[....] Starting enhanced syslogd: rsyslogd[   13.449825] audit: type=1400 audit(1513086528.895:5): avc:  denied  { syslog } for  pid=2999 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   28.058237] audit: type=1400 audit(1513086543.504:6): avc:  denied  { map } for  pid=3142 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added 'ci-upstream-kasan-gce-386-2,10.128.0.6' (ECDSA) to the list of known hosts.
executing program
executing program
[   34.140265] audit: type=1400 audit(1513086549.586:7): avc:  denied  { map } for  pid=3157 comm="syzkaller971460" path="/root/syzkaller971460126" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
executing program
executing program
[   34.297850] 
[   34.299497] =====================================
[   34.304302] WARNING: bad unlock balance detected!
[   34.309112] 4.15.0-rc3+ #128 Not tainted
[   34.313136] -------------------------------------
[   34.318114] syzkaller971460/3195 is trying to release lock (mrt_lock) at:
[   34.325013] [<000000006898068d>] ipmr_mfc_seq_stop+0xe1/0x130
[   34.330860] but there are no more locks to release!
[   34.335836] 
[   34.335836] other info that might help us debug this:
[   34.342464] 1 lock held by syzkaller971460/3195:
[   34.347181]  #0:  (&p->lock){+.+.}, at: [<00000000744a6565>] seq_read+0xd5/0x13d0
[   34.354773] 
[   34.354773] stack backtrace:
[   34.359241] CPU: 1 PID: 3195 Comm: syzkaller971460 Not tainted 4.15.0-rc3+ #128
[   34.366651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.375967] Call Trace:
[   34.378520]  dump_stack+0x194/0x257
[   34.382114]  ? arch_local_irq_restore+0x53/0x53
[   34.386747]  ? ipmr_mfc_seq_stop+0xe1/0x130
[   34.391035]  print_unlock_imbalance_bug+0x12f/0x140
[   34.396015]  lock_release+0x5f9/0xda0
[   34.399781]  ? ipmr_mfc_seq_stop+0xe1/0x130
[   34.404067]  ? lock_downgrade+0x980/0x980
[   34.408179]  ? clear_huge_page+0x309/0x730
[   34.412378]  ? _raw_spin_unlock+0x22/0x30
[   34.416494]  ? do_huge_pmd_anonymous_page+0xb21/0x1b00
[   34.421735]  ? memcpy+0x45/0x50
[   34.424979]  ? seq_puts+0xb5/0x130
[   34.428484]  _raw_read_unlock+0x1a/0x30
[   34.432421]  ipmr_mfc_seq_stop+0xe1/0x130
[   34.436533]  traverse+0x3bc/0xa00
[   34.439952]  ? seq_hlist_next+0xc0/0xc0
[   34.443891]  ? seq_lseek+0x3c0/0x3c0
[   34.447567]  seq_read+0x96a/0x13d0
[   34.451074]  ? fsnotify+0x7b3/0x1140
[   34.454751]  ? seq_lseek+0x3c0/0x3c0
[   34.458428]  ? fsnotify_first_mark+0x2b0/0x2b0
[   34.462974]  ? avc_policy_seqno+0x9/0x20
[   34.467000]  ? selinux_file_permission+0x82/0x460
[   34.471808]  ? seq_lseek+0x3c0/0x3c0
[   34.475485]  proc_reg_read+0xef/0x170
[   34.479251]  do_iter_read+0x3db/0x5b0
[   34.483018]  ? iov_iter_get_pages+0x1150/0x1150
[   34.487653]  compat_readv+0x1bf/0x270
[   34.491419]  ? vfs_iter_read+0xb0/0xb0
[   34.495271]  ? fget_raw+0x20/0x20
[   34.498691]  ? down_read+0xa4/0x150
[   34.502282]  ? __handle_mm_fault+0x3e20/0x3e20
[   34.506827]  ? vmacache_find+0x5f/0x280
[   34.510764]  ? vmacache_update+0xfe/0x130
[   34.514881]  do_compat_preadv64+0xdc/0x100
[   34.519078]  ? do_compat_preadv64+0xdc/0x100
[   34.523537]  compat_SyS_preadv+0x3b/0x50
[   34.527565]  ? compat_SyS_preadv64+0x40/0x40
[   34.531939]  do_fast_syscall_32+0x3ee/0xf9d
[   34.536227]  ? do_int80_syscall_32+0x9d0/0x9d0
[   34.540777]  ? lockdep_sys_exit+0x47/0xf0
[   34.544891]  ? syscall_return_slowpath+0x2ad/0x550
[   34.549788]  ? lockdep_sys_exit+0x47/0xf0
[   34.553901]  ? retint_user+0x18/0x18
[   34.557580]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.562386]  entry_SYSENTER_compat+0x51/0x60
[   34.566768] RIP: 0023:0xf7f73c79
[   34.570097] RSP: 002b:00000000e574a15c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
[   34.577768] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020a3afb0
[   34.585008] RDX: 0000000000000001 RSI: 0000000000000067 RDI: 0000000000000000
[   34.592243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   34.599486] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   34.606720] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   34.614045] BUG: sleeping function called from invalid context at lib/usercopy.c:25
[   34.621834] in_atomic(): 1, irqs_disabled(): 0, pid: 3195, name: syzkaller971460
[   34.629344] INFO: lockdep is turned off.
