SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=20716 comm=syz-executor5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=20716 comm=syz-executor5 BUG: sleeping function called from invalid context at net/core/sock.c:2502 in_atomic(): 1, irqs_disabled(): 0, pid: 20716, name: syz-executor5 no locks held by syz-executor5/20716. Preemption disabled at: [] __do_softirq+0xdd/0x940 kernel/softirq.c:265 CPU: 1 PID: 20716 Comm: syz-executor5 Not tainted 4.9.124-g09eb2ba #35 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801db307cd8 ffffffff81eb95e9 ffffffff83a0848d 0000000000000000 0000000000000100 ffff8801d3c1c800 ffff8801d3c1c800 ffff8801db307d10 ffffffff81426851 ffff8801d3c1c800 ffffffff840f88a0 00000000000009c6 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] ___might_sleep.cold.123+0x1bc/0x1f5 kernel/sched/core.c:7988 [] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7945 [] lock_sock_nested+0x34/0x120 net/core/sock.c:2502 [] lock_sock include/net/sock.h:1404 [inline] [] inet_shutdown+0x69/0x360 net/ipv4/af_inet.c:823 [] pppol2tp_session_close+0xa0/0xe0 net/l2tp/l2tp_ppp.c:441 [] l2tp_tunnel_closeall+0x231/0x350 net/l2tp/l2tp_core.c:1368 [] l2tp_tunnel_destruct+0x2f2/0x590 net/l2tp/l2tp_core.c:1324 [] __sk_destruct+0x55/0x590 net/core/sock.c:1428 [] __rcu_reclaim kernel/rcu/rcu.h:118 [inline] [] rcu_do_batch kernel/rcu/tree.c:2789 [inline] [] invoke_rcu_callbacks kernel/rcu/tree.c:3053 [inline] [] __rcu_process_callbacks kernel/rcu/tree.c:3020 [inline] [] rcu_process_callbacks+0x8ae/0x12b0 kernel/rcu/tree.c:3037 [] __do_softirq+0x210/0x940 kernel/softirq.c:288 [] invoke_softirq kernel/softirq.c:368 [inline] [] irq_exit+0x114/0x150 kernel/softirq.c:409 [] exiting_irq arch/x86/include/asm/apic.h:669 [inline] [] smp_apic_timer_interrupt+0x81/0xa0 arch/x86/kernel/apic/apic.c:962 [] apic_timer_interrupt+0xa0/0xb0 arch/x86/entry/entry_64.S:648 [] vprintk_emit+0x448/0x790 kernel/printk/printk.c:1903 [] vprintk+0x28/0x30 kernel/printk/printk.c:1913 [] vprintk_default+0x1d/0x30 kernel/printk/printk.c:1914 [] vprintk_func kernel/printk/internal.h:36 [inline] [] printk+0xaf/0xd7 kernel/printk/printk.c:1975 [] selinux_nlmsg_perm security/selinux/hooks.c:5012 [inline] [] selinux_netlink_send.cold.77+0x133/0x175 security/selinux/hooks.c:5356 [] security_netlink_send+0x7b/0xb0 security/security.c:1182 [] netlink_sendmsg+0x734/0xc30 net/netlink/af_netlink.c:1849 [] sock_sendmsg_nosec net/socket.c:648 [inline] [] sock_sendmsg+0xcc/0x110 net/socket.c:658 [] ___sys_sendmsg+0x6fc/0x840 net/socket.c:1982 [] __sys_sendmsg+0xd9/0x190 net/socket.c:2016 [] C_SYSC_sendmsg net/compat.c:736 [inline] [] compat_SyS_sendmsg+0x2a/0x40 net/compat.c:734 [] do_syscall_32_irqs_on arch/x86/entry/common.c:325 [inline] [] do_fast_syscall_32+0x2f7/0x870 arch/x86/entry/common.c:387 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 IP: [] l2tp_session_free+0x11c/0x200 net/l2tp/l2tp_core.c:1765 PGD 1c5654067 PUD 1d3db9067 PMD 0 Oops: 0002 [#1] PREEMPT SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 0 PID: 20725 Comm: syz-executor4 Tainted: G W 4.9.124-g09eb2ba #35 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8801a5859800 task.stack: ffff8801c22d0000 RIP: 0010:[] [] l2tp_session_free+0x11c/0x200 net/l2tp/l2tp_core.c:1765 RSP: 0018:ffff8801c22d7c88 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff8801d9146a00 RCX: 0000000000000000 RDX: 1ffff1003846c0d0 RSI: ffffffff836c4711 RDI: ffff8801c2360680 RBP: ffff8801c22d7ca8 R08: ffff8801a585a0e8 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c2360500 R13: ffff8801d9146a08 R14: 0000000000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:0000000009453900 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 0000000000000080 CR3: 00000001d7b3e000 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff8801d41c6600 ffff8801d9146a00 ffff8801d41c69d0 ffff8801d41c68d8 ffff8801c22d7cd0 ffffffff836cc022 ffff8801d41c6a40 ffff8801d41c6600 ffffffff836cbf50 ffff8801c22d7d08 ffffffff830281f5 ffff8801d41c6a40 Call Trace: [] l2tp_session_dec_refcount_1 net/l2tp/l2tp_core.h:297 [inline] [] pppol2tp_session_destruct+0xd2/0x110 net/l2tp/l2tp_ppp.c:460 [] __sk_destruct+0x55/0x590 net/core/sock.c:1428 [] sk_destruct+0x63/0x80 net/core/sock.c:1463 [] __sk_free+0x4f/0x220 net/core/sock.c:1471 [] sk_free+0x2b/0x40 net/core/sock.c:1482 [] sock_put include/net/sock.h:1588 [inline] [] pppol2tp_release+0x239/0x2e0 net/l2tp/l2tp_ppp.c:501 [] __sock_release+0xd7/0x260 net/socket.c:605 [] sock_close+0x19/0x20 net/socket.c:1059 [] __fput+0x263/0x700 fs/file_table.c:208 [] ____fput+0x15/0x20 fs/file_table.c:244 [] task_work_run+0x10c/0x180 kernel/task_work.c:116 [] tracehook_notify_resume include/linux/tracehook.h:191 [inline] [] exit_to_usermode_loop+0xfc/0x120 arch/x86/entry/common.c:161 [] prepare_exit_to_usermode arch/x86/entry/common.c:191 [inline] [] syscall_return_slowpath arch/x86/entry/common.c:260 [inline] [] do_syscall_32_irqs_on arch/x86/entry/common.c:331 [inline] [] do_fast_syscall_32+0x5c3/0x870 arch/x86/entry/common.c:387 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Code: 49 8d bc 24 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 c6 00 00 00 4d 8b b4 24 80 01 00 00 41 ff 8e 80 00 00 00 74 69 e8 a5 c5 c9 fd 4c 89 ea 48 b8 00 RIP [] l2tp_session_free+0x11c/0x200 net/l2tp/l2tp_core.c:1765 RSP CR2: 0000000000000080 ---[ end trace b2cfb59fc6d440d7 ]---