Warning: Permanently added '10.128.1.21' (ECDSA) to the list of known hosts.
[   42.057680] random: sshd: uninitialized urandom read (32 bytes read)
2019/09/18 18:22:32 fuzzer started
[   42.163348] audit: type=1400 audit(1568830952.506:7): avc:  denied  { map } for  pid=1785 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   42.575324] random: cc1: uninitialized urandom read (8 bytes read)
2019/09/18 18:22:33 dialing manager at 10.128.0.26:38793
2019/09/18 18:22:33 syscalls: 1347
2019/09/18 18:22:33 code coverage: enabled
2019/09/18 18:22:33 comparison tracing: ioctl(KCOV_TRACE_CMP) failed: invalid argument
2019/09/18 18:22:33 extra coverage: extra coverage is not supported by the kernel
2019/09/18 18:22:33 setuid sandbox: enabled
2019/09/18 18:22:33 namespace sandbox: enabled
2019/09/18 18:22:33 Android sandbox: /sys/fs/selinux/policy does not exist
2019/09/18 18:22:33 fault injection: CONFIG_FAULT_INJECTION is not enabled
2019/09/18 18:22:33 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/09/18 18:22:33 net packet injection: enabled
2019/09/18 18:22:33 net device setup: enabled
[   44.514482] random: crng init done
18:23:28 executing program 0:

18:23:28 executing program 1:

18:23:28 executing program 5:

18:23:28 executing program 2:

18:23:28 executing program 3:

18:23:28 executing program 4:

[   98.044442] audit: type=1400 audit(1568831008.386:8): avc:  denied  { map } for  pid=1785 comm="syz-fuzzer" path="/root/syzkaller-shm006313750" dev="sda1" ino=15976 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   98.100881] audit: type=1400 audit(1568831008.386:9): avc:  denied  { map } for  pid=1830 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=5044 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
18:23:29 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x51, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit(0x0)
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
r1 = dup(r0)
write$P9_RLOCK(r1, &(0x7f0000000000)={0x8}, 0x8)

18:23:29 executing program 0:

18:23:29 executing program 0:

18:23:29 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$cgroup_int(r0, &(0x7f0000000000)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x20000)

18:23:29 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="11dca50d5e0bcfe47bf070")
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000068000/0x3000)=nil, 0x3000, 0xf, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetl\x04\x00\x00\x00\x00\x00\x00\x00age_ir_Z\xa2\xf4es\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)

18:23:30 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)

18:23:30 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)

18:23:31 executing program 1:

18:23:32 executing program 5:

18:23:32 executing program 2:

18:23:32 executing program 3:

18:23:32 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
dup3(r0, r1, 0x0)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000fb4000)="1f00000001021900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1)

18:23:32 executing program 1:

18:23:32 executing program 5:

18:23:32 executing program 2:

18:23:32 executing program 4:

18:23:32 executing program 5:

18:23:32 executing program 4:

18:23:32 executing program 4:

18:23:32 executing program 2:

18:23:32 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000500)="11dca50d5e0bcfe47bf070")
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000580), 0xc2)

18:23:32 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x3)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)

[  102.404859] audit: type=1400 audit(1568831012.746:10): avc:  denied  { create } for  pid=2780 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[  102.418841] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
18:23:32 executing program 4:

[  102.479639] audit: type=1400 audit(1568831012.756:11): avc:  denied  { write } for  pid=2780 comm="syz-executor.0" path="socket:[7145]" dev="sockfs" ino=7145 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
18:23:32 executing program 0:

18:23:32 executing program 5:

18:23:32 executing program 3:

18:23:32 executing program 2:

18:23:32 executing program 1:

18:23:32 executing program 4:

18:23:33 executing program 5:

18:23:33 executing program 3:

18:23:33 executing program 2:

18:23:33 executing program 1:

18:23:33 executing program 0:

18:23:33 executing program 4:

18:23:33 executing program 3:

18:23:33 executing program 0:

18:23:33 executing program 5:

