Comment 1 for bug 1861901

I've reproduced this issue.

It seems that there's something wrong with the base transition detector. Some correlated output:

Loopback devices:

/dev/loop0 0 0 0 1 /writable/system-data/var/lib/snapd/snaps/core_8594.snap
/dev/loop5 0 0 1 1 /var/lib/snapd/snaps/core_8594.snap
/dev/loop20 0 0 1 1 /var/lib/snapd/snaps/core18_1671.snap

Preserved (stale) mount namespace:

1974 1643 7:20 / / ro,nodev,relatime master:284 - squashfs /dev/loop20 ro
2067 2064 7:5 / /snap/core/8594 ro,nodev,relatime master:230 - squashfs /dev/loop5 ro

Diagnostic message during detection:

DEBUG: block device of snap core, revision 8594 is 7:5
DEBUG: preserved mount is not stale, reusing

So snap-confine was correctly looking for presence of 7:5 (corresponding to core) but failed to observe that in the mount namespace the root filesystem is 7:20 (corresponding to core18).

There is an integration test for this feature so it must be something more subtle.