[....] Starting enhanced syslogd: rsyslogd[   15.096203] audit: type=1400 audit(1518363991.673:5): avc:  denied  { syslog } for  pid=3961 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   17.549054] audit: type=1400 audit(1518363994.126:6): avc:  denied  { map } for  pid=4101 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts.
[   38.542386] audit: type=1400 audit(1518364015.120:7): avc:  denied  { map } for  pid=4119 comm="syzkaller251109" path="/root/syzkaller251109028" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   38.550215] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz0.accept_dad = 0
net.ipv6.conf.syz0.router_solicitations = 0
[   38.568391] audit: type=1400 audit(1518364015.120:8): avc:  denied  { sys_admin } for  pid=4119 comm="syzkaller251109" capability=21  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
[   38.616580] audit: type=1400 audit(1518364015.194:9): avc:  denied  { net_admin } for  pid=4120 comm="syzkaller251109" capability=12  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
[   38.800403] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
executing program
[   39.112373] audit: type=1400 audit(1518364015.690:10): avc:  denied  { sys_chroot } for  pid=4120 comm="syzkaller251109" capability=18  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
[   39.115343] 
[   39.138573] =====================================
[   39.143387] WARNING: bad unlock balance detected!
[   39.148213] 4.15.0+ #222 Not tainted
[   39.151893] -------------------------------------
[   39.156711] syzkaller251109/4120 is trying to release lock (rcu_read_lock_bh) at:
[   39.164308] [<ffffffff84785c3b>] hashlimit_mt_common.isra.10+0x1beb/0x2610
[   39.171285] but there are no more locks to release!
[   39.176265] 
[   39.176265] other info that might help us debug this:
[   39.182899] 3 locks held by syzkaller251109/4120:
[   39.187717]  #0:  (sk_lock-AF_INET6){+.+.}, at: [<00000000783390c2>] sctp_connect+0x23/0xf0
[   39.196192]  #1:  (rcu_read_lock){....}, at: [<000000009525a442>] ip_queue_xmit+0x9e/0x18e0
[   39.204661]  #2:  (rcu_read_lock){....}, at: [<000000009fba0db4>] __ip_local_out+0x29b/0xa30
[   39.213212] 
[   39.213212] stack backtrace:
[   39.217686] CPU: 1 PID: 4120 Comm: syzkaller251109 Not tainted 4.15.0+ #222
[   39.224928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.234251] Call Trace:
[   39.236810]  dump_stack+0x194/0x257
[   39.240405]  ? arch_local_irq_restore+0x53/0x53
[   39.245051]  ? hashlimit_mt_common.isra.10+0x1beb/0x2610
[   39.250474]  print_unlock_imbalance_bug+0x12f/0x140
[   39.255459]  lock_release+0x6fe/0xa40
[   39.259228]  ? hashlimit_mt_common.isra.10+0x1beb/0x2610
[   39.264646]  ? lock_downgrade+0x980/0x980
[   39.268763]  ? lock_release+0xa40/0xa40
[   39.272704]  ? __raw_spin_lock_init+0x1c/0x100
[   39.277255]  ? do_raw_spin_trylock+0x190/0x190
[   39.281807]  hashlimit_mt_common.isra.10+0x1c08/0x2610
[   39.287052]  ? print_irqtrace_events+0x270/0x270
[   39.291778]  ? dsthash_find+0x5b0/0x5b0
[   39.295731]  ? __lock_acquire+0x664/0x3e00
[   39.299934]  ? find_held_lock+0x35/0x1d0
[   39.303964]  ? print_irqtrace_events+0x270/0x270
[   39.308689]  ? ip_vs_in+0xb98/0x24d0
[   39.312370]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   39.317527]  ? ip_vs_in_icmp+0x23c0/0x23c0