18:23:33 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000000)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5)
clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000100)=ANY=[@ANYBLOB="000004d06424b2d0540003248620bc1db2ad205700000a00050000000000ff02000003001200000000000000000100000000fe80d79bf15a082f6ab25700000000c04300000000000000000000000000000000e60c000000000000000000000000a3f000000000000000003ed8d3f10000000000000000afec749c0000000000000000000000000000000009000000000059ffebdb2323c566a71a483b18e3000000000000000000000000000000000000005b477f787d07e05641cd327b3819b061ea5cf2bb220c7765742cddabf2f0f7b633e7b562f95dee6a4ddf1ecd5d34d3e50466a12076c64b8dd5e36e47a9980e67ed41e35e89d3c8761a11340b01acaa9e9396e8c851dab48ed9a625"], 0x90)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x10010000000035)
fcntl$setstatus(r0, 0x4, 0x80000000002c00)

18:23:33 executing program 2:
r0 = getpgrp(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x38)
ptrace$cont(0x18, r1, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x1, 0x3, 0x36})
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

18:23:33 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_ENCAP_TYPE={0x8}]]}}}]}, 0x38}}, 0x0)

18:23:33 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000240))
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00')
rmdir(0x0)
r0 = socket$inet6(0xa, 0x803, 0x3)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

18:23:33 executing program 3:

18:23:33 executing program 5:

18:23:33 executing program 2:

18:23:33 executing program 4:

18:23:33 executing program 3:

18:23:33 executing program 5:

18:23:33 executing program 2:

18:23:33 executing program 4:

[  102.914534] hrtimer: interrupt took 44313 ns
18:23:36 executing program 5:

18:23:36 executing program 3:

18:23:36 executing program 2:

18:23:36 executing program 4:

18:23:36 executing program 1:

18:23:36 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, &(0x7f0000000240))
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00')
rmdir(0x0)
r0 = socket$inet6(0xa, 0x803, 0x3)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

18:23:36 executing program 3:

18:23:36 executing program 4:

18:23:36 executing program 2:

18:23:36 executing program 5:

18:23:36 executing program 1:

18:23:36 executing program 5:

18:23:36 executing program 3:

18:23:36 executing program 4:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000400)='ramfs\x00\x9b\x95\x84\x10D\xfb\x9b\x81R#\x10O\xd3\xb4\xe8\xa3\x1f\x00\r\xf6\xd9\xbbt\x95f\x9e\x02\x06\xf946\\{(\xc8\xa7s\xd2>\x81\x88l\x0e\xc5%\x99\x00\x02\x9d\x85\xfc\xa9\\\x99<zMw\a\x02:\x8d\x03\x15S\xf8\xdd\xa1\xa5\x02\xb2DTBG0mk\xe5gE\x9bIL\xdc}\x13\xf8\x8f\x15S\x92\x9b\xda\\J\xf2\xc1-\xe9\x92\x12\xa8\x81\x06\xa9\x9b2-\xc5)\xe9v\x92\xd54\x9fg\xff\xc2\xb5VL\x85\xd5j\xaf^)]\xe0m\x95\xf8\xea\x9a:\xaf\xae\x0f\x84Zo\xc0\x11!\x9f\xe0[\x8d\xb9\x1f\x95t\xe9F>:\xe4\x9c\xf9z>w\xe7\xa9\xa8=\xe9o\x9f\xfbKE\xd7\x9a\x1b\xf8\x86@\x8e\xe6\x9em\x89\xab\x19\xea1\x8e\xa1\xb5\xd7\xc6\xc62\x05\xc7\xe5\xd2m\xeczV\x1d\x84\xcd\xc0\xdf', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
umount2(&(0x7f0000000040)='../file0\x00', 0x2)

18:23:36 executing program 2:

18:23:36 executing program 1:

18:23:36 executing program 3:

18:23:39 executing program 0:

18:23:39 executing program 5:

18:23:39 executing program 2:

18:23:39 executing program 3:

18:23:39 executing program 1:

18:23:39 executing program 4:

18:23:39 executing program 5:

18:23:39 executing program 2:

18:23:39 executing program 1:

18:23:39 executing program 3:

18:23:39 executing program 4:
fstat(0xffffffffffffffff, 0x0)
getuid()
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)

18:23:39 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:39 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_GET_STATUS(r0, 0x4c02, &(0x7f0000000240))

18:23:39 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r2, r1, 0x0, 0x141)

18:23:39 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x8000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

18:23:39 executing program 3:
memfd_create(0x0, 0x0)
perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

