./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1518411088 <...> Warning: Permanently added '10.128.0.16' (ED25519) to the list of known hosts. execve("./syz-executor1518411088", ["./syz-executor1518411088"], 0x7ffe08241f80 /* 10 vars */) = 0 brk(NULL) = 0x5555566ef000 brk(0x5555566efd00) = 0x5555566efd00 arch_prctl(ARCH_SET_FS, 0x5555566ef380) = 0 set_tid_address(0x5555566ef650) = 5032 set_robust_list(0x5555566ef660, 24) = 0 rseq(0x5555566efca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1518411088", 4096) = 28 getrandom("\xb6\xc6\xd5\x4b\x60\x94\x74\xb0", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555566efd00 brk(0x555556710d00) = 0x555556710d00 brk(0x555556711000) = 0x555556711000 mprotect(0x7ff9beee4000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_ALG, SOCK_SEQPACKET, 0) = 3 bind(3, {sa_family=AF_ALG, salg_type="aead", salg_feat=0, salg_mask=0, salg_name="pcrypt(generic-gcm-aesni)"}, 88) = 0 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 4 setsockopt(4, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(4, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(4, SOL_TCP, TCP_ULP, [7564404], 4) = 0 setsockopt(4, SOL_TLS, TLS_TX, "\x04\x03\x33\x00\x83\x7a\xd5\x52\xee\xd2\x2b\x08\xa4\x61\x6b\xf4\x5c\x64\xc5\x00\x00\x00\x87\x8f\x00\x00\x00\x00\x5a\x44\x00\x08\xff\xff\xff\xff\xff\xff\xff\xff", 40) = 0 write(4, "\\", 1) = -1 EBADMSG (Bad message) [ 61.707980][ T60] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN [ 61.719726][ T60] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 61.728143][ T60] CPU: 0 PID: 60 Comm: kworker/u4:4 Not tainted 6.5.0-syzkaller-04025-g2861f09c1112 #0 [ 61.737791][ T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 61.747851][ T60] Workqueue: pencrypt_parallel padata_parallel_worker [ 61.754649][ T60] RIP: 0010:scatterwalk_copychunks+0x3e0/0x560 [ 61.760835][ T60] Code: f0 48 c1 e8 03 80 3c 08 00 0f 85 7f 01 00 00 49 8d 44 24 08 4d 89 26 48 bf 00 00 00 00 00 fc ff df 48 89 44 24 10 48 c1 e8 03 <0f> b6 04 38 84 c0 74 08 3c 03 0f 8e 45 01 00 00 48 8b 44 24 08 41 [ 61.780461][ T60] RSP: 0018:ffffc900015875f8 EFLAGS: 00010202 [ 61.786544][ T60] RAX: 0000000000000001 RBX: 0000000000000000 RCX: dffffc0000000000 [ 61.794522][ T60] RDX: ffff888017651dc0 RSI: ffffffff841e5154 RDI: dffffc0000000000 [ 61.802503][ T60] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 61.810480][ T60] R10: 0000000000000002 R11: ffffffff81dba072 R12: 0000000000000000 [ 61.818545][ T60] R13: 0000000000000001 R14: ffffc90001587850 R15: 0000000000000000 [ 61.826699][ T60] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 61.835811][ T60] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.842401][ T60] CR2: 00007f4ed915a440 CR3: 0000000022fee000 CR4: 00000000003506f0 [ 61.850424][ T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.858400][ T60] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 61.866376][ T60] Call Trace: [ 61.869659][ T60] [ 61.872596][ T60] ? die_addr+0x3b/0xa0 [ 61.876767][ T60] ? exc_general_protection+0x154/0x230 [ 61.882350][ T60] ? asm_exc_general_protection+0x26/0x30 [ 61.888610][ T60] ? __kasan_kmalloc+0xa2/0xb0 [ 61.893400][ T60] ? sg_next+0x84/0xb0 [ 61.897498][ T60] ? scatterwalk_copychunks+0x3e0/0x560 [ 61.903062][ T60] ? scatterwalk_copychunks+0x3a7/0x560 [ 61.908633][ T60] skcipher_walk_next+0x730/0x1610 [ 61.913777][ T60] skcipher_walk_first+0xf7/0x3d0 [ 61.918829][ T60] skcipher_walk_aead_common+0x7a0/0xbb0 [ 61.924486][ T60] gcmaes_crypt_by_sg+0x354/0x830 [ 61.929537][ T60] ? ecb_encrypt+0x170/0x170 [ 61.934144][ T60] ? arch_stack_walk+0x6d/0xf0 [ 61.938916][ T60] ? arch_stack_walk+0x8b/0xf0 [ 61.943715][ T60] ? lockdep_unlock+0x11b/0x290 [ 61.948580][ T60] ? __lock_acquire+0x250f/0x5de0 [ 61.953624][ T60] gcmaes_encrypt+0xee/0x220 [ 61.958235][ T60] ? gcmaes_crypt_by_sg+0x830/0x830 [ 61.963543][ T60] generic_gcmaes_encrypt+0x14d/0x1b0 [ 61.968934][ T60] ? gcmaes_encrypt+0x220/0x220 [ 61.973816][ T60] ? lock_sync+0x190/0x190 [ 61.978248][ T60] crypto_aead_encrypt+0xbc/0x100 [ 61.983292][ T60] crypto_aead_encrypt+0xbc/0x100 [ 61.988332][ T60] pcrypt_aead_enc+0x17/0x70 [ 61.993034][ T60] padata_parallel_worker+0x64/0xb0 [ 61.998349][ T60] process_one_work+0xaa2/0x16f0 [ 62.003300][ T60] ? lock_sync+0x190/0x190 [ 62.007734][ T60] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 62.013127][ T60] ? spin_bug+0x1d0/0x1d0 [ 62.017474][ T60] worker_thread+0x687/0x1110 [ 62.022177][ T60] ? __kthread_parkme+0x152/0x220 [ 62.027987][ T60] ? process_one_work+0x16f0/0x16f0 [ 62.033204][ T60] kthread+0x33a/0x430 [ 62.037279][ T60] ? kthread_complete_and_exit+0x40/0x40 [ 62.042928][ T60] ret_from_fork+0x2c/0x70 [ 62.047356][ T60] ? kthread_complete_and_exit+0x40/0x40 [ 62.052998][ T60] ret_from_fork_asm+0x11/0x20 exit_group(0) = ? [ 62.057799][ T60] [ 62.060816][ T60] Modules linked in: [ 62.064777][ T60] ---[ end trace 0000000000000000 ]--- [ 62.070260][ T60] RIP: 0010:scatterwalk_copychunks+0x3e0/0x560 [ 62.076453][ T60] Code: f0 48 c1 e8 03 80 3c 08 00 0f 85 7f 01 00 00 49 8d 44 24 08 4d 89 26 48 bf 00 00 00 00 00 fc ff df 48 89 44 24 10 48 c1 e8 03 <0f> b6 04 38 84 c0 74 08 3c 03 0f 8e 45 01 00 00 48 8b 44 24 08 41 [ 62.096273][ T60] RSP: 0018:ffffc900015875f8 EFLAGS: 00010202 [ 62.102382][ T60] RAX: 0000000000000001 RBX: 0000000000000000 RCX: dffffc0000000000 [ 62.110379][ T60] RDX: ffff888017651dc0 RSI: ffffffff841e5154 RDI: dffffc0000000000 [ 62.118351][ T60] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 62.126385][ T60] R10: 0000000000000002 R11: ffffffff81dba072 R12: 0000000000000000 [ 62.134397][ T60] R13: 0000000000000001 R14: ffffc90001587850 R15: 0000000000000000 [ 62.142404][ T60] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 62.152678][ T60] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.159347][ T60] CR2: 00007f4ed915a440 CR3: 000000000c776000 CR4: 00000000003506f0 [ 62.167424][ T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.175512][ T60] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.183537][ T60] Kernel panic - not syncing: Fatal exception in interrupt [ 62.190988][ T60] Kernel Offset: disabled [ 62.195306][ T60] Rebooting in 86400 seconds..