program: capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="6000000002060500000000000000000000000000140007800800064000000000080013400000000005000100060000000900020073797a32000000000500040000000000050005000a00000011000300686173683a6970"], 0x60}, 0x1, 0x0, 0x0, 0x20040804}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="440020000206010800000000000000000500000005000100060000000c000300686173683a697000096e6b8dbc797a3200000000050005000a0008000500040000000000516844fc6874d0f93018ffd5ee040b6d9e761e8533e3a199d4183449662e1e137b9073dbb33e786a1325896f2a516c20ae8e856558991c1c8d35e0d5a9b8e14877bd0602925e0b90c87a5499f900d9cfc40c3a8a4ecbb647660162df8a7fc0207c0db3f74161f4e2576ca75e8dc245ddf809145328fe725f2f5adf9ed3ce8b7090ffe290b5335f6521b49c28e78075c957b190ab1ccc9152b9acfd063818cb20e3b4124cee6b6c23a1887a208798b9b4b393ab7fe2ca2ee10ae711ea75d8065f3feb22d24682ce2d196f8a9b8ae1e685a6254a7217347f5ca0e43aa633663b9527458df0c5b88e404569ef57eaf2f12a55b03b40e2c36541a4a1cb9cc09a42246ae832fe70618c9ec49007a8e198f5559e98d9a64efab3bfb94c8b5bd6f87334b852228c8f4bd003139c78e300252399ca41cb915e6e7422ae6d5aaf8b6bffdc4ec93f0074d0af7c028a4139e88aea4c2ac6363225fb892635fecd103596a156d3c190d0b3409f6e8cde6a69b80dc4a08746cc56775ede62d8101ed5d7818c72d8da5fa461"], 0x44}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0500000004000000040000000400000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000001600000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x2) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1000000004000000040000000104000000040000b004ee1dd244dcc9909b9fab32d3c309b49026aa0a6b108aad3a3910ced1087b5a2aca8afce7f80f0449c8a88b264edcf674e6cf60dc0010c5d4ea1cedab1ed13a4daa1127d6cb429d5df4970334d78a19c42a9a5570db69970dcca9892098b02e6d50c5e37f1901c61757467d0b5df4cc066abd0edbdb69df30959438b2b07ebf290458d53c0a", @ANYRES32, @ANYBLOB='\n\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000000300"/28], 0x48) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1ffffc}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x5, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x5d}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) [ 75.592441][ T5333] Bluetooth: hci0: command tx timeout [ 75.657749][ T5353] capability: warning: `syz.0.0' uses deprecated v2 capabilities in a way that may be insecure [ 75.717655][ T5353] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 75.721199][ T5353] #PF: supervisor instruction fetch in kernel mode [ 75.724066][ T5353] #PF: error_code(0x0010) - not-present page [ 75.726763][ T5353] PGD 0 P4D 0 [ 75.728373][ T5353] Oops: Oops: 0010 [#1] SMP KASAN NOPTI [ 75.730842][ T5353] CPU: 0 UID: 0 PID: 5353 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(full) [ 75.737450][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.742294][ T5353] RIP: 0010:0x0 [ 75.744005][ T5353] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 75.747422][ T5353] RSP: 0018:ffffc9000d60f998 EFLAGS: 00010287 [ 75.750198][ T5353] RAX: ffffffff81f8e584 RBX: 1ffffd4000228df0 RCX: 0000000000100000 [ 75.753700][ T5353] RDX: ffffc9000dfaa000 RSI: ffffea0001146f80 RDI: ffff88804343c700 [ 75.757161][ T5353] RBP: ffffc9000d60fa50 R08: ffffea0001146f87 R09: 1ffffd4000228df0 [ 75.760707][ T5353] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 75.764280][ T5353] R13: ffffea0001146f88 R14: ffffea0001146f80 R15: 