18:23:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
prctl$PR_SET_SECUREBITS(0x1c, 0xf)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0xee01, r2)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x82040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
rt_sigprocmask(0x0, &(0x7f0000da1000)={0xfffffffffffffffe}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000061000)={0xfffffffffffffffd}, 0x0, 0x0, 0x8)
truncate(&(0x7f00000000c0)='./file0\x00', 0x0)
fcntl$setlease(r3, 0x400, 0x2)

[  109.477210] audit: type=1400 audit(1568831019.816:12): avc:  denied  { map } for  pid=3083 comm="blkid" path="/lib/x86_64-linux-gnu/libuuid.so.1.3.0" dev="sda1" ino=2819 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[  109.505930] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12297 sclass=netlink_xfrm_socket pig=3093 comm=syz-executor.5
18:23:39 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:39 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00')
pread64(r0, 0x0, 0x0, 0x800000000005)
syz_genetlink_get_family_id$ipvs(0x0)

[  109.582498] audit: type=1400 audit(1568831019.926:13): avc:  denied  { map } for  pid=3102 comm="blkid" path="/sbin/blkid" dev="sda1" ino=15619 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
18:23:39 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:40 executing program 0:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x2ee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_getaffinity(0x0, 0x8, &(0x7f0000000000))

[  109.636936] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12297 sclass=netlink_xfrm_socket pig=3111 comm=syz-executor.5
18:23:40 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

[  109.672397] audit: type=1400 audit(1568831019.966:14): avc:  denied  { create } for  pid=3106 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
18:23:40 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:40 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00')
pread64(r0, 0x0, 0x0, 0x800000000005)
syz_genetlink_get_family_id$ipvs(0x0)

18:23:40 executing program 4:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00')
pread64(r0, 0x0, 0x0, 0x800000000005)
syz_genetlink_get_family_id$ipvs(0x0)

[  109.719205] audit: type=1400 audit(1568831019.986:15): avc:  denied  { write } for  pid=3106 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  109.750470] audit: type=1400 audit(1568831020.036:16): avc:  denied  { map } for  pid=3114 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[  109.816426] audit: type=1400 audit(1568831020.056:17): avc:  denied  { read } for  pid=3106 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  109.865366] audit: type=1400 audit(1568831020.146:18): avc:  denied  { map } for  pid=3124 comm="blkid" path="/lib/x86_64-linux-gnu/libblkid.so.1.1.0" dev="sda1" ino=2825 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
18:23:40 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r2, r1, 0x0, 0x141)

18:23:40 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

18:23:40 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_tables_matches\x00')
pread64(r0, 0x0, 0x0, 0x800000000005)
syz_genetlink_get_family_id$ipvs(0x0)

18:23:40 executing program 1:
pwritev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:40 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:40 executing program 1:
pwritev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:40 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

[  109.996636] SELinux: failed to load policy
[  109.999145] audit: type=1400 audit(1568831020.156:19): avc:  denied  { create } for  pid=3126 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  110.034547] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12297 sclass=netlink_xfrm_socket pig=3146 comm=syz-executor.5
[  110.081614] audit: type=1400 audit(1568831020.156:20): avc:  denied  { write } for  pid=3126 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  110.141829] audit: type=1400 audit(1568831020.186:21): avc:  denied  { read } for  pid=3126 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1

INIT: Id "4" respawning too fast: disabled for 5 minutes

INIT: Id "2" respawning too fast: disabled for 5 minutes

INIT: Id "1" respawning too fast: disabled for 5 minutes

INIT: Id "5" respawning too fast: disabled for 5 minutes

INIT: Id "3" respawning too fast: disabled for 5 minutes

INIT: Id "6" respawning too fast: disabled for 5 minutes
18:23:43 executing program 0:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x2ee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syslog(0x9, 0x0, 0x0)

18:23:43 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:43 executing program 1:
pwritev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:43 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0)
mkdir(&(0x7f0000000880)='./file0/file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x0, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x2)

18:23:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r2, r1, 0x0, 0x141)

18:23:43 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

18:23:43 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:43 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x164c)

18:23:43 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

[  113.334561] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12297 sclass=netlink_xfrm_socket pig=3317 comm=syz-executor.5
[  113.340948] SELinux: failed to load policy
18:23:43 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:43 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:43 executing program 2:
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000140)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x0, @local}})
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f00000001c0)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a94336a99790d3b77dcda45483c1fb1194c56ddfddb587442754e6c8158ae9e0ea7b5ad8", 0x9b}], 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xaaaaaaaaaaaae53, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000100000001000000000b00000040000080000000000000006d5ebe5a0000ffff53ef", 0x5cf, 0x400}], 0x1, 0x0)

