gcm_mode_decrypt_contiguous_blocks() can dereference NULL pointer
In gcm_mode_decrypt_contiguous_blocks(), if vmem_alloc() fails, bcopy() is called with a null pointer destination and a length > 0. This results in undefined behavior. Further ctx->gcm_pt_buf is freed but not set to NULL, leading to a potential write after free and a double free due to missing return value handling in crypto_update_uio(). The code as is may write to ctx->gcm_pt_buf in gcm_decrypt_final() and may free ctx->gcm_pt_buf again in aes_decrypt_atomic().
The fix is to slightly rework error handling in gcm_mode_decrypt_contiguous_blocks() and check the return value in crypto_update_uio().