BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 0 P4D 0
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.4.0-syzkaller-01406-ge8f75c0270d9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
RIP: 0010:0x0
Code: Unable to access opcode bytes at 0xffffffffffffffd6.
RSP: 0018:ffffc90000007e68 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff8880b983d340 RCX: a8465ad1c6353a91
RDX: 1ffffffff1892c10 RSI: 0000000000000101 RDI: ffff888077215b80
RBP: 0000000000000001 R08: ffffffff816f28bd R09: ffffffff9153dd1f
R10: fffffbfff22a7ba3 R11: 0000000000000400 R12: dffffc0000000000
R13: ffff888077215b80 R14: ffffc90000007ee8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 000000002c80d000 CR4: 0000000000350ef0
Call Trace:
<IRQ>
rcu_do_batch kernel/rcu/tree.c:2135 [inline]
rcu_core+0x802/0x1c10 kernel/rcu/tree.c:2399
__do_softirq+0x1d4/0x905 kernel/softirq.c:553
invoke_softirq kernel/softirq.c:427 [inline]
__irq_exit_rcu kernel/softirq.c:632 [inline]
irq_exit_rcu+0xb7/0x120 kernel/softirq.c:644
sysvec_apic_timer_interrupt+0x97/0xc0 arch/x86/kernel/apic/apic.c:1109
</IRQ>
<TASK>
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645
RIP: 0010:native_irq_disable arch/x86/include/asm/irqflags.h:37 [inline]
RIP: 0010:arch_local_irq_disable arch/x86/include/asm/irqflags.h:72 [inline]
RIP: 0010:acpi_safe_halt+0x40/0x50 drivers/acpi/processor_idle.c:113
Code: eb 03 83 e3 01 89 de 0f 1f 44 00 00 84 db 75 1b 0f 1f 44 00 00 eb 0c 0f 1f 44 00 00 0f 00 2d e7 57 a0 00 0f 1f 44 00 00 fb f4 <fa> 5b c3 cc 0f 1f 00 66 0f 1f 84 00 00 00 00 00 55 48 89 fd 53 0f
RSP: 0018:ffffffff8c407d18 EFLAGS: 00000246
RAX: ffffffff8c4955c0 RBX: 0000000000000000 RCX: ffffffff8a11ed45
RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffff88801369c064 R08: 0000000000000001 R09: ffff8880b9836d2b
R10: ffffed1017306da5 R11: 0000000000000000 R12: 0000000000000001
R13: ffff88801369c000 R14: ffff88801369c064 R15: 0000000000000000
acpi_idle_do_entry+0x53/0x70 drivers/acpi/processor_idle.c:573
acpi_idle_enter+0x173/0x290 drivers/acpi/processor_idle.c:707
cpuidle_enter_state+0xd3/0x6f0 drivers/cpuidle/cpuidle.c:267
cpuidle_enter+0x4e/0xa0 drivers/cpuidle/cpuidle.c:388
cpuidle_idle_call kernel/sched/idle.c:215 [inline]
do_idle+0x2fe/0x3c0 kernel/sched/idle.c:282
cpu_startup_entry+0x18/0x20 kernel/sched/idle.c:379
rest_init+0x16f/0x2b0 init/main.c:733
arch_call_rest_init+0x13/0x30 init/main.c:830
start_kernel+0x3b1/0x490 init/main.c:1074
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:556
x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:537
secondary_startup_64_no_verify+0x167/0x16b
</TASK>
Modules linked in:
CR2: 0000000000000000
---[ end trace 0000000000000000 ]---
RIP: 0010:0x0
Code: Unable to access opcode bytes at 0xffffffffffffffd6.
RSP: 0018:ffffc90000007e68 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff8880b983d340 RCX: a8465ad1c6353a91
RDX: 1ffffffff1892c10 RSI: 0000000000000101 RDI: ffff888077215b80
RBP: 0000000000000001 R08: ffffffff816f28bd R09: ffffffff9153dd1f
R10: fffffbfff22a7ba3 R11: 0000000000000400 R12: dffffc0000000000
R13: ffff888077215b80 R14: ffffc90000007ee8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 000000002c80d000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
0: eb 03 jmp 0x5
2: 83 e3 01 and $0x1,%ebx
5: 89 de mov %ebx,%esi
7: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
c: 84 db test %bl,%bl
e: 75 1b jne 0x2b
10: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
15: eb 0c jmp 0x23
17: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
1c: 0f 00 2d e7 57 a0 00 verw 0xa057e7(%rip) # 0xa0580a
23: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
28: fb sti
29: f4 hlt
* 2a: fa cli <-- trapping instruction
2b: 5b pop %rbx
2c: c3 retq
2d: cc int3
2e: 0f 1f 00 nopl (%rax)
31: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
38: 00 00
3a: 55 push %rbp
3b: 48 89 fd mov %rdi,%rbp
3e: 53 push %rbx
3f: 0f .byte 0xf