[  113.410975] SELinux: failed to load policy
18:23:43 executing program 0:
unshare(0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0xfffffffffffffe32, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080)="39a110", 0xffffffffffffffc1, 0x40, 0x0, 0xfffffffffffffe5b)

18:23:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r2, r1, 0x0, 0x141)

18:23:43 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:43 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x164c)

18:23:43 executing program 1:
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

[  113.513531] SELinux: failed to load policy
18:23:43 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x164c)

18:23:43 executing program 4:
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

[  113.548943] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12297 sclass=netlink_xfrm_socket pig=3357 comm=syz-executor.5
18:23:43 executing program 1:
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:43 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

[  113.593861] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[  113.603740] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
18:23:44 executing program 4:
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
sendfile(0xffffffffffffffff, r1, 0x0, 0x141)

[  113.675513] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  113.704370] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  113.730462] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  113.751720] EXT4-fs error (device loop2): ext4_iget:4967: inode #2: comm syz-executor.2: bogus i_mode (0)
[  113.762903] EXT4-fs (loop2): get root inode failed
[  113.768102] EXT4-fs (loop2): mount failed
[  113.853013] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  113.861152] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  113.870832] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  113.880322] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  113.889814] EXT4-fs: failed to create workqueue
[  113.894916] EXT4-fs (loop2): mount failed
18:23:44 executing program 4:
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:44 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r2, r1)
r3 = add_key$user(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffc)
keyctl$revoke(0x3, r3)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0)
poll(0x0, 0x0, 0xffffffff)

18:23:44 executing program 1:
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}, {&(0x7f00000002c0)='-', 0x1}], 0x2, 0x0)

18:23:44 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

18:23:44 executing program 2:
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000140)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x0, @local}})
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f00000001c0)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a94336a99790d3b77dcda45483c1fb1194c56ddfddb587442754e6c8158ae9e0ea7b5ad8", 0x9b}], 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xaaaaaaaaaaaae53, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000100000001000000000b00000040000080000000000000006d5ebe5a0000ffff53ef", 0x5cf, 0x400}], 0x1, 0x0)

18:23:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
sendfile(0xffffffffffffffff, r1, 0x0, 0x141)

18:23:44 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

[  114.321188] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
18:23:44 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

18:23:44 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:44 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, 0x0, 0x0, 0x0)

18:23:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
sendfile(0xffffffffffffffff, r1, 0x0, 0x141)

18:23:44 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:44 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

[  114.530494] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  114.540454] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  114.570629] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  114.579697] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  114.600202] EXT4-fs error (device loop2): ext4_iget:4967: inode #2: comm syz-executor.2: bogus i_mode (0)
[  114.610498] EXT4-fs (loop2): get root inode failed
[  114.615476] EXT4-fs (loop2): mount failed
18:23:45 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r2, r1)
r3 = add_key$user(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffc)
keyctl$revoke(0x3, r3)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0)
poll(0x0, 0x0, 0xffffffff)

18:23:45 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x141)

18:23:45 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, 0x0, 0x0, 0x0)

18:23:45 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

18:23:45 executing program 4:
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:45 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$netlink(0x10, 0x3, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
dup3(r1, r2, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000fb4000)="1f00000001051900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1)

18:23:45 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x164c)

18:23:45 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, 0x0, 0x0, 0x0)

18:23:45 executing program 4:
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:45 executing program 3:
openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x164c)

[  115.262196] kauditd_printk_skb: 4 callbacks suppressed
[  115.262204] audit: type=1400 audit(1568831025.606:26): avc:  denied  { create } for  pid=3455 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
18:23:45 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x141)

18:23:45 executing program 2:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29af91ad4861d1922"], 0x5f)

[  115.367297] audit: type=1400 audit(1568831025.606:27): avc:  denied  { write } for  pid=3455 comm="syz-executor.2" path="socket:[9936]" dev="sockfs" ino=9936 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[  115.391174] SELinux: failed to load policy
18:23:46 executing program 0:
perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x10000000070, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffffa, 0x20000802, &(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
socket$inet(0x2, 0x0, 0x0)

