[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.910532] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.114201] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 22.437315] random: sshd: uninitialized urandom read (32 bytes read, 40 bits of entropy available) [ 23.066693] random: sshd: uninitialized urandom read (32 bytes read, 60 bits of entropy available) [ 33.314045] random: sshd: uninitialized urandom read (32 bytes read, 70 bits of entropy available) Warning: Permanently added '10.128.15.201' (ECDSA) to the list of known hosts. [ 38.690708] random: sshd: uninitialized urandom read (32 bytes read, 76 bits of entropy available) executing program executing program [ 38.808416] [ 38.810056] ===================================== [ 38.814861] [ BUG: bad unlock balance detected! ] [ 38.819670] 4.4.107-g610c835 #12 Not tainted [ 38.824043] ------------------------------------- [ 38.828851] syzkaller811884/3329 is trying to release lock (mrt_lock) at: [ 38.835987] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 38.841834] but there are no more locks to release! [ 38.846818] [ 38.846818] other info that might help us debug this: [ 38.853450] 1 lock held by syzkaller811884/3329: [ 38.858170] #0: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1270 [ 38.866500] [ 38.866500] stack backtrace: [ 38.870974] CPU: 0 PID: 3329 Comm: syzkaller811884 Not tainted 4.4.107-g610c835 #12 [ 38.878731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.888051] 0000000000000000 30aad846228b6b50 ffff8800b4877910 ffffffff81d0457d [ 38.896000] ffffffff8476ab98 ffff8801d09297c0 ffffffff833c77d4 ffffffff8476ab98 [ 38.903970] ffff8801d092a008 ffff8800b4877940 ffffffff812301a4 dffffc0000000000 [ 38.911918] Call Trace: [ 38.914470] [] dump_stack+0xc1/0x124 [ 38.919802] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 38.925911] [] print_unlock_imbalance_bug+0x174/0x1a0 [ 38.932726] [] lock_release+0x72a/0xc10 [ 38.938326] [] ? memcpy+0x45/0x50 [ 38.943397] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 38.949507] [] _raw_read_unlock+0x1a/0x50 [ 38.955269] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 38.961294] [] traverse+0x3a7/0x900 [ 38.966536] [] ? seq_buf_alloc+0x80/0x80 [ 38.972213] [] seq_read+0x7ea/0x1270 [ 38.977544] [] ? seq_lseek+0x3c0/0x3c0 [ 38.983046] [] ? seq_lseek+0x3c0/0x3c0 [ 38.988555] [] proc_reg_read+0xef/0x170 [ 38.994146] [] ? proc_reg_write+0x170/0x170 [ 39.000085] [] __vfs_read+0x103/0x440 [ 39.005508] [] ? vfs_iter_write+0x2d0/0x2d0 [ 39.011444] [] ? fsnotify+0x5ad/0xee0 [ 39.016859] [] ? fsnotify+0xee0/0xee0 [ 39.022281] [] ? avc_policy_seqno+0x9/0x20 [ 39.028144] [] ? selinux_file_permission+0x348/0x460 [ 39.034870] [] ? security_file_permission+0x89/0x1e0 [ 39.041589] [] ? rw_verify_area+0x100/0x2f0 [ 39.047529] [] vfs_read+0x123/0x3a0 [ 39.052773] [] SyS_pread64+0x13f/0x170 [ 39.058282] [] ? SyS_write+0x1b0/0x1b0 [ 39.063783] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 39.070248] [] entry_SYSCALL_64_fastpath+0x16/0x76