RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442759
RDX: 0000000020000240 RSI: 0000000000000006 RDI: 0000000000000004
RBP: 00007ffd3d5ef4b0 R08: 0000000000000002 R09: 0000000000000000
R10: 0000008000000008 R11: 0000000000000246 R12: ffffffffffffffff
R13: 0000000000000007 R14: 0000000000000000 R15: 0000000000000000
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
PGD 8000000202db7067 P4D 8000000202db7067 PUD 1fecd1067 PMD 0
Oops: 0000 [#1] SMP PTI
CPU: 1 PID: 5994 Comm: syz-executor705 Not tainted 4.18.0-rc8+ #32
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:scatterwalk_start include/crypto/scatterwalk.h:85 [inline]
RIP: 0010:scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline]
RIP: 0010:scatterwalk_done include/crypto/scatterwalk.h:119 [inline]
RIP: 0010:blkcipher_walk_done+0x18e/0x290 crypto/blkcipher.c:124
Code: 45 28 49 8b 5d 38 8b 43 0c 03 43 08 41 39 45 40 73 07 e8 05 f5 83 ff eb 18 e8 fe f4 83 ff 48 89 df e8 b6 74 0d 00 49 89 45 38 <8b> 40 08 41 89 45 40 45 89 7d 48 45 89 7d 30 41 f6 46 11 02 75 07
RSP: 0018:ffff8801fecdf948 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff88020c6aea90 RCX: ffff88020c6a0000
RDX: 0000000000000000 RSI: ffff8801fecdf9a0 RDI: ffff88020c6aea90
RBP: ffff8801fecdf970 R08: ffff880204cf2cec R09: 0000000000000082
R10: 000000000000d99b R11: 000000008484435b R12: 0000000000000010
R13: ffff8801fecdf9a0 R14: ffff8801fecdfa88 R15: 0000000000000ff0
FS: 000000000183e880(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000008 CR3: 0000000204c2c000 CR4: 00000000001406e0
Call Trace:
crypto_ctr_crypt+0x21c/0x250 crypto/ctr.c:146
skcipher_crypt_blkcipher crypto/skcipher.c:623 [inline]
skcipher_encrypt_blkcipher+0x49/0x50 crypto/skcipher.c:632
crypto_skcipher_encrypt include/crypto/skcipher.h:443 [inline]
crypto_gcm_encrypt+0xd1/0x160 crypto/gcm.c:483
crypto_aead_encrypt include/crypto/aead.h:335 [inline]
tls_do_encryption net/tls/tls_sw.c:211 [inline]
tls_push_record+0x1f0/0x470 net/tls/tls_sw.c:247
tls_sw_sendpage+0x380/0x4d0 net/tls/tls_sw.c:601
inet_sendpage+0x11d/0x1c0 net/ipv4/af_inet.c:815
kernel_sendpage net/socket.c:3334 [inline]
sock_sendpage+0x63/0x90 net/socket.c:867
pipe_to_sendpage+0x93/0xb0 fs/splice.c:452
splice_from_pipe_feed fs/splice.c:503 [inline]
__splice_from_pipe+0xdd/0x2a0 fs/splice.c:627
splice_from_pipe fs/splice.c:662 [inline]
generic_splice_sendpage+0x6e/0x90 fs/splice.c:833
do_splice_from fs/splice.c:852 [inline]
direct_splice_actor+0x42/0x50 fs/splice.c:1019
splice_direct_to_actor+0x174/0x350 fs/splice.c:974
do_splice_direct+0x87/0xe0 fs/splice.c:1062
do_sendfile+0x424/0x680 fs/read_write.c:1440
__do_sys_sendfile64 fs/read_write.c:1495 [inline]
__se_sys_sendfile64 fs/read_write.c:1487 [inline]
__x64_sys_sendfile64+0x59/0xb0 fs/read_write.c:1487
do_syscall_64+0x61/0x90 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x442759
Code: e8 bc e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 02 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffd3d5ef348 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442759
RDX: 0000000020000240 RSI: 0000000000000006 RDI: 0000000000000004
RBP: 00007ffd3d5ef4b0 R08: 0000000000000002 R09: 0000000000000000
R10: 0000008000000008 R11: 0000000000000246 R12: ffffffffffffffff
R13: 0000000000000007 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
Dumping ftrace buffer:
(ftrace buffer empty)
CR2: 0000000000000008
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
---[ end trace 8c575ab9cf1bcd3b ]---
PGD 80000002069d3067 P4D 80000002069d3067 PUD 1fec7a067 PMD 0
Oops: 0000 [#2] SMP PTI
CPU: 0 PID: 5991 Comm: syz-executor705 Tainted: G D 4.18.0-rc8+ #32
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:scatterwalk_start include/crypto/scatterwalk.h:85 [inline]
RIP: 0010:scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline]
RIP: 0010:scatterwalk_done include/crypto/scatterwalk.h:119 [inline]
RIP: 0010:blkcipher_walk_done+0x18e/0x290 crypto/blkcipher.c:124
Code:
RIP: 0010:scatterwalk_start include/crypto/scatterwalk.h:85 [inline]
RIP: 0010:scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline]
