[....] Starting enhanced syslogd: rsyslogd[ 13.707294] audit: type=1400 audit(1514868187.730:4): avc: denied { syslog } for pid=3187 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.233' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 30.452986] [ 30.454666] ===================================== [ 30.459478] [ BUG: bad unlock balance detected! ] [ 30.464291] 4.9.73-gf3f3457 #11 Not tainted [ 30.470143] ------------------------------------- [ 30.475567] syzkaller007193/3404 is trying to release lock (mrt_lock) at: [ 30.482961] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 30.488812] but there are no more locks to release! [ 30.493795] [ 30.493795] other info that might help us debug this: [ 30.500439] 1 lock held by syzkaller007193/3404: [ 30.505157] #0: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1290 [ 30.513388] [ 30.513388] stack backtrace: [ 30.517862] CPU: 0 PID: 3404 Comm: syzkaller007193 Not tainted 4.9.73-gf3f3457 #11 [ 30.525535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.534862] ffff8801c8237878 ffffffff81d922b9 ffffffff849b0638 ffff8801c82e4800 [ 30.542813] ffffffff834e5174 ffffffff849b0638 ffff8801c82e5088 ffff8801c82378a8 [ 30.550771] ffffffff81235fa4 dffffc0000000000 ffffffff849b0638 00000000ffffffff [ 30.558717] Call Trace: [ 30.561277] [] dump_stack+0xc1/0x128 [ 30.566607] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 30.572721] [] print_unlock_imbalance_bug+0x174/0x1a0 [ 30.579528] [] lock_release+0x6f8/0xb80 [ 30.585125] [] ? memcpy+0x45/0x50 [ 30.590199] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 30.596312] [] _raw_read_unlock+0x1a/0x50 [ 30.602080] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 30.608022] [] traverse+0x3a7/0x900 [ 30.613278] [] ? seq_buf_alloc+0x80/0x80 [ 30.618958] [] seq_read+0x7ea/0x1290 [ 30.624293] [] ? __lock_acquire+0x629/0x3640 [ 30.632636] [] ? seq_escape+0x200/0x200 [ 30.640671] [] ? seq_escape+0x200/0x200 [ 30.647919] [] proc_reg_read+0xef/0x170 [ 30.654125] [] ? proc_reg_write+0x170/0x170 [ 30.660067] [] __vfs_read+0x103/0x670 [ 30.665482] [] ? default_llseek+0x290/0x290 [ 30.671423] [] ? fsnotify+0x86/0xf30 [ 30.676754] [] ? fsnotify+0xf30/0xf30 [ 30.682176] [] ? avc_policy_seqno+0x9/0x20 [ 30.688030] [] ? selinux_file_permission+0x82/0x460 [ 30.694698] [] ? security_file_permission+0x89/0x1e0 [ 30.701423] [] ? rw_verify_area+0xe5/0x2b0 [ 30.707272] [] vfs_read+0x11e/0x380 [ 30.712519] [] SyS_pread64+0x13f/0x170 [ 30.718035] [] ? SyS_write+0x1b0/0x1b0 [ 30.723557] [] ? _raw_spin_unlock_irq+0x27/0x50 [ 30.729849] [] sys32_pread+0x39/0x50 [ 30.735178] [] ? sys32_waitpid+0x30/0x30 [ 30.740862] [] do_fast_syscall_32+0x2f7/0x890 [ 30.746977] [] ? trace_hardirqs_off_thunk+0x1a/0x1c executing program executing program [ 30.753629] [] entry_SYSENTER_compat+0x51/0x60 executing program executing program executing program executing program executing program executing program