1ffffd4000228df1 [ 75.767821][ T5353] FS: 00007f6ad6db56c0(0000) GS:ffff88808d210000(0000) knlGS:0000000000000000 [ 75.771734][ T5353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.774675][ T5353] CR2: ffffffffffffffd6 CR3: 00000000434cd000 CR4: 0000000000352ef0 [ 75.778241][ T5353] Call Trace: [ 75.779756][ T5353] [ 75.781111][ T5353] filemap_read_folio+0x117/0x380 [ 75.783484][ T5353] ? __pfx_filemap_read_folio+0x10/0x10 [ 75.786001][ T5353] ? filemap_add_folio+0x1af/0x270 [ 75.788263][ T5353] do_read_cache_folio+0x350/0x590 [ 75.790520][ T5353] freader_get_folio+0x3c4/0x830 [ 75.792631][ T5353] freader_fetch+0xa3/0x5d0 [ 75.794520][ T5353] __build_id_parse+0x133/0x7d0 [ 75.796598][ T5353] ? __pfx___build_id_parse+0x10/0x10 [ 75.798909][ T5353] ? rcu_is_watching+0x15/0xb0 [ 75.800967][ T5353] ? find_vma+0xe7/0x160 [ 75.802881][ T5353] ? __pfx_find_vma+0x10/0x10 [ 75.804999][ T5353] ? query_matching_vma+0x1b2/0x1d0 [ 75.807266][ T5353] procfs_procmap_ioctl+0x7f0/0xce0 [ 75.809519][ T5353] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 75.812071][ T5353] ? __fget_files+0x2a/0x420 [ 75.814094][ T5353] ? __fget_files+0x3a0/0x420 [ 75.817431][ T5353] ? __fget_files+0x2a/0x420 [ 75.819455][ T5353] ? bpf_lsm_file_ioctl+0x9/0x20 [ 75.821660][ T5353] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 75.824161][ T5353] __se_sys_ioctl+0xf9/0x170 [ 75.826163][ T5353] do_syscall_64+0xfa/0x3b0 [ 75.828261][ T5353] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.830870][ T5353] ? clear_bhb_loop+0x60/0xb0 [ 75.832917][ T5353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.835503][ T5353] RIP: 0033:0x7f6ad5f8ebe9 [ 75.837470][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.845504][ T5353] RSP: 002b:00007f6ad6db5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.849013][ T5353] RAX: ffffffffffffffda RBX: 00007f6ad61b5fa0 RCX: 00007f6ad5f8ebe9 [ 75.852339][ T5353] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000007 [ 75.855715][ T5353] RBP: 00007f6ad6011e19 R08: 0000000000000000 R09: 0000000000000000 [ 75.859151][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.862623][ T5353] R13: 00007f6ad61b6038 R14: 00007f6ad61b5fa0 R15: 00007ffd7fd23b18 [ 75.866090][ T5353] [ 75.867453][ T5353] Modules linked in: [ 75.869156][ T5353] CR2: 0000000000000000 [ 75.870969][ T5353] ---[ end trace 0000000000000000 ]--- [ 75.873228][ T5353] RIP: 0010:0x0 [ 75.874706][ T5353] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 75.877734][ T5353] RSP: 0018:ffffc9000d60f998 EFLAGS: 00010287 [ 75.880333][ T5353] RAX: ffffffff81f8e584 RBX: 1ffffd4000228df0 RCX: 0000000000100000 [ 75.883574][ T5353] RDX: ffffc9000dfaa000 RSI: ffffea0001146f80 RDI: ffff88804343c700 [ 75.886988][ T5353] RBP: ffffc9000d60fa50 R08: ffffea0001146f87 R09: 1ffffd4000228df0 [ 75.890233][ T5353] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 75.893553][ T5353] R13: ffffea0001146f88 R14: ffffea0001146f80 R15: 1ffffd4000228df1 [ 75.896842][ T5353] FS: 00007f6ad6db56c0(0000) GS:ffff88808d210000(0000) knlGS:0000000000000000 [ 75.900719][ T5353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.903475][ T5353] CR2: ffffffffffffffd6 CR3: 00000000434cd000 CR4: 0000000000352ef0 [ 75.906870][ T5353] Kernel panic - not syncing: Fatal exception [ 75.909834][ T5353] Kernel Offset: disabled [ 75.911807][ T5353] Rebooting in 86400 seconds..