===================================== [ BUG: bad unlock balance detected! ] 4.4.113-g202e079 #1 Not tainted ------------------------------------- syz-executor0/9046 is trying to release lock (mrt_lock) at: [] ipmr_mfc_seq_stop+0xe4/0x140 net/ipv6/ip6mr.c:553 but there are no more locks to release! other info that might help us debug this: 1 lock held by syz-executor0/9046: #0: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1270 fs/seq_file.c:178 stack backtrace: CPU: 0 PID: 9046 Comm: syz-executor0 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 6bba9147d1e6a84c[ 59.393570] device gre0 entered promiscuous mode ffff8800b58df930 ffffffff81d0278d ffffffff84771c18 ffff8800b15ac740 ffffffff833c5524 ffffffff84771c18 ffff8800b15acf88 ffff8800b58df960 ffffffff81232314 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] print_unlock_imbalance_bug+0x174/0x1a0 kernel/locking/lockdep.c:3266 [] __lock_release kernel/locking/lockdep.c:3408 [inline] [] lock_release+0x72a/0xc10 kernel/locking/lockdep.c:3611 [] __raw_read_unlock include/linux/rwlock_api_smp.h:225 [inline] [] _raw_read_unlock+0x1a/0x50 kernel/locking/spinlock.c:255 [] ipmr_mfc_seq_stop+0xe4/0x140 net/ipv6/ip6mr.c:553 [] seq_read+0xa80/0x1270 fs/seq_file.c:283 [] proc_reg_read+0xef/0x170 fs/proc/inode.c:202 [] do_loop_readv_writev+0x141/0x1e0 fs/read_write.c:680 [] do_readv_writev+0x5dd/0x6e0 fs/read_write.c:810 [] vfs_readv+0x78/0xb0 fs/read_write.c:834 [] SYSC_preadv fs/read_write.c:912 [inline] [] SyS_preadv+0x199/0x230 fs/read_write.c:898 [] entry_SYSCALL_64_fastpath+0x1c/0x98 nla_parse: 5 callbacks suppressed netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 audit: type=1400 audit(1517184050.189:34): avc: denied { getattr } for pid=9891 comm="syz-executor5" path="socket:[19640]" dev="sockfs" ino=19640 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 278 does not match expected length 8 SELinux: policydb string length 278 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 audit: type=1400 audit(1517184051.689:35): avc: denied { accept } for pid=10394 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket netlink: 4292 bytes leftover after parsing attributes in process `syz-executor4'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket netlink: 4292 bytes leftover after parsing attributes in process `syz-executor4'. SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 audit: type=1400 audit(1517184052.709:36): avc: denied { bind } for pid=10693 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 SELinux: policydb version 1231373692 does not match my version range 15-30 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket netlink: 4292 bytes leftover after parsing attributes in process `syz-executor2'. SELinux: policydb version 1231373692 does not match my version range 15-30 SELinux: policydb version 1720066233 does not match my version range 15-30 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb version 1720066233 does not match my version range 15-30 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 device gre0 entered promiscuous mode SELinux: policydb string length 683 does not match expected length 8 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=13685 sclass=netlink_xfrm_socket SELinux: policydb string length 683 does not match expected length 8 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=13685 sclass=netlink_xfrm_socket SELinux: policydb version 712017242 does not match my version range 15-30 SELinux: policydb version 712017242 does not match my version range 15-30 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 audit: type=1400 audit(1517184055.679:37): avc: denied { setattr } for pid=11609 comm="syz-executor5" name="NETLINK" dev="sockfs" ino=21312 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 3 does not match expected length 8 SELinux: policydb version -1356149710 does not match my version range 15-30 SELinux: policydb string length 3 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb magic number 0x9cf41973 does not match expected magic number 0xf97cff8c SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8 SELinux: policydb string length 683 does not match expected length 8