[....] Starting enhanced syslogd: rsyslogd[   12.443759] audit: type=1400 audit(1513101951.434:5): avc:  denied  { syslog } for  pid=3000 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   34.121911] audit: type=1400 audit(1513101973.112:6): avc:  denied  { map } for  pid=3144 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added 'ci-upstream-next-kasan-gce-4,10.128.0.13' (ECDSA) to the list of known hosts.
executing program
executing program
[   40.168117] audit: type=1400 audit(1513101979.158:7): avc:  denied  { map } for  pid=3156 comm="syzkaller892253" path="/root/syzkaller892253506" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   44.800004] 
[   44.801639] =====================================
[   44.806447] WARNING: bad unlock balance detected!
[   44.811253] 4.15.0-rc3-next-20171212+ #65 Not tainted
[   44.816407] -------------------------------------
[   44.821210] syzkaller892253/3696 is trying to release lock (mrt_lock) at:
[   44.828105] [<000000004b4ddff3>] ipmr_mfc_seq_stop+0xe1/0x130
[   44.833948] but there are no more locks to release!
[   44.838949] 
[   44.838949] other info that might help us debug this:
[   44.845579] 1 lock held by syzkaller892253/3696:
[   44.850292]  #0:  (&p->lock){+.+.}, at: [<000000009d5e18f0>] seq_read+0xd5/0x13d0
[   44.857892] 
[   44.857892] stack backtrace:
[   44.862363] CPU: 1 PID: 3696 Comm: syzkaller892253 Not tainted 4.15.0-rc3-next-20171212+ #65
[   44.870899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   44.880213] Call Trace:
[   44.882768]  dump_stack+0x194/0x257
[   44.886357]  ? arch_local_irq_restore+0x53/0x53
[   44.890991]  ? ipmr_mfc_seq_stop+0xe1/0x130
[   44.895275]  print_unlock_imbalance_bug+0x12f/0x140
[   44.900258]  lock_release+0x5f9/0xda0
[   44.904022]  ? ipmr_mfc_seq_stop+0xe1/0x130
[   44.908304]  ? lock_downgrade+0x980/0x980
[   44.912415]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   44.917568]  ? is_bpf_text_address+0xa4/0x120
[   44.922025]  ? kernel_text_address+0x102/0x140
[   44.926569]  ? check_noncircular+0x20/0x20
[   44.930772]  ? __kernel_text_address+0xd/0x40
[   44.935229]  ? memcpy+0x45/0x50
[   44.938472]  ? seq_puts+0xb5/0x130
[   44.941979]  _raw_read_unlock+0x1a/0x30
[   44.945917]  ipmr_mfc_seq_stop+0xe1/0x130
[   44.950028]  traverse+0x3bc/0xa00
[   44.953620]  ? seq_hlist_next+0xc0/0xc0
[   44.957558]  ? seq_lseek+0x3c0/0x3c0
[   44.961234]  seq_read+0x96a/0x13d0
[   44.964741]  ? fsnotify+0x7b3/0x1140
[   44.968416]  ? seq_lseek+0x3c0/0x3c0
[   44.972091]  ? fsnotify_first_mark+0x2b0/0x2b0
[   44.976639]  ? avc_policy_seqno+0x9/0x20
[   44.980670]  ? selinux_file_permission+0x82/0x460
[   44.985478]  ? seq_lseek+0x3c0/0x3c0
[   44.989161]  proc_reg_read+0xef/0x170
[   44.992932]  do_iter_read+0x3db/0x5b0
[   44.996697]  ? dup_iter+0x260/0x260
[   45.000287]  vfs_readv+0x121/0x1c0
[   45.003790]  ? lock_downgrade+0x980/0x980
[   45.007903]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   45.013235]  ? fget_raw+0x20/0x20
[   45.016656]  ? do_page_fault+0xee/0x720
[   45.020592]  ? __do_page_fault+0xc90/0xc90
[   45.024792]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   45.029769]  ? lockdep_sys_exit+0x47/0xf0
[   45.033896]  ? syscall_return_slowpath+0x2ad/0x550
[   45.038790]  do_preadv+0x11b/0x1a0
[   45.042293]  ? do_preadv+0x11b/0x1a0
[   45.045969]  SyS_preadv+0x30/0x40
[   45.049389]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   45.054108] RIP: 0033:0x446399
[   45.057260] RSP: 002b:00007f5cf3aa0d38 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[   45.064932] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000446399
[   45.072166] RDX: 0000000000000001 RSI: 0000000020a3afb0 RDI: 0000000000000003
[   45.079401] RBP: 0000000000000000 R08: 00007f5cf3aa1700 R09: 0000000000000000
[   45.086633] R10: 0000000000000067 R11: 0000000000000293 R12: 0000000000000000
[   45.093867] R13: 00007ffc2c89bfdf R14: 00007f5cf3aa19c0 R15: 0000000000000000
[   45.101181] BUG: sleeping function called from invalid context at lib/usercopy.c:25
[   45.108957] in_atomic(): 1, irqs_disabled(): 0, pid: 3696, name: syzkaller892253
[   45.116469] INFO: lockdep is turned off.
