[....] Starting enhanced syslogd: rsyslogd[ 14.294382] audit: type=1400 audit(1574665995.947:4): avc: denied { syslog } for pid=1923 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.194' (ECDSA) to the list of known hosts. 2019/11/25 07:13:23 fuzzer started 2019/11/25 07:13:25 dialing manager at 10.128.0.26:42689 2019/11/25 07:13:25 syscalls: 1354 2019/11/25 07:13:25 code coverage: enabled 2019/11/25 07:13:25 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/11/25 07:13:25 extra coverage: extra coverage is not supported by the kernel 2019/11/25 07:13:25 setuid sandbox: enabled 2019/11/25 07:13:25 namespace sandbox: enabled 2019/11/25 07:13:25 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/25 07:13:25 fault injection: kernel does not have systematic fault injection support 2019/11/25 07:13:25 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/25 07:13:25 net packet injection: enabled 2019/11/25 07:13:25 net device setup: enabled 2019/11/25 07:13:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/25 07:13:25 devlink PCI setup: PCI device 0000:00:10.0 is not available 07:14:16 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000040)={'sVz'}, &(0x7f0000000200)='%`\xf3`\xce\xeaY3\xc2\xf3S\xa7\xe8\xb33,\x97_!=\xce\x9f\xa8\x01\x1d\xc0\xc7\x81w\xe6\xfb\x18\r\x93\x1c\x9c\xbb\x17\xa2\xba\x87\x16\xee\xee\x10\xf7\x0e\xd4\x10\x84\x1b\'{\xc1\xeb^G\xac^<\x14[P\x87\x8b\f\r\xea\'\xebm\xef\xb6\xae\xe38\xf4\xf6\xea\xf2\xa2X\x1baXyr\x13\xa6\xccl\xc7\x9e:\xb8\x10\x1d\xc4\xd6\x9eP\'\xda/Zw\x0e\xb5-\x16\xa5\a!\x8d\x16\x8e\xa3\xf5\n\x18T_\x06>\xb5\xb8Fa\n6\t^\xb0\xd3\xce)ya&/\xd3\xe4\x10A1VH3T\v>\xa7Z\xc1\xd5\'B\x8d\xbe\xe3G\b}\x87%j\x16\xbc/+<\\)\x19\xd0[\xbe\x9f\xb2U[\xfbCo\xb0\x1eQ\xff\x05\x03\xdb\x86\xe2\x9b\x9c\xc6`q', 0xffffffffffffffff) 07:14:16 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000006840)=[{{0x0, 0xfffffffffffffde0, &(0x7f0000000580)=[{&(0x7f0000000300)=""/62, 0x3e}], 0x1}}, {{0x0, 0x248, &(0x7f0000000c80)=[{&(0x7f00000002c0)=""/38, 0x26}, {&(0x7f00000001c0)=""/108, 0xfdb8}], 0x2}}], 0x40000000000012d, 0x0, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 07:14:16 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x8000002}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000540)='dctcp\x00', 0x6) sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cubic\x00', 0x6) sendto$packet(r0, &(0x7f0000000340), 0xfffffffffffffd72, 0x4000800, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, r0, 0x0) 07:14:16 executing program 1: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000240)=@req3={0xfff, 0x0, 0x0, 0xfff}, 0x1c) sendmmsg(r0, &(0x7f000000a780)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000005ac0)=@tipc=@name, 0x80, 0x0}}], 0x2, 0x0) 07:14:16 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) syz_emit_ethernet(0x66, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c28800ee0aaaaaaaaaaa86dd60b4090000303a00fe80000000804ab883340a9a0000000000000000000001000000000000000000000000000000018000907800090400600000000000000000000000000000000000000000000000fe8000a5b3cbe40000000000000000aa"], 0x0) 07:14:16 executing program 4: ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000200)=ANY=[@ANYBLOB="0300a600c3f646f55456f73b4f126e359f6f62e02ccae4cc23d2e0a6088837ffbb5ced27181b9a6c5190097fadccd1930ea2d1fc0a5d70ad4d84a8a6cf7681b7a29f88efa6b5b28a62673e04f4873c086d9d2016fb9639472212b59ae8fb0adc97e8852fdafa53310fed32690b73b6faa27a1264add324c613"]) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x80001, 0x0) write(r0, &(0x7f0000000000)="bc", 0x337) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)) syzkaller login: [ 75.637949] audit: type=1400 audit(1574666057.287:5): avc: denied { create } for pid=2119 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 75.706033] audit: type=1400 audit(1574666057.357:6): avc: denied { write } for pid=2123 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 75.776391] audit: type=1400 audit(1574666057.427:7): avc: denied { read } for pid=2119 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 07:14:17 executing program 0: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x6d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x0) renameat2(r1, &(0x7f0000000340)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) 