./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2990794148 <...> Warning: Permanently added '10.128.0.165' (ED25519) to the list of known hosts. execve("./syz-executor2990794148", ["./syz-executor2990794148"], 0x7ffc6f60f1e0 /* 10 vars */) = 0 brk(NULL) = 0x5555570b8000 brk(0x5555570b8d00) = 0x5555570b8d00 arch_prctl(ARCH_SET_FS, 0x5555570b8380) = 0 set_tid_address(0x5555570b8650) = 5065 set_robust_list(0x5555570b8660, 24) = 0 rseq(0x5555570b8ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2990794148", 4096) = 28 getrandom("\xbf\x1a\xee\x1e\x5c\xc3\x8b\x9c", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555570b8d00 brk(0x5555570d9d00) = 0x5555570d9d00 brk(0x5555570da000) = 0x5555570da000 mprotect(0x7f2339978000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_ALG, SOCK_SEQPACKET, 0) = 3 bind(3, {sa_family=AF_ALG, salg_type="skcipher", salg_feat=0, salg_mask=0, salg_name="cbc(arc4-generic)"}, 88) = 0 setsockopt(3, SOL_ALG, ALG_SET_KEY, "\xad\x56\xb6\xc5\x91\x0f\xae\x9d\x6d\xcd\x32\x92\xea\x54\xc7\xb6\xef\x91\x5d\x56\x4c\x90\xc2\x00", 24) = 0 accept4(3, NULL, NULL, 0) = 4 sendto(4, "\x20\x00\x00\x00\x10\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x09\x00\x02\x00\x49\x50\x56\x53\x00\x00\x00\x00", 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32 [ 72.394299][ T5065] "syz-executor299" (5065) uses obsolete ecb(arc4) skcipher [ 72.436034][ T5065] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 72.443882][ T5065] #PF: supervisor write access in kernel mode [ 72.449938][ T5065] #PF: error_code(0x0002) - not-present page [ 72.455905][ T5065] PGD 78051067 P4D 78051067 PUD 7e3d7067 PMD 0 [ 72.462156][ T5065] Oops: 0002 [#1] PREEMPT SMP KASAN [ 72.467346][ T5065] CPU: 1 PID: 5065 Comm: syz-executor299 Not tainted 6.8.0-rc1-syzkaller-00311-g3a5879d495b2 #0 [ 72.477761][ T5065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 72.488111][ T5065] RIP: 0010:memcpy_orig+0x31/0x120 [ 72.493254][ T5065] Code: 48 83 fa 20 0f 82 86 00 00 00 40 38 fe 7c 35 48 83 ea 20 48 83 ea 20 4c 8b 06 4c 8b 4e 08 4c 8b 56 10 4c 8b 5e 18 48 8d 76 20 <4c> 89 07 4c 89 4f 08 4c 89 57 10 4c 89 5f 18 48 8d 7f 20 73 d4 83 [ 72.512950][ T5065] RSP: 0018:ffffc90003a378c0 EFLAGS: 00010202 [ 72.519024][ T5065] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84401c81 [ 72.527002][ T5065] RDX: 00000000000003c8 RSI: ffff888019ee1040 RDI: 0000000000000000 [ 72.534964][ T5065] RBP: ffff888019ee1000 R08: 0000000400000003 R09: 0000002200000071 [ 72.542930][ T5065] R10: 0000000800000016 R11: 0000001700000083 R12: 0000000000000000 [ 72.550894][ T5065] R13: ffff88807f225da0 R14: ffff88807929e000 R15: 0000000000000001 [ 72.558860][ T5065] FS: 00005555570b8380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 72.567789][ T5065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.574367][ T5065] CR2: 0000000000000000 CR3: 000000007c30c000 CR4: 00000000003506f0 [ 72.582347][ T5065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.590310][ T5065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.598448][ T5065] Call Trace: [ 72.601812][ T5065] [ 72.604743][ T5065] ? show_regs+0x8f/0xa0 [ 72.608993][ T5065] ? __die+0x2c/0x80 [ 72.612886][ T5065] ? page_fault_oops+0x398/0xab0 [ 72.617827][ T5065] ? dump_pagetable+0x530/0x530 [ 72.622676][ T5065] ? stack_depot_save_flags+0x558/0x730 [ 72.628224][ T5065] ? reacquire_held_locks+0x4c0/0x4c0 [ 72.633633][ T5065] ? _raw_write_unlock_irqrestore+0x4e/0x70 [ 72.639621][ T5065] ? lockdep_hardirqs_on+0x7d/0x110 [ 72.644997][ T5065] ? do_user_addr_fault+0x564/0x1030 [ 72.650369][ T5065] ? irqentry_enter+0x2d/0x50 [ 72.655040][ T5065] ? rcu_is_watching+0x12/0xb0 [ 72.660149][ T5065] ? exc_page_fault+0x5d/0xc0 [ 72.664821][ T5065] ? asm_exc_page_fault+0x26/0x30 [ 72.669845][ T5065] ? crypto_arc4_crypt+0x31/0x70 [ 72.674788][ T5065] ? memcpy_orig+0x31/0x120 [ 72.679289][ T5065] crypto_arc4_crypt+0x4b/0x70 [ 72.684148][ T5065] ? cast6_setkey+0x30/0x30 [ 72.688687][ T5065] crypto_lskcipher_decrypt+0xd4/0x130 [ 72.694162][ T5065] crypto_cbc_decrypt+0x14f/0x330 [ 72.699184][ T5065] ? crypto_cbc_encrypt+0x220/0x220 [ 72.704386][ T5065] ? skcipher_walk_skcipher+0x4d9/0x640 [ 72.709940][ T5065] crypto_lskcipher_crypt_sg+0x28c/0x460 [ 72.715625][ T5065] ? crypto_cbc_encrypt+0x220/0x220 [ 72.720904][ T5065] ? crypto_lskcipher_decrypt+0x130/0x130 [ 72.726729][ T5065] ? kfree+0x124/0x360 [ 72.730825][ T5065] crypto_skcipher_decrypt+0xda/0x160 [ 72.736208][ T5065] skcipher_recvmsg+0xc2b/0x1040 [ 72.741159][ T5065] ? algif_skcipher_export.part.0+0x200/0x200 [ 72.747234][ T5065] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 72.752522][ T5065] ? security_socket_recvmsg+0x92/0xc0 [ 72.757978][ T5065] ? algif_skcipher_export.part.0+0x200/0x200 [ 72.764045][ T5065] sock_recvmsg+0xe2/0x170 [ 72.768468][ T5065] __sys_recvfrom+0x1ab/0x2e0 [ 72.773150][ T5065] ? __ia32_sys_send+0x100/0x100 [ 72.778079][ T5065] ? spin_bug+0x1d0/0x1d0 [ 72.782485][ T5065] ? cgroup_update_frozen+0x144/0x6b0 [ 72.787870][ T5065] ? _raw_spin_unlock_irq+0x23/0x50 [ 72.793068][ T5065] ? lockdep_hardirqs_on+0x7d/0x110 [ 72.798262][ T5065] __x64_sys_recvfrom+0xe0/0x1b0 [ 72.803192][ T5065] ? syscall_trace_enter+0xb3/0x200 [ 72.808387][ T5065] do_syscall_64+0xd3/0x250 [ 72.812892][ T5065] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 72.818780][ T5065] RIP: 0033:0x7f23399079b9 [ 72.823191][ T5065] Code: ff e8 cb 01 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d f1 56 07 00 00 41 89 ca 74 1c 45 31 c9 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89 [ 72.842792][ T5065] RSP: 002b:00007ffe68b37d28 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 72.851200][ T5065] RAX: ffffffffffffffda RBX: 00007ffe68b37db4 RCX: 00007f23399079b9 [ 72.859169][ T5065] RDX: 0000000000001000 RSI: 00007ffe68b37da0 RDI: 0000000000000004 [ 72.867133][ T5065] RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000 [ 72.875097][ T5065] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe68b37da0 [ 72.883062][ T5065] R13: 00007ffe68b38f88 R14: 0000000000000001 R15: 0000000000000001 [ 72.891203][ T5065] [ 72.894208][ T5065] Modules linked in: [ 72.898098][ T5065] CR2: 0000000000000000 [ 72.902245][ T5065] ---[ end trace 0000000000000000 ]--- [ 72.907799][ T5065] RIP: 0010:memcpy_orig+0x31/0x120 [ 72.912942][ T5065] Code: 48 83 fa 20 0f 82 86 00 00 00 40 38 fe 7c 35 48 83 ea 20 48 83 ea 20 4c 8b 06 4c 8b 4e 08 4c 8b 56 10 4c 8b 5e 18 48 8d 76 20 <4c> 89 07 4c 89 4f 08 4c 89 57 10 4c 89 5f 18 48 8d 7f 20 73 d4 83 [ 72.932548][ T5065] RSP: 0018:ffffc90003a378c0 EFLAGS: 00010202 [ 72.938609][ T5065] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84401c81 [ 72.946676][ T5065] RDX: 00000000000003c8 RSI: ffff888019ee1040 RDI: 0000000000000000 [ 72.954667][ T5065] RBP: ffff888019ee1000 R08: 0000000400000003 R09: 0000002200000071 [ 72.962811][ T5065] R10: 0000000800000016 R11: 0000001700000083 R12: 0000000000000000 [ 72.970782][ T5065] R13: ffff88807f225da0 R14: ffff88807929e000 R15: 0000000000000001 [ 72.978762][ T5065] FS: 00005555570b8380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 72.987692][ T5065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.994272][ T5065] CR2: 0000000000000000 CR3: 000000007c30c000 CR4: 00000000003506f0 [ 73.002240][ T5065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.010208][ T5065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.018173][ T5065] Kernel panic - not syncing: Fatal exception [ 73.024403][ T5065] Kernel Offset: disabled [ 73.028712][ T5065] Rebooting in 86400 seconds..