[   45.120514] CPU: 1 PID: 3696 Comm: syzkaller892253 Not tainted 4.15.0-rc3-next-20171212+ #65
[   45.130008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.139327] Call Trace:
[   45.141886]  dump_stack+0x194/0x257
[   45.145654]  ? arch_local_irq_restore+0x53/0x53
[   45.150296]  ___might_sleep+0x2b2/0x470
[   45.154237]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   45.160089]  ? __check_object_size+0x25d/0x4f0
[   45.164637]  __might_sleep+0x95/0x190
[   45.168403]  __might_fault+0xab/0x1d0
[   45.172168]  _copy_to_user+0x2c/0xc0
[   45.175849]  seq_read+0xcb4/0x13d0
[   45.179359]  ? seq_lseek+0x3c0/0x3c0
[   45.183037]  ? fsnotify_first_mark+0x2b0/0x2b0
[   45.187586]  ? avc_policy_seqno+0x9/0x20
[   45.191612]  ? selinux_file_permission+0x82/0x460
[   45.196419]  ? seq_lseek+0x3c0/0x3c0
[   45.200096]  proc_reg_read+0xef/0x170
[   45.203861]  do_iter_read+0x3db/0x5b0
[   45.207624]  ? dup_iter+0x260/0x260
[   45.211217]  vfs_readv+0x121/0x1c0
[   45.214719]  ? lock_downgrade+0x980/0x980
[   45.218831]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   45.224163]  ? fget_raw+0x20/0x20
[   45.227582]  ? do_page_fault+0xee/0x720
[   45.231523]  ? __do_page_fault+0xc90/0xc90
[   45.235722]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   45.240703]  ? lockdep_sys_exit+0x47/0xf0
[   45.244819]  ? syscall_return_slowpath+0x2ad/0x550
[   45.249716]  do_preadv+0x11b/0x1a0
[   45.253219]  ? do_preadv+0x11b/0x1a0
[   45.256899]  SyS_preadv+0x30/0x40
[   45.260319]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   45.265036] RIP: 0033:0x446399
[   45.268189] RSP: 002b:00007f5cf3aa0d38 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[   45.275860] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000446399
[   45.283094] RDX: 0000000000000001 RSI: 0000000020a3afb0 RDI: 0000000000000003
[   45.290331] RBP: 0000000000000000 R08: 00007f5cf3aa1700 R09: 0000000000000000
[   45.297567] R10: 0000000000000067 R11: 0000000000000293 R12: 0000000000000000
[   45.304802] R13: 00007ffc2c89bfdf R14: 00007f5cf3aa19c0 R15: 0000000000000000
[   45.312137] WARNING: CPU: 1 PID: 3696 at lib/usercopy.c:26 _copy_to_user+0xb5/0xc0
[   45.319809] Kernel panic - not syncing: panic_on_warn set ...
