audit: type=1400 audit(1566246920.025:5): avc:  denied  { associate } for  pid=2064 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
------------[ cut here ]------------
kernel BUG at ./include/linux/skbuff.h:1294!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.9.189+ #2
task: 000000005df88a0e task.stack: 00000000ebad562f
RIP: 0010:[<ffffffff8252ae16>]  [<00000000128b30c1>] skb_queue_prev include/linux/skbuff.h:1294 [inline]
RIP: 0010:[<ffffffff8252ae16>]  [<00000000128b30c1>] tcp_write_queue_prev include/net/tcp.h:1563 [inline]
RIP: 0010:[<ffffffff8252ae16>]  [<00000000128b30c1>] tcp_rtx_queue_tail include/net/tcp.h:1616 [inline]
RIP: 0010:[<ffffffff8252ae16>]  [<00000000128b30c1>] tcp_fragment+0x1266/0x1390 net/ipv4/tcp_output.c:1195
RSP: 0018:ffff8801db607b90  EFLAGS: 00010206
RAX: ffffffff83031180 RBX: ffff8801d1fb1f80 RCX: 1ffff1003a3f646d
RDX: 0000000000000100 RSI: ffffffff8252ae16 RDI: ffff8801cda82788
RBP: ffff8801db607be0 R08: 0000000002080020 R09: ffff8801cda827a8
R10: ffff88021fffd010 R11: 00000005de8cc8a2 R12: 0000000000000000
R13: ffff8801d1fb2170 R14: ffff8801cda82780 R15: ffff8801d1fb21c4
FS:  0000000000000000(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000002048b000 CR3: 00000001ce653000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffff8801cda82780 ffff8801d1fb2170 ffff8801cda827f8 ffff880102080020
 000018800000ffcb 0000000000001880 ffff8801d1fb1f80 ffff8801cda82780
 000000000000ffcb ffff8801cda827b4 ffff8801db607c30 ffffffff8253e775
Call Trace:
 <IRQ> [   23.686280]  [<0000000089f3826b>] tcp_write_wakeup+0x345/0x5b0 net/ipv4/tcp_output.c:3613
 [<0000000075a291f1>] tcp_send_probe0+0x4b/0x400 net/ipv4/tcp_output.c:3641
 [<000000009fa99dac>] tcp_probe_timer net/ipv4/tcp_timer.c:379 [inline]
 [<000000009fa99dac>] tcp_write_timer_handler+0x6a0/0x7a0 net/ipv4/tcp_timer.c:596
 [<000000001d6c1db1>] tcp_write_timer+0xc5/0x190 net/ipv4/tcp_timer.c:610
 [<00000000ee306699>] call_timer_fn+0x167/0x6d0 kernel/time/timer.c:1319
 [<00000000dd0cec9f>] expire_timers+0x25b/0x5c0 kernel/time/timer.c:1359
 [<0000000037a46551>] __run_timers kernel/time/timer.c:1674 [inline]
 [<0000000037a46551>] run_timer_softirq+0x1ff/0x620 kernel/time/timer.c:1687
 [<000000005932671e>] __do_softirq+0x22d/0x964 kernel/softirq.c:288
 [<00000000f0d37a33>] invoke_softirq kernel/softirq.c:368 [inline]
 [<00000000f0d37a33>] irq_exit+0x119/0x160 kernel/softirq.c:409
 [<0000000005a349c9>] exiting_irq arch/x86/include/asm/apic.h:669 [inline]
 [<0000000005a349c9>] smp_apic_timer_interrupt+0x7e/0xb0 arch/x86/kernel/apic/apic.c:962
 [<0000000017ffccd9>] apic_timer_interrupt+0xa5/0xb0 arch/x86/entry/entry_64.S:653
 <EOI> [   23.836943]  [<00000000bf7b0a03>] ? native_safe_halt+0x41/0x60 arch/x86/include/asm/irqflags.h:59
 [<0000000021b1d0a6>] arch_safe_halt arch/x86/include/asm/paravirt.h:104 [inline]
 [<0000000021b1d0a6>] default_idle+0x56/0x370 arch/x86/kernel/process.c:500
 [<000000001b8a28fc>] arch_cpu_idle+0x10/0x20 arch/x86/kernel/process.c:491
 [<00000000df5b8f3b>] default_idle_call+0x36/0x60 kernel/sched/idle.c:97
 [<00000000d1793459>] cpuidle_idle_call kernel/sched/idle.c:155 [inline]
 [<00000000d1793459>] cpu_idle_loop kernel/sched/idle.c:248 [inline]
 [<00000000d1793459>] cpu_startup_entry+0x283/0x3a0 kernel/sched/idle.c:303
 [<000000007fe7827d>] rest_init+0x18b/0x194 init/main.c:409
 [<00000000acdf7f85>] start_kernel+0x61e/0x652 init/main.c:671
 [<000000003d4035f8>] x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:196
 [<00000000b860a482>] x86_64_start_kernel+0x137/0x15a arch/x86/kernel/head64.c:177
Code: c1 ea 03 80 3c 02 00 0f 85 3a 01 00 00 4c 8b ab f8 01 00 00 ba 00 00 00 00 4c 3b 6d b8 4c 0f 44 ea e9 f9 fc ff ff e8 5a 75 df fe <0f> 0b e8 93 36 fd fe e9 6e f0 ff ff e8 89 36 fd fe e9 68 f3 ff 
RIP  [<00000000128b30c1>] skb_queue_prev include/linux/skbuff.h:1294 [inline]
RIP  [<00000000128b30c1>] tcp_write_queue_prev include/net/tcp.h:1563 [inline]
RIP  [<00000000128b30c1>] tcp_rtx_queue_tail include/net/tcp.h:1616 [inline]
RIP  [<00000000128b30c1>] tcp_fragment+0x1266/0x1390 net/ipv4/tcp_output.c:1195
 RSP <ffff8801db607b90>
---[ end trace 963d35c2ad6d6117 ]---