kasan: GPF could be caused by NULL-ptr deref or user memory access
*** Guest State ***
GDTR:                           limit=0x0000ffff, base=0x0000000000000000
CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 24123 Comm: syz-executor.5 Not tainted 4.14.231-syzkaller #0
CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff888044cc86c0 task.stack: ffff88809d470000
RIP: 0010:scatterwalk_start include/crypto/scatterwalk.h:86 [inline]
RIP: 0010:scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline]
RIP: 0010:scatterwalk_copychunks+0x4a3/0x680 crypto/scatterwalk.c:55
RSP: 0018:ffff88809d477760 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 000000000000001e RCX: ffffc900065d4000
RDX: 0000000000000002 RSI: ffffffff831693e4 RDI: ffff88804c252398
RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100865d003
R10: ffff8880432e801d R11: 0000000000000010 R12: 000000000000001e
R13: ffff88809d477818 R14: 0000000000000001 R15: ffff88804c2523a4
FS:  00007ff80ddee700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
CR3 = 0x00000000fffbc000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000009b7e4000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 scatterwalk_map_and_copy crypto/scatterwalk.c:72 [inline]
 scatterwalk_map_and_copy+0x100/0x1a0 crypto/scatterwalk.c:60
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
 gcmaes_encrypt.constprop.0+0x6cd/0xc00 arch/x86/crypto/aesni-intel_glue.c:802
RSP = 0x0000000000000000  RIP = 0x0000000000000231
RFLAGS=0x00000246         DR7 = 0x0000000000000400
CPU: 1 PID: 24174 Comm: syz-executor.2 Not tainted 4.14.231-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold+0x10a/0x149 lib/fault-inject.c:149
 should_failslab+0xd6/0x130 mm/failslab.c:32
 slab_pre_alloc_hook mm/slab.h:421 [inline]
 slab_alloc mm/slab.c:3376 [inline]
 kmem_cache_alloc+0x40/0x3c0 mm/slab.c:3550
 skb_clone+0x126/0x9a0 net/core/skbuff.c:1291
 __netlink_deliver_tap_skb net/netlink/af_netlink.c:266 [inline]
 __netlink_deliver_tap net/netlink/af_netlink.c:291 [inline]
 netlink_deliver_tap+0x655/0x7d0 net/netlink/af_netlink.c:302
 netlink_deliver_tap_kernel net/netlink/af_netlink.c:311 [inline]
 netlink_unicast_kernel net/netlink/af_netlink.c:1286 [inline]
 netlink_unicast+0x485/0x610 net/netlink/af_netlink.c:1313
 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878
 sock_sendmsg_nosec net/socket.c:646 [inline]
 sock_sendmsg+0xb5/0x100 net/socket.c:656
Code: 
 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062
fc 
ff 
df 
80 
3c 
02 
00 
0f 
 __sys_sendmsg+0xa3/0x120 net/socket.c:2096
85 
d9 
01 
00 
00 
 SYSC_sendmsg net/socket.c:2107 [inline]
 SyS_sendmsg+0x27/0x40 net/socket.c:2103
48 
8d 
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
45 
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
10 
RIP: 0033:0x466459
49 
RSP: 002b:00007fbc11868188 EFLAGS: 00000246
89 
 ORIG_RAX: 000000000000002e
6d 
RAX: ffffffffffffffda RBX: 000000000056c0b0 RCX: 0000000000466459
00 
RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004
48 
RBP: 00007fbc118681d0 R08: 0000000000000000 R09: 0000000000000000
89 
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
c2 
R13: 00007ffe70a7e70f R14: 00007fbc11868300 R15: 0000000000022000
48 
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
89 44 24 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 81 01 00 00 
CS:   sel=0x0000, attr=0x0009b, limit=0x0000ffff, base=0x0000000000000000
48 b8 00 00 00 
RIP: scatterwalk_start include/crypto/scatterwalk.h:86 [inline] RSP: ffff88809d477760
RIP: scatterwalk_pagedone include/crypto/scatterwalk.h:111 [inline] RSP: ffff88809d477760
RIP: scatterwalk_copychunks+0x4a3/0x680 crypto/scatterwalk.c:55 RSP: ffff88809d477760
LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
IDTR:                           limit=0x0000ffff, base=0x0000000000000000
GDTR:                           limit=0x0000ffff, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
IDTR:                           limit=0x0000ffff, base=0x0000000000000000
EFER =     0x0000000000000000  PAT = 0x0007040600070406
TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
EFER =     0x0000000000000000  PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
Interruptibility = 00000001  ActivityState = 00000000
Interruptibility = 00000001  ActivityState = 00000000
*** Host State ***
*** Host State ***
RIP = 0xffffffff811601fe  RSP = 0xffff8880aae0f9b8
RIP = 0xffffffff811601fe  RSP = 0xffff88804b01f9b8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f3ea86e7700 GSBase=ffff8880ba400000 TRBase=fffffe0000003000
FSBase=00007f4b46dd9700 GSBase=ffff8880ba500000 TRBase=fffffe0000034000
GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
GDTBase=fffffe0000032000 IDTBase=fffffe0000000000
CR0=0000000080050033 CR3=00000000b38c7000 CR4=00000000001426f0
CR0=0000000080050033 CR3=00000000a0062000 CR4=00000000001426e0
Sysenter RSP=fffffe0000003000 CS:RIP=0010:ffffffff87401690
Sysenter RSP=fffffe0000034000 CS:RIP=0010:ffffffff87401690
EFER = 0x0000000000000d01  PAT = 0x0407050600070106
EFER = 0x0000000000000d01  PAT = 0x0407050600070106
*** Control State ***
*** Control State ***
PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2
PinBased=0000003f CPUBased=b699edfa SecondaryExec=000000e2
EntryControls=0000d1ff ExitControls=002fefff
EntryControls=0000d1ff ExitControls=002fefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000
VMEntry: intr_info=80000202 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
        reason=80000021 qualification=0000000000000003
        reason=80000021 qualification=0000000000000003
IDTVectoring: info=00000000 errcode=00000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffff47d0029ee8
TSC Offset = 0xffffff47cdb0a002
EPT pointer = 0x00000000b341401e
EPT pointer = 0x000000009fe6001e
Virtual processor ID = 0x0005
Virtual processor ID = 0x0006
---[ end trace 287ef7bdeef146a4 ]---