18:23:46 executing program 4:
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29a"], 0x4b)

18:23:46 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}], 0x1, 0x0)

18:23:46 executing program 3:
openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x164c)

18:23:46 executing program 2:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29af91ad4861d1922"], 0x5f)

18:23:46 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'vat\x00\x00\x00\x00\x00\x00\x00\xa8\x03\x00', 0x43732e5398416f1a})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x141)

18:23:46 executing program 4:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, 0x0, 0x0)

[  116.088240] SELinux: failed to load policy
18:23:46 executing program 3:
openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x164c)

18:23:46 executing program 2:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/load\x00', 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e75781200000000c46f00060000000700000006000000000000000000c27ed0e81f000300000000000000676813fd070000000000000000fb6c7a2ce29af91ad4861d1922"], 0x5f)

18:23:46 executing program 5:
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/3\x00')
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r1, r0, 0x0, 0x141)

18:23:46 executing program 1:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000001c0)='8', 0x1}], 0x1, 0x0)

[  116.116307] audit: type=1400 audit(1568831026.456:28): avc:  denied  { map } for  pid=3504 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[  116.177676] SELinux: failed to load policy
18:23:46 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x0)

[  116.200440] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null)
[  116.213189] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12297 sclass=netlink_xfrm_socket pig=3519 comm=syz-executor.5
[  116.226275] ==================================================================
[  116.233771] BUG: KASAN: use-after-free in tcp_init_tso_segs+0x19d/0x1f0
[  116.240526] Read of size 2 at addr ffff8881c77d4030 by task syz-executor.0/3502
[  116.247967] 
[  116.249596] CPU: 1 PID: 3502 Comm: syz-executor.0 Not tainted 4.14.144+ #0
[  116.256608] Call Trace:
[  116.259201]  dump_stack+0xca/0x134
[  116.262750]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.267168]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.271581]  print_address_description+0x60/0x226
[  116.276426]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.280833]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.285239]  __kasan_report.cold+0x1a/0x41
[  116.289478]  ? kvm_guest_cpu_init+0x220/0x220
[  116.293970]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.298373]  tcp_init_tso_segs+0x19d/0x1f0
[  116.302596]  ? tcp_tso_segs+0x7b/0x1c0
[  116.306478]  tcp_write_xmit+0x15a/0x4730
[  116.310541]  ? memset+0x20/0x40
[  116.313824]  __tcp_push_pending_frames+0xa0/0x230
[  116.318656]  tcp_send_fin+0x154/0xbc0
[  116.322449]  tcp_close+0xc62/0xf40
[  116.325984]  inet_release+0xe9/0x1c0
[  116.329690]  __sock_release+0xd2/0x2c0
[  116.333566]  ? __sock_release+0x2c0/0x2c0
[  116.337698]  sock_close+0x15/0x20
[  116.341142]  __fput+0x25e/0x710
[  116.344422]  task_work_run+0x125/0x1a0
[  116.348303]  exit_to_usermode_loop+0x13b/0x160
[  116.352878]  do_syscall_64+0x3a3/0x520
[  116.356760]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  116.361935] RIP: 0033:0x4135d1
[  116.365112] RSP: 002b:00007fff8bbc6390 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  116.372806] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004135d1
[  116.380064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  116.387322] RBP: 0000000000000001 R08: 0000000080e89025 R09: 0000000080e89029
[  116.394576] R10: 00007fff8bbc6470 R11: 0000000000000293 R12: 000000000075c9a0
[  116.401830] R13: 000000000075c9a0 R14: 0000000000760bf0 R15: 000000000075bf2c
[  116.409103] 
