dccp_v6_connect+0xbcd/0x15c0 net/dccp/ipv6.c:947 kasan: CONFIG_KASAN_INLINE enabled __inet_stream_connect+0x6ad/0xb90 net/ipv4/af_inet.c:618 kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN Modules linked in: inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:682 SYSC_connect net/socket.c:1655 [inline] SyS_connect+0x1f4/0x240 net/socket.c:1636 CPU: 0 PID: 12440 Comm: syz-executor.0 Not tainted 4.14.227-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff88803ebba200 task.stack: ffff888043cb8000 RIP: 0010:scatterwalk_start include/crypto/scatterwalk.h:86 [inline] RIP: 0010:scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline] RIP: 0010:scatterwalk_copychunks+0x4a3/0x680 crypto/scatterwalk.c:55 RSP: 0018:ffff888043cbf520 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: 0000000000001000 RCX: ffffc90005bd3000 RDX: 0000000000000002 RSI: ffffffff831575b4 RDI: ffff888049c15228 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100801ae3d entry_SYSCALL_64_after_hwframe+0x46/0xbb R10: ffff8880400d71ec R11: 0000000000000000 R12: 0000000000001000 RIP: 0033:0x466459 R13: ffff888043cbf5d8 R14: 0000000000003020 R15: ffff888049c15234 RSP: 002b:00007f5733a14188 EFLAGS: 00000246 FS: 00007f1bfd399700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 CR2: 0000557bc8d9b160 CR3: 000000009144f000 CR4: 00000000001406f0 RBP: 00007f5733a141d0 R08: 0000000000000000 R09: 0000000000000000 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: R13: 00007ffc5a3e896f R14: 00007f5733a14300 R15: 0000000000022000 scatterwalk_map_and_copy crypto/scatterwalk.c:72 [inline] scatterwalk_map_and_copy+0x100/0x1a0 crypto/scatterwalk.c:60 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 gcmaes_encrypt.constprop.0+0x5b5/0xc00 arch/x86/crypto/aesni-intel_glue.c:778 CPU: 1 PID: 12453 Comm: syz-executor.2 Not tainted 4.14.227-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] dccp_connect+0x1e1/0x5f0 net/dccp/output.c:555 dccp_v6_connect+0xbcd/0x15c0 net/dccp/ipv6.c:947 __inet_stream_connect+0x6ad/0xb90 net/ipv4/af_inet.c:618 inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:682 SYSC_connect net/socket.c:1655 [inline] SyS_connect+0x1f4/0x240 net/socket.c:1636 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 Code: entry_SYSCALL_64_after_hwframe+0x46/0xbb fc RIP: 0033:0x466459 ff RSP: 002b:00007f5733a14188 EFLAGS: 00000246 df ORIG_RAX: 000000000000002a 80 RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 3c RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 02 RBP: 00007f5733a141d0 R08: 0000000000000000 R09: 0000000000000000 00 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 0f R13: 00007ffc5a3e896f R14: 00007f5733a14300 R15: 0000000000022000 85 d9 01 00 00 48 8d 45 10 49 89 6d 00 48 89 c2 48 89 44 24 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 81 01 00 00 48 b8 00 00 00 RIP: scatterwalk_start include/crypto/scatterwalk.h:86 [inline] RSP: ffff888043cbf520 RIP: scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline] RSP: ffff888043cbf520 RIP: scatterwalk_copychunks+0x4a3/0x680 crypto/scatterwalk.c:55 RSP: ffff888043cbf520 overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore overlayfs: at least 2 lowerdir are needed while upperdir nonexistent audit: type=1804 audit(1617096632.448:667): pid=12475 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir184598496/syzkaller.Z3bCYo/601/bus" dev="sda1" ino=14562 res=1 TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore audit: type=1804 audit(1617096632.458:668): pid=12481 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir184598496/syzkaller.Z3bCYo/601/bus" dev="sda1" ino=14562 res=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 overlayfs: at least 2 lowerdir are needed while upperdir nonexistent CPU: 0 PID: 12483 Comm: syz-executor.2 Tainted: G D 4.14.227-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 skb_clone+0x126/0x9a0 net/core/skbuff.c:1291 dccp_connect+0x2d4/0x5f0 net/dccp/output.c:564 dccp_v6_connect+0xbcd/0x15c0 net/dccp/ipv6.c:947 __inet_stream_connect+0x6ad/0xb90 net/ipv4/af_inet.c:618 inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:682 SYSC_connect net/socket.c:1655 [inline] SyS_connect+0x1f4/0x240 net/socket.c:1636 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x466459 RSP: 002b:00007f5733a14188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 RBP: 00007f5733a141d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007ffc5a3e896f R14: 00007f5733a14300 R15: 0000000000022000 ---[ end trace ef5006ced2a7a021 ]---