[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 17.029941] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 21.972367] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 22.321446] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 23.119975] random: sshd: uninitialized urandom read (32 bytes read, 88 bits of entropy available) [ 23.289556] random: sshd: uninitialized urandom read (32 bytes read, 92 bits of entropy available) Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts. [ 28.687173] random: sshd: uninitialized urandom read (32 bytes read, 100 bits of entropy available) executing program executing program [ 28.808260] [ 28.809940] ===================================== [ 28.814745] [ BUG: bad unlock balance detected! ] [ 28.819551] 4.4.107-g610c835 #4 Not tainted [ 28.823834] ------------------------------------- [ 28.828638] syzkaller727149/3333 is trying to release lock (mrt_lock) at: [ 28.835769] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 28.841613] but there are no more locks to release! [ 28.846589] [ 28.846589] other info that might help us debug this: [ 28.853217] 1 lock held by syzkaller727149/3333: [ 28.857939] #0: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1270 [ 28.866273] [ 28.866273] stack backtrace: [ 28.870734] CPU: 0 PID: 3333 Comm: syzkaller727149 Not tainted 4.4.107-g610c835 #4 [ 28.878407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.887726] 0000000000000000 f96503542af29c6d ffff8800b3de7860 ffffffff81d0457d [ 28.895679] ffffffff8476ab98 ffff8801d123af80 ffffffff833c77d4 ffffffff8476ab98 [ 28.903637] ffff8801d123b7c8 ffff8800b3de7890 ffffffff812301a4 dffffc0000000000 [ 28.911587] Call Trace: [ 28.914146] [] dump_stack+0xc1/0x124 [ 28.919487] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 28.925599] [] print_unlock_imbalance_bug+0x174/0x1a0 [ 28.932401] [] lock_release+0x72a/0xc10 [ 28.937993] [] ? memcpy+0x45/0x50 [ 28.943068] [] ? ipmr_mfc_seq_stop+0xe4/0x140 [ 28.949182] [] _raw_read_unlock+0x1a/0x50 [ 28.954942] [] ipmr_mfc_seq_stop+0xe4/0x140 [ 28.960882] [] traverse+0x3a7/0x900 [ 28.966144] [] ? seq_buf_alloc+0x80/0x80 [ 28.971819] [] seq_read+0x7ea/0x1270 [ 28.977146] [] ? seq_lseek+0x3c0/0x3c0 [ 28.982657] [] ? seq_lseek+0x3c0/0x3c0 [ 28.988162] [] proc_reg_read+0xef/0x170 [ 28.993750] [] ? proc_reg_write+0x170/0x170 [ 28.999687] [] __vfs_read+0x103/0x440 [ 29.005101] [] ? vfs_iter_write+0x2d0/0x2d0 [ 29.011052] [] ? fsnotify+0x5ad/0xee0 [ 29.016467] [] ? fsnotify+0xee0/0xee0 [ 29.021882] [] ? avc_policy_seqno+0x9/0x20 [ 29.027741] [] ? selinux_file_permission+0x348/0x460 [ 29.034457] [] ? security_file_permission+0x89/0x1e0 [ 29.041175] [] ? rw_verify_area+0x100/0x2f0 [ 29.047114] [] vfs_read+0x123/0x3a0 [ 29.052355] [] SyS_pread64+0x13f/0x170 executing program [ 29.057858] [] ? SyS_write+0x1b0/0x1b0 [ 29.063363] [] sys32_pread+0x39/0x50 [ 29.068690] [] ? sys32_waitpid+0x30/0x30 [ 29.074367] [] do_fast_syscall_32+0x314/0x890 [ 29.080479] [] sysenter_flags_fixed+0xd/0x17