program:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWCHAIN={0x30, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0xa0}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x2)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x2c}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x37}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x1}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWCHAIN={0x30, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0xa0}}, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x2) (async)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r2, 0x0) (async)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (async)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x2c}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x37}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x1}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80) (async)

[   85.278847][ T5304] Bluetooth: hci0: command tx timeout
[   85.356233][ T5327] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   85.359366][ T5327] #PF: supervisor instruction fetch in kernel mode
[   85.361936][ T5327] #PF: error_code(0x0010) - not-present page
[   85.364382][ T5327] PGD 0 P4D 0 
[   85.365970][ T5327] Oops: Oops: 0010 [#1] SMP KASAN NOPTI
[   85.368348][ T5327] CPU: 0 UID: 0 PID: 5327 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.371882][ T5327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.376456][ T5327] RIP: 0010:0x0
[   85.378013][ T5327] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   85.381255][ T5327] RSP: 0018:ffffc9000d42f958 EFLAGS: 00010293
[   85.383961][ T5327] RAX: ffffffff81fa8b74 RBX: 1ffffd400025ad18 RCX: ffff888000712480
[   85.387425][ T5327] RDX: 0000000000000000 RSI: ffffea00012d68c0 RDI: ffff8880342a7000
[   85.390852][ T5327] RBP: ffffc9000d42fa10 R08: ffffea00012d68c7 R09: 1ffffd400025ad18
[   85.394320][ T5327] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   85.397806][ T5327] R13: ffffea00012d68c8 R14: ffffea00012d68c0 R15: 1ffffd400025ad19
[   85.401286][ T5327] FS:  00007f7a338e86c0(0000) GS:ffff88808d72f000(0000) knlGS:0000000000000000
[   85.405263][ T5327] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.408164][ T5327] CR2: ffffffffffffffd6 CR3: 0000000041c9a000 CR4: 0000000000352ef0
[   85.411622][ T5327] Call Trace:
[   85.413169][ T5327]  <TASK>
[   85.414491][ T5327]  filemap_read_folio+0x117/0x380
[   85.416834][ T5327]  ? __pfx_filemap_read_folio+0x10/0x10
[   85.419290][ T5327]  ? filemap_add_folio+0x35f/0x540
[   85.421578][ T5327]  do_read_cache_folio+0x350/0x590
[   85.423902][ T5327]  freader_get_folio+0x3c4/0x830
[   85.426145][ T5327]  freader_fetch+0xa3/0x5d0
[   85.428195][ T5327]  __build_id_parse+0x133/0x7d0
[   85.430430][ T5327]  ? __pfx___build_id_parse+0x10/0x10
[   85.432757][ T5327]  procfs_procmap_ioctl+0x76f/0xce0
[   85.434963][ T5327]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   85.437401][ T5327]  ? __fget_files+0x3a0/0x420
[   85.439429][ T5327]  ? __fget_files+0x2a/0x420
[   85.441476][ T5327]  ? bpf_lsm_file_ioctl+0x9/0x20
[   85.443761][ T5327]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   85.446277][ T5327]  __se_sys_ioctl+0xfc/0x170
[   85.448329][ T5327]  do_syscall_64+0xfa/0xfa0
[   85.450320][ T5327]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.452604][ T5327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.455205][ T5327]  ? clear_bhb_loop+0x60/0xb0
[   85.457279][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.459818][ T5327] RIP: 0033:0x7f7a3298f749
[   85.461734][ T5327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.469730][ T5327] RSP: 002b:00007f7a338e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   85.473243][ T5327] RAX: ffffffffffffffda RBX: 00007f7a32be5fa0 RCX: 00007f7a3298f749
[   85.476684][ T5327] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000006
[   85.480187][ T5327] RBP: 00007f7a32a13f91 R08: 0000000000000000 R09: 0000000000000000
[   85.483523][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.486931][ T5327] R13: 00007f7a32be6038 R14: 00007f7a32be5fa0 R15: 00007ffedc7eefe8
[   85.490345][ T5327]  </TASK>
[   85.491719][ T5327] Modules linked in:
[   85.493465][ T5327] CR2: 0000000000000000
[   85.495291][ T5327] ---[ end trace 0000000000000000 ]---
[   85.497676][ T5327] RIP: 0010:0x0
[   85.499262][ T5327] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   85.502462][ T5327] RSP: 0018:ffffc9000d42f958 EFLAGS: 00010293
[   85.505210][ T5327] RAX: ffffffff81fa8b74 RBX: 1ffffd400025ad18 RCX: ffff888000712480
[   85.508717][ T5327] RDX: 0000000000000000 RSI: ffffea00012d68c0 RDI: ffff8880342a7000
[   85.512171][ T5327] RBP: ffffc9000d42fa10 R08: ffffea00012d68c7 R09: 1ffffd400025ad18
[   85.515578][ T5327] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   85.518981][ T5327] R13: ffffea00012d68c8 R14: ffffea00012d68c0 R15: 1ffffd400025ad19
[   85.522379][ T5327] FS:  00007f7a338e86c0(0000) GS:ffff88808d72f000(0000) knlGS:0000000000000000
[   85.526204][ T5327] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.528986][ T5327] CR2: ffffffffffffffd6 CR3: 0000000041c9a000 CR4: 0000000000352ef0
[   85.532131][ T5327] Kernel panic - not syncing: Fatal exception
[   85.534800][ T5327] Kernel Offset: disabled
[   85.536718][ T5327] Rebooting in 86400 seconds..