[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   20.141111] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available)
[   20.457107] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available)
[   21.383123] random: sshd: uninitialized urandom read (32 bytes read, 119 bits of entropy available)
[   28.136447] random: sshd: uninitialized urandom read (32 bytes read, 128 bits of entropy available)
[   28.244411] random: nonblocking pool is initialized
Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
[   33.631617] 
[   33.633270] =====================================
[   33.638083] [ BUG: bad unlock balance detected! ]
[   33.642889] 4.4.107-g610c835 #12 Not tainted
[   33.647266] -------------------------------------
[   33.652076] syzkaller465762/3317 is trying to release lock (mrt_lock) at:
[   33.659211] [<ffffffff833c77d4>] ipmr_mfc_seq_stop+0xe4/0x140
[   33.665059] but there are no more locks to release!
[   33.670034] 
[   33.670034] other info that might help us debug this:
[   33.676663] 1 lock held by syzkaller465762/3317:
[   33.681382]  #0:  (&p->lock){+.+.+.}, at: [<ffffffff8158c38d>] seq_read+0xdd/0x1270
[   33.689712] 
[   33.689712] stack backtrace:
[   33.694177] CPU: 0 PID: 3317 Comm: syzkaller465762 Not tainted 4.4.107-g610c835 #12
[   33.701932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   33.711264]  0000000000000000 3c7cff7e93704c59 ffff8801d1397910 ffffffff81d0457d
[   33.719207]  ffffffff8476ab98 ffff8800b5635f00 ffffffff833c77d4 ffffffff8476ab98
[   33.727161]  ffff8800b5636748 ffff8801d1397940 ffffffff812301a4 dffffc0000000000
[   33.735108] Call Trace:
[   33.737663]  [<ffffffff81d0457d>] dump_stack+0xc1/0x124
[   33.742989]  [<ffffffff833c77d4>] ? ipmr_mfc_seq_stop+0xe4/0x140
[   33.749100]  [<ffffffff812301a4>] print_unlock_imbalance_bug+0x174/0x1a0
[   33.755913]  [<ffffffff8123b04a>] lock_release+0x72a/0xc10
[   33.761513]  [<ffffffff814fafd5>] ? memcpy+0x45/0x50
[   33.766580]  [<ffffffff833c77d4>] ? ipmr_mfc_seq_stop+0xe4/0x140
[   33.772689]  [<ffffffff8377366a>] _raw_read_unlock+0x1a/0x50
[   33.778452]  [<ffffffff833c77d4>] ipmr_mfc_seq_stop+0xe4/0x140
[   33.784391]  [<ffffffff8158b997>] traverse+0x3a7/0x900
[   33.789631]  [<ffffffff8158b5f0>] ? seq_buf_alloc+0x80/0x80
[   33.795309]  [<ffffffff8158ca9a>] seq_read+0x7ea/0x1270
[   33.800638]  [<ffffffff8158c2b0>] ? seq_lseek+0x3c0/0x3c0
[   33.806141]  [<ffffffff812dda43>] ? do_futex+0x3e3/0x1670
[   33.811651]  [<ffffffff814a8d4e>] ? __vma_link_rb+0x20e/0x310
[   33.817501]  [<ffffffff814a6bdc>] ? __vma_link_file+0x10c/0x160
[   33.823532]  [<ffffffff8158c2b0>] ? seq_lseek+0x3c0/0x3c0
[   33.829034]  [<ffffffff816651ff>] proc_reg_read+0xef/0x170
[   33.834624]  [<ffffffff81665110>] ? proc_reg_write+0x170/0x170
[   33.840560]  [<ffffffff8151aa73>] __vfs_read+0x103/0x440
[   33.845976]  [<ffffffff8151a970>] ? vfs_iter_write+0x2d0/0x2d0
[   33.851911]  [<ffffffff815e878d>] ? fsnotify+0x5ad/0xee0
[   33.857324]  [<ffffffff815e90c0>] ? fsnotify+0xee0/0xee0
[   33.862746]  [<ffffffff81b4d4f9>] ? avc_policy_seqno+0x9/0x20
[   33.868594]  [<ffffffff81b5ebe8>] ? selinux_file_permission+0x348/0x460
[   33.875310]  [<ffffffff81b443e9>] ? security_file_permission+0x89/0x1e0
[   33.882026]  [<ffffffff8151c600>] ? rw_verify_area+0x100/0x2f0
[   33.887975]  [<ffffffff8151c913>] vfs_read+0x123/0x3a0
[   33.893224]  [<ffffffff8151f61f>] SyS_pread64+0x13f/0x170
[   33.898724]  [<ffffffff8151f4e0>] ? SyS_write+0x1b0/0x1b0
[   33.904225]  [<ffffffff81003044>] ? lockdep_sys_exit_thunk+0x12/0x14
[   33.910679]  [<ffffffff83773d36>] entry_SYSCALL_64_fastpath+0x16/0x76