kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 29945 Comm: syz-executor5 Not tainted 4.4.171+ #11
task: ffff8800b26a17c0 task.stack: ffff8801a12e8000
RIP: 0010:[<ffffffff8197ed52>]  [<ffffffff8197ed52>] ebitmap_destroy+0x32/0xe0 security/selinux/ss/ebitmap.c:331
RSP: 0018:ffff8801a12ef658  EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 1ffff1003425ded7 RCX: ffffc90000098000
RDX: 0000000000000001 RSI: ffffffff8197ed41 RDI: 0000000000000008
RBP: ffff8801a12ef678 R08: 0000000000000003 R09: ffff8800b26a20f8
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801977bc5e0
R13: 0000000000000008 R14: 00000000ffffffea R15: ffff8801a12ef718
FS:  00007f9765a44700(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000439920 CR3: 00000000855f5000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Stack:
 1ffff1003425ded7 ffff8801977bc5e0 0000000000000000 00000000ffffffea
 ffff8801a12ef698 ffffffff81987ac9 ffff8801a12efa40 ffff8801977bc5e0
 ffff8801a12ef740 ffffffff8198838d ffff8800a74e3120 0000000000000004
Call Trace:
 [<ffffffff81987ac9>] sens_destroy+0x49/0xa0 security/selinux/ss/policydb.c:729
 [<ffffffff8198838d>] sens_read+0x1dd/0x360 security/selinux/ss/policydb.c:1627
 [<ffffffff8199228b>] policydb_read+0xc3b/0x2280 security/selinux/ss/policydb.c:2364
 [<ffffffff819a29dc>] security_load_policy+0x23c/0x9c0 security/selinux/ss/services.c:2073
 [<ffffffff81979765>] sel_write_load+0x175/0xf90 security/selinux/selinuxfs.c:535
 [<ffffffff814962c6>] __vfs_write+0x116/0x3d0 fs/read_write.c:489
 [<ffffffff81497fc2>] vfs_write+0x182/0x4e0 fs/read_write.c:538
 [<ffffffff8149a5fc>] SYSC_write fs/read_write.c:585 [inline]
 [<ffffffff8149a5fc>] SyS_write+0xdc/0x1c0 fs/read_write.c:577
 [<ffffffff82717c21>] entry_SYSCALL_64_fastpath+0x1e/0x9a
Code: 55 49 89 fd 41 54 53 e8 ad a6 98 ff 4d 85 ed 0f 84 92 00 00 00 e8 9f a6 98 ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 91 00 00 00 49 be 00 00 00 00 00 fc ff df 4d 
RIP  [<ffffffff8197ed52>] ebitmap_destroy+0x32/0xe0 security/selinux/ss/ebitmap.c:331
 RSP <ffff8801a12ef658>
audit: type=1400 audit(1547956010.131:5020): avc:  denied  { execute } for  pid=29954 comm="syz-executor1" path="pipe:[200183]" dev="pipefs" ino=200183 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=fifo_file permissive=1
---[ end trace fb835a60376f09c5 ]---