RIP: 0010:scatterwalk_done include/crypto/scatterwalk.h:119 [inline]
RIP: 0010:blkcipher_walk_done+0x18e/0x290 crypto/blkcipher.c:124
45 28 49 8b 5d 38 8b 43 0c 03 43 08 41 39 45 40 73 07 e8 05 f5 83 ff eb 18
Code:
e8 fe f4 83 ff 48 89 df e8 b6 74 0d 00 49 89 45 38 <8b> 40 08 41 89 45 40 45 89 7d
45
48 45 89 7d 30 41 f6 46 11 02 75 07
RSP: 0018:ffff880204d7b948 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff880204db0290 RCX: ffff880208c30000
RDX: 0000000000000000 RSI: ffff880204d7b9a0 RDI: ffff880204db0290
RBP: ffff880204d7b970 R08: ffff880204d834ec R09: 0000000000000082
R10: 000000000000d99b R11: 000000008484435b R12: 0000000000000010
28
R13: ffff880204d7b9a0 R14: ffff880204d7ba88 R15: 0000000000000ff0
FS: 000000000183e880(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000008 CR3: 0000000204ca6000 CR4: 00000000001406f0
Call Trace:
crypto_ctr_crypt+0x21c/0x250 crypto/ctr.c:146
49
skcipher_crypt_blkcipher crypto/skcipher.c:623 [inline]
skcipher_encrypt_blkcipher+0x49/0x50 crypto/skcipher.c:632
8b
crypto_skcipher_encrypt include/crypto/skcipher.h:443 [inline]
crypto_gcm_encrypt+0xd1/0x160 crypto/gcm.c:483
crypto_aead_encrypt include/crypto/aead.h:335 [inline]
tls_do_encryption net/tls/tls_sw.c:211 [inline]
tls_push_record+0x1f0/0x470 net/tls/tls_sw.c:247
5d
tls_sw_sendpage+0x380/0x4d0 net/tls/tls_sw.c:601
inet_sendpage+0x11d/0x1c0 net/ipv4/af_inet.c:815
38
kernel_sendpage net/socket.c:3334 [inline]
sock_sendpage+0x63/0x90 net/socket.c:867
pipe_to_sendpage+0x93/0xb0 fs/splice.c:452
splice_from_pipe_feed fs/splice.c:503 [inline]
__splice_from_pipe+0xdd/0x2a0 fs/splice.c:627
8b
splice_from_pipe fs/splice.c:662 [inline]
generic_splice_sendpage+0x6e/0x90 fs/splice.c:833
do_splice_from fs/splice.c:852 [inline]
direct_splice_actor+0x42/0x50 fs/splice.c:1019
43
splice_direct_to_actor+0x174/0x350 fs/splice.c:974
do_splice_direct+0x87/0xe0 fs/splice.c:1062
do_sendfile+0x424/0x680 fs/read_write.c:1440
0c
__do_sys_sendfile64 fs/read_write.c:1495 [inline]
__se_sys_sendfile64 fs/read_write.c:1487 [inline]
__x64_sys_sendfile64+0x59/0xb0 fs/read_write.c:1487
do_syscall_64+0x61/0x90 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x442759
03
Code: e8 bc e6 ff ff 48 83 c4 18 c3 0f 1f
43
80 00 00 00 00 48 89 f8 48 89 f7 48 89
08
d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08
41
0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 02
39
fc ff c3 66 2e 0f 1f 84 00 00 00 00
45
RSP: 002b:00007ffd3d5ef348 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442759
RDX: 0000000020000240 RSI: 0000000000000006 RDI: 0000000000000004
RBP: 00007ffd3d5ef4b0 R08: 0000000000000002 R09: 0000000000000000
R10: 0000008000000008 R11: 0000000000000246 R12: ffffffffffffffff
40
R13: 0000000000000007 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
Dumping ftrace buffer:
73
(ftrace buffer empty)
CR2: 0000000000000008
---[ end trace 8c575ab9cf1bcd3c ]---
07
RIP: 0010:scatterwalk_start include/crypto/scatterwalk.h:85 [inline]
RIP: 0010:scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline]
RIP: 0010:scatterwalk_done include/crypto/scatterwalk.h:119 [inline]
RIP: 0010:blkcipher_walk_done+0x18e/0x290 crypto/blkcipher.c:124
e8
Code:
05
45
f5
28
83
49
ff
8b
eb
5d
18
38 8b
e8
43
fe
0c
f4
03
83
43
ff
08
48
41
89
39
df e8
45
b6
40
74
73
0d
07
00
e8
49
05
89
f5
45
83
38
ff
<8b>
eb
40
18
08
e8
41
fe
89
f4
45
83
40
ff
45 89
48
7d
89
48
df
45 89
e8
7d
b6
30
74
41
0d
f6
00
46
49
11
89
02
45
75
38
07
<8b>
40
RSP: 0018:ffff8801fecdf948 EFLAGS: 00010246
08
41
RAX: 0000000000000000 RBX: ffff88020c6aea90 RCX: ffff88020c6a0000
89
RDX: 0000000000000000 RSI: ffff8801fecdf9a0 RDI: ffff88020c6aea90
45
RBP: ffff8801fecdf970 R08: ffff880204cf2cec R09: 0000000000000082
40
R10: 000000000000d99b R11: 000000008484435b R12: 0000000000000010
45
R13: ffff8801fecdf9a0 R14: ffff8801fecdfa88 R15: 0000000000000ff0
89
FS: 000000000183e880(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000
7d
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
48
CR2: 0000000000000008 CR3: 0000000204c2c000 CR4: 00000000001406e0
45