[   39.321736]  hashlimit_mt_v2+0x496/0x710
[   39.325764]  ? hashlimit_mt_v2+0x496/0x710
[   39.329965]  ? hashlimit_mt+0x90/0x90
[   39.333734]  ? ipt_do_table+0x394/0x1950
[   39.339239]  ipt_do_table+0xa90/0x1950
[   39.343091]  ? lock_release+0xa40/0xa40
[   39.347034]  ? is_bpf_text_address+0xa4/0x120
[   39.351497]  ? kernel_text_address+0x102/0x140
[   39.356060]  ? do_add_counters+0x550/0x550
[   39.360262]  ? check_noncircular+0x20/0x20
[   39.364465]  ? lock_acquire+0x1d5/0x580
[   39.368407]  ? lock_acquire+0x1d5/0x580
[   39.372347]  ? __ip_local_out+0x29b/0xa30
[   39.376464]  iptable_filter_hook+0x65/0x80
[   39.380675]  nf_hook_slow+0xba/0x1a0
[   39.384356]  __ip_local_out+0x4c1/0xa30
[   39.388298]  ? ip_finish_output+0xd10/0xd10
[   39.392590]  ? alloc_skb_with_frags+0x750/0x750
[   39.397229]  ? __ip_flush_pending_frames.isra.41+0x2b0/0x2b0
[   39.403000]  ? __lock_is_held+0xb6/0x140
[   39.407028]  ip_local_out+0x2d/0x160
[   39.410709]  ip_queue_xmit+0x8c0/0x18e0
[   39.414650]  ? ip_build_and_send_pkt+0xc30/0xc30
[   39.419373]  ? sctp_csum_update+0x23/0x30
[   39.423486]  ? sctp_csum_combine+0x30/0x30
[   39.427687]  ? __skb_checksum+0x4a9/0x7e0
[   39.431803]  ? print_irqtrace_events+0x270/0x270
[   39.436526]  sctp_v4_xmit+0x108/0x140
[   39.440295]  sctp_packet_transmit+0x225e/0x3750
[   39.444935]  ? sctp_packet_config+0xc80/0xc80
[   39.449403]  ? noop_count+0x40/0x40
[   39.452994]  ? trace_hardirqs_off+0x10/0x10
[   39.457281]  ? trace_hardirqs_off+0x10/0x10
[   39.461572]  ? find_held_lock+0x35/0x1d0
[   39.465600]  ? lock_downgrade+0x980/0x980
[   39.469718]  ? lock_release+0xa40/0xa40
[   39.473659]  ? rt_cpu_seq_show+0x2c0/0x2c0
[   39.477860]  ? check_usage+0x22f/0xb60
[   39.481718]  ? __sctp_packet_append_chunk+0x4c9/0xd60
[   39.486883]  ? sctp_csum_update+0x30/0x30
[   39.491001]  ? sctp_packet_append_chunk+0xba0/0xba0
[   39.495985]  ? sctp_packet_init+0x25d/0x450
[   39.500363]  ? sctp_csum_combine+0x30/0x30
[   39.504565]  ? sctp_packet_release_owner+0x40/0x40
[   39.509461]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   39.514618]  sctp_outq_flush+0xabb/0x4060
[   39.518733]  ? __lock_acquire+0x2d15/0x3e00
[   39.523028]  ? sctp_check_transmitted+0x1da0/0x1da0
[   39.528009]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   39.533168]  ? find_held_lock+0x35/0x1d0
[   39.537200]  ? depot_save_stack+0x2ca/0x460
[   39.541497]  ? lock_downgrade+0x980/0x980
[   39.545625]  ? lock_release+0xa40/0xa40
[   39.549574]  ? is_bpf_text_address+0xa4/0x120
[   39.554037]  ? kernel_text_address+0x102/0x140
[   39.558595]  ? do_raw_spin_trylock+0x190/0x190
[   39.563149]  ? unwind_get_return_address+0x61/0xa0
[   39.568045]  ? check_noncircular+0x20/0x20
[   39.572251]  ? find_held_lock+0x35/0x1d0
[   39.576284]  ? debug_object_activate+0x307/0x730
[   39.581009]  ? lock_downgrade+0x980/0x980
[   39.585141]  ? lock_release+0xa40/0xa40
[   39.589083]  ? print_irqtrace_events+0x270/0x270
[   39.593819]  ? add_timer+0x5a0/0x1450
[   39.597589]  ? lock_downgrade+0x980/0x980
[   39.601704]  ? debug_object_activate+0x307/0x730
[   39.606427]  ? _raw_spin_lock_irqsave+0x9e/0xc0
[   39.611061]  ? calc_wheel_index+0x13d/0x200
[   39.615351]  ? mark_held_locks+0xaf/0x100