07:14:17 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000a00)={0x0, 0x989680}, &(0x7f0000048000), 0x0) exit(0x0) 07:14:18 executing program 5: prctl$PR_GET_FP_MODE(0x1e) mknod(&(0x7f0000000300)='./file1\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca) unlink(&(0x7f0000000200)='./file0\x00') clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file1\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) write$P9_RRENAME(r2, 0x0, 0x0) 07:14:18 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x2001) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000004) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x1277, &(0x7f0000000300)={0x600, 0x60000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "ab3fb592f5d8cbb551f0a272134e83bbe886c41fc6faced4210500000000000000ffffff7ffff7ef090000000713003e00", "160f2b09000204000000002850c94200ffff006f250000e6e865b6000000000000070066f47874ffffffffffffff0400", "00800000000000001a4809ff1f48b823eb000000000000004f6fce49ff0600ce"}) 07:14:18 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) fcntl$setstatus(r0, 0x4, 0x2800) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000802, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='syz_tun\x00', 0x10) r1 = dup2(r0, r0) write$cgroup_type(r1, &(0x7f0000000140)='t\x02\x04\x00\x00\x00\t\x00', 0xfffffefa) 07:14:18 executing program 4: mmap(&(0x7f00000be000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) 07:14:18 executing program 1: prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) clone(0x20886100, 0x0, 0x0, 0x0, &(0x7f00000002c0)="d353ff072d68b2e4dc05000000b3d94c22") 07:14:18 executing program 4: 07:14:18 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0x1f, 0x0, 0x69}}) 07:14:18 executing program 4: 07:14:18 executing program 3: 07:14:18 executing program 5: 07:14:18 executing program 0: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000740)='hugetlb.2MB.usage_ir_bytes\x00', 0x275a, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x20}) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x80000000}) write$cgroup_int(r1, &(0x7f0000000240), 0x12) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)=0x80020) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) 07:14:18 executing program 0: 07:14:18 executing program 3: 07:14:18 executing program 5: 07:14:18 executing program 4: 07:14:18 executing program 0: 07:14:18 executing program 1: 07:14:18 executing program 5: 07:14:18 executing program 3: socket$inet6(0xa, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4) pipe(0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x89a0, &(0x7f0000000440)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @remote, @remote}) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) 07:14:18 executing program 0: clock_adjtime(0x0, &(0x7f0000000240)={0x1ff}) 07:14:18 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) 07:14:18 executing program 2: 07:14:19 executing program 2: 07:14:19 executing program 5: 07:14:19 executing program 1: r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000040)={0xf97cff8c, 0x6, 'SE Linux', "1200000000c46f0006000000070000003c9f030002000000"}, 0x380) 07:14:19 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@ipx, 0x80, 0x0, 0x0, 0x0, 0xfffffec5}}], 0x1, 0x0, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f00000002c0)) clone(0x22004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit(0x0) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000000c0)={0x0, @multicast2, 0x0, 0x2, 'dh\x00'}, 0x2c) r0 = syz_open_procfs(0x0, &(0x7f0000000400)='cpuset\x00') preadv(r0, &(0x7f00000017c0), 0x351, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 07:14:19 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0xfffffffd}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') preadv(r0, &(0x7f00000017c0), 0x1000000000000277, 0x400000000000) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001800)={{{@in6=@dev, @in6=@loopback}}, {{}, 0x0, @in6=@remote}}, &(0x7f0000001900)=0xe8) getsockname(0xffffffffffffffff, &(0x7f00000000c0)=@ax25={{}, [@remote, @rose, @remote, @remote, @bcast, @null, @bcast, @rose]}, 0x0) 07:14:19 executing