[....] Starting enhanced syslogd: rsyslogd[ 14.984326] audit: type=1400 audit(1519096208.101:5): avc: denied { syslog } for pid=4005 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.330867] audit: type=1400 audit(1519096211.447:6): avc: denied { map } for pid=4144 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.194' (ECDSA) to the list of known hosts. [ 24.677440] audit: type=1400 audit(1519096217.794:7): avc: denied { map } for pid=4158 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/02/20 03:10:18 parsed 1 programs 2018/02/20 03:10:18 executed programs: 0 [ 24.941576] audit: type=1400 audit(1519096218.057:8): avc: denied { map } for pid=4158 comm="syz-execprog" path="/root/syzkaller-shm927186390" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 24.955062] IPVS: ftp: loaded support on port[0] = 21 [ 25.185217] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 25.696334] [ 25.697978] ===================================== [ 25.702787] WARNING: bad unlock balance detected! [ 25.707598] 4.16.0-rc1+ #232 Not tainted [ 25.711627] ------------------------------------- [ 25.716439] swapper/1/0 is trying to release lock (rcu_read_lock_bh) at: [ 25.723263] [] hashlimit_mt_common.isra.10+0x1beb/0x2610 [ 25.730242] but there are no more locks to release! [ 25.735226] [ 25.735226] other info that might help us debug this: [ 25.741862] 3 locks held by swapper/1/0: [ 25.745889] #0: ((&idev->mc_ifc_timer)){+.-.}, at: [<00000000a852199e>] call_timer_fn+0x1c6/0x820 [ 25.755055] #1: (rcu_read_lock){....}, at: [<0000000047665b09>] mld_sendpack+0x180/0xe70 [ 25.763485] #2: (rcu_read_lock){....}, at: [<0000000055c913da>] nf_hook.constprop.37+0x0/0x830 [ 25.772388] [ 25.772388] stack backtrace: [ 25.776855] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.16.0-rc1+ #232 [ 25.783486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.792897] Call Trace: [ 25.795450] [ 25.797572] dump_stack+0x194/0x257 [ 25.801170] ? arch_local_irq_restore+0x53/0x53 [ 25.805816] ? hashlimit_mt_common.isra.10+0x1beb/0x2610 [ 25.811242] print_unlock_imbalance_bug+0x12f/0x140 [ 25.816229] lock_release+0x6fe/0xa40 [ 25.819999] ? hashlimit_mt_common.isra.10+0x1beb/0x2610 [ 25.825430] ? lock_downgrade+0x980/0x980 [ 25.829548] ? lock_release+0xa40/0xa40 [ 25.833492] ? __raw_spin_lock_init+0x1c/0x100 [ 25.838045] ? do_raw_spin_trylock+0x190/0x190 [ 25.842603] hashlimit_mt_common.isra.10+0x1c08/0x2610 [ 25.847854] ? dsthash_find+0x5b0/0x5b0 [ 25.851798] ? __lock_acquire+0x664/0x3e00 [ 25.856006] ? secondary_startup_64+0xa5/0xb0 [ 25.860472] ? memset+0x31/0x40 [ 25.863725] ? unwind_dump+0x4d0/0x4d0 [ 25.867586] ? __unwind_start+0x169/0x330 [ 25.871707] hashlimit_mt+0x78/0x90 [ 25.875303] ? hashlimit_mt+0x78/0x90 [ 25.879073] ip6t_do_table+0x98d/0x1a30 [ 25.883020] ? kmem_cache_alloc_trace+0x136/0x740 [ 25.887832] ? mld_sendpack+0x617/0xe70 [ 25.891778] ? ip6t_error+0x60/0x60 [ 25.895382] ? check_noncircular+0x20/0x20 [ 25.899585] ? lock_acquire+0x1d5/0x580 [ 25.903531] ? lock_acquire+0x1d5/0x580 [ 25.907476] ? igmp6_mcf_seq_next+0x660/0x660 [ 25.911942] ? lock_release+0xa40/0xa40 [ 25.915888] ip6table_raw_hook+0x65/0x80 [ 25.919920] nf_hook_slow+0xba/0x1a0 [ 25.923604] nf_hook.constprop.37+0x3f6/0x830 [ 25.928073] ? igmp6_mcf_seq_next+0x660/0x660 [ 25.932541] ? trace_hardirqs_on+0xd/0x10 [ 25.936661] ? __local_bh_enable_ip+0x121/0x230 [ 25.941306] ? _raw_spin_unlock_bh+0x30/0x40 [ 25.945684] ? rt6_uncached_list_add+0x1b7/0x240 [ 25.950411] ? rt6_fill_node+0x18b0/0x18b0 [ 25.954622] ? icmp6_dst_alloc+0x475/0x660 [ 25.958827] ? ip6_mc_leave_src+0x1d0/0x1d0 [ 25.963119] ? icmpv6_flow_init+0x1f6/0x270 [ 25.967410] mld_sendpack+0x6c2/0xe70 [ 25.971182] ? nf_hook.constprop.37+0x830/0x830 [ 25.975824] ? mark_held_locks+0xaf/0x100 [ 25.979943] ? trace_hardirqs_on+0xd/0x10 [ 25.984067] ? __local_bh_enable_ip+0x121/0x230 [ 25.988710] mld_ifc_timer_expire+0x3d9/0x770 [ 25.993181] call_timer_fn+0x228/0x820 [ 25.997039] ? mld_dad_timer_expire+0x100/0x100 [ 26.001676] ? process_timeout+0x40/0x40 [ 26.005707] ? __run_timers+0x7e3/0xb70 [ 26.009651] ? lock_downgrade+0x980/0x980 [ 26.013771] ? debug_object_deactivate+0x364/0x560 [ 26.018672] ? lock_release+0xa40/0xa40 [ 26.022617] ? do_raw_spin_trylock+0x190/0x190 [ 26.027171] ? trace_hardirqs_on_caller+0x19e/0x5c0 [ 26.032155] ? mld_dad_timer_expire+0x100/0x100 [ 26.036796] ? mld_dad_timer_expire+0x100/0x100 [ 26.041435] __run_timers+0x7ee/0xb70 [ 26.045211] ? trigger_dyntick_cpu.isra.29+0x150/0x150 [ 26.050460] ? timerqueue_add+0x1e9/0x280 [ 26.054578] ? check_noncircular+0x20/0x20 [ 26.058784] ? enqueue_hrtimer+0x177/0x4b0 [ 26.062988] ? lock_release+0xa40/0xa40 [ 26.066934] ? retrigger_next_event+0x1e0/0x1e0 [ 26.071575] ? find_held_lock+0x35/0x1d0 [ 26.075608] ? clockevents_program_event+0x163/0x2e0 [ 26.080681] ? lock_downgrade+0x980/0x980 [ 26.084804] ? rcu_pm_notify+0xc0/0xc0 [ 26.088663] run_timer_softirq+0x4c/0x70 [ 26.092694] __do_softirq+0x2d7/0xb85 [ 26.096463] ? ktime_get+0x26f/0x3a0 [ 26.100148] ? __irqentry_text_end+0x1f8ee4/0x1f8ee4 [ 26.105221] ? do_timer+0x50/0x50 [ 26.108643] ? native_apic_msr_write+0x5c/0x80 [ 26.113195] ? lapic_next_event+0x54/0x80 [ 26.117314] ? clockevents_program_event+0x108/0x2e0 [ 26.122389] ? tick_program_event+0x83/0x100 [ 26.126770] ? rcu_pm_notify+0xc0/0xc0 [ 26.130633] irq_exit+0x1cc/0x200 [ 26.134057] smp_apic_timer_interrupt+0x16b/0x700 [ 26.138871] ? smp_reschedule_interrupt+0xe6/0x650 [ 26.143772] ? smp_call_function_single_interrupt+0x640/0x640 [ 26.149640] ? _raw_spin_lock+0x32/0x40 [ 26.153587] ? _raw_spin_unlock+0x22/0x30 [ 26.157709] ? handle_edge_irq+0x2b4/0x7c0 [ 26.161915] ? task_prio+0x50/0x50 [ 26.165428] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.170245] apic_timer_interrupt+0xa9/0xb0 [ 26.174533] [ 26.176740] RIP: 0010:native_safe_halt+0x6/0x10 [ 26.181378] RSP: 0018:ffff8801d9f1fcb0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff12 [ 26.189056] RAX: dffffc0000000000 RBX: 1ffff1003b3e3f99 RCX: 0000000000000000 [ 26.196296] RDX: 1ffffffff0d592d0 RSI: 0000000000000001 RDI: ffffffff86ac9680 [ 26.203535] RBP: ffff8801d9f1fcb0 R08: 0000000000000000 R09: 0000000000000000 [ 26.210779] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 26.218020] R13: ffff8801d9f1fd68 R14: ffffffff8726b6a0 R15: 0000000000000000 [ 26.225270] default_idle+0xbf/0x430 [ 26.228954] ? __sched_text_end+0x4/0x4 [ 26.232899] ? rcu_eqs_special_set+0x1e0/0x1e0 [ 26.237450] ? tsc_verify_tsc_adjust+0xf6/0x3e0 [ 26.242089] ? set_cpu_sd_state_idle+0x1dc/0x2d0 [ 26.246816] ? mark_tsc_async_resets+0x30/0x30 [ 26.251369] arch_cpu_idle+0xa/0x10 [ 26.254969] default_idle_call+0x36/0x90 [ 26.259002] do_idle+0x24a/0x3b0 [ 26.262345] cpu_startup_entry+0x104/0x120 [ 26.266548] ? cpu_in_idle+0x20/0x20 [ 26.270236] start_secondary+0x40a/0x590 [ 26.274272] ? set_cpu_sibling_map+0x1660/0x1660 [ 26.279000] secondary_startup_64+0xa5/0xb0 2018/02/20 03:10:23 executed programs: 556 2018/02/20 03:10:28 executed programs: 1303