[   34.633388] CPU: 1 PID: 3195 Comm: syzkaller971460 Not tainted 4.15.0-rc3+ #128
[   34.640798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.650119] Call Trace:
[   34.652675]  dump_stack+0x194/0x257
[   34.656268]  ? arch_local_irq_restore+0x53/0x53
[   34.660909]  ___might_sleep+0x2b2/0x470
[   34.664850]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   34.670702]  ? __check_object_size+0x25d/0x4f0
[   34.675251]  __might_sleep+0x95/0x190
[   34.679029]  __might_fault+0xab/0x1d0
[   34.682806]  _copy_to_user+0x2c/0xc0
[   34.686494]  seq_read+0xcb4/0x13d0
[   34.690009]  ? seq_lseek+0x3c0/0x3c0
[   34.693689]  ? fsnotify_first_mark+0x2b0/0x2b0
[   34.698237]  ? avc_policy_seqno+0x9/0x20
[   34.702264]  ? selinux_file_permission+0x82/0x460
[   34.707075]  ? seq_lseek+0x3c0/0x3c0
[   34.710754]  proc_reg_read+0xef/0x170
[   34.714522]  do_iter_read+0x3db/0x5b0
[   34.718287]  ? iov_iter_get_pages+0x1150/0x1150
[   34.722924]  compat_readv+0x1bf/0x270
[   34.726689]  ? vfs_iter_read+0xb0/0xb0
[   34.730546]  ? fget_raw+0x20/0x20
[   34.733968]  ? down_read+0xa4/0x150
[   34.737561]  ? __handle_mm_fault+0x3e20/0x3e20
[   34.742108]  ? vmacache_find+0x5f/0x280
[   34.746047]  ? vmacache_update+0xfe/0x130
[   34.750166]  do_compat_preadv64+0xdc/0x100
[   34.754365]  ? do_compat_preadv64+0xdc/0x100
[   34.758742]  compat_SyS_preadv+0x3b/0x50
[   34.762781]  ? compat_SyS_preadv64+0x40/0x40
[   34.767157]  do_fast_syscall_32+0x3ee/0xf9d
[   34.771447]  ? do_int80_syscall_32+0x9d0/0x9d0
[   34.776001]  ? lockdep_sys_exit+0x47/0xf0
[   34.780114]  ? syscall_return_slowpath+0x2ad/0x550
[   34.785009]  ? lockdep_sys_exit+0x47/0xf0
[   34.789124]  ? retint_user+0x18/0x18
[   34.792808]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.797618]  entry_SYSENTER_compat+0x51/0x60
[   34.801994] RIP: 0023:0xf7f73c79
[   34.805323] RSP: 002b:00000000e574a15c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
[   34.812997] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020a3afb0
[   34.820233] RDX: 0000000000000001 RSI: 0000000000000067 RDI: 0000000000000000
[   34.827556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   34.834791] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   34.842033] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   34.849376] WARNING: CPU: 1 PID: 3195 at lib/usercopy.c:26 _copy_to_user+0xb5/0xc0
[   34.857047] Kernel panic - not syncing: panic_on_warn set ...
