Hello,
syzkaller hit the following crash on
c5f66a85899705835f61d687a38f62d5a1ec4eb9
git://
git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master
compiler: gcc (GCC) 7.1.1 20170620
.config is attached
Raw console output is attached.
Unfortunately, I don't have any reproducer for this bug yet.
BUG: unable to handle kernel NULL pointer dereference at 000000000108d5fe
IP: sha512_mb_mgr_get_comp_job_avx2+0x6e/0xee
arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S:251
PGD 1cd279067 P4D 1cd279067 PUD 1d2c4f067 PMD 0
Oops: 0002 [#1] SMP KASAN
Dumping ftrace buffer:
(ftrace buffer empty)
Modules linked in:
CPU: 0 PID: 1399 Comm: kworker/0:2 Not tainted 4.15.0-rc1+ #135
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: crypto mcryptd_queue_worker
task: 00000000087b2afb task.stack: 000000002f1b3e4d
RIP: 0010:sha512_mb_mgr_get_comp_job_avx2+0x6e/0xee
arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S:251
RSP: 0018:ffff8801d2ad71b8 EFLAGS: 00010002
RAX: 0000000000000000 RBX: ffff8801d58d0dd0 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff8801d58d0c80
RBP: ffff8801d2ad71e0 R08: 0000000100000000 R09: 0000000000000001
R10: 0000000000000002 R11: 0000000000000003 R12: ffff8801d58d0c80
R13: 0000000000000286 R14: ffff8801c944e860 R15: ffffe8ffffc0fa30
FS: 0000000000000000(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000060 CR3: 00000001d3c98000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
sha_complete_job+0x276/0x830 arch/x86/crypto/sha512-mb/sha512_mb.c:510
sha512_mb_update+0x2f6/0x530 arch/x86/crypto/sha512-mb/sha512_mb.c:610
crypto_ahash_update include/crypto/hash.h:522 [inline]
ahash_mcryptd_update crypto/mcryptd.c:628 [inline]
mcryptd_hash_update+0xcd/0x1c0 crypto/mcryptd.c:374
mcryptd_queue_worker+0xfe/0x660 crypto/mcryptd.c:182
process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2112
worker_thread+0x223/0x1990 kernel/workqueue.c:2246
kthread+0x37a/0x440 kernel/kthread.c:238
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:441
Code: 49 0f 42 d3 48 f7 c2 f0 ff ff ff 0f 85 9a 00 00 00 48 83 e2 0f 48 6b
da 08 48 8d 9c 1f 48 01 00 00 48 8b 03 48 c7 03 00 00 00 00 <c7> 40 60 02
00 00 00 48 8b 9f 40 01 00 00 48 c1 e3 08 48 09 d3
RIP: sha512_mb_mgr_get_comp_job_avx2+0x6e/0xee
arch/x86/crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S:251 RSP:
ffff8801d2ad71b8
CR2: 0000000000000060
---[ end trace 879bb33f9fc9cf36 ]---
Kernel panic - not syncing: Fatal exception
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a dumb bot. It may contain errors.
See
https://goo.gl/tpsmEJ for details.
Direct all questions to
syzk...@googlegroups.com.
Please credit me with: Reported-by: syzbot <
syzk...@googlegroups.com>
syzbot will keep track of this bug report.
Once a fix for this bug is committed, please reply to this email with:
#syz fix: exact-commit-title
To mark this as a duplicate of another syzbot report, please reply with:
#syz dup: exact-subject-of-another-report
If it's a one-off invalid bug report, please reply with:
#syz invalid
Note: if the crash happens again, it will cause creation of a new bug
report.
Note: all commands must start from beginning of the line in the email body.