program: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000040)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x0, 0x0, "5c5342ca0fe74b001258f405444f2ee23134d4e51c1a449d56ecdacb269523eb8b81f21ec367484f35af6f67940980010198704a067caad95b7f0ad511b093cd00"}, 0x138) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="04000000", @ANYRES16=r3, @ANYBLOB="090200000000000000000f000000050030000000000008000300", @ANYRES32=r1, @ANYBLOB="05002f0001000000"], 0x2c}}, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000080)='./file1\x00', 0x280008a, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c726f6469722c6572726f72733d72656d6f756e742d726e2c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c73686f72746e616d653d77696e39352c732b69899fe2dda5fdac751c686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=0,shortname=lower,uni_xlate=0,shortname=winnt,\x00'], 0x97, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO") mount(&(0x7f0000000540)=@filename='./file1\x00', &(0x7f0000000580)='./file1\x00', &(0x7f00000005c0)='erofs\x00', 0x200000, 0x0) [ 80.963918][ T5093] Bluetooth: hci0: command tx timeout [ 81.068068][ T5108] loop0: detected capacity change from 0 to 256 [ 81.078265][ T5108] vfat: Bad value for 'errors' [ 81.091869][ T5108] ./file1: Can't lookup blockdev [ 81.108868][ T5108] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 81.111650][ T5108] #PF: supervisor instruction fetch in kernel mode [ 81.113952][ T5108] #PF: error_code(0x0010) - not-present page [ 81.116040][ T5108] PGD 12e8f067 P4D 12e8f067 PUD 1fd78067 PMD 0 [ 81.118368][ T5108] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN NOPTI [ 81.120706][ T5108] CPU: 0 UID: 0 PID: 5108 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 81.124451][ T5108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.128283][ T5108] RIP: 0010:0x0 [ 81.129633][ T5108] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 81.132382][ T5108] RSP: 0018:ffffc9000339f9f8 EFLAGS: 00010287 [ 81.134616][ T5108] RAX: ffffffff81cb4ee0 RBX: 0000000000000000 RCX: 0000000000040000 [ 81.137431][ T5108] RDX: ffffc900030f1000 RSI: ffffea00012d5e00 RDI: 0000000000000000 [ 81.140356][ T5108] RBP: ffffc9000339fac0 R08: ffffea00012d5e07 R09: 1ffffd400025abc0 [ 81.142998][ T5108] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffea00012d5e00 [ 81.145689][ T5108] R13: 1ffffd400025abc1 R14: 0000000000000000 R15: ffffea00012d5e08 [ 81.148614][ T5108] FS: 00007f4c379f66c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 81.151789][ T5108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.154215][ T5108] CR2: ffffffffffffffd6 CR3: 000000003dc6a000 CR4: 0000000000350ef0 [ 81.157182][ T5108] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.159967][ T5108] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 81.162781][ T5108] Call Trace: [ 81.164029][ T5108] [ 81.165202][ T5108] ? __die_body+0x88/0xe0 [ 81.167005][ T5108] ? page_fault_oops+0x8e4/0xcc0 [ 81.168969][ T5108] ? __pfx_page_fault_oops+0x10/0x10 [ 81.171038][ T5108] ? rcu_is_watching+0x15/0xb0 [ 81.172910][ T5108] ? is_errata93+0xbe/0x260 [ 81.174523][ T5108] ? exc_page_fault+0x5ed/0x8c0 [ 81.176142][ T5108] ? asm_exc_page_fault+0x26/0x30 [ 81.178096][ T5108] ? filemap_read_folio+0x190/0x790 [ 81.180029][ T5108] filemap_read_folio+0x1a0/0x790 [ 81.182054][ T5108] ? __pfx_filemap_read_folio+0x10/0x10 [ 81.184186][ T5108] ? __filemap_get_folio+0x984/0xc10 [ 81.186252][ T5108] do_read_cache_folio+0x134/0x820 [ 81.188205][ T5108] erofs_bread+0x499/0xd40 [ 81.189895][ T5108] erofs_fc_fill_super+0x345/0x1770 [ 81.191696][ T5108] ? __pfx_erofs_fc_fill_super+0x10/0x10 [ 81.193553][ T5108] ? sget_fc+0x909/0x9c0 [ 81.195055][ T5108] ? __pfx_set_anon_super_fc+0x10/0x10 [ 81.197055][ T5108] ? __pfx_erofs_fc_fill_super+0x10/0x10 [ 81.198756][ T5108] get_tree_nodev+0xb7/0x140 [ 81.200149][ T5108] vfs_get_tree+0x90/0x2b0 [ 81.201532][ T5108] do_new_mount+0x2be/0xb40 [ 81.202902][ T5108] ? __pfx_do_new_mount+0x10/0x10 [ 81.204484][ T5108] __se_sys_mount+0x2d6/0x3c0 [ 81.206118][ T5108] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 81.207868][ T5108] ? __pfx___se_sys_mount+0x10/0x10 [ 81.209443][ T5108] ? do_syscall_64+0x100/0x230 [ 81.210940][ T5108] ? __x64_sys_mount+0x20/0xc0 [ 81.212456][ T5108] do_syscall_64+0xf3/0x230 [ 81.213883][ T5108] ? clear_bhb_loop+0x35/0x90 [ 81.215507][ T5108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.217499][ T5108] RIP: 0033:0x7f4c36b7def9 [ 81.219113][ T5108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.225670][ T5108] RSP: 002b:00007f4c379f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 81.228417][ T5108] RAX: ffffffffffffffda RBX: 00007f4c36d35f80 RCX: 00007f4c36b7def9 [ 81.231526][ T5108] RDX: 00000000200005c0 RSI: 0000000020000580 RDI: 0000000020000540 [ 81.234868][ T5108] RBP: 00007f4c36bf0b76 R08: 0000000000000000 R09: 0000000000000000 [ 81.238204][ T5108] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000000 [ 81.241379][ T5108] R13: 0000000000000000 R14: 00007f4c36d35f80 R15: 00007ffe0c7d0fd8 [ 81.244304][ T5108] [ 81.245494][ T5108] Modules linked in: [ 81.246980][ T5108] CR2: 0000000000000000 [ 81.248555][ T5108] ---[ end trace 0000000000000000 ]--- [ 81.250578][ T5108] RIP: 0010:0x0 [ 81.251932][ T5108] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 81.254714][ T5108] RSP: 0018:ffffc9000339f9f8 EFLAGS: 00010287 [ 81.257031][ T5108] RAX: ffffffff81cb4ee0 RBX: 0000000000000000 RCX: 0000000000040000 [ 81.259761][ T5108] RDX: ffffc900030f1000 RSI: ffffea00012d5e00 RDI: 0000000000000000 [ 81.262390][ T5108] RBP: ffffc9000339fac0 R08: ffffea00012d5e07 R09: 1ffffd400025abc0 [ 81.265366][ T5108] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffea00012d5e00 [ 81.268126][ T5108] R13: 1ffffd400025abc1 R14: 0000000000000000 R15: ffffea00012d5e08 [ 81.270856][ T5108] FS: 00007f4c379f66c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000 [ 81.273957][ T5108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.276272][ T5108] CR2: ffffffffffffffd6 CR3: 000000003dc6a000 CR4: 0000000000350ef0 [ 81.278671][ T5108] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.281339][ T5108] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 81.284478][ T5108] Kernel panic - not syncing: Fatal exception [ 81.287008][ T5108] Kernel Offset: disabled [ 81.288518][ T5108] Rebooting in 86400 seconds..