./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2026602776 <...> Warning: Permanently added '10.128.0.196' (ECDSA) to the list of known hosts. execve("./syz-executor2026602776", ["./syz-executor2026602776"], 0x7ffe7353ef30 /* 10 vars */) = 0 brk(NULL) = 0x5555565db000 brk(0x5555565dbc40) = 0x5555565dbc40 arch_prctl(ARCH_SET_FS, 0x5555565db300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2026602776", 4096) = 28 brk(0x5555565fcc40) = 0x5555565fcc40 brk(0x5555565fd000) = 0x5555565fd000 mprotect(0x7f95e279b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_ALG, SOCK_SEQPACKET, 0) = 3 bind(3, {sa_family=AF_ALG, salg_type="hash", salg_feat=0, salg_mask=0, salg_name="ghash-clmulni"}, 88) = 0 setsockopt(3, SOL_ALG, ALG_SET_KEY, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16) = 0 accept4(3, NULL, NULL, 0) = 4 sendmmsg(4, [{msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}], 1, MSG_PEEK|MSG_PROBE|MSG_MORE|MSG_FASTOPEN) = 1 syzkaller login: [ 59.699667][ T5004] general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] PREEMPT SMP KASAN [ 59.711440][ T5004] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] [ 59.719848][ T5004] CPU: 1 PID: 5004 Comm: syz-executor202 Not tainted 6.4.0-rc6-syzkaller-01333-g9a94d764e9bc #0 [ 59.730264][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 59.741094][ T5004] RIP: 0010:shash_ahash_update+0x126/0x210 [ 59.747091][ T5004] Code: 8c 00 00 00 e8 bb f7 a4 fd 48 8b 04 24 48 8b 6c 24 40 80 38 00 0f 85 c3 00 00 00 4d 8b 75 00 49 8d 7e 20 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 c1 00 00 00 4d 8b 7e 20 49 8d 7f 2c 48 89 fa 48 [ 59.766790][ T5004] RSP: 0018:ffffc900039df948 EFLAGS: 00010202 [ 59.772941][ T5004] RAX: ffffed1003ce8b6b RBX: dffffc0000000000 RCX: 0000000000000000 [ 59.780945][ T5004] RDX: 0000000000000004 RSI: ffffffff83df4f25 RDI: 0000000000000020 [ 59.788925][ T5004] RBP: ffff8880732a3100 R08: 0000000000000005 R09: 0000000000000000 [ 59.796982][ T5004] R10: 0000000000000f00 R11: 0000000000000009 R12: 0000000000000f00 [ 59.804962][ T5004] R13: ffff88801e745b58 R14: 0000000000000000 R15: 1ffff9200073bf2b [ 59.813070][ T5004] FS: 00005555565db300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 59.822004][ T5004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 59.828603][ T5004] CR2: 00007fccb3501440 CR3: 0000000021e60000 CR4: 00000000003506e0 [ 59.836685][ T5004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.844654][ T5004] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.852622][ T5004] Call Trace: [ 59.855910][ T5004] [ 59.858943][ T5004] ? die_addr+0x3c/0xa0 [ 59.863112][ T5004] ? exc_general_protection+0x129/0x230 [ 59.868687][ T5004] ? asm_exc_general_protection+0x26/0x30 [ 59.874424][ T5004] ? shash_ahash_update+0x105/0x210 [ 59.879623][ T5004] ? shash_ahash_update+0x126/0x210 [ 59.884851][ T5004] ? shash_ahash_update+0x105/0x210 [ 59.890179][ T5004] ? crypto_shash_finup+0x160/0x160 [ 59.895489][ T5004] ? mark_held_locks+0x9f/0xe0 [ 59.900456][ T5004] ghash_async_update+0x136/0x170 [ 59.906206][ T5004] hash_sendmsg+0x434/0xde0 [ 59.910928][ T5004] ? hash_accept_nokey+0x90/0x90 [ 