[  116.409110] CPU: 0 PID: 3515 Comm: syz-executor.4 Not tainted 4.14.144+ #0
[  116.409114] Call Trace:
[  116.410720] Allocated by task 3503:
[  116.417735]  dump_stack+0xca/0x134
[  116.420291]  __kasan_kmalloc.part.0+0x53/0xc0
[  116.423905]  warn_alloc.cold+0x91/0x1ab
[  116.427415]  kmem_cache_alloc+0xee/0x360
[  116.431888]  ? zone_watermark_ok_safe+0x260/0x260
[  116.435832]  __alloc_skb+0xea/0x5c0
[  116.435840]  sk_stream_alloc_skb+0xf4/0x8a0
[  116.439877]  ? lock_acquire+0x12b/0x360
[  116.444692]  tcp_sendmsg_locked+0xf11/0x2f50
[  116.448295]  ? avc_has_perm+0x9c/0x350
[  116.452585]  tcp_sendmsg+0x2b/0x40
[  116.456545]  ? avc_has_perm+0x1b7/0x350
[  116.460917]  inet_sendmsg+0x15b/0x520
[  116.460924]  sock_sendmsg+0xb7/0x100
[  116.464791]  ? avc_has_perm_noaudit+0x2d0/0x2d0
[  116.468303]  SyS_sendto+0x1de/0x2f0
[  116.472254]  ? drop_futex_key_refs.isra.0+0x17/0xb0
[  116.476026]  do_syscall_64+0x19b/0x520
[  116.479725]  __vmalloc_node_range+0x395/0x690
[  116.484374]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  116.487977]  ? trace_hardirqs_on+0x10/0x10
[  116.492962]  0xffffffffffffffff
[  116.496837]  ? sel_write_load+0x199/0xfb0
[  116.501301] 
[  116.506471]  vmalloc+0x60/0x80
[  116.510678] Freed by task 3503:
[  116.513937]  ? sel_write_load+0x199/0xfb0
[  116.518059]  __kasan_slab_free+0x164/0x210
[  116.519667]  sel_write_load+0x199/0xfb0
[  116.522832]  kmem_cache_free+0xd7/0x3b0
[  116.526098]  ? sel_read_bool+0x240/0x240
[  116.530219]  kfree_skbmem+0x84/0x110
[  116.534440]  ? trace_hardirqs_on+0x10/0x10
[  116.538390]  tcp_remove_empty_skb+0x264/0x320
[  116.538399]  tcp_sendmsg_locked+0x1c09/0x2f50
[  116.542361]  __vfs_write+0xf9/0x5a0
[  116.546394]  tcp_sendmsg+0x2b/0x40
[  116.550094]  ? sel_read_bool+0x240/0x240
[  116.554302]  inet_sendmsg+0x15b/0x520
[  116.558773]  ? kernel_read+0x110/0x110
[  116.563240]  sock_sendmsg+0xb7/0x100
[  116.566854]  ? check_preemption_disabled+0x35/0x1f0
[  116.570358]  SyS_sendto+0x1de/0x2f0
[  116.574405]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[  116.578174]  do_syscall_64+0x19b/0x520
[  116.582042]  ? rcu_read_lock_sched_held+0x10a/0x130
[  116.585730]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  116.590727]  vfs_write+0x17f/0x4d0
[  116.594324]  0xffffffffffffffff
[  116.599758]  SyS_write+0x102/0x250
[  116.603609] 
[  116.608602]  ? SyS_read+0x250/0x250
[  116.613766] The buggy address belongs to the object at ffff8881c77d4000
[  116.613766]  which belongs to the cache skbuff_fclone_cache of size 456
[  116.617280]  ? do_clock_gettime+0xd0/0xd0
[  116.620532] The buggy address is located 48 bytes inside of
[  116.620532]  456-byte region [ffff8881c77d4000, ffff8881c77d41c8)
[  116.624050]  ? do_syscall_64+0x43/0x520
[  116.625648] The buggy address belongs to the page:
[  116.629257]  ? SyS_read+0x250/0x250
[  116.642581] page:ffffea00071df500 count:1 mapcount:0 mapping:          (null) index:0xffff8881c77d4500
[  116.646711]  do_syscall_64+0x19b/0x520
[  116.658468]  compound_mapcount: 0
[  116.662435]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  116.667327] flags: 0x4000000000010200(slab|head)
[  116.667337] raw: 4000000000010200 0000000000000000 ffff8881c77d4500 00000001800c000b
[  116.670935] RIP: 0033:0x4598e9
[  116.680360] raw: ffffea00076a3600 0000000500000005 ffff8881dab70400 0000000000000000
[  116.684228] RSP: 002b:00007fe0c7fe7c78 EFLAGS: 00000246
[  116.687661] page dumped because: kasan: bad access detected
[  116.692824]  ORIG_RAX: 0000000000000001
[  116.697557] 
[  116.697562] Memory state around the buggy address:
[  116.705421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9
[  116.708588]  ffff8881c77d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  116.716440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  116.716447] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  116.721783]  ffff8881c77d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  116.727468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe0c7fe86d4
