program:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001480)="2eec116d8cb4d8eb000786c758837b78288493633f6f666b", 0x18}], 0x1, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x8}], 0x18}, 0x0)
io_setup(0x20000000001005, &(0x7f0000000880)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f00000000c0)={0x5000000, 0x0, 0xd, 0x0, 0x0, r1, &(0x7f0000000080)='[', 0x1}])

[   87.577152][ T5303] Bluetooth: hci0: command tx timeout
[   87.707468][ T5324] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI
[   87.713103][ T5324] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[   87.716991][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.721638][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.727043][ T5324] RIP: 0010:memcpy_sglist+0x420/0x730
[   87.729573][ T5324] Code: e8 b5 2a 51 fd f6 c3 01 0f 85 0a 01 00 00 e8 c7 25 51 fd 4c 89 f3 eb 07 e8 bd 25 51 fd 31 db 4c 8d 7b 08 4c 89 f8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 1d 02 00 00 41 8b 07 89 44 24 04 49 8d 7d
[   87.739231][ T5324] RSP: 0018:ffffc9000de3f6d8 EFLAGS: 00010202
[   87.742422][ T5324] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000100000
[   87.746161][ T5324] RDX: ffffc9000ec12000 RSI: 0000000000000817 RDI: 0000000000000818
[   87.749946][ T5324] RBP: dffffc0000000000 R08: ffff888054562080 R09: 1ffff1100a8ac410
[   87.754231][ T5324] R10: dffffc0000000000 R11: ffffed100a8ac411 R12: 0000000000000007
[   87.758374][ T5324] R13: ffff8880445f0580 R14: ffff888043287820 R15: 0000000000000008
[   87.762029][ T5324] FS:  00007f64f48706c0(0000) GS:ffff88808ca4c000(0000) knlGS:0000000000000000
[   87.766794][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.770724][ T5324] CR2: 00007f64f47ee000 CR3: 0000000038478000 CR4: 0000000000352ef0
[   87.774600][ T5324] Call Trace:
[   87.776222][ T5324]  <TASK>
[   87.777643][ T5324]  aead_recvmsg+0x719/0x1030
[   87.779722][ T5324]  ? __pfx_aead_recvmsg+0x10/0x10
[   87.782127][ T5324]  ? aa_sock_msg_perm+0xf1/0x1b0
[   87.785073][ T5324]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[   87.788491][ T5324]  ? security_socket_recvmsg+0x7e/0x2c0
[   87.791159][ T5324]  ? __pfx_aead_recvmsg+0x10/0x10
[   87.793542][ T5324]  sock_recvmsg+0x172/0x1b0
[   87.795797][ T5324]  sock_read_iter+0x251/0x320
[   87.798124][ T5324]  ? __pfx_sock_read_iter+0x10/0x10
[   87.800653][ T5324]  ? bpf_lsm_file_permission+0x9/0x20
[   87.803439][ T5324]  ? security_file_permission+0x75/0x260
[   87.806715][ T5324]  ? rw_verify_area+0x2a6/0x4d0
[   87.809615][ T5324]  ? import_ubuf+0xfb/0x1d0
[   87.811865][ T5324]  aio_read+0x33a/0x4d0
[   87.813852][ T5324]  ? __pfx_aio_read+0x10/0x10
[   87.816124][ T5324]  io_submit_one+0x79d/0x14c0
[   87.818168][ T5324]  ? irqentry_exit+0x59e/0x620
[   87.820216][ T5324]  ? trace_irq_disable+0x3b/0x150
[   87.822370][ T5324]  ? __pfx_io_submit_one+0x10/0x10
[   87.824828][ T5324]  ? __might_fault+0xaf/0x130
[   87.828254][ T5324]  __se_sys_io_submit+0x195/0x340
[   87.830971][ T5324]  ? __pfx___se_sys_io_submit+0x10/0x10
[   87.833436][ T5324]  do_syscall_64+0x14d/0xf80
[   87.835553][ T5324]  ? trace_irq_disable+0x3b/0x150
[   87.837993][ T5324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.840948][ T5324]  ? clear_bhb_loop+0x40/0x90
[   87.843908][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.847392][ T5324] RIP: 0033:0x7f64f399c819
[   87.849571][ T5324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.858819][ T5324] RSP: 002b:00007f64f486ffe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   87.863116][ T5324] RAX: ffffffffffffffda RBX: 00007f64f3c15fa0 RCX: 00007f64f399c819
[   87.867095][ T5324] RDX: 0000200000000580 RSI: 0000000000000001 RDI: 00007f64f47ee000
[   87.871137][ T5324] RBP: 00007f64f3a32c91 R08: 0000000000000000 R09: 0000000000000000
[   87.875266][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.879055][ T5324] R13: 00007f64f3c16038 R14: 00007f64f3c15fa0 R15: 00007ffc497e3ef8
[   87.883438][ T5324]  </TASK>
[   87.885338][ T5324] Modules linked in:
[   87.888171][ T5324] ---[ end trace 0000000000000000 ]---
[   87.942663][ T5324] RIP: 0010:memcpy_sglist+0x420/0x730
[   87.947132][ T5324] Code: e8 b5 2a 51 fd f6 c3 01 0f 85 0a 01 00 00 e8 c7 25 51 fd 4c 89 f3 eb 07 e8 bd 25 51 fd 31 db 4c 8d 7b 08 4c 89 f8 48 c1 e8 03 <0f> b6 04 28 84 c0 0f 85 1d 02 00 00 41 8b 07 89 44 24 04 49 8d 7d
[   87.958971][ T5324] RSP: 0018:ffffc9000de3f6d8 EFLAGS: 00010202
[   87.961855][ T5324] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000100000
[   87.966224][ T5324] RDX: ffffc9000ec12000 RSI: 0000000000000817 RDI: 0000000000000818
[   87.970252][ T5324] RBP: dffffc0000000000 R08: ffff888054562080 R09: 1ffff1100a8ac410
[   87.974214][ T5324] R10: dffffc0000000000 R11: ffffed100a8ac411 R12: 0000000000000007
[   87.978067][ T5324] R13: ffff8880445f0580 R14: ffff888043287820 R15: 0000000000000008
[   87.981195][ T5324] FS:  00007f64f48706c0(0000) GS:ffff88808ca4c000(0000) knlGS:0000000000000000
[   87.985575][ T5324] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.988875][ T5324] CR2: 00007f64f3bed6b8 CR3: 0000000038478000 CR4: 0000000000352ef0
[   87.992601][ T5324] Kernel panic - not syncing: Fatal exception
[   87.995802][ T5324] Kernel Offset: disabled
[   87.997788][ T5324] Rebooting in 86400 seconds..