program 4: ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000200)=ANY=[@ANYBLOB="0300a600c3f646f55456f73b4f126e359f6f62e02ccae4cc23d2e0a6088837ffbb5ced27181b9a6c5190097fadccd1930ea2d1fc0a5d70ad4d84a8a6cf7681b7a29f88efa6b5b28a62673e04f4873c086d9d2016fb9639472212b59ae8fb0adc97e8852fdafa53310fed32690b73b6faa27a1264add324c613"]) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x80001, 0x0) write(r0, &(0x7f0000000000)="bc", 0x337) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)) 07:14:19 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000a8d000)={0x0, 0x0, &(0x7f0000df6000)={&(0x7f0000000880)=ANY=[@ANYBLOB="28000000150afdff00000300000000000000000014000100"/40], 0x28}}, 0x0) 07:14:19 executing program 4: [ 77.457433] audit: type=1400 audit(1574666059.107:8): avc: denied { create } for pid=2407 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 77.488996] SELinux: policydb string length 6 does not match expected length 8 07:14:19 executing program 3: 07:14:19 executing program 1: 07:14:19 executing program 4: 07:14:19 executing program 5: 07:14:19 executing program 0: 07:14:19 executing program 2: 07:14:19 executing program 4: 07:14:19 executing program 1: 07:14:19 executing program 2: 07:14:19 executing program 5: 07:14:19 executing program 0: 07:14:19 executing program 4: r0 = gettid() r1 = creat(&(0x7f0000000100)='./file0\x00', 0x10003) write$binfmt_script(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="01e202df45"], 0x5) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) 07:14:19 executing program 3: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_emit_ethernet(0x7a, &(0x7f0000000180)={@random="a9248e6e42e2", @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x70}, @dev={0xac, 0x14, 0x14, 0x13}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x2, {0x400000000000001f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, @empty, @dev, {[@ssrr={0x89, 0xd, 0x0, [@broadcast, @empty, @dev, @broadcast, @loopback]}, @lsrr={0x83, 0x1b, 0x0, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr]}, @ssrr={0x89, 0x7, 0x0, [@rand_addr]}]}}}}}}}, 0x0) 07:14:19 executing program 5: socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000180)={@random="a9248e6e42e2", @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x70}, @dev}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x2, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @dev}}}}}}, 0x0) 07:14:19 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000280)=[@mss, @sack_perm, @mss, @mss], 0x21b3) 07:14:19 executing program 0: prctl$PR_GET_FP_MODE(0x1e) mknod(&(0x7f0000000300)='./file1\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca) unlink(&(0x7f0000000200)='./file0\x00') clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file1\x00') execve(&(0x7f0000000240)='./file2\x00', 0x0, 0x0) 07:14:19 executing program 1: r0 = socket(0x11, 0x3, 0x0) recvfrom$unix(r0, 0x0, 0x0, 0x40012003, 0x0, 0x0) 07:14:19 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000480)=""/164, 0xa4}], 0x1, 0x0) lstat(&(0x7f00000002c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0xffffffffffffffda, 0x1, {0x7, 0x1e}}, 0x50) 07:14:19 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x88802, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x1) write(r1, &(0x7f0000000000)="d5", 0x100000243) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup2(r2, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1) 07:14:19 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r1, &(0x7f00000001c0)=""/31, 0xfffffffffffffe3c, 0x100, &(0x7f0000001880), 0x17c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='vegas\x00', 0x6) socket$inet6(0xa, 0x80003, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) shutdown(r1, 0x1) r2 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet6(r2, &(0x7f00000000c0), 0xffffffffffffff47, 0x0, 0x0, 0x1a) 07:14:19 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f00000000c0)={0x0, 0x0, 0x0}) 07:14:19 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = gettid() sendmsg$netlink(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000002180)={0x10}, 0x10}], 0x1, &(0x7f0000000380)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) r2 = syz_open_procfs(r1, &(0x7f0000000140)='smaps\x00\xbe#\xd7c\xbf\t\v|=\x12\x9aT\xda\x8a\x18\x1f2\x80\xd1\x1ah\x1a84\xd4\xfd\xc4\xf4g\x06\xf9\xe5\xd0=K{W\xd1Yc\xf3\xd6\t>RL\"\xc5f+%\x8d\xb9L\xc3w\x1a\xe1\xc1\xc9\xc0\xab\x1f/K\x8a\"\xf0\xf0\xa0\xa9\xeb\xb5g\xa2\xd6\xf1\xb2\xb3\x03\x92\xfe\xf6+\x15\x06\x05\xb2n\xa9\xe2\xa4\xe3\x85!M\xeb&') r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000004c0)='/selinux/commit_pending_bools\x00', 0x1, 0x0) sendfile(r3, r2, 0x0, 0x100000000000002) fcntl$setstatus(r2, 0x4, 0x9400) r4 = gettid() r5 = creat(&(0x7f0000000280)='./file0\x00', 0x1) ptrace$cont(0x18, r4, 0x20, 0xa1) r6 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='\x04\x0fu\x00') sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0ebb29bd7000ff0100000000000008000800e00000010400050008000600e0000002080001004e24000034000900000000000000e50000000000000000000800030004"], 0x3}, 0x1, 0x0, 0x0, 0x20000000}, 0x10000811) write$binfmt_script(r5, &(0x7f00000005c0)={'#! ', './file0'}, 0xb) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r5) ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)=0x1) openat$selinux_user(0xffffffffffffff9c, 0x0, 0x2, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r7 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r7, &(0x7f0000000200)='threaded\x00', 0xdcdc) getsockopt$inet_IP_IPSEC_POLICY(r7, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@remote, @in6=@empty}}, {{@in=@multicast2}, 0x0, @in=@remote}}, &(0x7f0000000400)=0xfffffffffffffcb4) setxattr$security_capability(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='security.capability\x00', &(0x7f0000000500)=@v2={0x2000000, [{0x7fffffff, 0x686}, {0x2}]}, 0x14, 0x0) r8 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r8, &(0x7f0000000200)='threaded\x00', 0xdcdc) ioctl$IOC_PR_PREEMPT(r8, 0x401870cb, &(0x7f0000000440)={0xb1, 0x10000, 0x7, 0x80000001}) ptrace$setopts(0x4206, r4, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) r9 = openat$null(0xffffffffffffff9c, &(0x7f0000000380)='/dev/null\x00', 0x8d65d62a614aabcf, 0x0) ioctl$TUNSETVNETLE(r9, 0x400454dc, &(0x7f0000000480)=0x1) perf_event_open(&(0x7f0000940000)={0x0, 0x70, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000100)={0x3}) 07:14:19 executing program 4: r0 = socket$inet(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="24000000120007031dfffd946fa283000f000a0009000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 77.824785] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request. Check SNMP counters. 07:14:19 executing program 1: clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000040)={0xf97cff8c, 0x8, 'SE Linux', "1200000000c46f000600000007000000"}, 0x20) [ 77.882139] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket [ 77.916535] kasan: CONFIG_KASAN_INLINE enabled 07:14:19 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='D'], 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r1, 0x29, 0x3c, 0x0, &(0x7f0000000140)=0xfd97) 07:14:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x1) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x10000) write(r1, &(0x7f0000000000)="d5", 0x100000243) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup2(r2, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1) [ 77.921011] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 77.934005] Modules linked in: [ 77.937335] CPU: 0 PID: 2492 Comm: syz-executor.4 Not tainted 4.4.174+ #4 [ 77.944255] task: ffff8800a319af80 task.stack: ffff8801d5718000 [ 77.950312] RIP: 0010:[] [] __list_del_entry_valid+0x7c/0x1a0 [ 77.959565] RSP: 0018:ffff8801d571f5d8 EFLAGS: 00010246 [ 77.965012] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff8800a30bf390 [ 77.972276] RDX: 0000000000000000 RSI: ffffffff83ad91b0 RDI: ffff8800a30bf398 [ 77.979533] RBP: ffff8801d571f5f0 R08: 0000000000000000 R09: 1ffffffff075b237 [ 77.986843] R10: 000000000075bf20 R11: 0000000000000000 R12: ffff8800a30bf398 [ 77.994099] R13: ffff8801c321e280 R14: ffff8800a30bf339 R15: ffff8800a30bf3b8 [ 78.001370] FS: 00007fa44b3fe700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 [ 78.009584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.015466] CR2: 0000001b30121000 CR3: 00000001d439b000 CR4: 