kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN Modules linked in: CPU: 1 PID: 29945 Comm: syz-executor5 Not tainted 4.4.171+ #11 task: ffff8800b26a17c0 task.stack: ffff8801a12e8000 RIP: 0010:[] [] ebitmap_destroy+0x32/0xe0 security/selinux/ss/ebitmap.c:331 RSP: 0018:ffff8801a12ef658 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: 1ffff1003425ded7 RCX: ffffc90000098000 RDX: 0000000000000001 RSI: ffffffff8197ed41 RDI: 0000000000000008 RBP: ffff8801a12ef678 R08: 0000000000000003 R09: ffff8800b26a20f8 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801977bc5e0 R13: 0000000000000008 R14: 00000000ffffffea R15: ffff8801a12ef718 FS: 00007f9765a44700(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000439920 CR3: 00000000855f5000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: 1ffff1003425ded7 ffff8801977bc5e0 0000000000000000 00000000ffffffea ffff8801a12ef698 ffffffff81987ac9 ffff8801a12efa40 ffff8801977bc5e0 ffff8801a12ef740 ffffffff8198838d ffff8800a74e3120 0000000000000004 Call Trace: [] sens_destroy+0x49/0xa0 security/selinux/ss/policydb.c:729 [] sens_read+0x1dd/0x360 security/selinux/ss/policydb.c:1627 [] policydb_read+0xc3b/0x2280 security/selinux/ss/policydb.c:2364 [] security_load_policy+0x23c/0x9c0 security/selinux/ss/services.c:2073 [] sel_write_load+0x175/0xf90 security/selinux/selinuxfs.c:535 [] __vfs_write+0x116/0x3d0 fs/read_write.c:489 [] vfs_write+0x182/0x4e0 fs/read_write.c:538 [] SYSC_write fs/read_write.c:585 [inline] [] SyS_write+0xdc/0x1c0 fs/read_write.c:577 [] entry_SYSCALL_64_fastpath+0x1e/0x9a Code: 55 49 89 fd 41 54 53 e8 ad a6 98 ff 4d 85 ed 0f 84 92 00 00 00 e8 9f a6 98 ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 91 00 00 00 49 be 00 00 00 00 00 fc ff df 4d RIP [] ebitmap_destroy+0x32/0xe0 security/selinux/ss/ebitmap.c:331 RSP audit: type=1400 audit(1547956010.131:5020): avc: denied { execute } for pid=29954 comm="syz-executor1" path="pipe:[200183]" dev="pipefs" ino=200183 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=fifo_file permissive=1 ---[ end trace fb835a60376f09c5 ]---