Warning: Permanently added '10.128.0.10' (ECDSA) to the list of known hosts.
[   78.916486] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   79.034298] audit: type=1400 audit(1555462582.789:36): avc:  denied  { map } for  pid=7103 comm="syz-executor299" path="/root/syz-executor299667052" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   79.061564] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   79.084308] FAULT_INJECTION: forcing a failure.
[   79.084308] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   79.096470] CPU: 1 PID: 7103 Comm: syz-executor299 Not tainted 4.14.111 #1
[   79.103480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   79.112827] Call Trace:
[   79.115484]  dump_stack+0x138/0x19c
[   79.119106]  should_fail.cold+0x10f/0x159
[   79.123247]  __alloc_pages_nodemask+0x1d6/0x7a0
[   79.128098]  ? __alloc_pages_slowpath+0x2930/0x2930
[   79.133154]  ? trace_hardirqs_on+0x10/0x10
[   79.137391]  alloc_pages_current+0xec/0x1e0
[   79.141719]  skb_page_frag_refill+0x1d3/0x3e0
[   79.146267]  sk_page_frag_refill+0x53/0x1c0
[   79.150588]  alloc_sg+0x127/0x6e0
[   79.154040]  ? __local_bh_enable_ip+0x99/0x1a0
[   79.158617]  alloc_encrypted_sg+0x8a/0x100
[   79.162992]  ? ipv6_frag_exit+0x40/0x40
[   79.167055]  tls_sw_sendmsg+0x904/0x1020
[   79.171112]  ? selinux_tun_dev_create+0xc0/0xc0
[   79.175811]  ? alloc_encrypted_sg+0x100/0x100
[   79.180300]  inet_sendmsg+0x128/0x500
[   79.184091]  ? inet_recvmsg+0x500/0x500
[   79.188118]  sock_sendmsg+0xd0/0x110
[   79.191827]  SYSC_sendto+0x206/0x310
[   79.195635]  ? SYSC_connect+0x2d0/0x2d0
[   79.199618]  ? __sb_end_write+0xc1/0x100
[   79.203679]  ? vfs_write+0x104/0x500
[   79.207386]  ? SyS_write+0x10b/0x180
[   79.211099]  SyS_sendto+0x40/0x50
[   79.214549]  ? SyS_getpeername+0x30/0x30
[   79.218616]  do_syscall_64+0x1eb/0x630
[   79.222491]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   79.227328]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   79.232509] RIP: 0033:0x440669
[   79.235689] RSP: 002b:00007ffce577e288 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   79.243388] RAX: ffffffffffffffda RBX: 00007ffce577e2a0 RCX: 0000000000440669
[   79.250775] RDX: 00000000e0ffffff RSI: 00000000200005c0 RDI: 0000000000000003
[   79.258185] RBP: 0000000000000005 R08: 0000000000000000 R09: 00000000000000d8
[   79.265445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401f50
[   79.272821] R13: 0000000000401fe0 R14: 0000000000000000 R15: 0000000000000000
[   79.288458] ==================================================================
[   79.296003] BUG: KASAN: slab-out-of-bounds in tls_push_record+0x1009/0x1210
[   79.303103] Read of size 8 at addr ffff8880a57e1338 by task syz-executor299/7103
[   79.310721] 
[   79.312343] CPU: 1 PID: 7103 Comm: syz-executor299 Not tainted 4.14.111 #1
[   79.319346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   79.328706] Call Trace:
[   79.331356]  dump_stack+0x138/0x19c
[   79.334986]  ? tls_push_record+0x1009/0x1210
[   79.339435]  print_address_description.cold+0x7c/0x1dc
[   79.344800]  ? tls_push_record+0x1009/0x1210
[   79.349201]  kasan_report.cold+0xaf/0x2b5
[   79.353338]  __asan_report_load8_noabort+0x14/0x20
[   79.358248]  tls_push_record+0x1009/0x1210
[   79.362470]  ? mark_held_locks+0xb1/0x100
[   79.366613]  ? __local_bh_enable_ip+0x99/0x1a0
[   79.371185]  ? trace_hardirqs_on_caller+0x400/0x590
[   79.376245]  tls_sw_push_pending_record+0x23/0x30
[   79.381081]  tls_sk_proto_close+0x5da/0x760
[   79.385389]  ? tcp_check_oom+0x460/0x460
[   79.389447]  ? tls_write_space+0x2a0/0x2a0
[   79.393677]  ? ip_mc_drop_socket+0x1d6/0x230
[   79.398080]  inet_release+0xf2/0x1c0
[   79.401787]  inet6_release+0x53/0x80
[   79.405489]  __sock_release+0xd3/0x2c0
[   79.409422]  ? __sock_release+0x2c0/0x2c0
[   79.413604]  sock_close+0x1b/0x30
[   79.417052]  __fput+0x277/0x7a0
[   79.420321]  ____fput+0x16/0x20
[   79.423597]  task_work_run+0x119/0x190
[   79.427480]  do_exit+0x7df/0x2c10
[   79.430930]  ? mm_update_next_owner+0x5d0/0x5d0
[   79.435599]  ? vfs_write+0x104/0x500
[   79.439411]  ? SyS_write+0x10b/0x180
[   79.443123]  do_group_exit+0x111/0x330
[   79.447000]  SyS_exit_group+0x1d/0x20
[   79.450787]  ? do_group_exit+0x330/0x330
[   79.454845]  do_syscall_64+0x1eb/0x630
[   79.458739]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   79.463582]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   79.468761] RIP: 0033:0x43f328