[   45.319809] 
[   45.327133] CPU: 1 PID: 3696 Comm: syzkaller892253 Tainted: G        W        4.15.0-rc3-next-20171212+ #65
[   45.336972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.346286] Call Trace:
[   45.348839]  dump_stack+0x194/0x257
[   45.352429]  ? arch_local_irq_restore+0x53/0x53
[   45.357067]  ? vsnprintf+0x1ed/0x1900
[   45.360843]  panic+0x1e4/0x41c
[   45.363998]  ? refcount_error_report+0x214/0x214
[   45.368719]  ? show_regs_print_info+0x18/0x18
[   45.373181]  ? __warn+0x1c1/0x200
[   45.376606]  ? _copy_to_user+0xb5/0xc0
[   45.380457]  __warn+0x1dc/0x200
[   45.383699]  ? _copy_to_user+0xb5/0xc0
[   45.387552]  report_bug+0x211/0x2d0
[   45.391147]  fixup_bug.part.11+0x37/0x80
[   45.395179]  do_error_trap+0x2d7/0x3e0
[   45.399034]  ? math_error+0x400/0x400
[   45.402798]  ? __might_fault+0x110/0x1d0
[   45.406825]  ? lock_downgrade+0x980/0x980
[   45.410936]  ? lock_acquire+0x1d5/0x580
[   45.414878]  ? __might_fault+0xe0/0x1d0
[   45.418821]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   45.423632]  do_invalid_op+0x1b/0x20
[   45.427313]  invalid_op+0x22/0x40
[   45.430740] RIP: 0010:_copy_to_user+0xb5/0xc0
[   45.435202] RSP: 0018:ffff8801c284fa80 EFLAGS: 00010206
[   45.440527] RAX: ffff8801c2834340 RBX: 0000000000000002 RCX: ffffffff82532275
[   45.447761] RDX: 00000000001f0100 RSI: 0000000000000000 RDI: 0000000000000282
[   45.454993] RBP: ffff8801c284faa8 R08: 0000000000000001 R09: 1ffff10038509f24
[   45.462226] R10: ffff8801c2834340 R11: fffffbfff0f0a321 R12: 0000000020128000
[   45.469462] R13: ffff8801c28be340 R14: ffff8801c2e5f988 R15: ffff8801c2e5f988
[   45.476715]  ? _copy_to_user+0xb5/0xc0
[   45.480580]  seq_read+0xcb4/0x13d0
[   45.484092]  ? seq_lseek+0x3c0/0x3c0
[   45.487772]  ? fsnotify_first_mark+0x2b0/0x2b0
[   45.492930]  ? avc_policy_seqno+0x9/0x20
[   45.496958]  ? selinux_file_permission+0x82/0x460
[   45.501771]  ? seq_lseek+0x3c0/0x3c0
[   45.505456]  proc_reg_read+0xef/0x170
[   45.509226]  do_iter_read+0x3db/0x5b0
[   45.512991]  ? dup_iter+0x260/0x260
[   45.516588]  vfs_readv+0x121/0x1c0
[   45.520090]  ? lock_downgrade+0x980/0x980
[   45.524203]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   45.529538]  ? fget_raw+0x20/0x20
[   45.532956]  ? do_page_fault+0xee/0x720
[   45.536897]  ? __do_page_fault+0xc90/0xc90
[   45.541094]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   45.546074]  ? lockdep_sys_exit+0x47/0xf0
[   45.550187]  ? syscall_return_slowpath+0x2ad/0x550
[   45.555084]  do_preadv+0x11b/0x1a0
[   45.558586]  ? do_preadv+0x11b/0x1a0
[   45.562267]  SyS_preadv+0x30/0x40
[   45.565686]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   45.570405] RIP: 0033:0x446399
[   45.573558] RSP: 002b:00007f5cf3aa0d38 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[   45.581956] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000446399
[   45.590592] RDX: 0000000000000001 RSI: 0000000020a3afb0 RDI: 0000000000000003
[   45.597825] RBP: 0000000000000000 R08: 00007f5cf3aa1700 R09: 0000000000000000
[   45.605057] R10: 0000000000000067 R11: 0000000000000293 R12: 0000000000000000
[   45.612293] R13: 00007ffc2c89bfdf R14: 00007f5cf3aa19c0 R15: 0000000000000000
[   45.619565] Dumping ftrace buffer:
[   45.623067]    (ftrace buffer empty)
[   45.626740] Kernel Offset: disabled
[   45.630331] Rebooting in 86400 seconds..