[   34.857047] 
[   34.864376] CPU: 1 PID: 3195 Comm: syzkaller971460 Tainted: G        W        4.15.0-rc3+ #128
[   34.873087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.882404] Call Trace:
[   34.884957]  dump_stack+0x194/0x257
[   34.888548]  ? arch_local_irq_restore+0x53/0x53
[   34.893183]  ? vsnprintf+0x1ed/0x1900
[   34.896960]  panic+0x1e4/0x41c
[   34.900119]  ? refcount_error_report+0x214/0x214
[   34.904842]  ? show_regs_print_info+0x18/0x18
[   34.909304]  ? __warn+0x1c1/0x200
[   34.912723]  ? _copy_to_user+0xb5/0xc0
[   34.916575]  __warn+0x1dc/0x200
[   34.919821]  ? _copy_to_user+0xb5/0xc0
[   34.923674]  report_bug+0x211/0x2d0
[   34.927269]  fixup_bug.part.11+0x37/0x80
[   34.931293]  do_error_trap+0x2d7/0x3e0
[   34.935148]  ? math_error+0x400/0x400
[   34.938924]  ? __might_fault+0x110/0x1d0
[   34.942969]  ? lock_downgrade+0x980/0x980
[   34.947084]  ? lock_acquire+0x1d5/0x580
[   34.951023]  ? __might_fault+0xe0/0x1d0
[   34.954966]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.959779]  do_invalid_op+0x1b/0x20
[   34.963457]  invalid_op+0x18/0x20
[   34.966877] RIP: 0010:_copy_to_user+0xb5/0xc0
[   34.971335] RSP: 0018:ffff8801c4e1f8e0 EFLAGS: 00010206
[   34.976664] RAX: ffff8801c4f54300 RBX: 0000000000000002 RCX: ffffffff8252ecb5
[   34.983903] RDX: 00000000001f0100 RSI: 0000000000000000 RDI: 0000000000000282
[   34.991138] RBP: ffff8801c4e1f908 R08: 0000000000000001 R09: 1ffff100389c3ef0
[   34.998374] R10: ffff8801c4f54300 R11: fffffbfff0e89321 R12: 0000000020128000
[   35.005608] R13: ffff8801c4826980 R14: ffff8801c4d6f948 R15: ffff8801c4d6f948
[   35.012852]  ? _copy_to_user+0xb5/0xc0
[   35.016709]  seq_read+0xcb4/0x13d0
[   35.020223]  ? seq_lseek+0x3c0/0x3c0
[   35.023903]  ? fsnotify_first_mark+0x2b0/0x2b0
[   35.028453]  ? avc_policy_seqno+0x9/0x20
[   35.032479]  ? selinux_file_permission+0x82/0x460
[   35.037287]  ? seq_lseek+0x3c0/0x3c0
[   35.040970]  proc_reg_read+0xef/0x170
[   35.044739]  do_iter_read+0x3db/0x5b0
[   35.048505]  ? iov_iter_get_pages+0x1150/0x1150
[   35.053147]  compat_readv+0x1bf/0x270
[   35.056914]  ? vfs_iter_read+0xb0/0xb0
[   35.060771]  ? fget_raw+0x20/0x20
[   35.064196]  ? down_read+0xa4/0x150
[   35.067789]  ? __handle_mm_fault+0x3e20/0x3e20
[   35.072335]  ? vmacache_find+0x5f/0x280
[   35.076274]  ? vmacache_update+0xfe/0x130
[   35.080394]  do_compat_preadv64+0xdc/0x100
[   35.084595]  ? do_compat_preadv64+0xdc/0x100
[   35.088976]  compat_SyS_preadv+0x3b/0x50
[   35.093004]  ? compat_SyS_preadv64+0x40/0x40
[   35.097376]  do_fast_syscall_32+0x3ee/0xf9d
[   35.101667]  ? do_int80_syscall_32+0x9d0/0x9d0
[   35.106219]  ? lockdep_sys_exit+0x47/0xf0
[   35.110333]  ? syscall_return_slowpath+0x2ad/0x550
[   35.115228]  ? lockdep_sys_exit+0x47/0xf0
[   35.119340]  ? retint_user+0x18/0x18
[   35.123022]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   35.127832]  entry_SYSENTER_compat+0x51/0x60
[   35.132205] RIP: 0023:0xf7f73c79
[   35.135535] RSP: 002b:00000000e574a15c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
[   35.143217] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020a3afb0
[   35.150463] RDX: 0000000000000001 RSI: 0000000000000067 RDI: 0000000000000000
[   35.157698] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   35.164937] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   35.172178] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   35.179452] Dumping ftrace buffer:
[   35.182960]    (ftrace buffer empty)
[   35.186648] Kernel Offset: disabled
[   35.190241] Rebooting in 86400 seconds..