00000000001606b0 [ 78.022739] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.030007] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.037283] Stack: [ 78.039432] ffffffff82717d94 ffffffff8255c29c ffff8800a30bf390 ffff8801d571f628 [ 78.047513] ffffffff8255c2a4 ffff8800a493a200 ffff8800a30bf390 ffff8800b231b780 [ 78.055580] ffff8800a30bf339 ffff8800a30bf3b8 ffff8801d571f648 ffffffff825784e3 [ 78.063658] Call Trace: [ 78.066244] [] ? _raw_spin_lock_bh+0x44/0x50 [ 78.072739] [] ? xfrm_state_walk_done+0x7c/0x1e0 07:14:19 executing program 0: mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) 07:14:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="0d00000000003639408fa3a3ba27660199783b0a82f79b32a7c8225086600a38e07d4db88a66596759e95307b680ab73e03d53555c97e8e37d01da4d44a994354a9fa3f355214eeabd24dd6248432ba5a4a90b2022d5ad63b369aaffe900b608a5fece0eca95d71f2d3e60613a027fb50cbcbd92944076d3b97247e066002314da52d04ea8c924cd48d6225ccf1032f51db270c6449c2d582b36ab231f6c20d87e91eed2f2db4734535e02", 0xab}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x7e, 0x0) [ 78.079150] [] xfrm_state_walk_done+0x84/0x1e0 [ 78.085375] [] xfrm_dump_sa_done+0x73/0xa0 [ 78.091262] [] ? xfrm_get_policy+0x8c0/0x8c0 [ 78.097328] [] netlink_dump+0x76b/0xad0 [ 78.102952] [] __netlink_dump_start+0x4ca/0x750 [ 78.109272] [] ? __netlink_ns_capable+0xe2/0x130 [ 78.115684] [] xfrm_user_rcv_msg+0x556/0x630 [ 78.121748] [] ? xfrm_user_rcv_msg+0x630/0x630 [ 78.127986] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 78.134042] [] ? xfrm_user_rcv_msg+0x630/0x630 [ 78.140256] [] ? xfrm_get_policy+0x8c0/0x8c0 [ 78.146398] [] ? mark_held_locks+0xb1/0x100 [ 78.152373] [] ? xfrm_netlink_rcv+0x61/0x90 [ 78.158343] [] ? mutex_lock_nested+0x7dd/0xb80 [ 78.164559] [] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 78.171568] [] ? mutex_lock_nested+0x645/0xb80 [ 78.177801] [] ? xfrm_netlink_rcv+0x61/0x90 [ 78.183776] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 78.190694] [] ? mutex_trylock+0x500/0x500 [ 78.196573] [] netlink_rcv_skb+0xd4/0x2e0 [ 78.202375] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 78.208420] [] xfrm_netlink_rcv+0x70/0x90 [ 78.214214] [] netlink_unicast+0x4d7/0x700 [ 78.220082] [] ? netlink_sendskb+0x60/0x60 [ 78.225947] [] netlink_sendmsg+0x6b6/0xc80 [ 78.231931] [] ? nlmsg_notify+0x170/0x170 [ 78.237867] [] ? selinux_socket_sendmsg+0x3f/0x50 [ 78.244780] [] ? security_socket_sendmsg+0x8f/0xc0 [ 78.251396] [] ? nlmsg_notify+0x170/0x170 [ 78.257183] [] sock_sendmsg+0xbe/0x110 [ 78.262710] [] ___sys_sendmsg+0x769/0x890 [ 78.268500] [] ? copy_msghdr_from_user+0x550/0x550 [ 78.275082] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 78.281843] [] ? check_preemption_disabled+0x3c/0x200 [ 78.288762] [] ? check_preemption_disabled+0x3c/0x200 [ 78.295590] [] ? __fget+0x13b/0x370 [ 78.300850] [] ? __fget+0x162/0x370 [ 78.306129] [] ? __fget+0x47/0x370 [ 78.311299] [] ? __fget_light+0xa3/0x1f0 [ 78.317181] [] ? __fdget+0x1b/0x20 [ 78.322365] [] __sys_sendmsg+0xc5/0x160 [ 78.327996] [] ? SyS_shutdown+0x1a0/0x1a0 [ 78.333793] [] ? SyS_clock_gettime+0x118/0x1e0 [ 78.340023] [] ? SyS_clock_settime+0x220/0x220 [ 78.346259] [] SyS_sendmsg+0x2d/0x50 [ 78.351629] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 78.358189] Code: 00 ad de 4c 8b 01 49 39 c0 74 66 48 b8 00 02 00 00 00 00 ad de 48 39 c3 74 78 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 fb 00 00 00 48 8b 03 48 39 c8 75 74 49 8d 78 [ 78.385488] RIP [] __list_del_entry_valid+0x7c/0x1a0 [ 78.392355] RSP [ 78.396023] ---[ end trace 43222c38f960747c ]--- [ 78.400778] Kernel panic - not syncing: Fatal exception in interrupt [ 78.402049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket [ 78.414005] audit: type=1400 audit(1574666060.047:9): avc: denied { create } for pid=2485 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 78.414770] audit: type=1400 audit(1574666060.047:10): avc: denied { write } for pid=2485 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 78.423074] audit: type=1400 audit(1574666060.047:11): avc: denied { read } for pid=2485 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 78.488716] Kernel Offset: disabled [ 78.492349] Rebooting in 86400 seconds..