REJECT xt_tcpudp ip6table_filter ip6_tables x_tables be2iscsi ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp bnx2i cnic ipv6 xfrm_nalgo crypto_api uio cxgb3i libcxgbi cxgb3 8021q libiscsi_tcp libiscsi2 scsi_transport_iscsi2 scsi_transport_iscsi loop dm_multipath scsi_dh video backlight sbs power_meter hwmon i2c_ec dell_wmi wmi button battery asus_acpi acpi_memhotplug ac parport_pc lp parport floppy snd_intel8x0 snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd soundcore snd_page_alloc i2c_piix4 pcspkr virtio_balloon tpm_tis i2c_core tpm tpm_bios serio_raw e1000 virtio_net dm_raid45 dm_message dm_region_hash dm_mem_cache dm_snapshot dm_zero dm_mirror dm_log dm_mod ata_piix libata sd_mod scsi_mod virtio_blk virtio_pci virtio_ring virtio ext3 jbd uhci_hcd ohci_hcd ehci_hcd
Pid: 1783, comm: irqbalance Not tainted 2.6.18-256.el5 #1
RIP: 0010:[<ffffffff8013d9e7>]  [<ffffffff8013d9e7>] mls_compute_context_len+0x78/0x169
RSP: 0018:ffff810014e45ac8  EFLAGS: 00010297
RAX: 0000000000000018 RBX: 0000000000000006 RCX: 0000000000000002
RDX: ffff81001d003560 RSI: ffff81001d003578 RDI: 0000000000000000
RBP: ffff81001d003548 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000001 R11: ffff81001e330000 R12: ffff81001e32fff8
R13: 0000000000000001 R14: ffffffffffffffff R15: ffff810014e45be0
FS:  00002b769261c6e0(0000) GS:ffffffff80428000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000000 CR3: 0000000014e28000 CR4: 00000000000006e0
Process irqbalance (pid: 1783, threadinfo ffff810014e44000, task ffff81001db367a0)
Stack:  0000000000000020 0000000000020000 ffffffff80332100 ffffffff800b3e41
 0000003000000018 ffff810014e45bec 000000000000001d ffff81001d003548
 0000000000000000 ffffffff80139a98 ffff810011065500 0000000000000000
Call Trace:
 [<ffffffff800b3e41>] audit_log_format+0x4e/0x56
 [<ffffffff80139a98>] context_struct_to_string+0x95/0x191
 [<ffffffff8012cb8f>] avc_alloc_node+0x3a/0x187
 [<ffffffff8013c3e8>] security_sid_to_context+0xc1/0xd1
 [<ffffffff8012da45>] avc_audit+0x945/0x9b4
 [<ffffffff8012dafa>] avc_has_perm+0x46/0x58
 [<ffffffff8012e3ce>] inode_has_perm+0x56/0x63
 [<ffffffff80009a07>] __link_path_walk+0x15e/0xfd1
 [<ffffffff8000eb7d>] link_path_walk+0x45/0xb8
 [<ffffffff8000ce9c>] do_path_lookup+0x294/0x310
 [<ffffffff8012e89a>] selinux_file_alloc_security+0x2a/0x54
 [<ffffffff8002395e>] __path_lookup_intent_open+0x56/0x97
 [<ffffffff8001b1cb>] open_namei+0x73/0x718
 [<ffffffff800276f9>] do_filp_open+0x1c/0x38
 [<ffffffff8001a07e>] do_sys_open+0x44/0xbe
 [<ffffffff8005d28d>] tracesys+0xd5/0xe0


Code: 41 8b 31 49 8b 41 08 44 89 c1 29 f1 48 d3 e8 a8 01 0f 84 b3 
RIP  [<ffffffff8013d9e7>] mls_compute_context_len+0x78/0x169
 RSP <ffff810014e45ac8>
CR2: 0000000000000000
 <0>Kernel panic - not syncing: Fatal exception

Version-Release number of selected component (if applicable):
kvm virt guest:
2.6.18-256.el5.x86_64
# rpm -qa selinux\*
selinux-policy-2.4.6-300.el5
selinux-policy-devel-2.4.6-300.el5
selinux-policy-targeted-2.4.6-300.el5

host:
2.6.32-125.el6.x86_64

How reproducible:
unknown

Actual results:
kernel panic

Expected results:

Additional info:
Comment 1 Jiri Pirko 2011-05-20 08:53:26 UTC 

*** This bug has been marked as a duplicate of bug 705314 ***