program: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200054, &(0x7f0000000140)={[{@minixdf}, {@nodelalloc}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x9d, 0x2, 0x0, 0x0, 0x0, 0x7b2, 0x2260, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2, @perf_bp={0x0, 0x1}, 0x0, 0x9, 0x2000, 0x7, 0x6, 0x80000004, 0x2, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x2) ftruncate(r0, 0xffff) fcntl$addseals(r0, 0x409, 0x7) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2) r2 = ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r0, 0x0, 0x0, 0x2000}) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) mmap(&(0x7f00003a2000/0x1000)=nil, 0x1000, 0x0, 0x12, r2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) exit(0x100000001) write$binfmt_script(r4, &(0x7f0000000100), 0xfecc) [ 85.194578][ T5310] syz.0.0 (5310) used greatest stack depth: 14376 byte[ 83.401383][ T4658] Bluetooth: hci0: command tx timeout [ 83.411122][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 83.413554][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 83.528957][ T5310] loop0: detected capacity change from 0 to 128 [ 83.547700][ T5310] ======================================================= [ 83.547700][ T5310] WARNING: The mand mount option has been deprecated and [ 83.547700][ T5310] and is ignored by this kernel. Remove the mand [ 83.547700][ T5310] option from the mount to silence this warning. [ 83.547700][ T5310] ======================================================= [ 83.615106][ T5310] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 83.622446][ T5310] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 83.636253][ T5310] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 83.639749][ T5310] #PF: supervisor instruction fetch in kernel mode [ 83.642522][ T5310] #PF: error_code(0x0010) - not-present page [ 83.645156][ T5310] PGD 0 P4D 0 [ 83.646750][ T5310] Oops: Oops: 0010 [#1] SMP KASAN NOPTI [ 83.649272][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 83.653626][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.658332][ T5310] RIP: 0010:0x0 [ 83.659795][ T5310] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 83.662964][ T5310] RSP: 0018:ffffc9000d49f998 EFLAGS: 00010287 [ 83.665570][ T5310] RAX: ffffffff81f74be4 RBX: 1ffffd40002074f8 RCX: 0000000000100000 [ 83.668932][ T5310] RDX: ffffc9000e09a000 RSI: ffffea000103a7c0 RDI: ffff8880424f7000 [ 83.672183][ T5310] RBP: ffffc9000d49fa50 R08: ffffea000103a7c7 R09: 1ffffd40002074f8 [ 83.675608][ T5310] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 83.679042][ T5310] R13: ffffea000103a7c8 R14: ffffea000103a7c0 R15: 1ffffd40002074f9 [ 83.682383][ T5310] FS: 00007fcdacff66c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000 [ 83.686245][ T5310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.689142][ T5310] CR2: ffffffffffffffd6 CR3: 00000000419f5000 CR4: 0000000000352ef0 [ 83.692639][ T5310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 83.696019][ T5310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 83.699398][ T5310] Call Trace: [ 83.700842][ T5310] [ 83.702072][ T5310] filemap_read_folio+0x114/0x380 [ 83.704311][ T5310] ? __pfx_filemap_read_folio+0x10/0x10 [ 83.706765][ T5310] ? filemap_add_folio+0x1af/0x270 [ 83.708915][ T5310] do_read_cache_folio+0x354/0x590 [ 83.711066][ T5310] freader_get_folio+0x3c4/0x7f0 [ 83.713321][ T5310] freader_fetch+0xa3/0x5d0 [ 83.715359][ T5310] __build_id_parse+0x133/0x7d0 [ 83.717493][ T5310] ? __pfx___build_id_parse+0x10/0x10 [ 83.719869][ T5310] ? find_vma+0xe7/0x160 [ 83.721833][ T5310] ? __pfx_find_vma+0x10/0x10 [ 83.723879][ T5310] ? query_matching_vma+0x1b2/0x1d0 [ 83.726174][ T5310] procfs_procmap_ioctl+0x7f0/0xce0 [ 83.728389][ T5310] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 83.730897][ T5310] ? __fget_files+0x3a0/0x420 [ 83.733016][ T5310] ? __fget_files+0x2a/0x420 [ 83.734986][ T5310] ? bpf_lsm_file_ioctl+0x9/0x20 [ 83.737045][ T5310] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 83.739595][ T5310] __se_sys_ioctl+0xf9/0x170 [ 83.741551][ T5310] do_syscall_64+0xf6/0x210 [ 83.743485][ T5310] ? clear_bhb_loop+0x45/0xa0 [ 83.745527][ T5310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.748036][ T5310] RIP: 0033:0x7fcdac18e969 [ 83.749859][ T5310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.758024][ T5310] RSP: 002b:00007fcdacff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 83.761621][ T5310] RAX: ffffffffffffffda RBX: 00007fcdac3b5fa0 RCX: 00007fcdac18e969 [ 83.765061][ T5310] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000008 [ 83.768930][ T5310] RBP: 00007fcdac210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 83.773058][ T5310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.776925][ T5310] R13: 0000000000000000 R14: 00007fcdac3b5fa0 R15: 00007ffdb9fc13e8 [ 83.780285][ T5310] [ 83.781872][ T5310] Modules linked in: [ 83.783920][ T5310] CR2: 0000000000000000 [ 83.786210][ T5310] ---[ end trace 0000000000000000 ]--- [ 83.788629][ T5310] RIP: 0010:0x0 [ 83.790245][ T5310] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 83.793320][ T5310] RSP: 0018:ffffc9000d49f998 EFLAGS: 00010287 [ 83.795795][ T5310] RAX: ffffffff81f74be4 RBX: 1ffffd40002074f8 RCX: 0000000000100000 [ 83.799047][ T5310] RDX: ffffc9000e09a000 RSI: ffffea000103a7c0 RDI: ffff8880424f7000 [ 83.802191][ T5310] RBP: ffffc9000d49fa50 R08: ffffea000103a7c7 R09: 1ffffd40002074f8 [ 83.805515][ T5310] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 83.808707][ T5310] R13: ffffea000103a7c8 R14: ffffea000103a7c0 R15: 1ffffd40002074f9 [ 83.811884][ T5310] FS: 00007fcdacff66c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000 [ 83.815602][ T5310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.818317][ T5310] CR2: ffffffffffffffd6 CR3: 00000000419f5000 CR4: 0000000000352ef0 [ 83.821620][ T5310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 83.824958][ T5310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 83.828574][ T5310] Kernel panic - not syncing: Fatal exception [ 83.831470][ T5310] Kernel Offset: disabled [ 83.833460][ T5310] Rebooting in 86400 seconds..