program:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x40)
ioctl$EVIOCSREP(r2, 0x40084503, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010005000000000000000b005c240761030033e29b725a8150cdd6bef798d569abd5b4078e6104851dfe15f9f77647db7a431b5b9ea89a776cf5733375fa4983a63773c3744d2a69d8f65f0844be6f8cbc9c37fa4b5316ab4add7107d6df5aa3c2d842bca088f33590071ef40e81bf10a9f344a99b1dfa437b2695d0213a134b9100456fe9009725a236", @ANYRES32=r3, @ANYBLOB="0500080000000000090007004ff5677c1a0000000800090001ac0f00"], 0x38}}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r6, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xb40, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x3, 0x2800, 0x2800, 0x2, 0xd1, 0xc, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}})
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(r7, 0x8936, &(0x7f0000000040)={@local, 0x4c, r9})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x80000007, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r5, 0xc0845657, &(0x7f00000002c0)={0x0, @bt={0x101, 0xd26, 0x0, 0x1, 0x0, 0x4, 0xaad6, 0x6, 0x24d41a61, 0x0, 0x9, 0x4, 0x6, 0x3, 0x3, 0xf, {0x4, 0x7}, 0x1, 0x1b}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r10, 0x8b2a, &(0x7f0000000040))

[   75.191283][ T4668] Bluetooth: hci0: command tx timeout
[   75.255224][ T5319] netlink: 36 bytes leftover after parsing attributes in process `syz.0.0'.
[   75.265554][ T5319] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   75.270932][ T5319] #PF: supervisor instruction fetch in kernel mode
[   75.274303][ T5319] #PF: error_code(0x0010) - not-present page
[   75.276972][ T5319] PGD 0 P4D 0 
[   75.278374][ T5319] Oops: Oops: 0010 [#1] SMP KASAN NOPTI
[   75.280618][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[   75.284643][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.289448][ T5319] RIP: 0010:0x0
[   75.291090][ T5319] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   75.294582][ T5319] RSP: 0018:ffffc9000d5df998 EFLAGS: 00010287
[   75.297679][ T5319] RAX: ffffffff81f84ac4 RBX: 1ffffd4000268da8 RCX: 0000000000100000
[   75.301591][ T5319] RDX: ffffc9000e4da000 RSI: ffffea0001346d40 RDI: ffff88803f3e5e00
[   75.305174][ T5319] RBP: ffffc9000d5dfa50 R08: ffffea0001346d47 R09: 1ffffd4000268da8
[   75.308609][ T5319] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   75.312637][ T5319] R13: ffffea0001346d48 R14: ffffea0001346d40 R15: 1ffffd4000268da9
[   75.316655][ T5319] FS:  00007fd52ebc86c0(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000
[   75.320587][ T5319] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.323495][ T5319] CR2: ffffffffffffffd6 CR3: 000000003f4f1000 CR4: 0000000000352ef0
[   75.327074][ T5319] Call Trace:
[   75.328753][ T5319]  <TASK>
[   75.330270][ T5319]  filemap_read_folio+0x117/0x380
[   75.332857][ T5319]  ? __pfx_filemap_read_folio+0x10/0x10
[   75.335324][ T5319]  ? filemap_add_folio+0x1af/0x270
[   75.337634][ T5319]  do_read_cache_folio+0x350/0x590
[   75.339885][ T5319]  freader_get_folio+0x3c4/0x830
[   75.342930][ T5319]  freader_fetch+0xa3/0x5d0
[   75.345439][ T5319]  __build_id_parse+0x133/0x7d0
[   75.347989][ T5319]  ? __pfx___build_id_parse+0x10/0x10
[   75.350659][ T5319]  ? find_vma+0xe7/0x160
[   75.352650][ T5319]  ? __pfx_find_vma+0x10/0x10
[   75.354793][ T5319]  ? query_matching_vma+0x1b2/0x1d0
[   75.357037][ T5319]  procfs_procmap_ioctl+0x7f0/0xce0
[   75.359435][ T5319]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   75.362080][ T5319]  ? __fget_files+0x2a/0x420
[   75.364175][ T5319]  ? __fget_files+0x2a/0x420
[   75.366276][ T5319]  ? __fget_files+0x3a0/0x420
[   75.368492][ T5319]  ? __fget_files+0x2a/0x420
[   75.370607][ T5319]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.373050][ T5319]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   75.375722][ T5319]  __se_sys_ioctl+0xf9/0x170
[   75.377787][ T5319]  do_syscall_64+0xfa/0x3b0
[   75.379669][ T5319]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.381900][ T5319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.384577][ T5319]  ? clear_bhb_loop+0x60/0xb0
[   75.386859][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.390089][ T5319] RIP: 0033:0x7fd52dd8e929
[   75.392206][ T5319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.400798][ T5319] RSP: 002b:00007fd52ebc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.404894][ T5319] RAX: ffffffffffffffda RBX: 00007fd52dfb5fa0 RCX: 00007fd52dd8e929
[   75.408654][ T5319] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000006
[   75.411938][ T5319] RBP: 00007fd52de10b39 R08: 0000000000000000 R09: 0000000000000000
[   75.415503][ T5319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.419081][ T5319] R13: 0000000000000000 R14: 00007fd52dfb5fa0 R15: 00007fff5688ea08
[   75.422491][ T5319]  </TASK>
[   75.423750][ T5319] Modules linked in:
[   75.425392][ T5319] CR2: 0000000000000000
[   75.427451][ T5319] ---[ end trace 0000000000000000 ]---
[   75.429844][ T5319] RIP: 0010:0x0
[   75.431694][ T5319] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   75.435441][ T5319] RSP: 0018:ffffc9000d5df998 EFLAGS: 00010287
[   75.438407][ T5319] RAX: ffffffff81f84ac4 RBX: 1ffffd4000268da8 RCX: 0000000000100000
[   75.442304][ T5319] RDX: ffffc9000e4da000 RSI: ffffea0001346d40 RDI: ffff88803f3e5e00
[   75.446538][ T5319] RBP: ffffc9000d5dfa50 R08: ffffea0001346d47 R09: 1ffffd4000268da8
[   75.450442][ T5319] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   75.453845][ T5319] R13: ffffea0001346d48 R14: ffffea0001346d40 R15: 1ffffd4000268da9
[   75.457260][ T5319] FS:  00007fd52ebc86c0(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000
[   75.461175][ T5319] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.464455][ T5319] CR2: ffffffffffffffd6 CR3: 000000003f4f1000 CR4: 0000000000352ef0
[   75.468875][ T5319] Kernel panic - not syncing: Fatal exception
[   75.472159][ T5319] Kernel Offset: disabled
[   75.474161][ T5319] Rebooting in 86400 seconds..