[   39.619466]  ? _raw_spin_unlock_irqrestore+0x31/0xba
[   39.624536]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   39.629523]  ? trace_hardirqs_on+0xd/0x10
[   39.633648]  ? add_timer+0x5a5/0x1450
[   39.637424]  ? mod_timer_pending+0x1440/0x1440
[   39.641973]  ? sctp_init_cause+0x170/0x170
[   39.646176]  ? __rhashtable_insert_fast.constprop.31+0x7be/0x13e0
[   39.652375]  ? find_held_lock+0x35/0x1d0
[   39.656404]  ? sctp_csum_update+0x30/0x30
[   39.660521]  ? __rhashtable_lookup.isra.21.constprop.33+0x6b0/0x6b0
[   39.666896]  ? check_noncircular+0x20/0x20
[   39.671102]  ? lock_downgrade+0x980/0x980
[   39.675218]  ? sctp_outq_tail+0x7b8/0xb40
[   39.679333]  ? sctp_outq_free+0x20/0x20
[   39.683276]  ? sctp_endpoint_new+0xee0/0xee0
[   39.687654]  sctp_outq_uncork+0x5a/0x70
[   39.691597]  sctp_do_sm+0x4e0/0x6ed0
[   39.695285]  ? sctp_do_8_2_transport_strike.isra.15+0x8a0/0x8a0
[   39.701309]  ? lock_downgrade+0x980/0x980
[   39.705424]  ? lock_release+0xa40/0xa40
[   39.709369]  ? sctp_v4_copy_addrlist+0x6d0/0x6d0
[   39.714098]  ? sctp_hash_transport+0x596/0x790
[   39.718648]  ? __rhashtable_insert_fast.constprop.31+0x13e0/0x13e0
[   39.724940]  ? sctp_hash_transport+0xec/0x790
[   39.729400]  ? sctp_transport_new+0x6be/0x840
[   39.733863]  ? sctp_transport_destroy_rcu+0x60/0x60
[   39.738849]  ? sctp_transport_hashtable_destroy+0x20/0x20
[   39.744354]  ? rt_cpu_seq_show+0x2c0/0x2c0
[   39.748556]  ? refcount_inc_not_zero+0xfe/0x180
[   39.753194]  ? sctp_packet_init+0x25d/0x450
[   39.757484]  ? __sctp_packet_append_chunk+0xd60/0xd60
[   39.762641]  ? memcpy+0x45/0x50
[   39.765888]  ? sctp_assoc_lookup_paddr+0xb0/0xb0
[   39.770613]  sctp_primitive_ASSOCIATE+0x9d/0xd0
[   39.775247]  __sctp_connect+0x829/0xca0
[   39.779189]  ? sctp_wait_for_sndbuf+0x860/0x860
[   39.783826]  ? mark_held_locks+0xaf/0x100
[   39.787941]  ? do_raw_spin_trylock+0x190/0x190
[   39.792496]  ? __local_bh_enable_ip+0x121/0x230
[   39.797136]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   39.802122]  ? lock_sock_nested+0x91/0x110
[   39.806326]  ? trace_hardirqs_on+0xd/0x10
[   39.810441]  ? __local_bh_enable_ip+0x121/0x230
[   39.815082]  sctp_connect+0xb4/0xf0
[   39.818682]  ? sctp_connect+0xb4/0xf0
[   39.822460]  inet_dgram_connect+0x16b/0x1f0
[   39.826751]  SYSC_connect+0x213/0x4a0
[   39.830522]  ? SYSC_bind+0x410/0x410
[   39.834204]  ? sock_common_setsockopt+0x95/0xd0
[   39.838840]  ? SyS_setsockopt+0x215/0x360
[   39.842955]  ? SyS_recv+0x40/0x40
[   39.846378]  ? mm_fault_error+0x2c0/0x2c0
[   39.850494]  ? move_addr_to_kernel+0x60/0x60
[   39.854868]  SyS_connect+0x24/0x30
[   39.858377]  ? SyS_accept+0x30/0x30
[   39.861972]  do_syscall_64+0x282/0x940
[   39.865825]  ? __do_page_fault+0xc90/0xc90
[   39.870027]  ? finish_task_switch+0x1e2/0x890
[   39.874489]  ? finish_task_switch+0x1b9/0x890
[   39.878952]  ? syscall_return_slowpath+0x550/0x550
[   39.883856]  ? syscall_return_slowpath+0x2ac/0x550
[   39.888753]  ? prepare_exit_to_usermode+0x350/0x350
[   39.893741]  ? entry_SYSCALL_64_after_hwframe+0x36/0x9b
[   39.899075]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   39.903895]  entry_SYSCALL_64_after_hwframe+0x26/0x9b
[   39.909055] RIP: 0033:0x44b499
[   39.912223] RSP: 002b:00000000007efdc8