R10: 0000000000000003 R11: 0000000000000000 R12: ffff8801c3144a80
R13: 0000000000000000 R14: 0000000020013ff4 R15: 000000000000000c
 tcp_setsockopt+0xc1/0xe0 net/ipv4/tcp.c:2882
 sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3033
 __sys_setsockopt+0x1bd/0x390 net/socket.c:1928
BUG: unable to handle kernel NULL pointer dereference
 at 0000000000000000
PGD 1bb493067 
P4D 1bb493067 
 __do_sys_setsockopt net/socket.c:1939 [inline]
 __se_sys_setsockopt net/socket.c:1936 [inline]
 __x64_sys_setsockopt+0xbe/0x150 net/socket.c:1936
PUD 1c1b05067 
PMD 0 
 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:287
Oops: 0010 [#1] SMP KASAN
CPU: 1 PID: 12171 Comm: syz-executor3 Not tainted 4.17.0+ #84
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:          (null)
Code: 
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
Bad RIP value.
RSP: 0018:ffff8801824274c0 EFLAGS: 00010246
RIP: 0033:0x455a09
Code: 
RAX: 0000000000000000 RBX: ffff8801ab5f37c0 RCX: 1ffffffff10a613d
1d 
RDX: ffff8801824279e0 RSI: ffff8801b2ff4000 RDI: ffff8801b734d800
ba fb 
RBP: ffff880182427630 R08: 0000000000000001 R09: 0000000000000000
ff 
R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10030484e9d
c3 66 
R13: ffff8801ab5f37d2 R14: ffff8801824279e0 R15: ffff8801ab5f3c10
2e 
FS:  00007fb89818b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
0f 
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 000000017f17c000 CR4: 00000000001406e0
1f 
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
84 
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
00 
Call Trace:
00 
00 
00 
00 66 
90 
48 
89 
f8 48 
 sock_poll+0x1d1/0x710 net/socket.c:1156
89 
f7 
48 
89 
 vfs_poll+0x77/0x2a0 fs/select.c:40
d6 
 do_pollfd fs/select.c:848 [inline]
 do_poll fs/select.c:896 [inline]
 do_sys_poll+0x6fd/0x1100 fs/select.c:990
48 89 
ca 
4d 
89 
c2 
4d 
89 
c8 4c 
8b 
4c 
24 
08 
0f 
05 
<48> 
3d 
01 
f0 
ff 
ff 0f 
83 
eb 
 __do_sys_ppoll fs/select.c:1098 [inline]
 __se_sys_ppoll fs/select.c:1070 [inline]
 __x64_sys_ppoll+0x2fa/0x5f0 fs/select.c:1070
b9 
fb 
ff 
c3 
66 
2e 
0f 
 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:287
1f 
84 
00 
00 
00 
00 
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x455a09
RSP: 002b:00007ff785453c68 EFLAGS: 00000246
Code: 
 ORIG_RAX: 0000000000000036
1d 
RAX: ffffffffffffffda RBX: 00007ff7854546d4 RCX: 0000000000455a09
ba 
RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000015
fb ff 
RBP: 000000000072bea0 R08: 000000000000000c R09: 0000000000000000
c3 
R10: 0000000020013ff4 R11: 0000000000000246 R12: 00000000ffffffff
66 2e 
R13: 0000000000000653 R14: 00000000006fe868 R15: 0000000000000000
0f 
sg_write: data in/out 65499/33 bytes for SCSI command 0x0-- guessing data in;
   program syz-executor5 not setting count and/or reply_len properly
1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
RSP: 002b:00007fb89818ac68 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
RAX: ffffffffffffffda RBX: 00007fb89818b6d4 RCX: 0000000000455a09
RDX: 0000000020000380 RSI: 0000000000000001 RDI: 00000000200002c0
RBP: 000000000072c160 R08: 0000000000000008 R09: 0000000000000000
R10: 00000000200003c0 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000542 R14: 00000000006fced0 R15: 0000000000000004
Modules linked in:
Dumping ftrace buffer:
   (ftrace buffer empty)
CR2: 0000000000000000
---[ end trace 7c23805269757c07 ]---
RIP: 0010:          (null)
Code: Bad RIP value.
RSP: 0018:ffff8801824274c0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff8801ab5f37c0 RCX: 1ffffffff10a613d
RDX: ffff8801824279e0 RSI: ffff8801b2ff4000 RDI: ffff8801b734d800
RBP: ffff880182427630 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10030484e9d
R13: ffff8801ab5f37d2 R14: ffff8801824279e0 R15: ffff8801ab5f3c10
FS:  00007fb89818b700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 000000017f17c000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400