[....] Starting enhanced syslogd: rsyslogd[ 13.658374] audit: type=1400 audit(1518202281.585:4): avc: denied { syslog } for pid=3654 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.192' (ECDSA) to the list of known hosts. 2018/02/09 18:51:35 parsed 1 programs 2018/02/09 18:51:35 executed programs: 0 syzkaller login: [ 27.344199] IPVS: Creating netns size=2536 id=1 [ 27.390106] [ 27.391762] ===================================== [ 27.396572] [ BUG: bad unlock balance detected! ] [ 27.401381] 4.9.80-g20c8a00 #38 Not tainted [ 27.405668] ------------------------------------- [ 27.410481] syz-executor0/3826 is trying to release lock (mrt_lock) at: [ 27.417508] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 27.423355] but there are no more locks to release! [ 27.428335] [ 27.428335] other info that might help us debug this: [ 27.434969] 2 locks held by syz-executor0/3826: [ 27.439606] #0: (sb_writers#7){.+.+.+}, at: [] do_sendfile+0x9ff/0xd30 [ 27.448595] #1: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1290 [ 27.456837] [ 27.456837] stack backtrace: [ 27.461303] CPU: 0 PID: 3826 Comm: syz-executor0 Not tainted 4.9.80-g20c8a00 #38 [ 27.468804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.478128] ffff8801d847f238 ffffffff81d94b69 ffffffff849b6cf8 ffff8801b20c6000 [ 27.486095] ffffffff834e8f44 ffffffff849b6cf8 ffff8801b20c6888 ffff8801d847f268 [ 27.494061] ffffffff81237e04 dffffc0000000000 ffffffff849b6cf8 00000000ffffffff [ 27.502034] Call Trace: [ 27.504594] [] dump_stack+0xc1/0x128 [ 27.509928] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 27.516044] [] print_unlock_imbalance_bug+0x174/0x1a0 [ 27.522855] [] lock_release+0x6f8/0xb80 [ 27.528448] [] ? traverse+0x3cf/0x900 [ 27.533867] [] ? memcpy+0x45/0x50 [ 27.538937] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 27.545053] [] _raw_read_unlock+0x1a/0x50 [ 27.550820] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 27.556760] [] seq_read+0xa83/0x1290 [ 27.562093] [] ? seq_escape+0x200/0x200 [ 27.567687] [] ? __fsnotify_parent+0xbc/0x340 [ 27.573801] [] ? fsnotify+0x86/0xf30 [ 27.579132] [] ? fsnotify+0xf30/0xf30 [ 27.584550] [] ? seq_escape+0x200/0x200 [ 27.590144] [] proc_reg_read+0xef/0x170 [ 27.595738] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 27.602722] [] ? security_file_permission+0x89/0x1e0 [ 27.609443] [] ? proc_reg_write+0x170/0x170 [ 27.615381] [] ? proc_reg_write+0x170/0x170 [ 27.621321] [] do_readv_writev+0x520/0x750 [ 27.627180] [] ? vfs_write+0x530/0x530 [ 27.632688] [] ? kasan_unpoison_shadow+0x35/0x50 [ 27.639064] [] ? push_pipe+0x372/0x770 [ 27.644572] [] ? sanity+0x1ff/0x610 [ 27.649817] [] ? iov_iter_get_pages_alloc+0x2c7/0xf10 [ 27.656627] [] vfs_readv+0x84/0xc0 [ 27.661788] [] default_file_splice_read+0x43f/0x7a0 [ 27.668429] [] ? depot_save_stack+0x122/0x4a0 [ 27.674543] [] ? do_splice_direct+0x270/0x270 [ 27.680656] [] ? save_stack_trace+0x16/0x20 [ 27.686597] [] ? save_stack+0x43/0xd0 [ 27.692016] [] ? kasan_kmalloc+0xad/0xe0 [ 27.697695] [] ? __kmalloc+0x11d/0x310 [ 27.703202] [] ? alloc_pipe_info+0x135/0x350 [ 27.709231] [] ? splice_direct_to_actor+0x64a/0x800 [ 27.715867] [] ? do_splice_direct+0x1a7/0x270 [ 27.721983] [] ? SyS_sendfile64+0xd1/0x160 [ 27.727838] [] ? do_fast_syscall_32+0x2f7/0x890 [ 27.734126] [] ? entry_SYSENTER_compat+0x74/0x83 [ 27.740500] [] ? __fsnotify_parent+0xbc/0x340 [ 27.746612] [] ? fsnotify+0x86/0xf30 [ 27.751944] [] ? fsnotify+0xf30/0xf30 [ 27.757365] [] ? avc_policy_seqno+0x9/0x20 [ 27.763218] [] ? selinux_file_permission+0x82/0x460 [ 27.769941] [] ? security_file_permission+0x89/0x1e0 [ 27.776665] [] ? do_splice_direct+0x270/0x270 [ 27.782777] [] do_splice_to+0x10a/0x160 [ 27.788373] [] splice_direct_to_actor+0x24d/0x800 [ 27.794837] [] ? generic_pipe_buf_nosteal+0x10/0x10 [ 27.801474] [] ? do_splice_to+0x160/0x160 [ 27.807240] [] ? security_file_permission+0x89/0x1e0 [ 27.813962] [] ? rw_verify_area+0xe5/0x2b0 [ 27.819816] [] do_splice_direct+0x1a7/0x270 [ 27.825761] [] ? splice_direct_to_actor+0x800/0x800 [ 27.832398] [] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 27.838946] [] ? __sb_start_write+0x14a/0x310 [ 27.845062] [] do_sendfile+0x54b/0xd30 [ 27.850569] [] ? do_compat_pwritev64+0x100/0x100 [ 27.856945] [] SyS_sendfile64+0xd1/0x160 [ 27.862627] [] ? SyS_sendfile+0x160/0x160 [ 27.868398] [] ? do_fast_syscall_32+0xcf/0x890 [ 27.874600] [] ? SyS_sendfile+0x160/0x160 [ 27.880364] [] do_fast_syscall_32+0x2f7/0x890 [ 27.886477] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 27.893117] [] entry_SYSENTER_compat+0x74/0x83