[   79.472132] RSP: 002b:00007ffce577e298 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   79.479954] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043f328
[   79.487227] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   79.494499] RBP: 00000000004bf088 R08: 00000000000000e7 R09: ffffffffffffffd0
[   79.501762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.509033] R13: 00000000006d1180 R14: 0000000000000000 R15: 0000000000000000
[   79.516308] 
[   79.517925] Allocated by task 0:
[   79.521421] (stack is not available)
[   79.525125] 
[   79.526734] Freed by task 0:
[   79.529772] (stack is not available)
[   79.533482] 
[   79.535102] The buggy address belongs to the object at ffff8880a57e0ac0
[   79.535102]  which belongs to the cache kmalloc-2048 of size 2048
[   79.547933] The buggy address is located 120 bytes to the right of
[   79.547933]  2048-byte region [ffff8880a57e0ac0, ffff8880a57e12c0)
[   79.560417] The buggy address belongs to the page:
[   79.565340] page:ffffea000295f800 count:1 mapcount:0 mapping:ffff8880a57e0240 index:0x0 compound_mapcount: 0
[   79.575319] flags: 0x1fffc0000008100(slab|head)
[   79.579979] raw: 01fffc0000008100 ffff8880a57e0240 0000000000000000 0000000100000003
[   79.587857] raw: ffffea0002932aa0 ffff8880aa801948 ffff8880aa800c40 0000000000000000
[   79.595725] page dumped because: kasan: bad access detected
[   79.601421] 
[   79.603123] Memory state around the buggy address:
[   79.608106]  ffff8880a57e1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   79.615457]  ffff8880a57e1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   79.622802] >ffff8880a57e1300: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   79.630151]                                         ^
[   79.635397]  ffff8880a57e1380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   79.642855]  ffff8880a57e1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   79.650205] ==================================================================
[   79.657658] Disabling lock debugging due to kernel taint
[   79.663485] Kernel panic - not syncing: panic_on_warn set ...
[   79.663485] 
[   79.670855] CPU: 1 PID: 7103 Comm: syz-executor299 Tainted: G    B           4.14.111 #1
[   79.679067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   79.688420] Call Trace:
[   79.691079]  dump_stack+0x138/0x19c
[   79.694698]  ? tls_push_record+0x1009/0x1210
[   79.699256]  panic+0x1f2/0x438
[   79.702505]  ? add_taint.cold+0x16/0x16
[   79.706480]  ? ___preempt_schedule+0x16/0x18
[   79.710881]  kasan_end_report+0x47/0x4f
[   79.714854]  kasan_report.cold+0x136/0x2b5
[   79.719075]  __asan_report_load8_noabort+0x14/0x20
[   79.723990]  tls_push_record+0x1009/0x1210
[   79.728254]  ? mark_held_locks+0xb1/0x100
[   79.732394]  ? __local_bh_enable_ip+0x99/0x1a0
[   79.736971]  ? trace_hardirqs_on_caller+0x400/0x590
[   79.741975]  tls_sw_push_pending_record+0x23/0x30
[   79.746813]  tls_sk_proto_close+0x5da/0x760
[   79.751126]  ? tcp_check_oom+0x460/0x460
[   79.755212]  ? tls_write_space+0x2a0/0x2a0
[   79.759439]  ? ip_mc_drop_socket+0x1d6/0x230
[   79.763842]  inet_release+0xf2/0x1c0
[   79.767545]  inet6_release+0x53/0x80
[   79.771246]  __sock_release+0xd3/0x2c0
[   79.775122]  ? __sock_release+0x2c0/0x2c0
[   79.779297]  sock_close+0x1b/0x30
[   79.782748]  __fput+0x277/0x7a0
[   79.786017]  ____fput+0x16/0x20
[   79.789280]  task_work_run+0x119/0x190
[   79.793151]  do_exit+0x7df/0x2c10
[   79.796583]  ? mm_update_next_owner+0x5d0/0x5d0
[   79.801352]  ? vfs_write+0x104/0x500
[   79.805054]  ? SyS_write+0x10b/0x180
[   79.808756]  do_group_exit+0x111/0x330
[   79.812627]  SyS_exit_group+0x1d/0x20
[   79.816470]  ? do_group_exit+0x330/0x330
[   79.820526]  do_syscall_64+0x1eb/0x630
[   79.824461]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   79.829299]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   79.834473] RIP: 0033:0x43f328
[   79.837643] RSP: 002b:00007ffce577e298 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   79.845337] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043f328
[   79.852594] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   79.859855] RBP: 00000000004bf088 R08: 00000000000000e7 R09: ffffffffffffffd0
[   79.867156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.874455] R13: 00000000006d1180 R14: 0000000000000000 R15: 0000000000000000
[   79.882472] Kernel Offset: disabled
[   79.886097] Rebooting in 86400 seconds..