[  116.731414] >ffff8881c77d4000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.733032] R13: 00000000004c9b57 R14: 00000000004e12c8 R15: 00000000ffffffff
[  116.737944]                                      ^
[  116.745522] Mem-Info:
[  116.752543]  ffff8881c77d4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.752548]  ffff8881c77d4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.752551] ==================================================================
[  116.752554] Disabling lock debugging due to kernel taint
[  116.757631] Kernel panic - not syncing: panic_on_warn set ...
[  116.757631] 
[  116.771627] active_anon:61256 inactive_anon:40 isolated_anon:0
[  116.771627]  active_file:4416 inactive_file:11045 isolated_file:0
[  116.771627]  unevictable:0 dirty:106 writeback:0 unstable:0
[  116.771627]  slab_reclaimable:4888 slab_unreclaimable:58474
[  116.771627]  mapped:58867 shmem:48 pagetables:890 bounce:0
[  116.771627]  free:1439607 free_pcp:304 free_cma:0
[  116.774451] CPU: 1 PID: 3502 Comm: syz-executor.0 Tainted: G    B           4.14.144+ #0
[  116.774454] Call Trace:
[  116.774470]  dump_stack+0xca/0x134
[  116.774482]  panic+0x1ea/0x3d3
[  116.781811] Node 0 active_anon:245024kB inactive_anon:160kB active_file:17664kB inactive_file:44180kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:235468kB dirty:424kB writeback:0kB shmem:192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[  116.789081]  ? add_taint.cold+0x16/0x16
[  116.789090]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.789099]  ? ___preempt_schedule+0x16/0x18
[  116.796411] DMA32 free:3079672kB min:4792kB low:7868kB high:10944kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3079672kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  116.801270]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.801277]  end_report+0x43/0x49
[  116.801286]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.803694] lowmem_reserve[]:
[  116.811008]  __kasan_report.cold+0xd/0x41
[  116.811017]  ? kvm_guest_cpu_init+0x220/0x220
[  116.811022]  ? tcp_init_tso_segs+0x19d/0x1f0
[  116.811031]  tcp_init_tso_segs+0x19d/0x1f0
[  116.818386]  0
[  116.825715]  ? tcp_tso_segs+0x7b/0x1c0
[  116.825723]  tcp_write_xmit+0x15a/0x4730
[  116.825734]  ? memset+0x20/0x40
[  116.825747]  __tcp_push_pending_frames+0xa0/0x230
[  116.831214]  3437
[  116.838526]  tcp_send_fin+0x154/0xbc0
[  116.838536]  tcp_close+0xc62/0xf40
[  116.838557]  inet_release+0xe9/0x1c0
[  116.872316]  3437
[  116.880491]  __sock_release+0xd2/0x2c0
[  116.880499]  ? __sock_release+0x2c0/0x2c0
[  116.880503]  sock_close+0x15/0x20
[  116.880513]  __fput+0x25e/0x710
[  116.886594]  task_work_run+0x125/0x1a0
[  116.886604]  exit_to_usermode_loop+0x13b/0x160
[  116.889848] Normal free:2678756kB min:5480kB low:9000kB high:12520kB active_anon:245024kB inactive_anon:160kB active_file:17664kB inactive_file:44180kB unevictable:0kB writepending:424kB present:4718592kB managed:3521564kB mlocked:0kB kernel_stack:3104kB pagetables:3560kB bounce:0kB free_pcp:1216kB local_pcp:596kB free_cma:0kB
[  116.913139]  do_syscall_64+0x3a3/0x520
[  116.913152]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  116.913158] RIP: 0033:0x4135d1
[  116.913161] RSP: 002b:00007fff8bbc6390 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  116.913168] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004135d1
[  116.913171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  116.913175] RBP: 0000000000000001 R08: 0000000080e89025 R09: 0000000080e89029
[  116.913183] R10: 00007fff8bbc6470 R11: 0000000000000293 R12: 000000000075c9a0
[  116.917205] lowmem_reserve[]:
[  116.921529] R13: 000000000075c9a0 R14: 0000000000760bf0 R15: 000000000075bf2c
[  116.922099] Kernel Offset: 0x21800000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  117.140564] Rebooting in 86400 seconds..