59.915930][ T5004] sock_sendmsg+0xde/0x190 [ 59.920376][ T5004] ____sys_sendmsg+0x733/0x920 [ 59.925153][ T5004] ? copy_msghdr_from_user+0xfc/0x150 [ 59.930565][ T5004] ? kernel_sendmsg+0x50/0x50 [ 59.935338][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 59.941535][ T5004] ___sys_sendmsg+0x110/0x1b0 [ 59.946225][ T5004] ? do_recvmmsg+0x6f0/0x6f0 [ 59.950829][ T5004] ? lock_sync+0x190/0x190 [ 59.955266][ T5004] ? ptrace_stop.part.0+0x4a3/0x8e0 [ 59.960471][ T5004] ? do_raw_spin_lock+0x124/0x2b0 [ 59.965680][ T5004] ? spin_bug+0x1c0/0x1c0 [ 59.970019][ T5004] ? _raw_spin_lock_irq+0x45/0x50 [ 59.975060][ T5004] ? __fget_light+0x20a/0x270 [ 59.979754][ T5004] __sys_sendmsg+0xf7/0x1c0 [ 59.984364][ T5004] ? __sys_sendmsg_sock+0x40/0x40 [ 59.989395][ T5004] ? lock_downgrade+0x690/0x690 [ 59.994348][ T5004] ? lockdep_hardirqs_on+0x7d/0x100 [ 59.999907][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50 [ 60.005291][ T5004] ? ptrace_notify+0xfe/0x140 [ 60.009976][ T5004] do_syscall_64+0x39/0xb0 [ 60.014573][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 60.020750][ T5004] RIP: 0033:0x7f95e272ecb9 [ 60.025165][ T5004] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 60.044791][ T5004] RSP: 002b:00007ffd82939a68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 60.055223][ T5004] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f95e272ecb9 [ 60.063301][ T5004] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 60.071374][ T5004] RBP: 00007f95e26f2e60 R08: 0000000000000000 R09: 0000000000000000 [ 60.079435][ T5004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95e26f2ef0 [ 60.087539][ T5004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 60.095611][ T5004] [ 60.098642][ T5004] Modules linked in: [ 60.102702][ T5004] ---[ end trace 0000000000000000 ]--- [ 60.109033][ T5004] RIP: 0010:shash_ahash_update+0x126/0x210 [ 60.115044][ T5004] Code: 8c 00 00 00 e8 bb f7 a4 fd 48 8b 04 24 48 8b 6c 24 40 80 38 00 0f 85 c3 00 00 00 4d 8b 75 00 49 8d 7e 20 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 c1 00 00 00 4d 8b 7e 20 49 8d 7f 2c 48 89 fa 48 [ 60.134959][ T5004] RSP: 0018:ffffc900039df948 EFLAGS: 00010202 [ 60.141131][ T5004] RAX: ffffed1003ce8b6b RBX: dffffc0000000000 RCX: 0000000000000000 [ 60.149338][ T5004] RDX: 0000000000000004 RSI: ffffffff83df4f25 RDI: 0000000000000020 [ 60.157389][ T5004] RBP: ffff8880732a3100 R08: 0000000000000005 R09: 0000000000000000 [ 60.165474][ T5004] R10: 0000000000000f00 R11: 0000000000000009 R12: 0000000000000f00 [ 60.173463][ T5004] R13: ffff88801e745b58 R14: 0000000000000000 R15: 1ffff9200073bf2b [ 60.181475][ T5004] FS: 00005555565db300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 60.190436][ T5004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.197132][ T5004] CR2: 00007f29a2df2304 CR3: 0000000021e60000 CR4: 00000000003506f0 [ 60.205131][ T5004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.213264][ T5004] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.221382][ T5004] Kernel panic - not syncing: Fatal exception [ 60.227536][ T5004] Kernel Offset: disabled [ 60.231940][ T5004] Rebooting in 86400 seconds..