Warning: Permanently added '10.128.0.208' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   50.393983] audit: type=1400 audit(1560808881.079:5): avc:  denied  { set_context_mgr } for  pid=2068 comm="syz-executor945" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
[   50.398237] audit: type=1400 audit(1560808881.089:6): avc:  denied  { call } for  pid=2068 comm="syz-executor945" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
[   50.401568] audit: type=1400 audit(1560808881.089:7): avc:  denied  { transfer } for  pid=2068 comm="syz-executor945" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
[   50.405065] ------------[ cut here ]------------
[   50.405942] kernel BUG at drivers/android/binder_alloc.c:1103!
[   50.406831] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   50.407583] Modules linked in:
[   50.408166] CPU: 0 PID: 2068 Comm: syz-executor945 Not tainted 4.9.182+ #1
[   50.409244] task: 00000000a092101a task.stack: 0000000089c3d64b
[   50.410103] RIP: 0010:[<ffffffff8222ac1b>]  [<0000000078a38229>] binder_alloc_do_buffer_copy+0xcb/0x500
[   50.411494] RSP: 0018:ffff8801cefa74a8  EFLAGS: 00010293
[   50.412335] RAX: ffff8801cfce5f00 RBX: 0000000020001000 RCX: 00000000000000e8
[   50.413387] RDX: 0000000000000000 RSI: ffffffff8222ac1b RDI: ffff8801d4cf3f58
[   50.417017] RBP: ffff8801cefa7528 R08: ffff8801cefa75a8 R09: 0000000000000008
[   50.424264] R10: ffffed0039df4f12 R11: ffff8801cefa7897 R12: 0000000000000078
[   50.431507] R13: 00000000000000e8 R14: 0000000000000008 R15: ffff8801cefa75a8
[   50.438750] FS:  00000000006f8940(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
[   50.446947] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   50.452803] CR2: 0000000000000000 CR3: 00000001ce780000 CR4: 00000000001606b0
[   50.460046] Stack:
[   50.462166]  ffff8801cefa7560 0000000000000246 ffff8801cfce5f00 ffff8801cefa74d0
[   50.470174]  ffff8801d0a4c018 ffff8801d4cf3a58 00ff8801cefa7870 ffff8801d4cf3a00
[   50.478166]  ffffffff814fc356 ffff8801cfc91d00 00000000000000e8 ffff8801cefa75a8
[   50.486157] Call Trace:
[   50.488718]  [<000000002c06fe97>] ? memcpy+0x46/0x50
[   50.493796]  [<00000000430375e3>] binder_alloc_copy_from_buffer+0x37/0x42
[   50.500693]  [<000000009cd3e344>] binder_validate_ptr+0xc5/0x1b0
[   50.506821]  [<00000000dfe152f6>] ? binder_get_object+0x1b0/0x1b0
[   50.513024]  [<00000000430375e3>] ? binder_alloc_copy_from_buffer+0x37/0x42
[   50.520098]  [<00000000066167ea>] ? binder_get_object+0x12f/0x1b0
[   50.526303]  [<0000000010d5637f>] binder_transaction+0x2091/0x58c0
[   50.532606]  [<00000000d9685e76>] ? binder_inc_ref_for_node+0xba0/0xba0
[   50.539334]  [<000000003fdc68ec>] ? __save_stack_trace+0x7a/0xf0
[   50.545454]  [<0000000076cbf117>] ? depot_save_stack+0x13c/0x4a0
[   50.551572]  [<00000000ade520c7>] ? debug_lockdep_rcu_enabled+0x71/0xa0
[   50.558296]  [<0000000090a6d88f>] ? __might_fault+0x114/0x1d0
[   50.564165]  [<00000000862d8d68>] binder_thread_write+0x593/0x2110
[   50.570472]  [<000000008733d8c7>] ? trace_hardirqs_on+0x10/0x10
[   50.576509]  [<00000000ae892c4b>] ? binder_transaction+0x58c0/0x58c0
[   50.582977]  [<0000000090a6d88f>] ? __might_fault+0x114/0x1d0
[   50.588833]  [<00000000daa28519>] binder_ioctl+0xecd/0x1720
[   50.594526]  [<00000000132335ba>] ? validate_mm+0x2fe/0x5a0
[   50.600217]  [<000000006a9605d8>] ? binder_poll+0x240/0x240
[   50.605902]  [<00000000f20ba5d4>] ? __lock_acquire+0x5e5/0x4350
[   50.611944]  [<000000005a764f64>] ? SyS_mmap_pgoff+0x1b0/0x1b0
[   50.617901]  [<00000000482db299>] ? uprobe_apply+0x150/0x150
[   50.623672]  [<000000009501dbc4>] ? __might_sleep+0x95/0x1a0
[   50.629442]  [<000000006a9605d8>] ? binder_poll+0x240/0x240
[   50.635139]  [<0000000057dfea1e>] do_vfs_ioctl+0xb87/0x11d0
[   50.640820]  [<0000000060d7ceaf>] ? selinux_file_ioctl+0x103/0x550
[   50.647111]  [<00000000c226b63a>] ? ioctl_preallocate+0x210/0x210
[   50.653459]  [<00000000dafbf50e>] ? selinux_parse_skb.constprop.0+0x16b0/0x16b0
[   50.660945]  [<00000000a671e02b>] ? __fget+0x208/0x370
[   50.666201]  [<00000000108796fa>] ? __fget+0x22f/0x370
[   50.671461]  [<0000000039ec1ea7>] ? __fget+0x47/0x370
[   50.676627]  [<000000001c04838f>] ? security_file_ioctl+0x8f/0xc0
[   50.682829]  [<000000001a4442fa>] SyS_ioctl+0x8f/0xc0
[   50.688018]  [<000000006bd38b04>] ? do_vfs_ioctl+0x11d0/0x11d0
[   50.688022]  [<000000007b26c73f>] do_syscall_64+0x1ad/0x5c0
[   50.688028]  [<00000000d8753024>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
[   50.688100] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 0a 04 00 00 4d 8b 64 24 58 49 29 dc e8 bf 62 0f ff 4d 39 e6 76 07 e8 b5 62 0f ff <0f> 0b e8 ae 62 0f ff 4c 8b 6d d0 4d 29 f4 4d 39 e5 77 e8 e8 9d 
[   50.688105] RIP  [<0000000078a38229>] binder_alloc_do_buffer_copy+0xcb/0x500
[   50.688107]  RSP <ffff8801cefa74a8>
[   50.688403] ---[ end trace f9c5daaac9e46c0b ]---
[   50.688407] Kernel panic - not syncing: Fatal exception
[   50.694249] Kernel Offset: disabled
[   50.750184] Rebooting in 86400 seconds..